Spomaleny notebook

Zpráva

#16 Příspěvek od **Márty84** » 07 čer 2014 22:29

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Walky · #17 Příspěvek od **Walky** » 07 čer 2014 23:48

ok uz to funguje

OTL logfile created on: 8. 6. 2014 0:02:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alžbeta\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3,94 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 49,48% Memory free
7,87 Gb Paging File | 5,29 Gb Available in Paging File | 67,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444,67 Gb Total Space | 356,14 Gb Free Space | 80,09% Space Free | Partition Type: NTFS
Drive E: | 15,80 Gb Total Space | 2,37 Gb Free Space | 15,02% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 2,10 Gb Free Space | 42,17% Space Free | Partition Type: FAT32

Computer Name: ALZBETA-HP | User Name: Alžbeta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/06/07 22:25:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alžbeta\Desktop\OTL.exe
PRC - [2014/05/14 01:40:56 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/05/13 21:09:12 | 000,270,624 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/06/20 13:57:22 | 000,523,680 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
PRC - [2012/03/21 12:23:14 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012/03/21 12:23:12 | 000,103,896 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2011/11/10 21:39:24 | 000,169,528 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011/04/05 21:13:46 | 001,094,712 | ---- | M] (Hewlett-Packard Development Company L.P.) -- c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011/02/09 21:28:12 | 001,318,912 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
PRC - [2011/02/09 06:03:14 | 001,503,824 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
PRC - [2011/02/07 21:41:42 | 012,274,688 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
PRC - [2011/02/07 21:41:26 | 000,320,000 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2011/02/01 11:23:10 | 001,127,448 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011/01/28 19:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
PRC - [2011/01/26 19:00:32 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/01/26 19:00:00 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/01/18 23:42:48 | 000,070,256 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
PRC - [2011/01/18 23:42:44 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2011/01/17 21:42:04 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/01/17 21:42:02 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/01/12 21:12:06 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
PRC - [2010/11/26 13:31:18 | 000,267,128 | ---- | M] () -- C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe
PRC - [2010/11/17 19:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/11/11 09:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe

========== Modules (No Company Name) ==========

MOD - [2014/06/07 15:07:34 | 000,774,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014/05/14 01:40:54 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppgooglenaclpluginchrome.dll
MOD - [2014/05/14 01:40:50 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
MOD - [2014/05/14 01:40:45 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
MOD - [2014/05/14 01:40:44 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
MOD - [2014/05/14 01:40:43 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
MOD - [2014/02/14 15:02:16 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/14 15:02:06 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/14 15:01:38 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014/02/14 15:01:32 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/14 15:01:27 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/14 15:01:26 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/14 15:01:16 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2010/11/26 13:31:18 | 000,267,128 | ---- | M] () -- C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe

========== Services (SafeList) ==========

SRV:64bit: - [2014/03/11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/03/11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2014/03/06 10:29:14 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/03 20:42:11 | 000,323,072 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2013/05/03 20:42:06 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2012/02/28 13:15:16 | 000,031,000 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2012/01/05 20:45:23 | 001,028,096 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011/10/14 14:30:44 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/03/01 01:02:30 | 001,189,968 | ---- | M] (Motorola Solutions, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)
SRV:64bit: - [2011/02/16 06:36:28 | 000,680,016 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV:64bit: - [2011/02/12 06:07:16 | 000,481,104 | R--- | M] (DigitalPersona, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2011/02/09 21:28:12 | 001,318,912 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe -- (McAfee Endpoint Encryption Agent)
SRV:64bit: - [2011/02/09 05:58:34 | 004,151,376 | ---- | M] (Motorola Solutions, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)
SRV:64bit: - [2011/01/28 19:41:30 | 000,133,688 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe -- (HPDayStarterService)
SRV:64bit: - [2011/01/27 04:11:48 | 000,131,128 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:64bit: - [2011/01/22 05:36:02 | 003,154,224 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV - [2014/06/07 12:44:22 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/04 19:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/05/13 21:09:12 | 000,270,624 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/06/20 13:57:22 | 000,523,680 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2012/03/21 12:23:14 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2012/01/05 20:45:21 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/05/10 01:43:20 | 000,464,440 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- c:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
SRV - [2011/04/05 21:13:46 | 001,094,712 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011/03/07 22:48:10 | 000,062,184 | ---- | M] (Xobni Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Xobni\XobniService.exe -- (XobniService)
SRV - [2011/02/07 21:41:26 | 000,320,000 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2011/02/01 11:23:10 | 001,127,448 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011/01/26 19:00:00 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/01/22 05:24:50 | 002,708,784 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2011/01/18 23:42:44 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2011/01/17 21:42:04 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/01/17 21:42:02 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/01/12 21:12:06 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [On_Demand | Running] -- c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2010/11/11 09:43:00 | 000,502,464 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe -- (uArcCapture)
SRV - [2010/03/18 21:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/03/11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/12/06 22:08:04 | 000,524,016 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/05/24 20:29:11 | 000,708,200 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013/05/24 20:26:29 | 000,175,928 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2013/05/03 20:42:13 | 000,543,744 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/28 13:15:16 | 000,043,800 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012/02/28 13:15:16 | 000,029,976 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/10/14 15:37:30 | 010,496,000 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/14 13:52:50 | 000,326,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/01 10:53:20 | 012,306,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011/09/01 10:53:20 | 012,306,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/07/25 19:25:59 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/07/25 19:25:59 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/07/19 02:11:10 | 001,145,448 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2011/05/10 01:16:08 | 000,064,312 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
DRV:64bit: - [2011/02/09 21:59:52 | 000,168,008 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\MfeEpePc.sys -- (MfeEpePc)
DRV:64bit: - [2011/02/09 05:02:04 | 000,486,144 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmusb.sys -- (BTMUSB)
DRV:64bit: - [2011/01/13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/01/12 20:11:20 | 002,611,704 | ---- | M] (Sunplus Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SPUVCBv_x64.sys -- (SPUVCbv)
DRV:64bit: - [2010/12/10 23:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/10 23:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/12/03 03:02:58 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/11 09:46:00 | 000,032,192 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV:64bit: - [2010/10/20 03:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/06/30 21:02:30 | 000,052,736 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmcom.sys -- (BTMCOM)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3352712217-267748145-1722845266-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3352712217-267748145-1722845266-1002\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3352712217-267748145-1722845266-1002\..\SearchScopes\{1318FA4E-D759-4AB9-9C4B-B4A7F06AC75E}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13906
IE - HKU\S-1-5-21-3352712217-267748145-1722845266-1002\..\SearchScopes\{CCC42CEC-A733-4377-B835-7A5656A37085}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13906
IE - HKU\S-1-5-21-3352712217-267748145-1722845266-1002\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-3352712217-267748145-1722845266-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Alžbeta\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\iMeshPlugin: C:\Program Files (x86)\iMesh Applications\iMesh\npiMeshPlugin.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2012/01/02 20:37:15 | 000,000,000 | ---D | M]

[2014/02/21 15:56:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Disk Google = C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: HÄľadaĹĄ v Google = C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.10.0.13089_0\
CHR - Extension: PeĹaĹľenka Google = C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Gmail = C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/06/07 19:14:34 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-3352712217-267748145-1722845266-1002\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs File not found
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP HD Webcam [Fixed]_Monitor] C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe ()
O4 - HKLM..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [Printsrv] C:\Windows\SysWOW64\Printing_Admin_Scripts\en-US\pubpr.vbs ()
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3352712217-267748145-1722845266-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3352712217-267748145-1722845266-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3352712217-267748145-1722845266-1002\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} http://195.28.70.134/kapor2/lib/mgaxctrl.cab (Autodesk MapGuide ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD883BB5-0609-4022-AF15-8B587D462FAA}: DhcpNameServer = 192.168.1.1 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F44A5B73-1F30-4B6E-81F8-781776BC4054}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\SysWow64\DeviceNP.dll (Hewlett-Packard Company)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/06/07 22:25:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alžbeta\Desktop\OTL.exe
[2014/06/07 19:30:18 | 000,000,000 | ---D | C] -- C:\windows\temp
[2014/06/07 19:14:37 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2014/06/07 15:45:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2014/06/07 15:45:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2014/06/07 15:45:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2014/06/07 15:44:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/06/07 15:44:40 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2014/06/07 15:41:42 | 005,205,146 | R--- | C] (Swearware) -- C:\ComboFix.exe
[2014/06/07 15:17:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/06/07 15:17:43 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2014/06/07 15:17:34 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2014/06/07 15:17:34 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2014/06/07 15:17:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/06/07 15:17:33 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2014/06/07 15:03:35 | 000,000,000 | --SD | C] -- C:\windows\SysNative\CompatTel
[2014/06/07 14:59:16 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/06/07 14:59:16 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/06/07 14:56:53 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/06/07 14:56:53 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/06/07 14:56:51 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/06/07 14:56:45 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/06/07 14:56:45 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014/06/07 14:56:45 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/06/07 14:56:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/06/07 14:56:43 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/06/07 14:56:43 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/06/07 14:56:43 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/06/07 14:56:42 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/06/07 14:56:42 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/06/07 14:56:41 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/06/07 14:56:41 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/06/07 14:56:41 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/06/07 14:56:41 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/06/07 14:56:40 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/06/07 14:56:40 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/06/07 14:56:40 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/06/07 14:56:38 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/06/07 14:56:38 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/06/07 14:56:37 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/06/07 14:56:37 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014/06/07 14:56:37 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/06/07 14:56:37 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/06/07 14:56:37 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/06/07 14:56:33 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/06/07 14:56:33 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/06/07 14:56:30 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/06/07 13:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/06/07 13:45:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/06/07 13:38:24 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\windows\SysWow64\sqlite3.dll
[2014/06/07 13:37:50 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/07 13:25:14 | 000,000,000 | ---D | C] -- C:\ProgramData\E131
[2014/06/07 13:00:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/06/07 12:52:05 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/06/07 12:52:05 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/06/07 12:51:00 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2014/06/07 12:50:59 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2014/06/07 12:50:56 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2014/06/07 12:50:56 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2014/06/07 12:50:55 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2014/06/07 12:50:55 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\objsel.dll
[2014/06/07 12:50:53 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\objsel.dll
[2014/06/07 12:50:52 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2014/06/07 12:50:49 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cngprovider.dll
[2014/06/07 12:50:49 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adprovider.dll
[2014/06/07 12:50:49 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dimsroam.dll
[2014/06/07 12:50:49 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dimsroam.dll
[2014/06/07 12:50:47 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\capiprovider.dll
[2014/06/07 12:50:47 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpapiprovider.dll
[2014/06/07 12:50:47 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cngprovider.dll
[2014/06/07 12:50:47 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adprovider.dll
[2014/06/07 12:50:47 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\capiprovider.dll
[2014/06/07 12:50:47 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpapiprovider.dll
[2014/06/07 12:50:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2014/06/07 12:50:45 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wincredprovider.dll
[2014/06/07 12:50:44 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wincredprovider.dll
[2014/06/07 12:50:44 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2014/06/07 12:50:44 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2014/06/07 12:42:01 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/06/07 12:42:01 | 000,000,000 | ---D | C] -- C:\rsit
[5 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/06/08 00:07:45 | 000,000,340 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForAlžbeta.job
[2014/06/08 00:04:06 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/06/08 00:00:14 | 000,000,288 | ---- | M] () -- C:\windows\tasks\RMAutoUpdate.job
[2014/06/08 00:00:10 | 000,000,934 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/08 00:00:05 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/06/08 00:00:01 | 000,000,938 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/08 00:00:01 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/06/07 23:12:43 | 000,028,576 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/07 23:12:43 | 000,028,576 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/07 23:10:01 | 000,796,944 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/06/07 23:10:01 | 000,663,830 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/06/07 23:10:01 | 000,126,702 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/06/07 23:04:34 | 4226,138,112 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/07 22:25:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alžbeta\Desktop\OTL.exe
[2014/06/07 19:14:34 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2014/06/07 19:01:14 | 000,000,290 | ---- | M] () -- C:\windows\tasks\RMSchedule.job
[2014/06/07 15:57:18 | 000,000,346 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForALZBETA-HP$.job
[2014/06/07 15:42:25 | 005,205,146 | R--- | M] (Swearware) -- C:\ComboFix.exe
[2014/06/07 13:45:01 | 000,003,162 | ---- | M] () -- C:\Users\Alžbeta\rgmnr
[2014/06/07 13:35:57 | 001,333,465 | ---- | M] () -- C:\Users\Alžbeta\Desktop\adwcleaner_3.212.exe
[2014/06/07 12:44:19 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014/06/07 12:44:19 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/06/07 12:40:39 | 001,222,144 | ---- | M] () -- C:\Users\Alžbeta\Desktop\RSITx64.exe
[2014/05/09 08:14:03 | 000,477,184 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/05/09 08:11:23 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[5 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/06/07 22:30:05 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/06/07 15:45:05 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2014/06/07 15:45:05 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2014/06/07 15:45:05 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2014/06/07 15:45:05 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2014/06/07 15:45:05 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2014/06/07 15:19:21 | 000,000,340 | ---- | C] () -- C:\windows\tasks\HPCeeScheduleForAlžbeta.job
[2014/06/07 13:29:19 | 001,333,465 | ---- | C] () -- C:\Users\Alžbeta\Desktop\adwcleaner_3.212.exe
[2014/06/07 12:40:16 | 001,222,144 | ---- | C] () -- C:\Users\Alžbeta\Desktop\RSITx64.exe
[2014/03/10 15:23:20 | 000,004,608 | ---- | C] () -- C:\Users\Alžbeta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/02/22 17:18:44 | 000,003,162 | ---- | C] () -- C:\Users\Alžbeta\rgmnr

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/04/02 19:26:06 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\.minecraft
[2013/11/04 18:23:54 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Alawar Stargaze
[2014/02/04 17:38:31 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\AlawarEntertainment
[2014/03/13 15:11:08 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\BlackBean
[2013/11/02 14:51:47 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Building the Great Wall of China
[2012/02/02 18:52:52 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\DigitalPersona
[2013/11/04 18:35:39 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Lonely Troops
[2014/03/09 19:02:00 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\MusicNet
[2014/03/09 17:26:47 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\ProtectDISC
[2014/06/07 22:23:27 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Seznam.cz
[2013/09/13 18:13:22 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\SoftGrid Client
[2012/02/02 20:05:26 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Synaptics
[2012/02/09 18:05:55 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Tific
[2013/08/14 10:14:49 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\TP
[2014/01/31 20:36:52 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\ZOG

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,588 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2012/04/19 18:48:02 | 000,000,934 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/04/19 18:48:02 | 000,000,938 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/05/12 09:23:50 | 000,000,290 | ---- | C] () -- C:\windows\Tasks\RMSchedule.job
[2012/05/12 20:02:10 | 000,000,288 | ---- | C] () -- C:\windows\Tasks\RMAutoUpdate.job
[2012/09/25 15:48:40 | 000,000,346 | ---- | C] () -- C:\windows\Tasks\HPCeeScheduleForALZBETA-HP$.job
[2014/02/10 18:23:28 | 000,000,830 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2014/06/07 15:19:21 | 000,000,340 | ---- | C] () -- C:\windows\Tasks\HPCeeScheduleForAlžbeta.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/07/25 19:21:11 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/07/25 19:21:11 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/07/25 19:21:11 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/07/25 19:21:11 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/07/25 19:21:11 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/07/25 19:21:11 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/07/25 19:21:11 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011/09/29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013/05/08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013/09/08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\erdnt\cache64\tcpip.sys
[2013/09/08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\windows\SysNative\drivers\tcpip.sys
[2013/09/08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010/11/21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/09/07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012/08/22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011/07/25 19:17:13 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013/05/08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2012/01/02 19:45:44 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2012/03/30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013/07/06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013/01/03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011/07/25 19:17:13 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013/01/04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2012/01/02 19:45:44 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2013/11/26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012/08/22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011/09/29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\erdnt\cache64\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\windows\SysNative\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe

< >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< %systemroot%*.* /U /s >
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[7 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[14 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\9e194b425ae94e6fd269786496707d0d\*.tmp files -> C:\windows\SoftwareDistribution\Download\9e194b425ae94e6fd269786496707d0d\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\d56cd7c486d2df277ca1be24e766eeb6\*.tmp files -> C:\windows\SoftwareDistribution\Download\d56cd7c486d2df277ca1be24e766eeb6\*.tmp -> ]
[5 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[2 C:\windows\System32\config\systemprofile\AppData\Local\Temp\*.tmp files -> C:\windows\System32\config\systemprofile\AppData\Local\Temp\*.tmp -> ]
[2 C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp files -> C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp -> ]
[7 C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[5 C:\windows\SysWOW64\*.tmp files -> C:\windows\SysWOW64\*.tmp -> ]
[2 C:\windows\SysWOW64\config\systemprofile\AppData\Local\Temp\*.tmp files -> C:\windows\SysWOW64\config\systemprofile\AppData\Local\Temp\*.tmp -> ]
[2 C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp files -> C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp -> ]
[7 C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2014/06/07 15:42:25 | 005,205,146 | R--- | M] (Swearware) -- C:\ComboFix.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/04/02 19:26:06 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\.minecraft
[2012/02/09 16:42:59 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Adobe
[2013/11/04 18:23:54 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Alawar Stargaze
[2014/02/04 17:38:31 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\AlawarEntertainment
[2013/04/02 19:53:29 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\ArcSoft
[2012/02/02 20:06:32 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\ATI
[2014/03/13 15:11:08 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\BlackBean
[2013/11/02 14:51:47 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Building the Great Wall of China
[2012/02/02 18:52:52 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\DigitalPersona
[2012/03/23 21:25:41 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Hewlett-Packard
[2014/06/07 16:06:19 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\hpqLog
[2012/02/09 17:56:42 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Identities
[2012/02/02 20:05:27 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Intel Corporation
[2013/11/04 18:35:39 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Lonely Troops
[2012/02/09 16:43:00 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Macromedia
[2013/11/25 17:42:52 | 000,000,000 | --SD | M] -- C:\Users\Alžbeta\AppData\Roaming\Microsoft
[2014/03/09 19:02:00 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\MusicNet
[2014/03/09 17:26:47 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\ProtectDISC
[2014/06/07 22:23:27 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Seznam.cz
[2014/06/07 18:47:43 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Skype
[2013/09/13 18:13:22 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\SoftGrid Client
[2012/02/02 20:05:26 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Synaptics
[2012/02/09 18:05:55 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\Tific
[2013/08/14 10:14:49 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\TP
[2014/01/31 20:36:52 | 000,000,000 | ---D | M] -- C:\Users\Alžbeta\AppData\Roaming\ZOG

< %APPDATA%\*.exe /s >
[2014/03/10 19:33:21 | 001,767,400 | ---- | M] (TeamExtreme) -- C:\Users\Alžbeta\AppData\Roaming\.minecraft\minecraft launcher\Minecraft Launcher.exe
[2014/02/23 14:47:24 | 000,069,256 | ---- | M] () -- C:\Users\Alžbeta\AppData\Roaming\.minecraft\minecraft launcher\Uninstall.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2014/06/08 00:00:01 | 000,000,830 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2014/06/08 00:00:10 | 000,000,934 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/06/08 00:00:01 | 000,000,938 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014/06/07 15:57:18 | 000,000,346 | ---- | M] () -- C:\windows\Tasks\HPCeeScheduleForALZBETA-HP$.job
[2014/06/08 00:07:45 | 000,000,340 | ---- | M] () -- C:\windows\Tasks\HPCeeScheduleForAlžbeta.job
[2014/06/08 00:00:14 | 000,000,288 | ---- | M] () -- C:\windows\Tasks\RMAutoUpdate.job
[2014/06/07 19:01:14 | 000,000,290 | ---- | M] () -- C:\windows\Tasks\RMSchedule.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014/06/07 19:01:09 | 000,000,870 | ---- | M] () -- C:\windows\system32\AppLog.log
[2014/06/07 12:43:52 | 000,000,052 | ---- | M] () -- C:\windows\system32\DOErrors.log
[2014/06/07 12:44:19 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\system32\FlashPlayerApp.exe
[2014/06/07 12:44:19 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\system32\FlashPlayerCPLApp.cpl
[2014/06/07 15:17:33 | 000,004,430 | ---- | M] () -- C:\windows\system32\jupdate-1.7.0_60-b19.log
[2014/06/07 23:07:32 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt
[5 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2014/06/07 15:42:25 | 005,205,146 | R--- | M] (Swearware) -- C:\ComboFix.exe

< >

< *crack* /s >
[2010/08/31 17:50:28 | 000,094,462 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent Demo\redist\static_objects\cellarbase\special\cracked_ceiling.dae
[2010/09/21 11:25:54 | 000,065,436 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent Demo\redist\static_objects\cellarbase\special\cracked_ceiling.msh
[2003/12/05 15:52:40 | 000,000,796 | ---- | M] () -- \Program Files (x86)\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped
[2012/02/02 06:55:58 | 000,009,555 | ---- | M] () -- \Program Files (x86)\Superhry.cz\Fishdom 3 Collectors Edition\Base.orig\Textures\Match3\Chips\Firecracker.xml
[2012/02/17 10:56:02 | 000,036,128 | ---- | M] () -- \Program Files (x86)\Superhry.cz\Hero of the Kingdom\Ordinary\K3BrownCrack01.tpx
[2012/02/17 10:56:02 | 000,029,032 | ---- | M] () -- \Program Files (x86)\Superhry.cz\Hero of the Kingdom\Ordinary\K3BrownCrack02.tpx
[2012/02/17 10:56:02 | 000,016,160 | ---- | M] () -- \Program Files (x86)\Superhry.cz\Hero of the Kingdom\Ordinary\K3BrownCrack03.tpx
[2012/02/17 10:56:02 | 000,008,736 | ---- | M] () -- \Program Files (x86)\Superhry.cz\Hero of the Kingdom\Ordinary\K3BrownCrack04.tpx
[2012/02/17 10:56:02 | 000,007,112 | ---- | M] () -- \Program Files (x86)\Superhry.cz\Hero of the Kingdom\Ordinary\K3BrownCrack05.tpx
[2012/10/23 16:19:17 | 000,000,335 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\media.jaludo.com\counter_strike\crackshot.swf\CRACKSHOTv3.sol

Walky · #18 Příspěvek od **Walky** » 07 čer 2014 23:48

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2014/04/27 13:23:20 | 000,004,178 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\AVG SafeGuard toolbar\Chrome\content\icons\loader.gif.vir
[2014/04/27 13:23:20 | 000,019,497 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\AVG SafeGuard toolbar\UninstallRes\ClientPackage\Images\uninstall\loader.gif.vir
[2013/06/06 08:55:42 | 003,552,808 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\iMesh Applications\iMesh\ImageUploader5.ocx.vir
[2013/11/18 14:04:52 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\dark_rounded\loader.gif.vir
[2013/11/18 14:04:52 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\dark_square\loader.gif.vir
[2013/11/18 14:04:52 | 000,006,331 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\default\loader.gif.vir
[2013/11/18 14:04:52 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\facebook\loader.gif.vir
[2013/11/18 14:04:52 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\light_rounded\loader.gif.vir
[2013/11/18 14:04:52 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\templates\web\images\prettyPhoto\light_square\loader.gif.vir
[2014/04/27 13:25:43 | 000,004,178 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\18.1.0.443_0\content\icons\loader.gif.vir
[2009/11/19 05:40:08 | 000,076,288 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Suite\Label Maker\uACM_Loader.dll
[2009/11/27 18:22:00 | 000,084,480 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Suite\WebCam Companion 3\ASDownloader.exe
[2009/11/27 18:23:00 | 000,338,432 | ---- | M] () -- \Program Files (x86)\ArcSoft\TotalMedia Suite\WebCam Companion 3\SnapFishUploader.dll
[2010/05/05 20:16:34 | 000,071,008 | ---- | M] () -- \Program Files (x86)\Demolition Company Demo\PhysXLoader.dll
[2010/10/12 00:24:28 | 000,071,008 | ---- | M] () -- \Program Files (x86)\Farming Simulator 2011 Demo\PhysXLoader.dll
[2011/01/25 13:16:44 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2011/01/25 13:11:12 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2011/07/20 21:16:58 | 000,005,987 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\scripts\io\downloader.js
[2011/10/04 23:14:24 | 000,071,008 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\PhysXLoader.dll
[2012/06/20 10:45:30 | 000,032,896 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\store_deutzFrontloaderBalefork.dds
[2012/06/20 10:45:30 | 000,032,896 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\store_deutzFrontloaderPalletfork.dds
[2012/06/20 10:45:30 | 000,032,896 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\store_deutzFrontloaderShovel.dds
[2012/06/29 16:17:08 | 000,032,896 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\store_deutzFrontloaderSilageFork.dds
[2012/08/29 11:36:42 | 000,032,896 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\store_wheelloader.dds
[2012/10/12 12:59:48 | 003,168,958 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader.i3d
[2012/10/05 15:00:52 | 000,008,582 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader.xml
[2011/11/25 12:29:50 | 000,696,448 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader_diffuse.dds
[2011/11/25 12:29:50 | 000,174,904 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader_normal.dds
[2011/11/25 12:29:50 | 000,174,904 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader_specular.dds
[2012/09/17 06:22:56 | 000,088,703 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\deutz\deutzFrontloaderBalefork.i3d
[2012/10/05 15:00:52 | 000,000,854 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\deutz\deutzFrontloaderBalefork.xml
[2012/09/17 06:22:56 | 000,105,847 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\deutz\deutzFrontloaderPalletfork.i3d
[2012/10/05 15:00:52 | 000,000,857 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\deutz\deutzFrontloaderPalletfork.xml
[2012/09/12 11:19:34 | 000,094,161 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\deutz\deutzFrontloaderShovel.i3d
[2012/10/09 10:22:20 | 000,003,040 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\deutz\deutzFrontloaderShovel.xml
[2012/10/10 17:22:24 | 000,262,878 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\deutz\deutzFrontloaderSilageFork.i3d
[2012/10/10 16:12:02 | 000,002,966 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\deutz\deutzFrontloaderSilageFork.xml
[2012/10/09 15:47:26 | 002,654,362 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\lizard\wheelLoader.i3d
[2012/10/09 15:47:26 | 000,010,051 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\lizard\wheelLoader.xml
[2012/09/01 12:39:46 | 000,134,236 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\lizard\wheelLoaderIdle.wav
[2012/09/01 12:39:46 | 000,080,314 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\lizard\wheelLoaderStart.wav
[2012/09/16 18:22:32 | 000,059,542 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\lizard\wheelLoaderStop.wav
[2012/08/28 10:51:52 | 000,699,192 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\lizard\wheelLoaderWheel_diffuse.dds
[2012/08/28 10:51:52 | 000,699,192 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\lizard\wheelLoaderWheel_normal.dds
[2012/08/28 10:51:52 | 000,043,832 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\lizard\wheelLoaderWheel_specular.dds
[2012/08/28 10:51:52 | 002,796,344 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\lizard\wheelLoader_diffuse.dds
[2012/08/28 10:51:52 | 002,796,344 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\lizard\wheelLoader_normal.dds
[2012/09/01 12:39:46 | 000,188,618 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\lizard\wheelLoader_run.wav
[2012/08/28 10:51:52 | 000,174,904 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\data\vehicles\steerable\lizard\wheelLoader_specular.dds
[2012/11/13 16:40:02 | 000,030,608 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2011/10/13 02:46:08 | 000,066,912 | ---- | M] () -- \Program Files\astragon\European Bus Simulator 2012\Bin64\PhysXLoader64.dll
[2014/01/28 20:35:56 | 000,009,772 | ---- | M] () -- \Users\Alžbeta\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2012/03/16 20:41:29 | 000,000,013 | ---- | M] () -- \Users\Alžbeta\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\93N3EC8P\sp-work.video-loader[1].xml
[2013/04/15 14:32:06 | 000,000,060 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\1001hry.cz\699bbd6eba34f4b3728a65c02cb87c31\7800.swf\MiniclipLoaderAd.sol
[2012/09/18 20:40:24 | 000,000,060 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\bestforcar.sk\games\obrazky\online\74.swf\MiniclipLoaderAd.sol
[2013/04/16 13:27:02 | 000,000,060 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\frk.gamib.net\x\heliattack3\heliattack3.swf\MiniclipLoaderAd.sol
[2013/11/08 16:48:05 | 000,000,060 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\miniclip.com\games\alien-hive\en\alien_hive.dcr\MiniclipLoaderAd.sol
[2013/10/13 18:53:39 | 000,000,060 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\miniclip.com\games\cab-driver\en\cab_driver.dcr\MiniclipLoaderAd.sol
[2013/09/19 19:29:51 | 000,000,060 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\miniclip.com\games\fire-storm\en\fire_storm.dcr\MiniclipLoaderAd.sol
[2013/09/20 20:12:22 | 000,000,060 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\miniclip.com\games\golfish\en\golfish.dcr\MiniclipLoaderAd.sol
[2013/09/19 19:55:49 | 000,000,060 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\miniclip.com\games\kickboxing\en\kickboxing.dcr\MiniclipLoaderAd.sol
[2013/09/19 19:35:52 | 000,000,060 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\miniclip.com\games\masters-of-wrestling\en\master_of_wrestling.dcr\MiniclipLoaderAd.sol
[2012/10/17 19:59:37 | 000,000,060 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\miniclip.com\games\motocross-urban-fever\en\motocross_urban_fever.dcr\MiniclipLoaderAd.sol
[2013/09/19 20:26:53 | 000,000,060 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\miniclip.com\games\starship-gunner\en\starship_gunner.dcr\MiniclipLoaderAd.sol
[2013/09/19 20:28:08 | 000,000,060 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\miniclip.com\games\tennis-grand-slam\en\tennis_grand_slam.dcr\MiniclipLoaderAd.sol
[2013/09/19 18:48:47 | 000,000,060 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\miniclip.com\games\wakeboard-pro\en\wakeboard_pro.dcr\MiniclipLoaderAd.sol
[2012/09/26 13:04:40 | 000,000,060 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\roundgamesbv.netdna-cdn.com\files\swf\11339.swf\MiniclipLoaderAd.sol
[2013/04/28 16:00:44 | 000,000,060 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\static4.kizi.com\system\static\games\heli-attack-3.swf\MiniclipLoaderAd.sol
[2012/11/29 17:30:42 | 000,000,276 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\static4.kizi.com\system\static\games\truck-loader-4.swf\truckloader4.sol
[2013/10/04 14:45:28 | 000,000,060 | ---- | M] () -- \Users\Alžbeta\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\L3GBYSMB\www.bezkriedy.sk\zabava.php\MiniclipLoaderAd.sol
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/04/03 13:39:20 | 000,070,936 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[5 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2012/10/04 10:12:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012/10/17 19:32:58 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/04/03 13:39:20 | 000,070,936 | ---- | M] () -- \Windows\SysWOW64\PhysXLoader.dll
[5 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2012/10/04 10:12:02 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012/10/17 19:32:58 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/02 19:41:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/02 19:40:41 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/02 19:46:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/02 19:41:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/02 19:40:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/02 19:46:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/08 07:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2010/11/21 09:06:45 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010/11/21 09:06:45 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2010/11/21 09:06:45 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2010/11/21 09:06:45 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2010/11/21 09:06:45 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2011/07/25 19:17:36 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/07/25 19:17:36 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/07/25 19:17:36 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/07/25 19:17:36 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/07/25 19:17:36 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010/11/21 09:05:43 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010/11/21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/07/25 19:17:33 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/07/25 19:17:33 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/02 19:41:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/02 19:40:41 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/02 19:46:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/02 19:41:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/02 19:40:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/01/02 19:46:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/08 06:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2014/02/13 23:57:42 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014/03/15 00:16:37 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011/01/27 03:35:02 | 000,000,256 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll.hpsign
[2014/02/14 00:30:04 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014/03/15 00:17:08 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/03/01 17:27:29 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/02/14 15:02:17 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/02/14 17:36:42 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
[2014/02/14 15:06:09 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8653acb87b4a219a84e4ce58df35e62a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/02/14 18:30:12 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b73fbf8a2db2192752ad2b13744a393b\System.Runtime.Serialization.ni.dll
[2014/02/28 17:05:36 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/02/28 17:05:36 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/02/28 17:05:55 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014/02/28 17:05:56 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2013/09/11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/09/11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013/09/11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/09/11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/09/11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2003/02/21 08:26:56 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[5 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2012/01/02 19:26:28 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[5 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2012/01/02 19:26:28 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2012/01/02 19:26:26 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009/07/14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010/11/21 09:06:21 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010/11/21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010/11/21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011/07/25 19:17:36 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/07/25 19:17:36 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2012/01/02 19:26:45 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009/07/14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2012/01/02 19:26:46 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/07/25 19:17:33 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/07/25 19:17:33 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010/11/21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012/10/05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010/11/21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012/10/05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010/11/21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2010/11/21 09:05:51 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012/10/05 20:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012/10/05 19:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2010/11/21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010/11/21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2010/11/21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2012/01/02 19:26:28 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010/11/21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

Walky · #19 Příspěvek od **Walky** » 07 čer 2014 23:50

EXTRAS
OTL Extras logfile created on: 8. 6. 2014 0:02:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alžbeta\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3,94 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 49,48% Memory free
7,87 Gb Paging File | 5,29 Gb Available in Paging File | 67,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444,67 Gb Total Space | 356,14 Gb Free Space | 80,09% Space Free | Partition Type: NTFS
Drive E: | 15,80 Gb Total Space | 2,37 Gb Free Space | 15,02% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 2,10 Gb Free Space | 42,17% Space Free | Partition Type: FAT32

Computer Name: ALZBETA-HP | User Name: Alžbeta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3352712217-267748145-1722845266-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CE89421-B04E-4B3F-AE2A-65F5D8FAE375}" = lport=138 | protocol=17 | dir=in | app=system |
"{0D30E291-F596-4BCF-8DDB-206AC54A52B9}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{1A52052E-D7FE-4A4F-A178-90B934064A6F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{25CF8D60-0CFD-4501-8ADF-CBD55C806424}" = lport=10243 | protocol=6 | dir=in | app=system |
"{32D4C8BC-BC21-48B3-86B2-37837DF14AD3}" = rport=138 | protocol=17 | dir=out | app=system |
"{5246831C-0835-4290-A283-0DE53F129102}" = lport=139 | protocol=6 | dir=in | app=system |
"{55704ED5-5B48-4C5B-8C31-0AA7FDCDB11F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{55B650D3-5910-4E71-88A0-65F7C2860186}" = rport=445 | protocol=6 | dir=out | app=system |
"{5AB33471-F1E5-41FA-830E-6ED63BB7AACA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5C05F468-5A0A-47EA-A8AF-4452D67E7AB4}" = lport=137 | protocol=17 | dir=in | app=system |
"{615475CE-2C8F-4219-A548-825D1A0530BC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{68EA7922-E1E7-4B85-B09F-BBB67351DC4F}" = rport=137 | protocol=17 | dir=out | app=system |
"{7A7239BC-F3E8-489A-A054-23DABC23061C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9AAB4FEC-F875-40A7-8C26-82A62889BFD4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A564B1E4-D7C8-45AE-BE08-ECC3566DCB23}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF8CC0B1-F2FC-4F2C-B228-985E521D6D85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B3593231-98E9-4B39-BB05-D33DC36269B5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C19BC04F-F686-4FDD-B1DD-4928B38247C8}" = lport=445 | protocol=6 | dir=in | app=system |
"{CBF85DCA-5415-4461-884F-AECBB40893D8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{CD3EE2C5-EC4E-47F0-814F-FFC33A9AD8DC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{DAE46C87-94EB-446B-8AE9-79F2168B0A92}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E974BE55-B8DF-4C8E-9463-D5BC49F8677F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E9FDC7C7-0CD4-42AB-8220-874C01CCCC19}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EBAC6961-1219-4467-8DC0-384A998C8D00}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F168EBF7-64C8-46DF-8152-F4F7454066E0}" = rport=139 | protocol=6 | dir=out | app=system |
"{F6A9A5A9-C306-4E53-B55E-50006CB18894}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{053975F5-C228-45E9-9183-32A9050123E5}" = protocol=17 | dir=in | app=c:\program files (x86)\music toolbar\datamngr\srtoolbar\ie\dtuser.exe |
"{0AC2DE31-EBE3-4DAF-8E54-C598268ED927}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{11F9C7DB-06DE-4126-B926-187A95094D6F}" = protocol=17 | dir=in | app=c:\program files (x86)\agrar simulator 2012 demo\farm2012.demo.dll |
"{126B31B8-DC10-4535-B499-19E8837B1CB5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{17FF00AB-7D1B-4B40-9B3C-3EFC263AE42C}" = protocol=6 | dir=in | app=c:\program files (x86)\agrar simulator 2012 demo\farm2012.demo.dll |
"{18221912-A430-41E7-99F4-22F72832C7DA}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2011 demo\game.exe |
"{1AF14072-4BFB-4F48-98AA-D4227AA0A71A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2813968D-5AF1-42F8-93A5-FDE782ED1532}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2DB7E409-7173-4506-963B-9D09CDBC0831}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{322B5C9C-1C8F-4A5C-89E0-1D2DD2A98C7B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{37238904-23A0-4AE5-BEF0-F392A322082F}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2launcher.exe |
"{3792EAEC-90FA-472B-A407-60402E3D118E}" = protocol=6 | dir=out | app=system |
"{5604A3BA-EBC7-4F72-A8BC-78C37E76F368}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{600DFC60-74BC-4A9F-BB74-E4DB75B2ECEE}" = protocol=17 | dir=in | app=c:\program files (x86)\agrar simulator 2012 demo\iupdate.dll |
"{67315105-5EA2-41AA-955A-A62AC8FDDBDA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6A2A41F9-E479-45E5-974A-23043FF52C3F}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2011 demo\farmingsimulator2011.exe |
"{6BAE8324-3E20-4AD7-9AC0-69A30BAEA825}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{74385240-0F39-416E-90A5-A5630E1BEC70}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{86880271-3218-458C-977D-511A8FE5CD04}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A7DDBB44-6BE4-464B-AE2A-D43770E38C11}" = protocol=6 | dir=in | app=c:\program files (x86)\agrar simulator 2012 demo\iupdate.dll |
"{AAD81755-1B15-4B02-9FD1-E8290909A2B3}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{AB97FC43-14BA-4A94-96C1-DAC3212622EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B2E7A6AE-09D7-4594-B6EA-6BE163DBDA86}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CF70E6CB-F266-4A51-98A4-490E03979E38}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{D3FA36E8-1711-4454-8414-9C18326A6878}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D785CABA-F8FC-4E74-A0B5-57946EF17A23}" = protocol=6 | dir=in | app=c:\program files (x86)\music toolbar\datamngr\srtoolbar\ie\dtuser.exe |
"{D94B808A-3F49-4683-8406-45B0561E30F2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DA6E1B6D-07D7-4A4B-80F2-4875C2A560DA}" = dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{DCDF0758-D1C7-4492-B672-36E011350D26}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2launcher.exe |
"{DD20411B-42EE-40DF-AA1D-0C479CF36952}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DFC920E3-C6BB-46F8-91AA-13166651AE2F}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2011 demo\farmingsimulator2011.exe |
"{E0347137-09B8-49CE-8398-EB9632DC98C4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EF37A8E6-2ACA-4594-A2FC-1E1A12B283A2}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2011 demo\game.exe |
"{F737A8F5-585F-41B9-8CCF-0053083E70E2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F76DF3F1-9464-4362-A07B-7407504CD021}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F8DBB142-F9F2-4E99-8F63-81E99744CA89}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"TCP Query User{24553DF4-1DD2-43E0-88BE-3AF8803BFD2D}C:\program files (x86)\portable\farming simulator 2013 v1.3\farmingsimulator2013game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\portable\farming simulator 2013 v1.3\farmingsimulator2013game.exe |
"TCP Query User{58637C1D-0DCC-437A-B143-79EEBF42B476}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{E7C28372-B533-4E2D-B971-2460941D1220}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{ECE46A48-6AFE-4D04-86D5-AC874E91ECE6}C:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe |
"UDP Query User{6D2454D1-E9E2-4599-8804-0F2ECC44FA9D}C:\program files (x86)\portable\farming simulator 2013 v1.3\farmingsimulator2013game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\portable\farming simulator 2013 v1.3\farmingsimulator2013game.exe |
"UDP Query User{A19BAEBB-7CC9-438E-9F4E-AA5B20B56277}C:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe |
"UDP Query User{CFA13D3A-5BE6-41BF-830E-421D067A6D2C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{F5B5A65A-EDC0-4FB8-A52E-82B55D6F481B}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}" = HP Power Assistant
"{422BA615-2133-4DC0-8673-09C8CC7557F2}" = HP ProtectTools Security Manager
"{483D5A49-A26B-4CB8-AA2D-0D1811322061}" = HP DayStarter
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{59318EFF-4C0D-9C81-B6BE-7848D91EC65D}" = AMD Media Foundation Decoders
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6563C6CF-9A5E-4854-A655-C3192FB92D15}" = HP 3D DriveGuard
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7A78AF51-402D-A62A-4C58-7F96F772FD26}" = ccc-utility64
"{7DB34D93-22BA-BE2B-6DB9-56D84E98C1DB}" = AMD Catalyst Install Manager
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}" = Drive Encryption For HP ProtectTools
"{90140000-006D-041B-1000-0000000FF1CE}" = Microsoft Office Klikni a spusti 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}" = Privacy Manager for HP ProtectTools
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BFAE8D5B-F918-486F-B74E-90762DF11C5C}" = Microsoft Security Client
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D3A775F2-2674-4452-8D80-1FC1446052EE}" = Face Recognition for HP ProtectTools
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}" = Validity Fingerprint Sensor Driver
"1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1" = Realtek Motorola BC8 Bluetooth 3.0+HS Adapter
"European Bus Simulator 2012_is1" = European Bus Simulator 2012
"HPProtectTools" = HP ProtectTools Security Manager
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02C0A02E-AB30-446C-B4C3-A03310D95F53}" = Windows Live UX Platform Language Pack
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{039E8B34-A8EF-4BCD-2144-64B7C5EAA328}" = Catalyst Control Center InstallProxy
"{0444801E-91E0-35DE-5197-78C32D860F38}_is1" = Minecraft 1.5.2 plna hra version for Windows
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0A455897-C606-4958-AD34-6DF0430D184B}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C360568-D446-23CD-76C4-D1681970E744}" = CCC Help French
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}" = HP Wallpaper
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1AD74AE8-6BF3-4B28-A0DD-A9503C39B5BE}_is1" = Construction-Simulator 2012 - Demo version 1.0
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1BF4CB15-6055-452A-8487-021AE2D91208}" = Crysis® 2 Demo
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236FBEC8-064C-1FC0-CB33-A05924760434}" = CCC Help Turkish
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 60
"{295EA59A-A0E5-6879-75EB-42B51C32D36A}" = CCC Help Chinese Traditional
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{39578552-C4A0-7C5F-A3B9-C5570658B5DE}" = CCC Help Polish
"{3DD4E7AB-499B-7229-675F-97A927B6EEFE}" = CCC Help Czech
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F437675-F102-4866-BDE1-FFFC7B45EC0B}" = HP QuickWeb
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4114A073-7385-4742-8A5E-A5788FAC838F}" = ArcSoft TotalMedia
"{43C4F652-AC87-107E-0EB1-6D1BF91D7E4C}" = PX Profile Update
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{47A9047D-5DF1-EFBE-7CCF-AA01BC210D9E}" = CCC Help Greek
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B21E4B2-89B8-499D-803A-34ABF929401E}" = HP Connection Manager
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52151361-00B3-F7D4-5FDC-D5CF6719B6A1}" = CCC Help Portuguese
"{531000B3-DBEE-4115-BBF3-DA48B67C053F}" = HP Software Setup
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{55BD3373-0853-6F9D-0698-7AA826565DEB}" = CCC Help Korean
"{576CA494-F771-4B10-9AF0-8ED4A7AFB0CC}_is1" = Amnesia - The Dark Descent Demo
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{622360C7-1E34-5D81-F38B-FD98A591B384}" = CCC Help Russian
"{6431C3EB-B27B-A5BF-DF0F-86160D2EAA53}" = CCC Help Japanese
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6748CDF6-8D85-AA3C-ED58-35B67F2086BF}" = CCC Help Dutch
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69204C82-408E-0956-8D5D-C51936020232}" = CCC Help Danish
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B318C80-7BE4-4D79-9F53-4290958EA984}" = Windows Live UX Platform Language Pack
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6C211A7D-75FF-6F59-EEB3-49DD1B015786}" = Catalyst Control Center Localization All
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6FAA2801-6F82-30E9-A13F-7E282C75C070}" = Catalyst Control Center
"{7097F4B0-1E33-CCDF-2D3F-D01696256C14}" = CCC Help German
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72E3D563-C37C-4037-9F04-B64C0DAD0EFF}" = HP System Default Settings
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{840021F2-FFC0-467A-BF85-29B8B7803717}" = HP ESU for Microsoft Windows 7
"{8CAC306A-427D-A215-EB1F-8584015A0390}" = CCC Help Hungarian
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F2BD58A-0B91-803E-E45B-F6021371C912}" = CCC Help Italian
"{90140011-0066-041B-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Slovenčina
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93F74B13-3884-CC6E-DDEE-3E442AE92763}" = CCC Help Swedish
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C8BF87B-2970-D61A-DB58-E3E89B1DF057}" = CCC Help Thai
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9FA13759-5C2B-4177-9DDC-0038F8B5BEFD}" = Bing Bar
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"{B1875482-6667-E445-E2C5-FA27A7B380F1}" = CCC Help Chinese Standard
"{B611AC55-098E-03A6-03A6-335AC9517DF9}_is1" = Bioshock 2 etina version for Windows
"{B692EAC3-C0FF-96F5-66CC-48AA8D80B7BA}" = Catalyst Control Center Profiles Mobile
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BBFAD252-E6CB-49BE-B70A-DB69C0B664E0}" = WRC FIA World Rally Championship Demo
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C1C015ED-4E99-D47A-351D-77CB163B4FDF}_is1" = Minecraft Pocket Edition save (mapa) survival by 123 version for Windows
"{C33240AB-1F4B-4DE2-B1C7-54E0A182BB5D}" = Catalyst Control Center - Branding
"{C6A49140-A2D9-4CA4-BB92-2E1C8CBB6E16}" = HP Documentation
"{C747FCD2-90CF-B5DC-9E27-C4A338D5E96C}" = CCC Help English
"{C97CC14E-4789-4FC5-BC75-79191F7CE009}" = HP Hotkey Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D341EEF7-1C21-40B2-B44F-FE45FD0EB0B1}" = WRC FIA World Rally Championship Demo
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D82ABA2F-492B-440F-A9BC-12331B17EEA9}" = HP Software Framework
"{D85459DF-8D49-D068-DF7B-A3237D846480}" = CCC Help Spanish
"{DCE92AB4-A44D-09E7-7955-4381CD01D9C3}" = CCC Help Finnish
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{EC3E313E-3458-F0C6-FFF2-9A3B246A36DA}" = Catalyst Control Center Graphics Previews Common
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{FA890A15-FAE6-2B43-0F43-249D24C00EE2}" = CCC Help Norwegian
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE465061-894A-4023-8580-56FCDD4F23F9}" = HP SoftPaq Download Manager
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"12 úkolů pro Herkula" = 12 úkolů pro Herkula
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Agrar Simulator 2012 Demo" = Agricultural Simulator 2012 Demo
"ArcSoft TotalMedia" = ArcSoft TotalMedia
"boys1024x768" = boys1024x768 Screen Saver
"Bratrstvo Vikingů" = Bratrstvo Vikingů
"Crash Time 5 - Undercover Demo_is1" = Crash Time 5 - Undercover Demo
"DemolitionCompanyDemoEN_is1" = Demolition Company Demo
"Evy: Magické sféry" = Evy: Magické sféry
"FarmingSimulator2011DemoEN_is1" = Farming Simulator 2011 Demo
"FerrariVR" = Ferrari Virtual Race (remove only)
"Fishdom 3 Sběratelská edice" = Fishdom 3 Sběratelská edice
"Garbage Truck Simulator" = Garbage Truck Simulator (remove only)
"German Truck Simulator" = German Truck Simulator 1.04
"girls1280x1024" = girls1280x1024 Screen Saver
"Google Chrome" = Google Chrome
"Hledači pokladů: Ztracené město" = Hledači pokladů: Ztracené město
"Hrdina Království" = Hrdina Království
"imeshmusicboxtoolbar181CR" = Music Toolbar for Chrome (Dist. by iMesh, Inc.)
"imeshmusicboxtoolbar181IE" = Music Toolbar for Internet Explorer (Dist. by iMesh, Inc.)
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"MINECRAFT 1.5.2 FULL 1.00" = MINECRAFT 1.5.2 FULL 1.00
"Minecraft1.6.2" = Minecraft1.6.2
"Odsuň bednu" = Odsuň bednu
"Office14.Click2Run" = Microsoft Office Klikni a spusti 2010
"Opičí věž" = Opičí věž
"PDF Complete" = PDF Complete Special Edition
"Police Supercars Racing_is1" = Police Supercars Racing
"Příběhy z království" = Příběhy z království
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"Stavba Velké čínské zdi" = Stavba Velké čínské zdi
"Sunplus SPUVCb" = HP HD Webcam [Fixed]
"UK Truck Simulator" = UK Truck Simulator 1.32
"VirtualBus_is1" = VirtualBus A6C RC3
"WinLiveSuite" = Windows Live Essentials
"XobniMain" = Xobni
"Zakázaná Tajemství: Město Mimozemšťanů" = Zakázaná Tajemství: Město Mimozemšťanů
"Zločin v horách: Odveta" = Zločin v horách: Odveta

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13. 9. 2013 10:18:14 | Computer Name = Alžbeta-HP | Source = Application Error | ID = 1000
Error - 13. 9. 2013 12:19:55 | Computer Name = Alžbeta-HP | Source = Microsoft-Windows-LoadPerf
| ID = 3006

Description = Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 13. 9. 2013 12:20:03 | Computer Name = Alžbeta-HP | Source = Microsoft-Windows-LoadPerf
| ID = 3006

Description = Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 13. 9. 2013 13:26:54 | Computer Name = Alžbeta-HP | Source = WinMgmt | ID
= 10

Description =
Error - 13. 9. 2013 13:29:35 | Computer Name = Alžbeta-HP | Source = WinMgmt | ID
= 10

Description =
Error - 13. 9. 2013 13:30:45 | Computer Name = Alžbeta-HP | Source = Application
Error | ID = 1000

Error - 14. 9. 2013 2:39:24 | Computer Name = Alžbeta-HP | Source = WinMgmt | ID = 10
Description =

Error - 14. 9. 2013 2:41:10 | Computer Name = Alžbeta-HP | Source = Application Error | ID = 1000
Error - 14. 9. 2013 6:11:44 | Computer Name = Alžbeta-HP | Source = WinMgmt | ID
= 10

Description =
Error - 14. 9. 2013 6:11:53 | Computer Name = Alžbeta-HP | Source = Application
Error | ID = 1000

Error - 14. 9. 2013 7:44:04 | Computer Name = Alžbeta-HP | Source = WinMgmt | ID = 10
Description =

Error - 14. 9. 2013 7:44:08 | Computer Name = Alžbeta-HP | Source = Application Error | ID = 1000
Error - 15. 9. 2013 3:49:50 | Computer Name = Alžbeta-HP | Source = WinMgmt | ID
= 10

Description =
Error - 15. 9. 2013 3:49:59 | Computer Name = Alžbeta-HP | Source = Application
Error | ID = 1000

[ Hewlett-Packard Events ]
Error - 3. 8. 2012 7:41:52 | Computer Name = Alžbeta-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()

at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: sk-SK RAM: 4030 Ram Utilization: 40 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)

Error - 3. 8. 2012 7:42:08 | Computer Name = Alžbeta-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 3. 8. 2012 7:42:08 | Computer Name = Alžbeta-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 17. 8. 2012 15:29:23 | Computer Name = Alžbeta-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 22. 9. 2012 3:01:36 | Computer Name = Alžbeta-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 2. 11. 2012 5:26:53 | Computer Name = Alžbeta-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()

at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: sk-SK RAM: 4030 Ram Utilization: 40 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)

Error - 24. 11. 2012 11:56:46 | Computer Name = Alžbeta-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: sk-SK RAM: 4030
Ram
Utilization: 40 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()

Error - 24. 11. 2012 12:24:35 | Computer Name = Alžbeta-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: sk-SK RAM: 4030
Ram
Utilization: 40 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()

Error - 21. 4. 2014 2:15:19 | Computer Name = Alžbeta-HP | Source = hpsa_service.exe | ID = 2000
Description =

Error - 27. 4. 2014 7:56:18 | Computer Name = Alžbeta-HP | Source = hpsa_service.exe | ID = 2000
Description =

[ HP Connection Manager Events ]
Error - 7. 6. 2014 8:58:45 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 14:58:45.259|000018A0|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 8:59:35 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 14:59:35.959|000018A0|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 10:01:35 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 16:01:35.040|00001A54|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 10:01:35 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 16:01:35.602|00001A54|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 10:01:37 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 16:01:37.630|00001A54|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 10:01:39 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 16:01:39.658|00001A54|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 13:12:31 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 19:12:31.538|00001230|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 13:12:31 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 19:12:31.585|00001230|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 17:03:53 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 23:03:53.047|00001594|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 17:03:53 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 23:03:53.390|00001594|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

[ HP Power Assistant Events ]
Error - 7. 6. 2014 18:32:49 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:32:54 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:32:59 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:33:04 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:33:09 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:33:14 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:33:19 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:33:24 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:33:29 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:33:34 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

[ HP Software Framework Events ]
Error - 7. 6. 2014 18:32:49 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:32:49.894|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:32:54 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:32:54.867|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:32:59 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:32:59.836|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:33:04 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:33:04.810|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:33:09 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:33:09.780|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:33:14 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:33:14.746|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:33:19 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:33:19.747|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:33:24 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:33:24.697|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:33:29 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:33:29.666|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:33:34 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:33:34.637|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

[ Media Center Events ]
Error - 17. 12. 2013 11:10:05 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 16:10:05 - Chyba pripájania na Internet. 16:10:05 - Nebolo možné
spojiť sa so serverom..

Error - 17. 12. 2013 11:10:11 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 16:10:10 - Chyba pripájania na Internet. 16:10:10 - Nebolo možné
spojiť sa so serverom..

Error - 18. 12. 2013 9:17:29 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 14:17:29 - Chyba pripájania na Internet. 14:17:29 - Nebolo možné
spojiť sa so serverom..

Error - 18. 12. 2013 9:17:36 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 14:17:35 - Chyba pripájania na Internet. 14:17:35 - Nebolo možné
spojiť sa so serverom..

Error - 19. 12. 2013 14:20:41 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 19:20:41 - Chyba pripájania na Internet. 19:20:41 - Nebolo možné
spojiť sa so serverom..

Error - 21. 12. 2013 11:34:42 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 16:33:18 - Chyba pripájania na Internet. 16:33:18 - Nebolo možné
spojiť sa so serverom..

Error - 2. 1. 2014 12:01:11 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 17:01:11 - Chyba pripájania na Internet. 17:01:11 - Nebolo možné
spojiť sa so serverom..

Error - 2. 1. 2014 12:01:25 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 17:01:17 - Chyba pripájania na Internet. 17:01:17 - Nebolo možné
spojiť sa so serverom..

Error - 4. 1. 2014 5:30:33 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 10:30:33 - Chyba pripájania na Internet. 10:30:33 - Nebolo možné
spojiť sa so serverom..

Error - 4. 1. 2014 5:30:43 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 10:30:38 - Chyba pripájania na Internet. 10:30:38 - Nebolo možné
spojiť sa so serverom..

[ System Events ]
Error - 7. 6. 2014 13:06:02 | Computer Name = Alžbeta-HP | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.

Error - 7. 6. 2014 13:11:36 | Computer Name = Alžbeta-HP | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označená ako interaktívna služba. Systém
je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne
nebude pracovať správne.

Error - 7. 6. 2014 13:12:09 | Computer Name = Alžbeta-HP | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označená ako interaktívna služba. Systém
je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne
nebude pracovať správne.

Error - 7. 6. 2014 13:12:28 | Computer Name = Alžbeta-HP | Source = DCOM | ID = 10010
Description =

Error - 7. 6. 2014 13:16:17 | Computer Name = Alžbeta-HP | Source = Service Control Manager | ID = 7000
Description = Spustenie služby HP Power Assistant Service zlyhalo kvôli nasledujúcej
chybe: %%31

Error - 7. 6. 2014 13:16:17 | Computer Name = Alžbeta-HP | Source = Service Control Manager | ID = 7000
Description = Spustenie služby HP Support Assistant Service zlyhalo kvôli nasledujúcej
chybe: %%31

Error - 7. 6. 2014 14:00:37 | Computer Name = Alžbeta-HP | Source = DCOM | ID = 10010
Description =

Error - 7. 6. 2014 14:00:43 | Computer Name = Alžbeta-HP | Source = DCOM | ID = 10010
Description =

Error - 7. 6. 2014 17:03:39 | Computer Name = Alžbeta-HP | Source = DCOM | ID = 10010
Description =

Error - 7. 6. 2014 17:03:54 | Computer Name = Alžbeta-HP | Source = Service Control Manager | ID = 7038
Description = Službe WerSvc sa nepodarilo s aktuálne nakonfigurovaným heslom prihlásiť
ako NT AUTHORITY\SYSTEM kvôli nasledujúcej chybe: %%1352 Ak chcete zabezpečiť správne
nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft Management
Console).

< End of report >

Walky · #20 Příspěvek od **Walky** » 07 čer 2014 23:50

EXTRAS
OTL Extras logfile created on: 8. 6. 2014 0:02:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alžbeta\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3,94 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 49,48% Memory free
7,87 Gb Paging File | 5,29 Gb Available in Paging File | 67,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444,67 Gb Total Space | 356,14 Gb Free Space | 80,09% Space Free | Partition Type: NTFS
Drive E: | 15,80 Gb Total Space | 2,37 Gb Free Space | 15,02% Space Free | Partition Type: NTFS
Drive F: | 4,98 Gb Total Space | 2,10 Gb Free Space | 42,17% Space Free | Partition Type: FAT32

Computer Name: ALZBETA-HP | User Name: Alžbeta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3352712217-267748145-1722845266-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CE89421-B04E-4B3F-AE2A-65F5D8FAE375}" = lport=138 | protocol=17 | dir=in | app=system |
"{0D30E291-F596-4BCF-8DDB-206AC54A52B9}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{1A52052E-D7FE-4A4F-A178-90B934064A6F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{25CF8D60-0CFD-4501-8ADF-CBD55C806424}" = lport=10243 | protocol=6 | dir=in | app=system |
"{32D4C8BC-BC21-48B3-86B2-37837DF14AD3}" = rport=138 | protocol=17 | dir=out | app=system |
"{5246831C-0835-4290-A283-0DE53F129102}" = lport=139 | protocol=6 | dir=in | app=system |
"{55704ED5-5B48-4C5B-8C31-0AA7FDCDB11F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{55B650D3-5910-4E71-88A0-65F7C2860186}" = rport=445 | protocol=6 | dir=out | app=system |
"{5AB33471-F1E5-41FA-830E-6ED63BB7AACA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5C05F468-5A0A-47EA-A8AF-4452D67E7AB4}" = lport=137 | protocol=17 | dir=in | app=system |
"{615475CE-2C8F-4219-A548-825D1A0530BC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{68EA7922-E1E7-4B85-B09F-BBB67351DC4F}" = rport=137 | protocol=17 | dir=out | app=system |
"{7A7239BC-F3E8-489A-A054-23DABC23061C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9AAB4FEC-F875-40A7-8C26-82A62889BFD4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A564B1E4-D7C8-45AE-BE08-ECC3566DCB23}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF8CC0B1-F2FC-4F2C-B228-985E521D6D85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B3593231-98E9-4B39-BB05-D33DC36269B5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C19BC04F-F686-4FDD-B1DD-4928B38247C8}" = lport=445 | protocol=6 | dir=in | app=system |
"{CBF85DCA-5415-4461-884F-AECBB40893D8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{CD3EE2C5-EC4E-47F0-814F-FFC33A9AD8DC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{DAE46C87-94EB-446B-8AE9-79F2168B0A92}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E974BE55-B8DF-4C8E-9463-D5BC49F8677F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E9FDC7C7-0CD4-42AB-8220-874C01CCCC19}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EBAC6961-1219-4467-8DC0-384A998C8D00}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F168EBF7-64C8-46DF-8152-F4F7454066E0}" = rport=139 | protocol=6 | dir=out | app=system |
"{F6A9A5A9-C306-4E53-B55E-50006CB18894}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{053975F5-C228-45E9-9183-32A9050123E5}" = protocol=17 | dir=in | app=c:\program files (x86)\music toolbar\datamngr\srtoolbar\ie\dtuser.exe |
"{0AC2DE31-EBE3-4DAF-8E54-C598268ED927}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{11F9C7DB-06DE-4126-B926-187A95094D6F}" = protocol=17 | dir=in | app=c:\program files (x86)\agrar simulator 2012 demo\farm2012.demo.dll |
"{126B31B8-DC10-4535-B499-19E8837B1CB5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{17FF00AB-7D1B-4B40-9B3C-3EFC263AE42C}" = protocol=6 | dir=in | app=c:\program files (x86)\agrar simulator 2012 demo\farm2012.demo.dll |
"{18221912-A430-41E7-99F4-22F72832C7DA}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2011 demo\game.exe |
"{1AF14072-4BFB-4F48-98AA-D4227AA0A71A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2813968D-5AF1-42F8-93A5-FDE782ED1532}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2DB7E409-7173-4506-963B-9D09CDBC0831}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{322B5C9C-1C8F-4A5C-89E0-1D2DD2A98C7B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{37238904-23A0-4AE5-BEF0-F392A322082F}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2launcher.exe |
"{3792EAEC-90FA-472B-A407-60402E3D118E}" = protocol=6 | dir=out | app=system |
"{5604A3BA-EBC7-4F72-A8BC-78C37E76F368}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{600DFC60-74BC-4A9F-BB74-E4DB75B2ECEE}" = protocol=17 | dir=in | app=c:\program files (x86)\agrar simulator 2012 demo\iupdate.dll |
"{67315105-5EA2-41AA-955A-A62AC8FDDBDA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6A2A41F9-E479-45E5-974A-23043FF52C3F}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2011 demo\farmingsimulator2011.exe |
"{6BAE8324-3E20-4AD7-9AC0-69A30BAEA825}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{74385240-0F39-416E-90A5-A5630E1BEC70}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{86880271-3218-458C-977D-511A8FE5CD04}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A7DDBB44-6BE4-464B-AE2A-D43770E38C11}" = protocol=6 | dir=in | app=c:\program files (x86)\agrar simulator 2012 demo\iupdate.dll |
"{AAD81755-1B15-4B02-9FD1-E8290909A2B3}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{AB97FC43-14BA-4A94-96C1-DAC3212622EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B2E7A6AE-09D7-4594-B6EA-6BE163DBDA86}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CF70E6CB-F266-4A51-98A4-490E03979E38}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{D3FA36E8-1711-4454-8414-9C18326A6878}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D785CABA-F8FC-4E74-A0B5-57946EF17A23}" = protocol=6 | dir=in | app=c:\program files (x86)\music toolbar\datamngr\srtoolbar\ie\dtuser.exe |
"{D94B808A-3F49-4683-8406-45B0561E30F2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DA6E1B6D-07D7-4A4B-80F2-4875C2A560DA}" = dir=in | app=c:\program files (x86)\imesh applications\imesh\imesh.exe |
"{DCDF0758-D1C7-4492-B672-36E011350D26}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2launcher.exe |
"{DD20411B-42EE-40DF-AA1D-0C479CF36952}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DFC920E3-C6BB-46F8-91AA-13166651AE2F}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2011 demo\farmingsimulator2011.exe |
"{E0347137-09B8-49CE-8398-EB9632DC98C4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EF37A8E6-2ACA-4594-A2FC-1E1A12B283A2}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2011 demo\game.exe |
"{F737A8F5-585F-41B9-8CCF-0053083E70E2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F76DF3F1-9464-4362-A07B-7407504CD021}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F8DBB142-F9F2-4E99-8F63-81E99744CA89}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"TCP Query User{24553DF4-1DD2-43E0-88BE-3AF8803BFD2D}C:\program files (x86)\portable\farming simulator 2013 v1.3\farmingsimulator2013game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\portable\farming simulator 2013 v1.3\farmingsimulator2013game.exe |
"TCP Query User{58637C1D-0DCC-437A-B143-79EEBF42B476}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{E7C28372-B533-4E2D-B971-2460941D1220}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{ECE46A48-6AFE-4D04-86D5-AC874E91ECE6}C:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe |
"UDP Query User{6D2454D1-E9E2-4599-8804-0F2ECC44FA9D}C:\program files (x86)\portable\farming simulator 2013 v1.3\farmingsimulator2013game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\portable\farming simulator 2013 v1.3\farmingsimulator2013game.exe |
"UDP Query User{A19BAEBB-7CC9-438E-9F4E-AA5B20B56277}C:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis 2 demo\bin32\crysis2demo.exe |
"UDP Query User{CFA13D3A-5BE6-41BF-830E-421D067A6D2C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{F5B5A65A-EDC0-4FB8-A52E-82B55D6F481B}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}" = HP Power Assistant
"{422BA615-2133-4DC0-8673-09C8CC7557F2}" = HP ProtectTools Security Manager
"{483D5A49-A26B-4CB8-AA2D-0D1811322061}" = HP DayStarter
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{59318EFF-4C0D-9C81-B6BE-7848D91EC65D}" = AMD Media Foundation Decoders
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6563C6CF-9A5E-4854-A655-C3192FB92D15}" = HP 3D DriveGuard
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7A78AF51-402D-A62A-4C58-7F96F772FD26}" = ccc-utility64
"{7DB34D93-22BA-BE2B-6DB9-56D84E98C1DB}" = AMD Catalyst Install Manager
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}" = Drive Encryption For HP ProtectTools
"{90140000-006D-041B-1000-0000000FF1CE}" = Microsoft Office Klikni a spusti 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}" = Privacy Manager for HP ProtectTools
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BFAE8D5B-F918-486F-B74E-90762DF11C5C}" = Microsoft Security Client
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D3A775F2-2674-4452-8D80-1FC1446052EE}" = Face Recognition for HP ProtectTools
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{FFC3E41D-2C2B-45B7-9AD9-5EA19572DD26}" = Validity Fingerprint Sensor Driver
"1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1" = Realtek Motorola BC8 Bluetooth 3.0+HS Adapter
"European Bus Simulator 2012_is1" = European Bus Simulator 2012
"HPProtectTools" = HP ProtectTools Security Manager
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02C0A02E-AB30-446C-B4C3-A03310D95F53}" = Windows Live UX Platform Language Pack
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{039E8B34-A8EF-4BCD-2144-64B7C5EAA328}" = Catalyst Control Center InstallProxy
"{0444801E-91E0-35DE-5197-78C32D860F38}_is1" = Minecraft 1.5.2 plna hra version for Windows
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0A455897-C606-4958-AD34-6DF0430D184B}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C360568-D446-23CD-76C4-D1681970E744}" = CCC Help French
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}" = HP Wallpaper
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1AD74AE8-6BF3-4B28-A0DD-A9503C39B5BE}_is1" = Construction-Simulator 2012 - Demo version 1.0
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1BF4CB15-6055-452A-8487-021AE2D91208}" = Crysis® 2 Demo
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236FBEC8-064C-1FC0-CB33-A05924760434}" = CCC Help Turkish
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 60
"{295EA59A-A0E5-6879-75EB-42B51C32D36A}" = CCC Help Chinese Traditional
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{39578552-C4A0-7C5F-A3B9-C5570658B5DE}" = CCC Help Polish
"{3DD4E7AB-499B-7229-675F-97A927B6EEFE}" = CCC Help Czech
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F437675-F102-4866-BDE1-FFFC7B45EC0B}" = HP QuickWeb
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4114A073-7385-4742-8A5E-A5788FAC838F}" = ArcSoft TotalMedia
"{43C4F652-AC87-107E-0EB1-6D1BF91D7E4C}" = PX Profile Update
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{47A9047D-5DF1-EFBE-7CCF-AA01BC210D9E}" = CCC Help Greek
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B21E4B2-89B8-499D-803A-34ABF929401E}" = HP Connection Manager
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52151361-00B3-F7D4-5FDC-D5CF6719B6A1}" = CCC Help Portuguese
"{531000B3-DBEE-4115-BBF3-DA48B67C053F}" = HP Software Setup
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{55BD3373-0853-6F9D-0698-7AA826565DEB}" = CCC Help Korean
"{576CA494-F771-4B10-9AF0-8ED4A7AFB0CC}_is1" = Amnesia - The Dark Descent Demo
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{622360C7-1E34-5D81-F38B-FD98A591B384}" = CCC Help Russian
"{6431C3EB-B27B-A5BF-DF0F-86160D2EAA53}" = CCC Help Japanese
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6748CDF6-8D85-AA3C-ED58-35B67F2086BF}" = CCC Help Dutch
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69204C82-408E-0956-8D5D-C51936020232}" = CCC Help Danish
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B318C80-7BE4-4D79-9F53-4290958EA984}" = Windows Live UX Platform Language Pack
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6C211A7D-75FF-6F59-EEB3-49DD1B015786}" = Catalyst Control Center Localization All
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6FAA2801-6F82-30E9-A13F-7E282C75C070}" = Catalyst Control Center
"{7097F4B0-1E33-CCDF-2D3F-D01696256C14}" = CCC Help German
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72E3D563-C37C-4037-9F04-B64C0DAD0EFF}" = HP System Default Settings
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{840021F2-FFC0-467A-BF85-29B8B7803717}" = HP ESU for Microsoft Windows 7
"{8CAC306A-427D-A215-EB1F-8584015A0390}" = CCC Help Hungarian
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F2BD58A-0B91-803E-E45B-F6021371C912}" = CCC Help Italian
"{90140011-0066-041B-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Slovenčina
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93F74B13-3884-CC6E-DDEE-3E442AE92763}" = CCC Help Swedish
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C8BF87B-2970-D61A-DB58-E3E89B1DF057}" = CCC Help Thai
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9FA13759-5C2B-4177-9DDC-0038F8B5BEFD}" = Bing Bar
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"{B1875482-6667-E445-E2C5-FA27A7B380F1}" = CCC Help Chinese Standard
"{B611AC55-098E-03A6-03A6-335AC9517DF9}_is1" = Bioshock 2 etina version for Windows
"{B692EAC3-C0FF-96F5-66CC-48AA8D80B7BA}" = Catalyst Control Center Profiles Mobile
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BBFAD252-E6CB-49BE-B70A-DB69C0B664E0}" = WRC FIA World Rally Championship Demo
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C1C015ED-4E99-D47A-351D-77CB163B4FDF}_is1" = Minecraft Pocket Edition save (mapa) survival by 123 version for Windows
"{C33240AB-1F4B-4DE2-B1C7-54E0A182BB5D}" = Catalyst Control Center - Branding
"{C6A49140-A2D9-4CA4-BB92-2E1C8CBB6E16}" = HP Documentation
"{C747FCD2-90CF-B5DC-9E27-C4A338D5E96C}" = CCC Help English
"{C97CC14E-4789-4FC5-BC75-79191F7CE009}" = HP Hotkey Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D341EEF7-1C21-40B2-B44F-FE45FD0EB0B1}" = WRC FIA World Rally Championship Demo
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D82ABA2F-492B-440F-A9BC-12331B17EEA9}" = HP Software Framework
"{D85459DF-8D49-D068-DF7B-A3237D846480}" = CCC Help Spanish
"{DCE92AB4-A44D-09E7-7955-4381CD01D9C3}" = CCC Help Finnish
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{EC3E313E-3458-F0C6-FFF2-9A3B246A36DA}" = Catalyst Control Center Graphics Previews Common
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{FA890A15-FAE6-2B43-0F43-249D24C00EE2}" = CCC Help Norwegian
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE465061-894A-4023-8580-56FCDD4F23F9}" = HP SoftPaq Download Manager
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"12 úkolů pro Herkula" = 12 úkolů pro Herkula
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Agrar Simulator 2012 Demo" = Agricultural Simulator 2012 Demo
"ArcSoft TotalMedia" = ArcSoft TotalMedia
"boys1024x768" = boys1024x768 Screen Saver
"Bratrstvo Vikingů" = Bratrstvo Vikingů
"Crash Time 5 - Undercover Demo_is1" = Crash Time 5 - Undercover Demo
"DemolitionCompanyDemoEN_is1" = Demolition Company Demo
"Evy: Magické sféry" = Evy: Magické sféry
"FarmingSimulator2011DemoEN_is1" = Farming Simulator 2011 Demo
"FerrariVR" = Ferrari Virtual Race (remove only)
"Fishdom 3 Sběratelská edice" = Fishdom 3 Sběratelská edice
"Garbage Truck Simulator" = Garbage Truck Simulator (remove only)
"German Truck Simulator" = German Truck Simulator 1.04
"girls1280x1024" = girls1280x1024 Screen Saver
"Google Chrome" = Google Chrome
"Hledači pokladů: Ztracené město" = Hledači pokladů: Ztracené město
"Hrdina Království" = Hrdina Království
"imeshmusicboxtoolbar181CR" = Music Toolbar for Chrome (Dist. by iMesh, Inc.)
"imeshmusicboxtoolbar181IE" = Music Toolbar for Internet Explorer (Dist. by iMesh, Inc.)
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}" = Theft Recovery for HP ProtectTools
"MINECRAFT 1.5.2 FULL 1.00" = MINECRAFT 1.5.2 FULL 1.00
"Minecraft1.6.2" = Minecraft1.6.2
"Odsuň bednu" = Odsuň bednu
"Office14.Click2Run" = Microsoft Office Klikni a spusti 2010
"Opičí věž" = Opičí věž
"PDF Complete" = PDF Complete Special Edition
"Police Supercars Racing_is1" = Police Supercars Racing
"Příběhy z království" = Příběhy z království
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"Stavba Velké čínské zdi" = Stavba Velké čínské zdi
"Sunplus SPUVCb" = HP HD Webcam [Fixed]
"UK Truck Simulator" = UK Truck Simulator 1.32
"VirtualBus_is1" = VirtualBus A6C RC3
"WinLiveSuite" = Windows Live Essentials
"XobniMain" = Xobni
"Zakázaná Tajemství: Město Mimozemšťanů" = Zakázaná Tajemství: Město Mimozemšťanů
"Zločin v horách: Odveta" = Zločin v horách: Odveta

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13. 9. 2013 10:18:14 | Computer Name = Alžbeta-HP | Source = Application Error | ID = 1000
Error - 13. 9. 2013 12:19:55 | Computer Name = Alžbeta-HP | Source = Microsoft-Windows-LoadPerf
| ID = 3006

Description = Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 13. 9. 2013 12:20:03 | Computer Name = Alžbeta-HP | Source = Microsoft-Windows-LoadPerf
| ID = 3006

Description = Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 13. 9. 2013 13:26:54 | Computer Name = Alžbeta-HP | Source = WinMgmt | ID
= 10

Description =
Error - 13. 9. 2013 13:29:35 | Computer Name = Alžbeta-HP | Source = WinMgmt | ID
= 10

Description =
Error - 13. 9. 2013 13:30:45 | Computer Name = Alžbeta-HP | Source = Application
Error | ID = 1000

Error - 14. 9. 2013 2:39:24 | Computer Name = Alžbeta-HP | Source = WinMgmt | ID = 10
Description =

Error - 14. 9. 2013 2:41:10 | Computer Name = Alžbeta-HP | Source = Application Error | ID = 1000
Error - 14. 9. 2013 6:11:44 | Computer Name = Alžbeta-HP | Source = WinMgmt | ID
= 10

Description =
Error - 14. 9. 2013 6:11:53 | Computer Name = Alžbeta-HP | Source = Application
Error | ID = 1000

Error - 14. 9. 2013 7:44:04 | Computer Name = Alžbeta-HP | Source = WinMgmt | ID = 10
Description =

Error - 14. 9. 2013 7:44:08 | Computer Name = Alžbeta-HP | Source = Application Error | ID = 1000
Error - 15. 9. 2013 3:49:50 | Computer Name = Alžbeta-HP | Source = WinMgmt | ID
= 10

Description =
Error - 15. 9. 2013 3:49:59 | Computer Name = Alžbeta-HP | Source = Application
Error | ID = 1000

[ Hewlett-Packard Events ]
Error - 3. 8. 2012 7:41:52 | Computer Name = Alžbeta-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()

at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: sk-SK RAM: 4030 Ram Utilization: 40 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)

Error - 3. 8. 2012 7:42:08 | Computer Name = Alžbeta-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 3. 8. 2012 7:42:08 | Computer Name = Alžbeta-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 17. 8. 2012 15:29:23 | Computer Name = Alžbeta-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 22. 9. 2012 3:01:36 | Computer Name = Alžbeta-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 2. 11. 2012 5:26:53 | Computer Name = Alžbeta-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()

at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: sk-SK RAM: 4030 Ram Utilization: 40 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)

Error - 24. 11. 2012 11:56:46 | Computer Name = Alžbeta-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: sk-SK RAM: 4030
Ram
Utilization: 40 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()

Error - 24. 11. 2012 12:24:35 | Computer Name = Alžbeta-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: sk-SK RAM: 4030
Ram
Utilization: 40 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()

Error - 21. 4. 2014 2:15:19 | Computer Name = Alžbeta-HP | Source = hpsa_service.exe | ID = 2000
Description =

Error - 27. 4. 2014 7:56:18 | Computer Name = Alžbeta-HP | Source = hpsa_service.exe | ID = 2000
Description =

[ HP Connection Manager Events ]
Error - 7. 6. 2014 8:58:45 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 14:58:45.259|000018A0|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 8:59:35 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 14:59:35.959|000018A0|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 10:01:35 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 16:01:35.040|00001A54|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 10:01:35 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 16:01:35.602|00001A54|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 10:01:37 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 16:01:37.630|00001A54|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 10:01:39 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 16:01:39.658|00001A54|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 13:12:31 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 19:12:31.538|00001230|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 13:12:31 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 19:12:31.585|00001230|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 17:03:53 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 23:03:53.047|00001594|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 7. 6. 2014 17:03:53 | Computer Name = Alžbeta-HP | Source = hpCMSrv | ID = 5
Description = 2014/06/07 23:03:53.390|00001594|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

[ HP Power Assistant Events ]
Error - 7. 6. 2014 18:32:49 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:32:54 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:32:59 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:33:04 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:33:09 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:33:14 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:33:19 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:33:24 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:33:29 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

Error - 7. 6. 2014 18:33:34 | Computer Name = Alžbeta-HP | Source = HP PA Service | ID = 1002
Description = An error occurred while using HP CASL. Please restart HP Power Assistant
application. Additional details may be available in the Details section. DETAILS
CASL Error! Event PMC.Data didn't return XmlDocument; returnedSystem.Byte[]

[ HP Software Framework Events ]
Error - 7. 6. 2014 18:32:49 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:32:49.894|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:32:54 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:32:54.867|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:32:59 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:32:59.836|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:33:04 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:33:04.810|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:33:09 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:33:09.780|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:33:14 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:33:14.746|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:33:19 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:33:19.747|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:33:24 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:33:24.697|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:33:29 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:33:29.666|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

Error - 7. 6. 2014 18:33:34 | Computer Name = Alžbeta-HP | Source = CaslSmBios | ID = 5
Description = 2014. 06. 08 00:33:34.637|000016E4|Error |[CaslWmi]A::A{bool(object,hpCasl.CaslEventArgs&)}|Error
e_INVALID_XML converting PMC bytes to XML.

[ Media Center Events ]
Error - 17. 12. 2013 11:10:05 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 16:10:05 - Chyba pripájania na Internet. 16:10:05 - Nebolo možné
spojiť sa so serverom..

Error - 17. 12. 2013 11:10:11 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 16:10:10 - Chyba pripájania na Internet. 16:10:10 - Nebolo možné
spojiť sa so serverom..

Error - 18. 12. 2013 9:17:29 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 14:17:29 - Chyba pripájania na Internet. 14:17:29 - Nebolo možné
spojiť sa so serverom..

Error - 18. 12. 2013 9:17:36 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 14:17:35 - Chyba pripájania na Internet. 14:17:35 - Nebolo možné
spojiť sa so serverom..

Error - 19. 12. 2013 14:20:41 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 19:20:41 - Chyba pripájania na Internet. 19:20:41 - Nebolo možné
spojiť sa so serverom..

Error - 21. 12. 2013 11:34:42 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 16:33:18 - Chyba pripájania na Internet. 16:33:18 - Nebolo možné
spojiť sa so serverom..

Error - 2. 1. 2014 12:01:11 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 17:01:11 - Chyba pripájania na Internet. 17:01:11 - Nebolo možné
spojiť sa so serverom..

Error - 2. 1. 2014 12:01:25 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 17:01:17 - Chyba pripájania na Internet. 17:01:17 - Nebolo možné
spojiť sa so serverom..

Error - 4. 1. 2014 5:30:33 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 10:30:33 - Chyba pripájania na Internet. 10:30:33 - Nebolo možné
spojiť sa so serverom..

Error - 4. 1. 2014 5:30:43 | Computer Name = Alžbeta-HP | Source = MCUpdate | ID = 0
Description = 10:30:38 - Chyba pripájania na Internet. 10:30:38 - Nebolo možné
spojiť sa so serverom..

[ System Events ]
Error - 7. 6. 2014 13:06:02 | Computer Name = Alžbeta-HP | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.

Error - 7. 6. 2014 13:11:36 | Computer Name = Alžbeta-HP | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označená ako interaktívna služba. Systém
je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne
nebude pracovať správne.

Error - 7. 6. 2014 13:12:09 | Computer Name = Alžbeta-HP | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označená ako interaktívna služba. Systém
je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne
nebude pracovať správne.

Error - 7. 6. 2014 13:12:28 | Computer Name = Alžbeta-HP | Source = DCOM | ID = 10010
Description =

Error - 7. 6. 2014 13:16:17 | Computer Name = Alžbeta-HP | Source = Service Control Manager | ID = 7000
Description = Spustenie služby HP Power Assistant Service zlyhalo kvôli nasledujúcej
chybe: %%31

Error - 7. 6. 2014 13:16:17 | Computer Name = Alžbeta-HP | Source = Service Control Manager | ID = 7000
Description = Spustenie služby HP Support Assistant Service zlyhalo kvôli nasledujúcej
chybe: %%31

Error - 7. 6. 2014 14:00:37 | Computer Name = Alžbeta-HP | Source = DCOM | ID = 10010
Description =

Error - 7. 6. 2014 14:00:43 | Computer Name = Alžbeta-HP | Source = DCOM | ID = 10010
Description =

Error - 7. 6. 2014 17:03:39 | Computer Name = Alžbeta-HP | Source = DCOM | ID = 10010
Description =

Error - 7. 6. 2014 17:03:54 | Computer Name = Alžbeta-HP | Source = Service Control Manager | ID = 7038
Description = Službe WerSvc sa nepodarilo s aktuálne nakonfigurovaným heslom prihlásiť
ako NT AUTHORITY\SYSTEM kvôli nasledujúcej chybe: %%1352 Ak chcete zabezpečiť správne
nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft Management
Console).

< End of report >

#21 Příspěvek od **Márty84** » 08 čer 2014 07:26

Napiste mi velikost adresare plochy (C:\Users\Alžbeta\Desktop)

Vypnete antivir, at nebrani programu v praci.

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem
gusvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\HPCeeScheduleForALZBETA-HP$.job
C:\windows\tasks\HPCeeScheduleForAlžbeta.job
C:\windows\tasks\RMAutoUpdate.job
C:\windows\tasks\RMSchedule.job

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-3352712217-267748145-1722845266-1002\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
FF - HKCU\Software\MozillaPlugins\iMeshPlugin: C:\Program Files (x86)\iMesh Applications\iMesh\npiMeshPlugin.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-3352712217-267748145-1722845266-1002\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKU\S-1-5-21-3352712217-267748145-1722845266-1002\..Trusted Domains: localhost ([]http in Internet)
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[7 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[14 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\9e194b425ae94e6fd269786496707d0d\*.tmp files -> C:\windows\SoftwareDistribution\Download\9e194b425ae94e6fd269786496707d0d\*.tmp -> ]
[1 C:\windows\SoftwareDistribution\Download\d56cd7c486d2df277ca1be24e766eeb6\*.tmp files -> C:\windows\SoftwareDistribution\Download\d56cd7c486d2df277ca1be24e766eeb6\*.tmp -> ]
[5 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[2 C:\windows\System32\config\systemprofile\AppData\Local\Temp\*.tmp files -> C:\windows\System32\config\systemprofile\AppData\Local\Temp\*.tmp -> ]
[2 C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp files -> C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp -> ]
[7 C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[5 C:\windows\SysWOW64\*.tmp files -> C:\windows\SysWOW64\*.tmp -> ]
[2 C:\windows\SysWOW64\config\systemprofile\AppData\Local\Temp\*.tmp files -> C:\windows\SysWOW64\config\systemprofile\AppData\Local\Temp\*.tmp -> ]
[2 C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp files -> C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\*.tmp -> ]
[7 C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:D1B5B4F1

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{8dcb7100-df86-4384-8842-8fa844297b3f}"=-
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Printsrv"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""=-
"Printsrv"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Walky · #22 Příspěvek od **Walky** » 08 čer 2014 08:09

Velkost plochy je 302MB (je tam priecinok s fotkami)

log

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: albeta

User: Alžbeta
->Temp folder emptied: 614768 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 144213329 bytes
->Flash cache emptied: 6496716 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10969 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43276387 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 186,00 mb

[EMPTYFLASH]

User: All Users

User: albeta

User: Alžbeta
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
C:\windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\windows\tasks\HPCeeScheduleForALZBETA-HP$.job moved successfully.
C:\windows\tasks\HPCeeScheduleForAlžbeta.job moved successfully.
C:\windows\tasks\RMAutoUpdate.job moved successfully.
C:\windows\tasks\RMSchedule.job moved successfully.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
Registry key HKEY_USERS\S-1-5-21-3352712217-267748145-1722845266-1002\Software\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}\ not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\iMeshPlugin\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3352712217-267748145-1722845266-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
Registry key HKEY_USERS\S-1-5-21-3352712217-267748145-1722845266-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll not found.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ not found.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP189E.tmp\System.Configuration.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP189E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1FA2.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4194.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5189.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB96F.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE012.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4452.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP678C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP894B.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9455.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA13E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBE30.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC368.tmp\System.Runtime.Remoting.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC368.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC3E7.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEE06.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF44C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFA07.tmp\System.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFA07.tmp folder deleted successfully.
C:\windows\SoftwareDistribution\Download\9e194b425ae94e6fd269786496707d0d\BIT24D7.tmp deleted successfully.
C:\windows\SoftwareDistribution\Download\d56cd7c486d2df277ca1be24e766eeb6\BITFD94.tmp deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Local\Temp\nsfCAB1.tmp\Starter.exe deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Local\Temp\nsfCAB1.tmp folder deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Local\Temp\nsl6F1B.tmp\Starter.exe deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Local\Temp\nsl6F1B.tmp folder deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\sho6FC7.tmp deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\sho7760.tmp deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\ico2DAD.tmp deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\ico4F11.tmp deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\ico5AF6.tmp deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\ico7525.tmp deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\ico7FBB.tmp deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icoB506.tmp deleted successfully.
C:\windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icoE2FE.tmp deleted successfully.
ADS C:\ProgramData\TEMP:D1B5B4F1 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Printsrv deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Printsrv not found.

OTL by OldTimer - Version 3.2.69.0 log created on 06082014_085818

Files\Folders moved on Reboot...
C:\Users\Alžbeta\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#23 Příspěvek od **Márty84** » 08 čer 2014 08:14

Walky píše:Velkost plochy je 302MB (je tam priecinok s fotkami)

To je jeste v klidu. Nekteri maji i pres 200GB!

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.piriform.com/ccleaner/download/slim a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

Walky · #24 Příspěvek od **Walky** » 08 čer 2014 08:40

Combofix sa zacyklil stale najprv nieco zmaze potom zacne extrahovat potom zacne zalohovat registre. potom sa vypne a znovu zapne

#25 Příspěvek od **Márty84** » 08 čer 2014 08:44

Tak ten krok preskocte a pokracijte T-Cleanerem atd.

Walky · #26 Příspěvek od **Walky** » 08 čer 2014 09:47

Dakujem. Notebook ide ovela lepsie. Este pridam pre istotu novy log z RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by Alžbeta at 2014-06-08 10:43:31
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 365 GB (80%) free of 455 GB
Total RAM: 4030 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:43:33, on 8. 6. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Alžbeta.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superhry.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [HP HD Webcam [Fixed]_Monitor] C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPQuickWebProxy] "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Device Manager - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10129 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 12425 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
atieclxx
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
taskeng.exe {30B4D051-36F3-40DD-8C95-1A7000C272C4}
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3692
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Motorola\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Motorola\Bluetooth\audiosrv.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
-Minimized
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4364.0.1559823131\916064715" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.910.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="4364.3.226596018\899747953" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --disable-databases --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="4364.4.22457348\1785061857" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4364.5.22666008\2101748934" --ppapi-flash-args=enable_hw_video_decode=1 --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\igfxsrvc.exe -Embedding
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Alžbeta\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\HPCeeScheduleForAlžbeta.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForAlžbeta (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-29 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-07 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-07 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-29 256456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]
"BTMTrayAgent"=C:\Program Files\Motorola\Bluetooth\btmshell.dll [2011-02-16 21709904]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-09-01 167704]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-09-01 392472]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-09-01 416024]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-05-03 1664000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-06 2774256]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-02-07 12274688]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"HP HD Webcam [Fixed]_Monitor"=C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [2010-11-26 267128]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-14 343168]
"DTRun"=c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-04-05 94264]
"HPQuickWebProxy"=c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-11-10 169528]
"SSDMonitor"=C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2012-03-21 103896]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-06-20 333728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-09-01 390144]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoInstrumentation"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-06-08 10:43:31 ----D---- C:\rsit
2014-06-08 10:05:33 ----D---- C:\Program Files\Defraggler
2014-06-08 09:59:53 ----D---- C:\Program Files\CCleaner
2014-06-08 09:42:24 ----SHD---- C:\$RECYCLE.BIN
2014-06-07 19:30:18 ----D---- C:\windows\temp
2014-06-07 15:41:42 ----R---- C:\Uninstall.exe
2014-06-07 15:17:43 ----A---- C:\windows\SYSWOW64\javaws.exe
2014-06-07 15:17:34 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-06-07 15:17:34 ----A---- C:\windows\SYSWOW64\javaw.exe
2014-06-07 15:17:33 ----A---- C:\windows\SYSWOW64\java.exe
2014-06-07 15:03:35 ----SD---- C:\windows\system32\CompatTel
2014-06-07 14:59:16 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-06-07 14:59:16 ----A---- C:\windows\system32\mshtmled.dll
2014-06-07 14:56:53 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-06-07 14:56:53 ----A---- C:\windows\system32\ieui.dll
2014-06-07 14:56:51 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-06-07 14:56:51 ----A---- C:\windows\system32\vbscript.dll
2014-06-07 14:56:45 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-07 14:56:45 ----A---- C:\windows\system32\iernonce.dll
2014-06-07 14:56:45 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-06-07 14:56:45 ----A---- C:\windows\system32\ie4uinit.exe
2014-06-07 14:56:43 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-06-07 14:56:43 ----A---- C:\windows\system32\jscript9diag.dll
2014-06-07 14:56:43 ----A---- C:\windows\system32\dxtrans.dll
2014-06-07 14:56:43 ----A---- C:\windows\system32\dxtmsft.dll
2014-06-07 14:56:42 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-06-07 14:56:42 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-06-07 14:56:42 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-06-07 14:56:42 ----A---- C:\windows\system32\msrating.dll
2014-06-07 14:56:42 ----A---- C:\windows\system32\jsproxy.dll
2014-06-07 14:56:41 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-06-07 14:56:41 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-06-07 14:56:41 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-06-07 14:56:41 ----A---- C:\windows\system32\msfeeds.dll
2014-06-07 14:56:41 ----A---- C:\windows\system32\ieUnatt.exe
2014-06-07 14:56:40 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-07 14:56:40 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-06-07 14:56:40 ----A---- C:\windows\system32\iesetup.dll
2014-06-07 14:56:39 ----A---- C:\windows\system32\mshtml.dll
2014-06-07 14:56:38 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-06-07 14:56:38 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-06-07 14:56:37 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-06-07 14:56:37 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-07 14:56:37 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-06-07 14:56:37 ----A---- C:\windows\system32\ieetwcollector.exe
2014-06-07 14:56:37 ----A---- C:\windows\system32\ieapfltr.dll
2014-06-07 14:56:35 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-06-07 14:56:34 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-06-07 14:56:34 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-06-07 14:56:34 ----A---- C:\windows\system32\wininet.dll
2014-06-07 14:56:34 ----A---- C:\windows\system32\iertutil.dll
2014-06-07 14:56:33 ----A---- C:\windows\system32\urlmon.dll
2014-06-07 14:56:32 ----A---- C:\windows\system32\ieframe.dll
2014-06-07 14:56:31 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-06-07 14:56:30 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-06-07 14:56:30 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-06-07 14:56:30 ----A---- C:\windows\system32\jscript9.dll
2014-06-07 14:35:27 ----A---- C:\log.txt
2014-06-07 13:51:41 ----D---- C:\ProgramData\Malwarebytes
2014-06-07 13:38:24 ----A---- C:\windows\SYSWOW64\sqlite3.dll
2014-06-07 13:37:50 ----D---- C:\AdwCleaner
2014-06-07 13:25:14 ----D---- C:\ProgramData\E131
2014-06-07 12:52:10 ----A---- C:\windows\system32\shell32.dll
2014-06-07 12:52:08 ----A---- C:\windows\SYSWOW64\shell32.dll
2014-06-07 12:52:05 ----A---- C:\windows\system32\aepdu.dll
2014-06-07 12:52:05 ----A---- C:\windows\system32\aeinv.dll
2014-06-07 12:51:00 ----A---- C:\windows\system32\lsasrv.dll
2014-06-07 12:50:59 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2014-06-07 12:50:59 ----A---- C:\windows\system32\kerberos.dll
2014-06-07 12:50:58 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-06-07 12:50:56 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2014-06-07 12:50:56 ----A---- C:\windows\system32\winlogon.exe
2014-06-07 12:50:56 ----A---- C:\windows\system32\msv1_0.dll
2014-06-07 12:50:55 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-06-07 12:50:55 ----A---- C:\windows\system32\objsel.dll
2014-06-07 12:50:55 ----A---- C:\windows\system32\ntoskrnl.exe
2014-06-07 12:50:53 ----A---- C:\windows\SYSWOW64\objsel.dll
2014-06-07 12:50:53 ----A---- C:\windows\system32\TSpkg.dll
2014-06-07 12:50:52 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-06-07 12:50:52 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2014-06-07 12:50:52 ----A---- C:\windows\system32\wdigest.dll
2014-06-07 12:50:52 ----A---- C:\windows\system32\KernelBase.dll
2014-06-07 12:50:51 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-06-07 12:50:50 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2014-06-07 12:50:49 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-06-07 12:50:49 ----A---- C:\windows\SYSWOW64\dimsroam.dll
2014-06-07 12:50:49 ----A---- C:\windows\system32\schannel.dll
2014-06-07 12:50:49 ----A---- C:\windows\system32\dimsroam.dll
2014-06-07 12:50:49 ----A---- C:\windows\system32\cngprovider.dll
2014-06-07 12:50:49 ----A---- C:\windows\system32\adprovider.dll
2014-06-07 12:50:47 ----A---- C:\windows\SYSWOW64\dpapiprovider.dll
2014-06-07 12:50:47 ----A---- C:\windows\SYSWOW64\cngprovider.dll
2014-06-07 12:50:47 ----A---- C:\windows\SYSWOW64\capiprovider.dll
2014-06-07 12:50:47 ----A---- C:\windows\SYSWOW64\adprovider.dll
2014-06-07 12:50:47 ----A---- C:\windows\system32\dpapiprovider.dll
2014-06-07 12:50:47 ----A---- C:\windows\system32\capiprovider.dll
2014-06-07 12:50:46 ----A---- C:\windows\system32\drivers\ksecdd.sys
2014-06-07 12:50:45 ----A---- C:\windows\system32\wincredprovider.dll
2014-06-07 12:50:45 ----A---- C:\windows\system32\sspicli.dll
2014-06-07 12:50:45 ----A---- C:\windows\system32\lsass.exe
2014-06-07 12:50:44 ----A---- C:\windows\SYSWOW64\wincredprovider.dll
2014-06-07 12:50:44 ----A---- C:\windows\SYSWOW64\secur32.dll
2014-06-07 12:50:44 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-06-07 12:50:44 ----A---- C:\windows\system32\sspisrv.dll
2014-06-07 12:50:44 ----A---- C:\windows\system32\secur32.dll
2014-06-07 12:50:44 ----A---- C:\windows\system32\credssp.dll
2014-06-07 12:50:43 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-06-07 12:42:01 ----D---- C:\Program Files\trend micro

======List of files/folders modified in the last 1 month======

2014-06-08 10:43:33 ----D---- C:\windows\Prefetch
2014-06-08 10:09:50 ----D---- C:\windows\system32\config
2014-06-08 10:05:33 ----RD---- C:\Program Files
2014-06-08 10:03:22 ----D---- C:\Users\Alžbeta\AppData\Roaming\Skype
2014-06-08 10:03:21 ----D---- C:\windows\Panther
2014-06-08 10:03:21 ----D---- C:\windows\Logs
2014-06-08 10:03:21 ----D---- C:\windows\inf
2014-06-08 10:03:21 ----D---- C:\Windows
2014-06-08 10:01:22 ----D---- C:\windows\System32
2014-06-08 10:01:22 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-06-08 09:59:56 ----D---- C:\windows\system32\Tasks
2014-06-08 09:59:50 ----D---- C:\windows\Tasks
2014-06-08 09:57:45 ----A---- C:\windows\SYSWOW64\log.txt
2014-06-08 09:55:51 ----D---- C:\ProgramData\PDFC
2014-06-08 09:55:44 ----D---- C:\ProgramData\HPQLOG
2014-06-08 09:55:28 ----AD---- C:\ProgramData\TEMP
2014-06-08 09:55:15 ----D---- C:\Program Files (x86)\PC Tools Registry Mechanic
2014-06-08 09:51:28 ----D---- C:\windows\Minidump
2014-06-08 09:36:02 ----RD---- C:\Users
2014-06-08 09:36:01 ----D---- C:\windows\system32\drivers
2014-06-08 09:00:37 ----SHD---- C:\System Volume Information
2014-06-08 09:00:03 ----D---- C:\windows\SysWOW64
2014-06-07 22:24:31 ----RD---- C:\Program Files (x86)
2014-06-07 22:23:27 ----D---- C:\Users\Alžbeta\AppData\Roaming\Seznam.cz
2014-06-07 21:54:51 ----D---- C:\windows\rescache
2014-06-07 21:24:20 ----RSD---- C:\windows\assembly
2014-06-07 21:24:20 ----D---- C:\windows\Microsoft.NET
2014-06-07 19:15:02 ----A---- C:\windows\system.ini
2014-06-07 19:14:34 ----D---- C:\windows\system32\drivers\etc
2014-06-07 19:02:06 ----D---- C:\windows\SYSWOW64\drivers
2014-06-07 19:02:06 ----D---- C:\windows\AppPatch
2014-06-07 19:02:05 ----D---- C:\Program Files (x86)\Common Files
2014-06-07 19:00:30 ----D---- C:\windows\debug
2014-06-07 16:06:19 ----D---- C:\Users\Alžbeta\AppData\Roaming\hpqLog
2014-06-07 15:20:51 ----D---- C:\ProgramData\Oracle
2014-06-07 15:17:59 ----SHD---- C:\windows\Installer
2014-06-07 15:17:33 ----D---- C:\Program Files (x86)\Java
2014-06-07 15:15:43 ----D---- C:\windows\system32\catroot2
2014-06-07 15:06:40 ----D---- C:\windows\winsxs
2014-06-07 15:03:32 ----D---- C:\windows\SYSWOW64\sk-SK
2014-06-07 15:03:32 ----D---- C:\Program Files\Internet Explorer
2014-06-07 15:03:31 ----D---- C:\windows\SYSWOW64\en-US
2014-06-07 15:03:30 ----D---- C:\windows\system32\sk-SK
2014-06-07 15:03:30 ----D---- C:\windows\system32\en-US
2014-06-07 15:03:30 ----D---- C:\windows\PolicyDefinitions
2014-06-07 15:03:28 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-07 15:03:17 ----D---- C:\windows\system32\DriverStore
2014-06-07 14:38:11 ----D---- C:\windows\en
2014-06-07 13:51:41 ----D---- C:\ProgramData
2014-06-07 13:45:08 ----D---- C:\ProgramData\Skype
2014-06-07 13:45:04 ----RD---- C:\Program Files (x86)\Skype
2014-06-07 13:04:20 ----D---- C:\windows\system32\catroot
2014-06-07 13:00:21 ----D---- C:\windows\system32\MRT
2014-06-07 12:57:19 ----A---- C:\windows\system32\MRT.exe
2014-06-07 12:44:19 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-06-07 12:43:14 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-02-28 29976]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-02-09 168008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-02-28 43800]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-10-14 10496000]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-10-14 326656]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2011-02-09 486144]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\drivers\HpqKbFiltr.sys [2010-12-03 25912]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-09-01 12306848]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2013-05-24 175928]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2013-05-24 708200]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-07-19 1145448]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2011-01-12 2611704]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10329; C:\windows\system32\DRIVERS\stwrt64.sys [2013-05-03 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-12-06 524016]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2012-01-02 80384]
S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-06-30 52736]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-05-10 64312]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-09-01 12306848]
S3 KMWDFILTER;HIDServiceDesc; C:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys []
S3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2013-05-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-10-14 204288]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2011-02-16 680016]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-02-12 481104]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2012-06-20 523680]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-02-28 31000]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-02-09 1318912]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-03-21 793048]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10129; C:\Program Files\IDT\WDM\STacSV64.exe [2013-05-03 323072]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-01-22 3154224]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-22 2286976]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2011-02-09 4151376]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2011-03-01 1189968]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-05 1028096]
R3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-01-12 36864]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-04-05 1094712]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-05-10 464440]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-01-05 647680]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-02-09 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#27 Příspěvek od **Márty84** » 08 čer 2014 10:06

Smazte rucne ComboFix (prejmenovany na Uninstall)

Log uz vypada cisty, jen kosmeticke upravy...

1) Otevrte Poznamkovy blok (pokud ho nemate na plose, tak kliknete na Start, pak programy a prislusenstvi)
2) Zkopirujte do nej ten zeleny text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-

3) Vlevo nahore kliknete na napis Soubor
4) Kliknete na napis Ulozit jako...
5) Napiste spravne ten cerveny nazev oprava.reg a pak vyberte u moznosti Ulozit jako typ : Vsechny soubory
6) Ulozte, nejlepe na plochu
7) Na to, co jste prave ulozil/a, 2x kliknete, ono se to spusti a vy to jen potvrdte
8) Pak ten soubor muzete smazat

No a jestli vse bezi jak ma, mame hotovo.

Walky · #28 Příspěvek od **Walky** » 08 čer 2014 10:25

OK Dakujem za pomoc z odvirenim notebooku

#29 Příspěvek od **Márty84** » 08 čer 2014 13:17

Nemate zac!

Mejte se a treba zase nekdy

VIRY.CZ

Spomaleny notebook

Re: Spomaleny notebook

Re: Spomaleny notebook

Re: Spomaleny notebook

Re: Spomaleny notebook

Re: Spomaleny notebook

Re: Spomaleny notebook

Re: Spomaleny notebook

Re: Spomaleny notebook

Re: Spomaleny notebook

Re: Spomaleny notebook

Re: Spomaleny notebook

Re: Spomaleny notebook

Re: Spomaleny notebook

Re: Spomaleny notebook