Prosím o kontrolu logu - nežádoucí reklama

Zpráva

hasmic · #1 Příspěvek od **hasmic** » 22 čer 2014 02:23

Hoj,
mám starosti s nežádoucími reklamami, je to čím dál tím horší a já už nevím, jak se toho zbavit, můžete se mi prosím podívat, zda nezjistíte někdo, kde by mohl být problém? Případně co hledat a jak se těch šmejdů zbavit?

Díky moc,

hasmic!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:14:03, on 22. 6. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Users\Hana Hašková\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - (no file)
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Hana Hašková\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - Startup: KooBits 4.lnk = C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\WINDOWS\SysWOW64\nethtsrv.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Network Support Service Updater (ServiceUpdater) - Unknown owner - C:\WINDOWS\SysWOW64\netupdsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9527 bytes

#2 Příspěvek od **Márty84** » 22 čer 2014 07:46

Zdravim

Kouknete o kousek vys na ten veliky, barevne odliseny, obdelnik.
Log z HJT je uz nekolik let nedostacujici, zvlast u 64bit systemu. Takze mi sem dejte log z RSITx64 http://forum.viry.cz/viewtopic.php?f=13&t=130786

hasmic · #3 Příspěvek od **hasmic** » 22 čer 2014 10:49

Dobré poledne,
omlouvám se za svou neznalost, nevěděl jsem, že došlo k takovému posunu...

Tu jsou tedy zmíněné logy:

info.txt logfile of random's system information tool 1.10 2014-06-22 11:41:34

======MBR======

0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060D92ED5000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

clear.fi SDK - Video 2-->"C:\Program Files (x86)\InstallShield Installation Information\{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}\setup.exe" /z-uninstall
clear.fi SDK- Movie 2-->"C:\Program Files (x86)\InstallShield Installation Information\{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}\setup.exe" /z-uninstall
-->"C:\Program Files (x86)\InstallShield Installation Information\{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}\setup.exe" /z-uninstall
-->"C:\Program Files (x86)\InstallShield Installation Information\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}\setup.exe" -runfromtemp -l0x0409 -removeonly
-->"C:\Program Files (x86)\InstallShield Installation Information\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}\setup.exe" -runfromtemp -l0x0409 -removeonly
-->"C:\Program Files (x86)\InstallShield Installation Information\{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}\setup.exe" /z-uninstall
-->"C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - main\Uninstall.exe"
-->MsiExec /X{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}
64 Bit HP CIO Components Installer-->MsiExec.exe /I{FF21C3E6-97FD-474F-9518-8DCBE94C2854}
Acer Backup Manager-->C:\Program Files (x86)\InstallShield Installation Information\{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}\setup.exe -runfromtemp -l0x0409
Acer Device Fast-lane-->MsiExec.exe /i {3F62D2FD-13C1-49A2-8B5D-47623D9460D7} PRODUCTNAME="Acer Device Fast-lane" BRANDNAME="Acer" ISDT=0
Acer Power Management-->MsiExec.exe /i {91F52DE4-B789-42B0-9311-A349F10E5479} PRODUCTNAME="Acer Power Management" BRANDNAME="Acer" NEWUPGRADE=0 ISDT=0
Acer Recovery Management-->Msiexec.exe /i {07F2005A-8CAC-4A4B-83A2-DA98A722CA61} ACER=1 PRODUCTNAME="Acer Recovery Management" REMOVEUSEC=1 BOOTSTRATOR=1 ACERPRELOAD=1
AcerCloud Docs-->C:\Program Files (x86)\Acer\AcerCloud Docs\AcerCloudDocsSetup.exe -uninstall
AcerCloud-->C:\Program Files (x86)\Acer\Acer Cloud\AcerCloudSetup.exe -uninstall
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_152_Plugin.exe -maintain plugin
Agatha Christie - Death on the Nile-->"C:\Program Files (x86)\WildGames\Agatha Christie - Death on the Nile\uninstall\uninstaller.exe"
Aktualizace NVIDIA 1.14.17-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{FF377371-56C8-4D1E-8BCF-74C06133C90A}\NVI2.DLL",UninstallPackage Display.Update
Aloha TriPeaks-->"C:\Program Files (x86)\WildGames\Aloha TriPeaks\uninstall\uninstaller.exe"
Backup Manager v4-->C:\Program Files (x86)\InstallShield Installation Information\{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}\setup.exe -runfromtemp -l0x0409
Bejeweled 3-->"C:\Program Files (x86)\WildGames\Bejeweled 3\uninstall\uninstaller.exe"
Broadcom Card Reader Driver Installer-->MsiExec.exe /I{F0A7DF2F-0BE0-470F-B137-D7A19F977189}
clear.fi Media-->C:\Program Files (x86)\Acer\clear.fi Media\clearfiSetup.exe -uninstall
clear.fi Photo-->C:\Program Files (x86)\Acer\clear.fi Photo\clearfiSetup.exe -uninstall
CyberLink MediaEspresso 6.5-->"C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\setup.exe" /z-uninstall
CyberLink MediaEspresso 6.5-->"C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\setup.exe" /z-uninstall
Delicious: Emily's True Love Premium Edition-->"C:\Program Files (x86)\WildGames\Delicious Emilys True Love Premium Edition\uninstall\uninstaller.exe"
ESET Smart Security-->MsiExec.exe /I{B1920A83-25A3-4DBB-B1F5-2395BD05370E}
ETDWare PS/2-X64 11.6.13.004_WHQL-->%ProgramFiles%\Elantech\ETDUn_inst.exe
FBReader for Windows-->"C:\Program Files (x86)\FBReader\uninstall.exe"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\setup.exe" --uninstall --multi-install --chrome --system-level --verbose-logging
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Governor of Poker 2 Premium Edition-->"C:\Program Files (x86)\WildGames\Governor of Poker 2 Premium Edition\uninstall\uninstaller.exe"
HP Customer Participation Program 14.0-->C:\Program Files (x86)\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot
HP Imaging Device Functions 14.0-->C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Officejet and Deskjet All-In-One Driver Software-->C:\Program Files (x86)\HP\Digital Imaging\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}\setup\hpzscr40.exe -datfile hposcr19.dat -onestop -forcereboot
HP Solution Center 14.0-->C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update-->MsiExec.exe /X{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
Identity Card-->MsiExec.exe /X{3D9CB654-99AD-4301-89C6-0D12A790767C}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Intel(R) SDK for OpenCL - CPU Only Runtime Package-->C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall
Intel® Trusted Connect Service Client-->MsiExec.exe /I{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
Island Tribe-->"C:\Program Files (x86)\WildGames\Island Tribe\uninstall\uninstaller.exe"
Jewel Match 3-->"C:\Program Files (x86)\WildGames\Jewel Match 3\uninstall\uninstaller.exe"
John Deere Drive Green-->"C:\Program Files (x86)\WildGames\John Deere Drive Green\uninstall\uninstaller.exe"
KMP Service-->"C:\Program Files (x86)\PANDORA.TV\PanService\unins000.exe"
Launch Manager-->C:\Windows\UNINSTLMv7.EXE LMv7.UNI
Live Updater-->MsiExec.exe /X{EE26E302-876A-48D9-9058-3129E5B99999}
Magic Academy-->"C:\Program Files (x86)\WildGames\Magic Academy\uninstall\uninstaller.exe"
Microsoft Office-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual Studio 2005 Tools for Office Runtime-->MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7}
Mozilla Firefox 30.0 (x86 cs)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MyWinLocker 4-->MsiExec.exe /X{39F15B50-A977-4CA6-B1C3-6A8724CDA025}
MyWinLocker Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}\setup.exe" -runfromtemp -l0x0409 -removeonly
MyWinLocker Suite-->MsiExec.exe /X{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}
MyWinLocker-->MsiExec.exe /I{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}
Network System Driver-->"C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe"
Nokia Connectivity Cable Driver-->RUNDLL32.EXE ccdcmbwux64.dll,WuUninstall
NTI Media Maker 9-->C:\Program Files (x86)\InstallShield Installation Information\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}\setup.exe -runfromtemp -l0x0409
NVIDIA Ovladače grafiky 327.02-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{FF377371-56C8-4D1E-8BCF-74C06133C90A}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX System Software 9.12.0613-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA PhysX-->MsiExec.exe /X{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}
OCR Software by I.R.I.S. 14.0-->C:\Program Files (x86)\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
Office Addin 2003-->MsiExec.exe /I{1FCC073B-CC01-4443-AD20-E559F66E6E83}
Office Addin-->MsiExec.exe /I{6D2BBE1D-E600-4695-BA37-0B0E605542CC}
Penguins!-->"C:\Program Files (x86)\WildGames\Penguins!\uninstall\uninstaller.exe"
Plants vs. Zombies - Game of the Year-->"C:\Program Files (x86)\WildGames\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe"
Polar Bowler-->"C:\Program Files (x86)\WildGames\Polar Bowler\uninstall\uninstaller.exe"
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Shared C Run-time for x64-->MsiExec.exe /I{EF79C448-6946-4D71-8134-03407888C054}
Shop for HP Supplies-->C:\Program Files (x86)\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Shredder-->MsiExec.exe /I{C2695E83-CF1D-43D1-84FE-B3BEC561012A}
Skype™ 6.11-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
Software Version Updater-->C:\Users\Hana Hašková\AppData\Local\SwvUpdater\Updater.exe /uninstall
Tales of Lagoona-->"C:\Program Files (x86)\WildGames\Tales of Lagoona\uninstall\uninstaller.exe"
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
Update Installer for WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe"
Visual Studio 2005 Tools for Office Second Edition Runtime-->c:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\8.0\Microsoft Visual Studio 2005 Tools for Office Runtime\install.exe
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)-->c:\Windows\SysWOW64\msiexec.exe /package {8FB53850-246A-3507-8ADE-0060093FFEA6} /uninstall {1AF8622B-42B6-472C-A634-487025BD7B38} /qb+ REBOOTPROMPT=""
Visual Studio Tools for the Office system 3.0 Runtime-->c:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\9.0\Visual Studio Tools for the Office system 3.0 Runtime\install.exe
Visual Studio Tools for the Office system 3.0 Runtime-->MsiExec.exe /X{8FB53850-246A-3507-8ADE-0060093FFEA6}
WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\Touchpoints\acer\Uninstall.exe"
WildTangent Games-->"C:\Program Files (x86)\WildGames\Uninstall.exe"
WinRAR 5.01 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe
Zuma's Revenge-->"C:\Program Files (x86)\WildGames\Zumas Revenge\uninstall\uninstaller.exe"

======System event log======

Computer Name: WIN-RE4P23R4CTO
Event Code: 7040
Message: Režim spuštění služby Windows Search byl změněn z disabled na auto start.
Record Number: 721
Source Name: Service Control Manager
Time Written: 20121118113331.132589-000
Event Type: Informace
User: PC\Administrator

Computer Name: WIN-RE4P23R4CTO
Event Code: 7040
Message: Režim spuštění služby Windows Search byl změněn z auto start na disabled.
Record Number: 720
Source Name: Service Control Manager
Time Written: 20121118113324.019669-000
Event Type: Informace
User: PC\Administrator

Computer Name: WIN-RE4P23R4CTO
Event Code: 104
Message: Byl vymazán soubor protokolu Setup.
Record Number: 719
Source Name: Microsoft-Windows-Eventlog
Time Written: 20121118113317.548534-000
Event Type: Informace
User: PC\Administrator

Computer Name: WIN-RE4P23R4CTO
Event Code: 104
Message: Byl vymazán soubor protokolu Application.
Record Number: 718
Source Name: Microsoft-Windows-Eventlog
Time Written: 20121118113317.470360-000
Event Type: Informace
User: PC\Administrator

Computer Name: WIN-RE4P23R4CTO
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 717
Source Name: Microsoft-Windows-Eventlog
Time Written: 20121118113317.392231-000
Event Type: Informace
User: PC\Administrator

=====Application event log=====

Computer Name: PC
Event Code: 1003
Message: Služba Ochrana softwaru dokončila kontrolu stavu licencování.
ID aplikace=55c92734-d682-4d71-983e-d6ec3f16059f
Stav licencování=
1: 625cc89b-693d-45c4-9967-123877fc41e4, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )]
2: 9e4b231b-3e45-41f4-967f-c914f178b6ac, 1, 1 [(0 )(1 )(2 [0x00000000, 0, 0], [( 6 0xC004F009 0 0)( 1 0x00000000)( 6 0xC004F009 0 0)(?)(?)(?)( 10 0x00000000 msft:rm/algorithm/flags/1.0)( 11 0x00000000 0xC004F009)])]
3: bf4b3af6-c071-496d-bfcc-5f0dc12c7798, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )]
4: c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )]
5: c752c2e0-7c17-4af4-bba6-6f8aa1e698bc, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )]
6: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)(?)(?)])(1 )(2 )]

Record Number: 3366
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20131030142143.000000-000
Event Type: Informace
User:

Computer Name: PC
Event Code: 1014
Message: Získání licence koncového uživatele se nezdařilo. hr=0x80072EFD
ID SKU=9e4b231b-3e45-41f4-967f-c914f178b6ac
Record Number: 3365
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20131030142143.000000-000
Event Type: Chyba
User:

Computer Name: PC
Event Code: 8200
Message: Podrobnosti chyby získávání licence
hr=0x80072EFD
Record Number: 3364
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20131030142143.000000-000
Event Type: Chyba
User:

Computer Name: PC
Event Code: 1014
Message: Získání licence koncového uživatele se nezdařilo. hr=0x80072EFD
ID SKU=9e4b231b-3e45-41f4-967f-c914f178b6ac
Record Number: 3363
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20131030142141.000000-000
Event Type: Chyba
User:

Computer Name: PC
Event Code: 8200
Message: Podrobnosti chyby získávání licence
hr=0x80072EFD
Record Number: 3362
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20131030142141.000000-000
Event Type: Chyba
User:

=====Security event log=====

Computer Name: PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\Temp\392e2b79-5fe6-4c3b-a2b6-b8b0b0021e5c\Windows\WinSxS\amd64_microsoft-windows-capisp-dll.resources_31bf3856ad364e35_6.3.9600.16384_en-us_04aff58c9b2972a0\capisp.dll.mui
ID popisovače: 0x13cc

Informace o procesu:
ID procesu: 0x6b4
Název procesu: C:\$Windows.~BT\Sources\setupplatform.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 37057
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140101141208.486252-000
Event Type: Úspěšný audit
User:

Computer Name: PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\Temp\392e2b79-5fe6-4c3b-a2b6-b8b0b0021e5c\Windows\WinSxS\amd64_microsoft-windows-b..dlinetool.resources_31bf3856ad364e35_6.3.9600.16384_en-us_11cc23954c46e859\bcdboot.exe.mui
ID popisovače: 0x13d0

Informace o procesu:
ID procesu: 0x6b4
Název procesu: C:\$Windows.~BT\Sources\setupplatform.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 37056
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140101141208.486252-000
Event Type: Úspěšný audit
User:

Computer Name: PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\Temp\392e2b79-5fe6-4c3b-a2b6-b8b0b0021e5c\Windows\WinSxS\amd64_microsoft-windows-t..p-utility.resources_31bf3856ad364e35_6.3.9600.16384_en-us_e528904772eea044\arp.exe.mui
ID popisovače: 0x3b0

Informace o procesu:
ID procesu: 0x6b4
Název procesu: C:\$Windows.~BT\Sources\setupplatform.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 37055
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140101141208.486252-000
Event Type: Úspěšný audit
User:

Computer Name: PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\Temp\392e2b79-5fe6-4c3b-a2b6-b8b0b0021e5c\Windows\WinSxS\amd64_microsoft-windows-atl.resources_31bf3856ad364e35_6.3.9600.16384_en-us_8fb8f771d70304d8\atl.dll.mui
ID popisovače: 0xc94

Informace o procesu:
ID procesu: 0x6b4
Název procesu: C:\$Windows.~BT\Sources\setupplatform.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 37054
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140101141208.486252-000
Event Type: Úspěšný audit
User:

Computer Name: PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\Temp\392e2b79-5fe6-4c3b-a2b6-b8b0b0021e5c\Windows\WinSxS\amd64_ndisimplatformmp.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_dec3574118b1dac1\NdisImPlatformMp.inf_loc
ID popisovače: 0x1370

Informace o procesu:
ID procesu: 0x6b4
Název procesu: C:\$Windows.~BT\Sources\setupplatform.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 37053
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140101141208.486252-000
Event Type: Úspěšný audit
User:

======Environment variables======

"FP_NO_HOST_CHECK"=NO
"USERNAME"=SYSTEM
"ComSpec"=%SystemRoot%\system32\cmd.exe
"TMP"=%SystemRoot%\TEMP
"OS"=Windows_NT
"windir"=%SystemRoot%
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\EgisTec MyWinLocker\x64;C:\Program Files (x86)\EgisTec MyWinLocker\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT

-----------------EOF-----------------

Logfile of random's system information tool 1.10 (written by random/random)
Run by Hana Hašková at 2014-06-22 11:41:28
Microsoft Windows 8.1
System drive C: has 441 GB (63%) free of 698 GB
Total RAM: 3911 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:41:33, on 22. 6. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
C:\Program Files\trend micro\Hana Hašková.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - (no file)
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Hana Hašková\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKUS\S-1-5-21-2310395481-1935701993-3987270-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')
O4 - Startup: KooBits 4.lnk = C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\WINDOWS\SysWOW64\nethtsrv.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Network Support Service Updater (ServiceUpdater) - Unknown owner - C:\WINDOWS\SysWOW64\netupdsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9616 bytes

======Listing Processes======

wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\WINDOWS\system32\nvvsvc.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\WINDOWS\SysWOW64\nethtsrv.exe
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe"
C:\Windows\RfBtnSvc64.exe
C:\WINDOWS\SysWOW64\netupdsrv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
dashost.exe {34092d1d-74bf-4242-a7f614ad56ebdcec}
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\WINDOWS\system32\igfxext.exe" -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe" KMPProcess
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP PSC 1400 series#1396697578" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding

"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1660.19c77ac0.568698550 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 1660 "\\.\pipe\gecko-crash-server-pipe.1660" plugin
"C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe" --proxy-stub-channel=Flash3092.6DF9A378.21636 --host-broker-channel=Flash3092.6DF9A378.5716 --host-pid=3092 --host-npapi-version=27 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_11_9_900_152.dll"
"C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe" --channel=592.00B7F2E0.1353835017 --proxy-stub-channel=Flash3092.6DF9A378.21636 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_11_9_900_152.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Users\Hana Hašková\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\AmiUpdXp.job - C:\Users\Hana Hašková\AppData\Local\SwvUpdater\Updater.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\McAfee Cleanup.job - C:\Users\HANAHA~1\AppData\Local\Temp\MCPR\mccleanup.exe -p MFP,APPSTATS,Auth,EMproxy,FWdiver,McSvcHost,HW,MAS,MAT,MBK,MCPR,McProxy,VUL,MHN,MNA,MOBK,MPFP,MPFPCU,MPS,SHRED,MPSCU,MQC,MQCCU,MSAD,MSHR,MSK,MSKCU,MWL,NMC,RedirSvc,VS,MSC -silent -uipipe McAfeeCleanupUIMessagePipe8647 -s -silent

=========Mozilla firefox=========

ProfilePath - C:\Users\Hana Hašková\AppData\Roaming\Mozilla\Firefox\Profiles\r6eihgtl.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83B80A9C-D91A-4F22-8DCF-EA7204039F79}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-10-19 2873744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-12-21 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-12-21 771544]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-12-21 770520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NextLive"=C:\Windows\SysWOW64\rundll32.exe [2013-08-22 49664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"= []
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2012-11-18 111216]
"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe []
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer Backup Manager Tray.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Hana Hašková\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
KooBits 4.lnk - C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-12-21 624640]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-06-22 11:41:28 ----D---- C:\rsit
2014-06-22 11:41:28 ----D---- C:\Program Files\trend micro
2014-06-22 04:17:37 ----A---- C:\awh55B9.tmp
2014-06-22 04:16:11 ----D---- C:\Users\Hana Hašková\AppData\Roaming\Mozilla
2014-06-22 04:16:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 20:10:07 ----A---- C:\awhF9BA.tmp
2014-06-21 17:49:34 ----D---- C:\Program Files (x86)\Google
2014-06-19 18:23:08 ----A---- C:\awhC9B.tmp
2014-06-17 09:05:06 ----A---- C:\WINDOWS\system32\drivers\nethfdrv.sys
2014-06-17 09:04:48 ----A---- C:\WINDOWS\SYSWOW64\netupdsrv.exe
2014-06-17 09:04:38 ----A---- C:\WINDOWS\SYSWOW64\installd.exe
2014-06-17 09:04:26 ----A---- C:\WINDOWS\SYSWOW64\nethtsrv.exe
2014-06-17 09:04:16 ----A---- C:\WINDOWS\SYSWOW64\hfnapi.dll
2014-06-17 09:04:06 ----A---- C:\WINDOWS\SYSWOW64\hfpapi.dll
2014-06-14 11:04:17 ----D---- C:\BackupManager
2014-06-13 07:14:25 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-06-13 07:14:25 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-06-13 07:14:24 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-06-13 07:14:22 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-06-13 07:14:20 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-06-13 07:14:20 ----A---- C:\WINDOWS\system32\msrating.dll
2014-06-13 07:14:20 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-13 07:14:20 ----A---- C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-13 07:14:20 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-06-13 07:14:19 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-06-13 07:14:19 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-06-13 07:14:19 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-06-13 07:10:31 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2014-06-11 18:50:07 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-06-11 18:50:07 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-06-11 18:50:06 ----A---- C:\WINDOWS\system32\twinui.dll
2014-06-11 18:50:05 ----A---- C:\WINDOWS\system32\shell32.dll
2014-06-11 18:50:04 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-11 18:50:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-06-11 18:50:02 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-11 18:50:01 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-11 18:50:00 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-06-11 18:49:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-06-11 18:49:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2014-06-11 18:49:57 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-06-11 18:49:56 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-11 18:49:55 ----A---- C:\WINDOWS\system32\gpsvc.dll
2014-06-11 18:49:55 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-06-11 18:49:54 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-06-11 18:49:54 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-06-11 18:49:53 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-06-11 18:49:53 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-06-11 18:49:53 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-11 18:49:52 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2014-06-11 18:49:52 ----A---- C:\WINDOWS\system32\win32k.sys
2014-06-11 18:49:52 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-06-11 18:49:51 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-06-11 18:49:51 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-06-11 18:49:51 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-11 18:49:51 ----A---- C:\WINDOWS\system32\localspl.dll
2014-06-11 18:49:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2014-06-11 18:49:50 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2014-06-11 18:49:50 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-06-11 18:49:50 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-06-11 18:49:49 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2014-06-11 18:49:49 ----A---- C:\WINDOWS\system32\winmde.dll
2014-06-11 18:49:49 ----A---- C:\WINDOWS\system32\mfsvr.dll
2014-06-11 18:49:48 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2014-06-11 18:49:48 ----A---- C:\WINDOWS\system32\wmpmde.dll
2014-06-11 18:49:48 ----A---- C:\WINDOWS\system32\services.exe
2014-06-11 18:49:48 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-06-11 18:49:47 ----A---- C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-11 18:49:47 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-11 18:49:47 ----A---- C:\WINDOWS\system32\srvsvc.dll
2014-06-11 18:49:47 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-11 18:49:47 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2014-06-11 18:49:47 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-11 18:49:46 ----AC---- C:\WINDOWS\system32\drivers\volsnap.sys
2014-06-11 18:49:46 ----A---- C:\WINDOWS\SYSWOW64\XpsGdiConverter.dll
2014-06-11 18:49:46 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2014-06-11 18:49:46 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-06-11 18:49:46 ----A---- C:\WINDOWS\system32\MDEServer.exe
2014-06-11 18:49:46 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-06-11 18:49:46 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-06-11 18:49:45 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2014-06-11 18:49:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2014-06-11 18:49:45 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-06-11 18:49:45 ----A---- C:\WINDOWS\system32\rdpencom.dll
2014-06-11 18:49:45 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-06-11 18:49:44 ----AC---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2014-06-11 18:49:44 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2014-06-11 18:49:44 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-11 18:49:44 ----A---- C:\WINDOWS\system32\dwmapi.dll
2014-06-11 18:49:44 ----A---- C:\WINDOWS\system32\defragsvc.dll
2014-06-11 18:49:44 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-06-11 18:49:43 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2014-06-11 18:49:43 ----A---- C:\WINDOWS\system32\resutils.dll
2014-06-11 18:49:43 ----A---- C:\WINDOWS\system32\ploptin.dll
2014-06-11 18:49:43 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-11 18:49:43 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2014-06-11 18:49:43 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-06-11 18:49:42 ----AC---- C:\WINDOWS\system32\drivers\msiscsi.sys
2014-06-11 18:49:42 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2014-06-11 18:49:42 ----A---- C:\WINDOWS\system32\swprv.dll
2014-06-11 18:49:42 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-11 18:49:42 ----A---- C:\WINDOWS\system32\gpapi.dll
2014-06-11 18:49:42 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2014-06-11 18:49:41 ----A---- C:\WINDOWS\system32\wscsvc.dll
2014-06-11 18:49:41 ----A---- C:\WINDOWS\system32\VSSVC.exe
2014-06-11 18:49:41 ----A---- C:\WINDOWS\system32\rpchttp.dll
2014-06-11 18:49:41 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2014-06-11 18:49:40 ----AC---- C:\WINDOWS\system32\drivers\spaceport.sys
2014-06-11 18:49:40 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2014-06-11 18:49:40 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-06-11 18:49:40 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2014-06-11 18:49:40 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2014-06-11 18:49:40 ----A---- C:\WINDOWS\system32\propsys.dll
2014-06-11 18:49:40 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2014-06-11 18:49:39 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2014-06-11 18:49:39 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2014-06-11 18:49:39 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2014-06-11 18:49:39 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-06-11 18:49:39 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-06-11 18:49:39 ----A---- C:\WINDOWS\system32\mfps.dll
2014-06-11 18:49:39 ----A---- C:\WINDOWS\system32\mf.dll
2014-06-11 18:49:39 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-06-11 18:49:39 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-06-11 18:49:38 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2014-06-11 18:49:38 ----A---- C:\WINDOWS\system32\wintrust.dll
2014-06-11 18:49:38 ----A---- C:\WINDOWS\system32\mfpmp.exe
2014-06-11 18:49:38 ----A---- C:\WINDOWS\system32\mfplat.dll
2014-06-11 18:49:38 ----A---- C:\WINDOWS\system32\energyprov.dll
2014-06-11 18:49:38 ----A---- C:\WINDOWS\system32\clusapi.dll
2014-06-11 18:49:38 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-06-11 18:49:37 ----A---- C:\WINDOWS\system32\tlscsp.dll
2014-06-11 18:49:37 ----A---- C:\WINDOWS\system32\srcore.dll
2014-06-11 18:49:36 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2014-06-11 18:49:36 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-11 18:49:35 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2014-06-11 18:49:35 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-06-11 18:49:35 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-11 18:49:35 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2014-06-11 18:49:34 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2014-06-11 18:49:34 ----A---- C:\WINDOWS\system32\wlansvc.dll
2014-06-11 18:49:34 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-11 18:49:34 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-11 18:49:34 ----A---- C:\WINDOWS\system32\mispace.dll
2014-06-11 18:49:33 ----A---- C:\WINDOWS\system32\wlansec.dll
2014-06-11 18:49:33 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2014-06-11 18:49:33 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-06-11 18:49:33 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2014-06-11 18:49:33 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-11 18:49:32 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2014-06-11 18:49:32 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2014-06-11 18:49:32 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2014-06-11 18:49:32 ----A---- C:\WINDOWS\system32\wlanapi.dll
2014-06-11 18:49:32 ----A---- C:\WINDOWS\system32\tsgqec.dll
2014-06-11 18:49:32 ----A---- C:\WINDOWS\system32\srclient.dll
2014-06-11 18:49:31 ----A---- C:\WINDOWS\SYSWOW64\srclient.dll
2014-06-11 18:49:31 ----A---- C:\WINDOWS\system32\rstrui.exe
2014-06-11 18:49:30 ----A---- C:\WINDOWS\SYSWOW64\wlanhlp.dll
2014-06-11 18:49:30 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2014-06-11 16:06:47 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-06-11 16:06:47 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-06-11 16:06:47 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-06-11 16:06:47 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-06-11 16:06:47 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-06-11 16:06:47 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-06-11 16:06:47 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-06-11 16:06:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-06-11 16:06:46 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-06-11 16:06:46 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-06-11 16:06:46 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 16:06:45 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-06-11 16:06:45 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-06-11 16:06:45 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-06-11 16:06:45 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-06-11 16:06:44 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-06-11 16:06:44 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 16:06:44 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-06-11 16:06:44 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-06-11 16:06:44 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-06-11 16:06:43 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-06-11 16:06:43 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 16:06:42 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-06-11 16:06:41 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-06-11 16:06:41 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-06-11 16:06:41 ----A---- C:\WINDOWS\system32\wininet.dll
2014-06-11 16:06:41 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 16:06:28 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-06-11 16:06:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 16:06:28 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2014-06-11 16:06:28 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-06-11 16:06:28 ----A---- C:\WINDOWS\system32\WSReset.exe
2014-06-11 16:06:28 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 16:06:28 ----A---- C:\WINDOWS\system32\msxml3.dll
2014-06-11 16:06:27 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-06-11 16:06:27 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-06-11 16:06:26 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2014-06-11 16:06:26 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 16:06:26 ----A---- C:\WINDOWS\system32\gdi32.dll
2014-06-11 16:06:26 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2014-06-11 16:01:27 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2014-06-11 16:01:27 ----A---- C:\WINDOWS\SYSWOW64\drvinst.exe
2014-06-11 16:01:27 ----A---- C:\WINDOWS\system32\FntCache.dll
2014-06-11 16:01:27 ----A---- C:\WINDOWS\system32\DWrite.dll
2014-06-11 16:01:27 ----A---- C:\WINDOWS\system32\drvinst.exe
2014-06-11 16:01:27 ----A---- C:\WINDOWS\system32\drvcfg.exe
2014-06-11 16:01:26 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2014-06-11 16:01:26 ----A---- C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 16:01:26 ----A---- C:\WINDOWS\system32\WpcMon.exe
2014-06-11 16:01:26 ----A---- C:\WINDOWS\system32\wpccpl.dll
2014-06-11 16:01:26 ----A---- C:\WINDOWS\system32\Wpc.dll
2014-06-11 16:01:26 ----A---- C:\WINDOWS\system32\drivers\wpcfltr.sys
2014-06-11 08:09:24 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-29 22:02:47 ----D---- C:\Program Files (x86)\FBReader
2014-05-29 21:10:26 ----D---- C:\Users\Hana Hašková\AppData\Roaming\koobits.koobits4.com
2014-05-29 21:10:24 ----D---- C:\ProgramData\Adobe

======List of files/folders modified in the last 1 month======

2014-06-22 11:41:28 ----RD---- C:\Program Files
2014-06-22 11:41:21 ----D---- C:\WINDOWS\Temp
2014-06-22 11:12:36 ----D---- C:\WINDOWS\system32\sru
2014-06-22 11:12:22 ----D---- C:\WINDOWS\Prefetch
2014-06-22 04:16:04 ----RD---- C:\Program Files (x86)
2014-06-22 04:14:49 ----D---- C:\Users\Hana Hašková\AppData\Roaming\newnext.me
2014-06-22 04:14:49 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-06-21 17:54:11 ----SHD---- C:\WINDOWS\Installer
2014-06-21 17:54:11 ----HD---- C:\Config.Msi
2014-06-21 17:49:37 ----D---- C:\WINDOWS\Tasks
2014-06-21 17:49:37 ----D---- C:\WINDOWS\system32\Tasks
2014-06-21 12:12:55 ----D---- C:\WINDOWS\AppReadiness
2014-06-21 09:47:59 ----D---- C:\WINDOWS\Microsoft.NET
2014-06-20 20:42:53 ----RD---- C:\WINDOWS\System32
2014-06-20 20:42:53 ----D---- C:\WINDOWS\Inf
2014-06-20 20:42:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-20 14:17:50 ----D---- C:\WINDOWS\system32\config
2014-06-20 08:17:10 ----SD---- C:\ProgramData\Microsoft
2014-06-20 08:17:10 ----D---- C:\Program Files (x86)\Microsoft
2014-06-19 20:11:02 ----D---- C:\WINDOWS\WinSxS
2014-06-19 18:18:07 ----D---- C:\WINDOWS\SysWOW64
2014-06-19 18:18:07 ----D---- C:\WINDOWS\system32\drivers
2014-06-19 18:18:07 ----D---- C:\Program Files (x86)\Common Files
2014-06-18 01:05:54 ----D---- C:\WINDOWS\CbsTemp
2014-06-18 01:05:11 ----SHD---- C:\System Volume Information
2014-06-14 19:51:03 ----D---- C:\WINDOWS\system32\DriverStore
2014-06-14 14:02:24 ----D---- C:\WINDOWS\rescache
2014-06-14 12:21:59 ----HD---- C:\Program Files\WindowsApps
2014-06-14 11:02:17 ----D---- C:\Program Files\Internet Explorer
2014-06-14 11:02:17 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-14 11:02:15 ----D---- C:\WINDOWS\WinStore
2014-06-14 11:02:14 ----RD---- C:\WINDOWS\ToastData
2014-06-14 11:02:12 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-06-14 11:02:11 ----D---- C:\WINDOWS\system32\oobe
2014-06-14 11:02:11 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2014-06-12 15:46:38 ----D---- C:\WINDOWS\system32\catroot2
2014-06-12 14:05:38 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-06-12 14:05:38 ----D---- C:\WINDOWS\system32\wbem
2014-06-12 14:05:38 ----D---- C:\WINDOWS\system32\migration
2014-06-12 14:05:38 ----D---- C:\WINDOWS\system32\cs-CZ
2014-06-12 04:36:28 ----D---- C:\WINDOWS\system32\MRT
2014-06-12 04:35:22 ----A---- C:\WINDOWS\system32\MRT.exe
2014-06-11 23:36:21 ----D---- C:\WINDOWS\system32\NDF
2014-05-31 07:13:24 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-05-29 21:10:24 ----HD---- C:\ProgramData
2014-05-29 21:09:44 ----D---- C:\Users\Hana Hašková\AppData\Roaming\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2013-09-17 239296]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-09-05 30496]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;@oem6.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-10-25 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-10-25 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-10-25 62776]
R1 nethfdrv;nethfdrv; \??\C:\WINDOWS\system32\drivers\nethfdrv.sys [2014-06-17 46160]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 b57xdbd;@oem20.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\WINDOWS\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem20.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\WINDOWS\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 bScsiMSa;bScsiMSa; C:\WINDOWS\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 ETD;@oem3.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-10-19 330640]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-12-21 4216320]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem17.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem28.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-15 27032]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\system32\DRIVERS\k57nd60a.sys [2013-06-18 425984]
R3 MEIx64;@oem21.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 NETwNe64;@netwew00.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows 8; C:\WINDOWS\system32\DRIVERS\NETwew00.sys [2013-07-08 3344352]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-09-05 11273504]
R3 Ps2Kb2Hid;@oem5.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [2012-11-18 26736]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S3 dg_ssudbus;@oem1.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dot4;@oem30.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem31.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem30.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 intaud_WaveExtensible;@oem27.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-15 39320]
S3 ssudmdm;@oem33.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-08-24 2435728]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-09-21 348784]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-21 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 NetHttpService;Network HTTP Support Service; C:\WINDOWS\SysWOW64\nethtsrv.exe [2014-06-17 179200]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-08-23 259136]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2013-08-30 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-11-18 96880]
R2 ServiceUpdater;Network Support Service Updater; C:\WINDOWS\SysWOW64\netupdsrv.exe [2014-06-17 159744]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-21 116648]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-12-21 279000]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2012-07-12 174160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-11-18 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-21 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-06 119408]

-----------------EOF-----------------

Díky moc!!!

#4 Příspěvek od **Márty84** » 22 čer 2014 11:11

hasmic píše:nevěděl jsem, že došlo k takovému posunu

To vite, jde to kupredu

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

hasmic · #5 Příspěvek od **hasmic** » 23 čer 2014 09:30

Zdravíčko,
koukám, letí to jako blázen!

Tu je log, díky moc!

# AdwCleaner v3.213 - Report created 23/06/2014 at 10:10:52
# Updated 23/06/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Hana Hašková - PC
# Running from : C:\Users\Hana Hašková\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Hana Hašková\AppData\Local\genienext
Folder Deleted : C:\Users\Hana Hašková\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Hana Hašková\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Hana Hašková\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Users\Hana Hašková\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Hana Hašková\AppData\Local\Software
File Deleted : C:\Users\Hana Hašková\daemonprocess.txt
File Deleted : C:\WINDOWS\Tasks\AmiUpdXp.job
File Deleted : C:\WINDOWS\System32\Tasks\AmiUpdXp
File Deleted : C:\WINDOWS\System32\Tasks\Express FilesUpdate

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Users\Hana Hašková\AppData\Roaming\Mozilla\Firefox\Profiles\r6eihgtl.default\prefs.js ]

-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Hana Hašková\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2736 octets] - [23/06/2014 09:58:50]
AdwCleaner[R1].txt - [2794 octets] - [23/06/2014 10:10:20]
AdwCleaner[S0].txt - [2713 octets] - [23/06/2014 10:10:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2773 octets] ##########

hasmic

#6 Příspěvek od **Márty84** » 23 čer 2014 13:19

Udelejte kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

hasmic · #7 Příspěvek od **hasmic** » 23 čer 2014 16:37

Tak, jsem tu s logem:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 23. 6. 2014
Scan Time: 16:23:43
Logfile: log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.23.08
Rootkit Database: v2014.06.20.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Hana HaA!kovA!

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 459121
Time Elapsed: 1 hr, 7 min, 13 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 2
PUP.Optional.NetworkUpdate.A, C:\Windows\SysWOW64\nethtsrv.exe, 1732, , [667e1665a5d63402b33954532ed40bf5]
PUP.Optional.NetworkUpdate.A, C:\Windows\SysWOW64\netupdsrv.exe, 2356, , [5c885823483381b57f6e2186748eec14]

Modules: 0
(No malicious items detected)

Registry Keys: 3
PUP.Optional.NetworkUpdate.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\nethfdrv, , [27bd12691e5d7abc58936e3932d0db25],
PUP.Optional.NetworkUpdate.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetHttpService, , [667e1665a5d63402b33954532ed40bf5],
PUP.Optional.NetworkUpdate.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ServiceUpdater, , [5c885823483381b57f6e2186748eec14],

Registry Values: 2
PUP.Optional.NetworkUpdate.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NETHTTPSERVICE|ImagePath, C:\WINDOWS\SysWOW64\nethtsrv.exe, , [a0441c5faccf72c44f7257a9a85caf51]
PUP.Optional.NetworkUpdate.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SERVICEUPDATER|ImagePath, C:\WINDOWS\SysWOW64\netupdsrv.exe, , [a73d552693e888ae6e54e71916eedb25]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 6
PUP.Optional.NextLive.A, C:\AdwCleaner\Quarantine\C\Users\Hana HaA!kovA!\AppData\Local\genienext\nengine.dll.vir, , [5a8a780346353ef8e4fdc09834cde61a],
PUP.Optional.Amonetize, C:\AdwCleaner\Quarantine\C\Users\Hana HaA!kovA!\AppData\Local\SwvUpdater\Updater.exe.vir, , [c71dc2b947344de976bdf63452af8a76],
PUP.Optional.NextLive.A, C:\AdwCleaner\Quarantine\C\Users\Hana HaA!kovA!\AppData\Roaming\newnext.me\nengine.dll.vir, , [e301e29957245cda756c2236cb36b749],
PUP.Optional.NetworkUpdate.A, C:\Windows\System32\drivers\nethfdrv.sys, , [27bd12691e5d7abc58936e3932d0db25],
PUP.Optional.NetworkUpdate.A, C:\Windows\SysWOW64\nethtsrv.exe, , [667e1665a5d63402b33954532ed40bf5],
PUP.Optional.NetworkUpdate.A, C:\Windows\SysWOW64\netupdsrv.exe, , [5c885823483381b57f6e2186748eec14],

Physical Sectors: 0
(No malicious items detected)

(end)

Díky moc,

hasmic!

#8 Příspěvek od **Márty84** » 23 čer 2014 17:21

Vsechny nalezy nechte odstranit (do karanteny). Po odstraneni a restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup

hasmic · #9 Příspěvek od **hasmic** » 23 čer 2014 21:24

Tak, hlásím, že pro jistotu jsem nechal scan proběhnout 2x a ani jednou mi to nenahlásilo, že by to našlo nějakou mrchu...?!?

Díke,

hasmic!

#10 Příspěvek od **Márty84** » 24 čer 2014 09:34

Fajn, MBAM tedy odinstalujte a dejte novy log z RSIT.

Reklama se porad objevuje?

hasmic · #11 Příspěvek od **hasmic** » 25 čer 2014 14:14

Tak, konečně jsem tu, tu to je:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Hana Hašková at 2014-06-24 12:08:18
Microsoft Windows 8.1
System drive C: has 441 GB (63%) free of 698 GB
Total RAM: 3911 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:08:20, on 24. 6. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
C:\Program Files\trend micro\Hana Hašková.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - (no file)
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKUS\S-1-5-21-2310395481-1935701993-3987270-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')
O4 - Startup: KooBits 4.lnk = C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9213 bytes

======Listing Processes======

wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\nvvsvc.exe -session
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe"
C:\Windows\RfBtnSvc64.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
dashost.exe {9f3fc139-e6bb-48e6-a7f581756c02134b}
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\WINDOWS\system32\igfxext.exe" -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe" KMPProcess
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP PSC 1400 series#1396697578" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
taskhost.exe
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5292.e879480.289104486 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5292 "\\.\pipe\gecko-crash-server-pipe.5292" plugin
"C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe" --proxy-stub-channel=Flash6316.6C5FA378.24272 --host-broker-channel=Flash6316.6C5FA378.9968 --host-pid=6316 --host-npapi-version=27 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_11_9_900_152.dll"
"C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe" --channel=1228.0100F1D4.1478543175 --proxy-stub-channel=Flash6316.6C5FA378.24272 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_11_9_900_152.dll" --host-npapi-version=27 --type=renderer

"C:\Users\Hana Hašková\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\McAfee Cleanup.job - C:\Users\HANAHA~1\AppData\Local\Temp\MCPR\mccleanup.exe -p MFP,APPSTATS,Auth,EMproxy,FWdiver,McSvcHost,HW,MAS,MAT,MBK,MCPR,McProxy,VUL,MHN,MNA,MOBK,MPFP,MPFPCU,MPS,SHRED,MPSCU,MQC,MQCCU,MSAD,MSHR,MSK,MSKCU,MWL,NMC,RedirSvc,VS,MSC -silent -uipipe McAfeeCleanupUIMessagePipe8647 -s -silent

=========Mozilla firefox=========

ProfilePath - C:\Users\Hana Hašková\AppData\Roaming\Mozilla\Firefox\Profiles\r6eihgtl.default

prefs.js - "browser.startup.homepage" - "www.google.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83B80A9C-D91A-4F22-8DCF-EA7204039F79}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-10-19 2873744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-12-21 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-12-21 771544]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-12-21 770520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"= []
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2012-11-18 111216]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer Backup Manager Tray.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Hana Hašková\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
KooBits 4.lnk - C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll, C:\WINDOWS\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-12-21 624640]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-06-24 12:08:18 ----D---- C:\rsit
2014-06-23 16:21:54 ----D---- C:\ProgramData\Malwarebytes
2014-06-23 10:19:40 ----A---- C:\awh2533.tmp
2014-06-23 09:59:16 ----A---- C:\WINDOWS\SYSWOW64\sqlite3.dll
2014-06-23 09:58:43 ----D---- C:\AdwCleaner
2014-06-22 11:41:28 ----D---- C:\Program Files\trend micro
2014-06-22 04:17:37 ----A---- C:\awh55B9.tmp
2014-06-22 04:16:11 ----D---- C:\Users\Hana Hašková\AppData\Roaming\Mozilla
2014-06-22 04:16:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 20:10:07 ----A---- C:\awhF9BA.tmp
2014-06-21 17:49:34 ----D---- C:\Program Files (x86)\Google
2014-06-19 18:23:08 ----A---- C:\awhC9B.tmp
2014-06-17 09:04:38 ----A---- C:\WINDOWS\SYSWOW64\installd.exe
2014-06-17 09:04:16 ----A---- C:\WINDOWS\SYSWOW64\hfnapi.dll
2014-06-17 09:04:06 ----A---- C:\WINDOWS\SYSWOW64\hfpapi.dll
2014-06-14 11:04:17 ----D---- C:\BackupManager
2014-06-13 07:14:25 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-06-13 07:14:25 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2014-06-13 07:14:24 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2014-06-13 07:14:22 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-06-13 07:14:20 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-06-13 07:14:20 ----A---- C:\WINDOWS\system32\msrating.dll
2014-06-13 07:14:20 ----A---- C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-13 07:14:20 ----A---- C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-13 07:14:20 ----A---- C:\WINDOWS\system32\ieetwcollector.exe
2014-06-13 07:14:19 ----A---- C:\WINDOWS\SYSWOW64\ieetwproxystub.dll
2014-06-13 07:14:19 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-06-13 07:14:19 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-06-13 07:10:31 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2014-06-11 18:50:07 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-06-11 18:50:07 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2014-06-11 18:50:06 ----A---- C:\WINDOWS\system32\twinui.dll
2014-06-11 18:50:05 ----A---- C:\WINDOWS\system32\shell32.dll
2014-06-11 18:50:04 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-06-11 18:50:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-06-11 18:50:02 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2014-06-11 18:50:01 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-06-11 18:50:00 ----A---- C:\WINDOWS\system32\mstscax.dll
2014-06-11 18:49:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2014-06-11 18:49:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2014-06-11 18:49:57 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2014-06-11 18:49:56 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2014-06-11 18:49:55 ----A---- C:\WINDOWS\system32\gpsvc.dll
2014-06-11 18:49:55 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-06-11 18:49:54 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-06-11 18:49:54 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-06-11 18:49:53 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2014-06-11 18:49:53 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2014-06-11 18:49:53 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2014-06-11 18:49:52 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2014-06-11 18:49:52 ----A---- C:\WINDOWS\system32\win32k.sys
2014-06-11 18:49:52 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-06-11 18:49:51 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2014-06-11 18:49:51 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2014-06-11 18:49:51 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-06-11 18:49:51 ----A---- C:\WINDOWS\system32\localspl.dll
2014-06-11 18:49:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2014-06-11 18:49:50 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2014-06-11 18:49:50 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-06-11 18:49:50 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-06-11 18:49:49 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2014-06-11 18:49:49 ----A---- C:\WINDOWS\system32\winmde.dll
2014-06-11 18:49:49 ----A---- C:\WINDOWS\system32\mfsvr.dll
2014-06-11 18:49:48 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2014-06-11 18:49:48 ----A---- C:\WINDOWS\system32\wmpmde.dll
2014-06-11 18:49:48 ----A---- C:\WINDOWS\system32\services.exe
2014-06-11 18:49:48 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-06-11 18:49:47 ----A---- C:\WINDOWS\system32\XpsGdiConverter.dll
2014-06-11 18:49:47 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-06-11 18:49:47 ----A---- C:\WINDOWS\system32\srvsvc.dll
2014-06-11 18:49:47 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-06-11 18:49:47 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2014-06-11 18:49:47 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2014-06-11 18:49:46 ----AC---- C:\WINDOWS\system32\drivers\volsnap.sys
2014-06-11 18:49:46 ----A---- C:\WINDOWS\SYSWOW64\XpsGdiConverter.dll
2014-06-11 18:49:46 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2014-06-11 18:49:46 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2014-06-11 18:49:46 ----A---- C:\WINDOWS\system32\MDEServer.exe
2014-06-11 18:49:46 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-06-11 18:49:46 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-06-11 18:49:45 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2014-06-11 18:49:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2014-06-11 18:49:45 ----A---- C:\WINDOWS\system32\win32spl.dll
2014-06-11 18:49:45 ----A---- C:\WINDOWS\system32\rdpencom.dll
2014-06-11 18:49:45 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-06-11 18:49:44 ----AC---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2014-06-11 18:49:44 ----A---- C:\WINDOWS\SYSWOW64\rdpencom.dll
2014-06-11 18:49:44 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-06-11 18:49:44 ----A---- C:\WINDOWS\system32\dwmapi.dll
2014-06-11 18:49:44 ----A---- C:\WINDOWS\system32\defragsvc.dll
2014-06-11 18:49:44 ----A---- C:\WINDOWS\system32\audiosrv.dll
2014-06-11 18:49:43 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2014-06-11 18:49:43 ----A---- C:\WINDOWS\system32\resutils.dll
2014-06-11 18:49:43 ----A---- C:\WINDOWS\system32\ploptin.dll
2014-06-11 18:49:43 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2014-06-11 18:49:43 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2014-06-11 18:49:43 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-06-11 18:49:42 ----AC---- C:\WINDOWS\system32\drivers\msiscsi.sys
2014-06-11 18:49:42 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2014-06-11 18:49:42 ----A---- C:\WINDOWS\system32\swprv.dll
2014-06-11 18:49:42 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2014-06-11 18:49:42 ----A---- C:\WINDOWS\system32\gpapi.dll
2014-06-11 18:49:42 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2014-06-11 18:49:41 ----A---- C:\WINDOWS\system32\wscsvc.dll
2014-06-11 18:49:41 ----A---- C:\WINDOWS\system32\VSSVC.exe
2014-06-11 18:49:41 ----A---- C:\WINDOWS\system32\rpchttp.dll
2014-06-11 18:49:41 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2014-06-11 18:49:40 ----AC---- C:\WINDOWS\system32\drivers\spaceport.sys
2014-06-11 18:49:40 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2014-06-11 18:49:40 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2014-06-11 18:49:40 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2014-06-11 18:49:40 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2014-06-11 18:49:40 ----A---- C:\WINDOWS\system32\propsys.dll
2014-06-11 18:49:40 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2014-06-11 18:49:39 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2014-06-11 18:49:39 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2014-06-11 18:49:39 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2014-06-11 18:49:39 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2014-06-11 18:49:39 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2014-06-11 18:49:39 ----A---- C:\WINDOWS\system32\mfps.dll
2014-06-11 18:49:39 ----A---- C:\WINDOWS\system32\mf.dll
2014-06-11 18:49:39 ----A---- C:\WINDOWS\system32\AudioSes.dll
2014-06-11 18:49:39 ----A---- C:\WINDOWS\system32\AudioEng.dll
2014-06-11 18:49:38 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2014-06-11 18:49:38 ----A---- C:\WINDOWS\system32\wintrust.dll
2014-06-11 18:49:38 ----A---- C:\WINDOWS\system32\mfpmp.exe
2014-06-11 18:49:38 ----A---- C:\WINDOWS\system32\mfplat.dll
2014-06-11 18:49:38 ----A---- C:\WINDOWS\system32\energyprov.dll
2014-06-11 18:49:38 ----A---- C:\WINDOWS\system32\clusapi.dll
2014-06-11 18:49:38 ----A---- C:\WINDOWS\system32\audiodg.exe
2014-06-11 18:49:37 ----A---- C:\WINDOWS\system32\tlscsp.dll
2014-06-11 18:49:37 ----A---- C:\WINDOWS\system32\srcore.dll
2014-06-11 18:49:36 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2014-06-11 18:49:36 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2014-06-11 18:49:35 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2014-06-11 18:49:35 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-06-11 18:49:35 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2014-06-11 18:49:35 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2014-06-11 18:49:34 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2014-06-11 18:49:34 ----A---- C:\WINDOWS\system32\wlansvc.dll
2014-06-11 18:49:34 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-06-11 18:49:34 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-06-11 18:49:34 ----A---- C:\WINDOWS\system32\mispace.dll
2014-06-11 18:49:33 ----A---- C:\WINDOWS\system32\wlansec.dll
2014-06-11 18:49:33 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2014-06-11 18:49:33 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-06-11 18:49:33 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2014-06-11 18:49:33 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-06-11 18:49:32 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2014-06-11 18:49:32 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2014-06-11 18:49:32 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2014-06-11 18:49:32 ----A---- C:\WINDOWS\system32\wlanapi.dll
2014-06-11 18:49:32 ----A---- C:\WINDOWS\system32\tsgqec.dll
2014-06-11 18:49:32 ----A---- C:\WINDOWS\system32\srclient.dll
2014-06-11 18:49:31 ----A---- C:\WINDOWS\SYSWOW64\srclient.dll
2014-06-11 18:49:31 ----A---- C:\WINDOWS\system32\rstrui.exe
2014-06-11 18:49:30 ----A---- C:\WINDOWS\SYSWOW64\wlanhlp.dll
2014-06-11 18:49:30 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2014-06-11 16:06:47 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-06-11 16:06:47 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-06-11 16:06:47 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-06-11 16:06:47 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-06-11 16:06:47 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2014-06-11 16:06:47 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-06-11 16:06:47 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-06-11 16:06:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-06-11 16:06:46 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-06-11 16:06:46 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-06-11 16:06:46 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 16:06:45 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-06-11 16:06:45 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-06-11 16:06:45 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-06-11 16:06:45 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-06-11 16:06:44 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-06-11 16:06:44 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 16:06:44 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-06-11 16:06:44 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-06-11 16:06:44 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-06-11 16:06:43 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-06-11 16:06:43 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 16:06:42 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-06-11 16:06:41 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-06-11 16:06:41 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-06-11 16:06:41 ----A---- C:\WINDOWS\system32\wininet.dll
2014-06-11 16:06:41 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 16:06:28 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-06-11 16:06:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 16:06:28 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2014-06-11 16:06:28 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-06-11 16:06:28 ----A---- C:\WINDOWS\system32\WSReset.exe
2014-06-11 16:06:28 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 16:06:28 ----A---- C:\WINDOWS\system32\msxml3.dll
2014-06-11 16:06:27 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-06-11 16:06:27 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2014-06-11 16:06:26 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2014-06-11 16:06:26 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 16:06:26 ----A---- C:\WINDOWS\system32\gdi32.dll
2014-06-11 16:06:26 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2014-06-11 16:01:27 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2014-06-11 16:01:27 ----A---- C:\WINDOWS\SYSWOW64\drvinst.exe
2014-06-11 16:01:27 ----A---- C:\WINDOWS\system32\FntCache.dll
2014-06-11 16:01:27 ----A---- C:\WINDOWS\system32\DWrite.dll
2014-06-11 16:01:27 ----A---- C:\WINDOWS\system32\drvinst.exe
2014-06-11 16:01:27 ----A---- C:\WINDOWS\system32\drvcfg.exe
2014-06-11 16:01:26 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2014-06-11 16:01:26 ----A---- C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 16:01:26 ----A---- C:\WINDOWS\system32\WpcMon.exe
2014-06-11 16:01:26 ----A---- C:\WINDOWS\system32\wpccpl.dll
2014-06-11 16:01:26 ----A---- C:\WINDOWS\system32\Wpc.dll
2014-06-11 16:01:26 ----A---- C:\WINDOWS\system32\drivers\wpcfltr.sys
2014-06-11 08:09:24 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-29 22:02:47 ----D---- C:\Program Files (x86)\FBReader
2014-05-29 21:10:26 ----D---- C:\Users\Hana Hašková\AppData\Roaming\koobits.koobits4.com
2014-05-29 21:10:24 ----D---- C:\ProgramData\Adobe

======List of files/folders modified in the last 1 month======

2014-06-24 12:02:00 ----D---- C:\WINDOWS\system32\sru
2014-06-24 11:41:22 ----D---- C:\WINDOWS\Temp
2014-06-24 11:14:52 ----D---- C:\WINDOWS\Prefetch
2014-06-24 11:01:23 ----D---- C:\WINDOWS\Microsoft.NET
2014-06-24 10:54:46 ----RD---- C:\Program Files (x86)
2014-06-24 10:54:46 ----D---- C:\WINDOWS\system32\drivers
2014-06-23 19:14:52 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-06-23 19:14:34 ----D---- C:\WINDOWS\system32\wdi
2014-06-23 19:12:07 ----D---- C:\WINDOWS\SysWOW64
2014-06-23 19:12:06 ----D---- C:\WINDOWS\WinStore
2014-06-23 16:21:54 ----HD---- C:\ProgramData
2014-06-23 11:16:29 ----SHD---- C:\System Volume Information
2014-06-23 10:58:51 ----RD---- C:\WINDOWS\System32
2014-06-23 10:58:51 ----D---- C:\WINDOWS\Inf
2014-06-23 10:58:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-23 10:10:55 ----D---- C:\WINDOWS\Tasks
2014-06-23 10:10:55 ----D---- C:\WINDOWS\system32\Tasks
2014-06-22 13:16:34 ----HD---- C:\Program Files\WindowsApps
2014-06-22 13:09:08 ----D---- C:\WINDOWS\AppReadiness
2014-06-22 11:41:28 ----RD---- C:\Program Files
2014-06-21 17:54:11 ----SHD---- C:\WINDOWS\Installer
2014-06-21 17:54:11 ----HD---- C:\Config.Msi
2014-06-20 14:17:50 ----D---- C:\WINDOWS\system32\config
2014-06-20 08:17:10 ----SD---- C:\ProgramData\Microsoft
2014-06-20 08:17:10 ----D---- C:\Program Files (x86)\Microsoft
2014-06-19 20:11:02 ----D---- C:\WINDOWS\WinSxS
2014-06-19 18:18:07 ----D---- C:\Program Files (x86)\Common Files
2014-06-18 01:05:54 ----D---- C:\WINDOWS\CbsTemp
2014-06-14 19:51:03 ----D---- C:\WINDOWS\system32\DriverStore
2014-06-14 14:02:24 ----D---- C:\WINDOWS\rescache
2014-06-14 11:02:17 ----D---- C:\Program Files\Internet Explorer
2014-06-14 11:02:17 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-14 11:02:14 ----RD---- C:\WINDOWS\ToastData
2014-06-14 11:02:12 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2014-06-14 11:02:11 ----D---- C:\WINDOWS\system32\oobe
2014-06-14 11:02:11 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2014-06-12 15:46:38 ----D---- C:\WINDOWS\system32\catroot2
2014-06-12 14:05:38 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-06-12 14:05:38 ----D---- C:\WINDOWS\system32\wbem
2014-06-12 14:05:38 ----D---- C:\WINDOWS\system32\migration
2014-06-12 14:05:38 ----D---- C:\WINDOWS\system32\cs-CZ
2014-06-12 04:36:28 ----D---- C:\WINDOWS\system32\MRT
2014-06-12 04:35:22 ----A---- C:\WINDOWS\system32\MRT.exe
2014-06-11 23:36:21 ----D---- C:\WINDOWS\system32\NDF
2014-05-31 07:13:24 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2014-05-29 21:09:44 ----D---- C:\Users\Hana Hašková\AppData\Roaming\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2013-09-17 239296]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-09-05 30496]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;@oem6.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-10-25 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-10-25 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-10-25 62776]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 b57xdbd;@oem20.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\WINDOWS\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem20.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\WINDOWS\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 bScsiMSa;bScsiMSa; C:\WINDOWS\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 ETD;@oem3.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-10-19 330640]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-12-21 4216320]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem17.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem28.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-15 27032]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\system32\DRIVERS\k57nd60a.sys [2013-06-18 425984]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys []
R3 MEIx64;@oem21.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 NETwNe64;@netwew00.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows 8; C:\WINDOWS\system32\DRIVERS\NETwew00.sys [2013-07-08 3344352]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-09-05 11273504]
R3 Ps2Kb2Hid;@oem5.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [2012-11-18 26736]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S3 dg_ssudbus;@oem1.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dot4;@oem30.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem31.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem30.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 intaud_WaveExtensible;@oem27.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-15 39320]
S3 ssudmdm;@oem33.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-08-24 2435728]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-09-21 348784]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-21 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-08-23 259136]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2013-08-30 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-11-18 96880]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2013-08-22 37768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-21 116648]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2013-08-22 37768]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-12-21 279000]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2012-07-12 174160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-11-18 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-21 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-06 119408]

-----------------EOF-----------------

Díky!!

#12 Příspěvek od **Márty84** » 25 čer 2014 18:07

Jeste tam vidim neco na smazani.

Dame si jeste posledni sken a budem mazat.

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

hasmic · #13 Příspěvek od **hasmic** » 25 čer 2014 22:04

Tak, tu je první část OTL:

OTL logfile created on: 25. 6. 2014 22:15:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hana Hašková\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

3,82 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 29,20% Memory free
5,01 Gb Paging File | 1,52 Gb Available in Paging File | 30,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 681,85 Gb Total Space | 430,26 Gb Free Space | 63,10% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Hana Hašková | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/06/25 22:13:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hana Hašková\Desktop\OTL.exe
PRC - [2014/06/06 06:38:12 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/12/03 10:05:50 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
PRC - [2013/09/12 13:06:22 | 001,337,752 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2013/09/05 03:35:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/07/08 11:42:48 | 001,922,600 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
PRC - [2013/07/08 11:42:38 | 001,798,696 | ---- | M] (PandoraTV) -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
PRC - [2012/11/18 12:59:01 | 000,111,216 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\RadioController\RfBtnHelper.exe
PRC - [2012/09/21 07:17:48 | 000,474,224 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2012/09/21 07:17:47 | 000,348,784 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2012/09/21 07:17:46 | 001,184,368 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2012/08/24 07:24:38 | 002,435,728 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
PRC - [2012/08/23 08:24:38 | 000,259,136 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2012/08/23 08:24:10 | 000,533,568 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2012/07/18 02:10:34 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/18 02:10:32 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/18 02:10:18 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/04 19:57:44 | 000,990,320 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe

========== Modules (No Company Name) ==========

MOD - [2014/06/06 06:38:45 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/12/03 10:05:50 | 016,237,448 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
MOD - [2012/08/23 08:26:10 | 000,465,384 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/06/13 07:14:20 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/04/06 13:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/04/03 04:51:48 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/03/24 04:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/24 04:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/14 08:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 07:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/22 17:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 11:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 11:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 11:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 11:25:14 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/02/22 11:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/12/10 09:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/23 06:50:00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/09/12 13:06:22 | 001,337,752 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2013/08/22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 13:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 13:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 13:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 13:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 13:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 12:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 12:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 11:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 11:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 11:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 11:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 11:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 11:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 11:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 11:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/08/23 06:36:28 | 000,468,624 | ---- | M] (Acer Incorporated) [On_Demand | Stopped] -- C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe -- (DeviceFastLaneService)
SRV:64bit: - [2012/08/23 06:02:36 | 000,658,576 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2012/08/21 02:36:22 | 000,176,640 | ---- | M] (Broadcom Corp.) [Auto | Running] -- C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe -- (BrcmCardReader)
SRV:64bit: - [2012/04/21 00:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2014/06/06 06:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/14 08:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/12/21 01:02:54 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/05 03:35:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/08/22 14:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 05:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 04:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/07/08 11:42:48 | 001,922,600 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe -- (PanService)
SRV - [2012/11/18 13:15:13 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/11/18 12:59:01 | 000,096,880 | ---- | M] (Dritek System INC.) [Auto | Running] -- C:\Windows\RfBtnSvc64.exe -- (RfButtonDriverService)
SRV - [2012/09/21 07:17:47 | 000,348,784 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2012/08/24 07:24:38 | 002,435,728 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe -- (CCDMonitorService)
SRV - [2012/08/23 08:24:38 | 000,259,136 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2012/07/18 02:10:34 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/18 02:10:32 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/18 02:10:18 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/12 05:10:24 | 000,174,160 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2011/08/18 02:29:52 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/05/01 15:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/04/01 08:23:41 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/03/24 04:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/24 04:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/24 04:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/20 05:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 14:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 22:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/08 22:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/02/22 18:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 17:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 17:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 17:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 17:49:47 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/02/22 17:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 14:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/12/21 01:02:44 | 004,216,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/12/15 01:34:54 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/12/15 01:34:54 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/11/14 14:46:08 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/14 14:39:18 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/14 14:26:21 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/14 14:26:16 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/11/11 04:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 13:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/26 03:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/09/17 16:17:38 | 000,239,320 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/09/17 16:17:38 | 000,239,296 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\edevmon.sys -- (edevmon)
DRV:64bit: - [2013/09/17 16:17:38 | 000,220,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2013/09/17 16:17:38 | 000,168,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2013/09/17 16:17:38 | 000,062,136 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2013/09/17 16:17:38 | 000,044,120 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2013/09/05 03:37:00 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/08/22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 14:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 13:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 13:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 13:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 13:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 13:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 13:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/08 20:37:41 | 003,344,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2013/06/18 16:45:14 | 000,425,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2012/11/18 12:59:01 | 000,026,736 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aPs2Kb2Hid.sys -- (Ps2Kb2Hid)
DRV:64bit: - [2012/10/25 06:32:32 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2012/10/25 06:32:32 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2012/10/25 06:32:32 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2012/10/19 11:54:54 | 000,330,640 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012/08/16 23:33:42 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/08/14 21:15:36 | 000,070,744 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:64bit: - [2012/08/13 20:59:42 | 000,072,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:64bit: - [2012/08/13 20:59:42 | 000,021,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:64bit: - [2012/07/03 00:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/19 16:40:51 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/19 02:20:52 | 000,055,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:64bit: - [2010/07/09 05:51:38 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/04/20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0A65837E-A546-4458-B456-537E3DC0922E}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{0A65837E-A546-4458-B456-537E3DC0922E}: "URL" = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0A65837E-A546-4458-B456-537E3DC0922E}: "URL" = http://www.bing.com/search?q={searchTer ... &pc=MAARJS

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2310395481-1935701993-3987270-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
IE - HKU\S-1-5-21-2310395481-1935701993-3987270-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
IE - HKU\S-1-5-21-2310395481-1935701993-3987270-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2310395481-1935701993-3987270-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2310395481-1935701993-3987270-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
IE - HKU\S-1-5-21-2310395481-1935701993-3987270-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
IE - HKU\S-1-5-21-2310395481-1935701993-3987270-1002\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2310395481-1935701993-3987270-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-2310395481-1935701993-3987270-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "www.google.cz"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Hana Hašková\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2013/12/01 16:22:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/12/01 16:22:02 | 000,000,000 | ---D | M]

[2014/06/22 04:16:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hana Hašková\AppData\Roaming\Mozilla\Extensions
[2014/06/22 04:24:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hana Hašková\AppData\Roaming\Mozilla\Firefox\Profiles\r6eihgtl.default\extensions
[2014/06/22 04:20:57 | 000,010,912 | ---- | M] () (No name found) -- C:\Users\Hana Hašková\AppData\Roaming\Mozilla\Firefox\Profiles\r6eihgtl.default\extensions\jid1-P34HaABBBpOerQ@jetpack.xpi
[2014/06/22 04:21:13 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\Hana Hašková\AppData\Roaming\Mozilla\Firefox\Profiles\r6eihgtl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/06/22 04:16:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/22 04:16:02 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Hana Hašková\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Disk Google = C:\Users\Hana Hašková\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Hana Hašková\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: VyhledĂˇvĂˇnĂ Google = C:\Users\Hana Hašková\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Pen\u011b\u017eenka Google = C:\Users\Hana Hašková\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Hana Hašková\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/08/22 15:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [LManager] File not found
O4 - HKLM..\Run: [RadioController] C:\Program Files (x86)\RadioController\RfBtnHelper.exe (Dritek System Inc.)
O4 - HKU\S-1-5-21-2310395481-1935701993-3987270-1001..\RunOnce: [WAB Migrate] C:\Program Files (x86)\Windows Mail\wab.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Hana Hašková\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KooBits 4.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2310395481-1935701993-3987270-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D4BB57A1-8AC8-4F71-95A8-F7E03235D76B}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/06/25 22:12:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Hana Hašková\Desktop\OTL.exe
[2014/06/25 01:08:55 | 000,000,000 | ---D | C] -- C:\Users\Hana Hašková\Desktop\Aleš Brichta - Best Of beatová síň slávy (2008)
[2014/06/24 12:08:18 | 000,000,000 | ---D | C] -- C:\rsit
[2014/06/23 16:21:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/06/23 09:59:16 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014/06/23 09:58:43 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/22 11:41:28 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/06/22 04:16:11 | 000,000,000 | ---D | C] -- C:\Users\Hana Hašková\AppData\Roaming\Mozilla
[2014/06/22 04:16:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/06/21 19:37:44 | 000,000,000 | ---D | C] -- C:\Users\Hana Hašková\Desktop\Cyklotrasy
[2014/06/21 17:50:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/06/21 17:49:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/06/21 17:49:25 | 000,000,000 | ---D | C] -- C:\Users\Hana Hašková\AppData\Local\Google
[2014/06/19 18:18:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Config
[2014/06/19 13:06:55 | 000,000,000 | -HSD | C] -- C:\Users\Hana Hašková\AppData\Local\EmieUserList
[2014/06/19 13:06:55 | 000,000,000 | -HSD | C] -- C:\Users\Hana Hašková\AppData\Local\EmieSiteList
[2014/06/14 11:04:17 | 000,000,000 | ---D | C] -- C:\BackupManager
[2014/06/13 07:14:25 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/06/13 07:14:25 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/06/13 07:14:24 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/06/13 07:14:22 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/06/13 07:14:20 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/06/13 07:14:20 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/06/13 07:14:20 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/06/13 07:14:20 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014/06/13 07:14:19 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/06/13 07:14:19 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/06/13 07:14:19 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/06/13 07:10:31 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2014/06/11 18:50:07 | 011,792,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/06/11 18:50:06 | 013,287,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/06/11 18:50:04 | 016,872,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/06/11 18:50:03 | 012,711,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/06/11 18:50:02 | 008,652,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/06/11 18:50:01 | 007,173,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2014/06/11 18:50:00 | 006,645,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/06/11 18:49:59 | 005,833,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/06/11 18:49:59 | 005,104,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2014/06/11 18:49:57 | 005,774,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/06/11 18:49:56 | 002,688,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/06/11 18:49:55 | 002,124,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2014/06/11 18:49:54 | 004,269,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/06/11 18:49:53 | 007,425,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/06/11 18:49:53 | 001,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/06/11 18:49:53 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/06/11 18:49:52 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/06/11 18:49:52 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2014/06/11 18:49:51 | 001,025,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014/06/11 18:49:51 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/06/11 18:49:51 | 000,765,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2014/06/11 18:49:50 | 002,144,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/06/11 18:49:50 | 001,411,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/06/11 18:49:50 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2014/06/11 18:49:50 | 000,669,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2014/06/11 18:49:49 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2014/06/11 18:49:49 | 001,403,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014/06/11 18:49:49 | 000,491,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2014/06/11 18:49:48 | 001,379,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014/06/11 18:49:48 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2014/06/11 18:49:48 | 000,407,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2014/06/11 18:49:48 | 000,387,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2014/06/11 18:49:47 | 001,222,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2014/06/11 18:49:47 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GeofenceMonitorService.dll
[2014/06/11 18:49:47 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2014/06/11 18:49:47 | 000,364,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2014/06/11 18:49:46 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GeofenceMonitorService.dll
[2014/06/11 18:49:46 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2014/06/11 18:49:46 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDEServer.exe
[2014/06/11 18:49:46 | 000,305,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014/06/11 18:49:45 | 001,209,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014/06/11 18:49:45 | 000,982,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2014/06/11 18:49:45 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2014/06/11 18:49:45 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpencom.dll
[2014/06/11 18:49:44 | 000,263,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2014/06/11 18:49:44 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpencom.dll
[2014/06/11 18:49:44 | 000,125,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmapi.dll
[2014/06/11 18:49:43 | 000,337,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2014/06/11 18:49:43 | 000,324,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2014/06/11 18:49:43 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2014/06/11 18:49:43 | 000,032,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2014/06/11 18:49:42 | 000,285,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2014/06/11 18:49:42 | 000,201,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSVideoDSP.dll
[2014/06/11 18:49:42 | 000,130,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpapi.dll
[2014/06/11 18:49:41 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2014/06/11 18:49:41 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpchttp.dll
[2014/06/11 18:49:40 | 001,466,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/06/11 18:49:40 | 000,384,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014/06/11 18:49:40 | 000,178,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSVideoDSP.dll
[2014/06/11 18:49:40 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rpchttp.dll
[2014/06/11 18:49:39 | 000,707,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2014/06/11 18:49:39 | 000,609,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2014/06/11 18:49:39 | 000,518,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf.dll
[2014/06/11 18:49:39 | 000,467,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014/06/11 18:49:39 | 000,463,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014/06/11 18:49:39 | 000,233,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014/06/11 18:49:38 | 000,881,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2014/06/11 18:49:38 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2014/06/11 18:49:38 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2014/06/11 18:49:38 | 000,307,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2014/06/11 18:49:38 | 000,244,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014/06/11 18:49:38 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\energyprov.dll
[2014/06/11 18:49:38 | 000,028,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfpmp.exe
[2014/06/11 18:49:37 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srcore.dll
[2014/06/11 18:49:37 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tlscsp.dll
[2014/06/11 18:49:36 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\resutils.dll
[2014/06/11 18:49:36 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2014/06/11 18:49:35 | 000,761,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2014/06/11 18:49:35 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BootMenuUX.dll
[2014/06/11 18:49:35 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tlscsp.dll
[2014/06/11 18:49:34 | 002,100,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlowUI.dll
[2014/06/11 18:49:34 | 001,287,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014/06/11 18:49:34 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014/06/11 18:49:34 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/06/11 18:49:33 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014/06/11 18:49:33 | 000,872,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/06/11 18:49:33 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2014/06/11 18:49:33 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2014/06/11 18:49:33 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014/06/11 18:49:32 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/06/11 18:49:32 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2014/06/11 18:49:32 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2014/06/11 18:49:32 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2014/06/11 18:49:32 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srclient.dll
[2014/06/11 18:49:32 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2014/06/11 18:49:31 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rstrui.exe
[2014/06/11 18:49:30 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanhlp.dll
[2014/06/11 18:49:30 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanhlp.dll
[2014/06/11 16:06:47 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/06/11 16:06:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/06/11 16:06:46 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/06/11 16:06:46 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/06/11 16:06:45 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/06/11 16:06:45 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/06/11 16:06:45 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/06/11 16:06:44 | 005,782,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/06/11 16:06:44 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/06/11 16:06:44 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/06/11 16:06:44 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/06/11 16:06:43 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/06/11 16:06:41 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/06/11 16:06:41 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/06/11 16:06:28 | 000,921,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/06/11 16:06:28 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/06/11 16:06:28 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/06/11 16:06:28 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/06/11 16:06:28 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSReset.exe
[2014/06/11 16:06:27 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/06/11 16:06:26 | 003,360,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2014/06/11 16:06:26 | 001,336,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2014/06/11 16:01:27 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2014/06/11 16:01:27 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2014/06/11 16:01:27 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvinst.exe
[2014/06/11 16:01:27 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvcfg.exe
[2014/06/11 16:01:26 | 003,118,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll
[2014/06/11 16:01:26 | 003,048,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2014/06/11 16:01:26 | 002,861,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebSync.dll
[2014/06/11 16:01:26 | 002,834,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpccpl.dll
[2014/06/11 16:01:26 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll
[2014/06/11 16:01:26 | 000,055,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wpcfltr.sys
[2014/06/11 08:09:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/06/08 14:59:09 | 000,000,000 | ---D | C] -- C:\Users\Hana Hašková\AppData\Local\Unity
[2014/06/01 08:23:14 | 000,000,000 | ---D | C] -- C:\Users\Hana Hašková\Desktop\Odkazy
[2014/05/29 23:14:58 | 000,000,000 | ---D | C] -- C:\Users\Hana Hašková\Desktop\Osho - Oranžová kniha
[2014/05/29 22:03:06 | 000,000,000 | ---D | C] -- C:\Users\Hana Hašková\.FBReader
[2014/05/29 22:02:48 | 000,000,000 | ---D | C] -- C:\Users\Hana Hašková\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FBReader for Windows
[2014/05/29 22:02:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FBReader for Windows
[2014/05/29 22:02:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FBReader
[2014/05/29 21:10:27 | 000,000,000 | ---D | C] -- C:\Users\Hana Hašková\KooBits4
[2014/05/29 21:10:26 | 000,000,000 | ---D | C] -- C:\Users\Hana Hašková\AppData\Roaming\koobits.koobits4.com
[2014/05/29 21:10:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014/05/28 21:46:58 | 000,000,000 | ---D | C] -- C:\Users\Hana Hašková\Documents\Knihy
[4 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/06/25 22:17:50 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/06/25 22:13:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hana Hašková\Desktop\OTL.exe
[2014/06/25 21:54:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/25 18:13:46 | 001,745,984 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/06/25 18:13:46 | 000,739,924 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2014/06/25 18:13:46 | 000,722,476 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/06/25 18:13:46 | 000,151,610 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2014/06/25 18:13:46 | 000,135,592 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/06/25 17:54:06 | 000,002,207 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/25 17:54:05 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/25 10:41:16 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/06/23 19:12:14 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/06/23 19:12:11 | 3281,010,688 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/23 09:57:51 | 001,342,659 | ---- | M] () -- C:\Users\Hana Hašková\Desktop\AdwCleaner.exe
[2014/06/22 04:16:05 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/17 09:04:38 | 000,108,544 | ---- | M] () -- C:\WINDOWS\SysWow64\installd.exe
[2014/06/17 09:04:16 | 000,108,544 | ---- | M] () -- C:\WINDOWS\SysWow64\hfnapi.dll
[2014/06/17 09:04:06 | 000,246,784 | ---- | M] () -- C:\WINDOWS\SysWow64\hfpapi.dll
[2014/06/14 11:05:47 | 000,336,448 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/06/13 07:14:25 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/06/13 07:14:25 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/06/13 07:14:24 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/06/13 07:14:22 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/06/13 07:14:20 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/06/13 07:14:20 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/06/13 07:14:20 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/06/13 07:14:20 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014/06/13 07:14:19 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/06/13 07:14:19 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/06/13 07:14:19 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/06/13 07:10:31 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2014/06/10 10:56:33 | 000,000,375 | ---- | M] () -- C:\Users\Hana Hašková\Desktop\Ovládací panely – zástupce.lnk
[2014/06/04 01:02:22 | 000,050,186 | ---- | M] () -- C:\Users\Hana Hašková\Documents\symboly.jpg
[2014/05/31 07:13:24 | 000,703,992 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/05/31 07:13:24 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/30 11:20:36 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/05/30 11:08:22 | 005,782,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/05/30 11:06:42 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/05/30 10:46:48 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/05/30 10:44:23 | 000,295,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/05/30 10:43:06 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/05/30 10:35:44 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/05/30 10:29:31 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/05/30 10:27:56 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/05/30 10:23:22 | 002,040,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/05/30 10:04:20 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/05/30 09:49:38 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/05/30 09:13:47 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/05/30 09:13:09 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/05/29 22:02:48 | 000,001,897 | ---- | M] () -- C:\Users\Hana Hašková\Desktop\FBReader.lnk
[2014/05/29 21:10:26 | 000,001,023 | ---- | M] () -- C:\Users\Hana Hašková\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KooBits 4.lnk
[2014/05/28 23:18:18 | 000,088,140 | ---- | M] () -- C:\Users\Hana Hašková\Documents\Jahody.jpg
[4 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/06/25 22:17:50 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/06/23 10:03:56 | 001,342,659 | ---- | C] () -- C:\Users\Hana Hašková\Desktop\AdwCleaner.exe
[2014/06/22 04:16:05 | 000,001,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/06/22 04:16:05 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/21 17:50:08 | 000,002,207 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/06/21 17:49:37 | 000,000,970 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/21 17:49:36 | 000,000,966 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/17 09:04:38 | 000,108,544 | ---- | C] () -- C:\WINDOWS\SysWow64\installd.exe
[2014/06/17 09:04:16 | 000,108,544 | ---- | C] () -- C:\WINDOWS\SysWow64\hfnapi.dll
[2014/06/17 09:04:06 | 000,246,784 | ---- | C] () -- C:\WINDOWS\SysWow64\hfpapi.dll
[2014/06/10 10:56:33 | 000,000,375 | ---- | C] () -- C:\Users\Hana Hašková\Desktop\Ovládací panely – zástupce.lnk
[2014/06/04 01:02:20 | 000,050,186 | ---- | C] () -- C:\Users\Hana Hašková\Documents\symboly.jpg
[2014/05/29 22:02:48 | 000,001,897 | ---- | C] () -- C:\Users\Hana Hašková\Desktop\FBReader.lnk
[2014/05/29 21:10:26 | 000,001,023 | ---- | C] () -- C:\Users\Hana Hašková\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KooBits 4.lnk
[2014/05/28 23:18:15 | 000,088,140 | ---- | C] () -- C:\Users\Hana Hašková\Documents\Jahody.jpg
[2014/04/29 20:49:11 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/03/21 17:12:31 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/02/18 13:35:57 | 000,218,026 | ---- | C] () -- C:\WINDOWS\hpoins19.dat
[2014/02/18 13:35:57 | 000,015,561 | ---- | C] () -- C:\WINDOWS\hpomdl19.dat
[2013/12/21 01:02:44 | 000,280,064 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/12/21 01:02:40 | 000,182,272 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/12/21 01:02:40 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/22 17:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 17:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 16:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 09:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 05:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 01:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 01:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/10/29 07:33:01 | 000,755,048 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin
[2012/10/29 07:33:01 | 000,598,780 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin
[2012/07/25 22:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012/07/25 22:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/04/06 18:31:39 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/04/06 17:22:20 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

hasmic · #14 Příspěvek od **hasmic** » 25 čer 2014 22:05

2. část:

[2013/12/01 16:23:09 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\ESET
[2014/05/29 21:10:26 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\koobits.koobits4.com
[2013/09/26 03:47:54 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\lm
[2013/10/16 12:32:52 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\WildTangent
[2014/04/16 18:35:40 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\Xi

========== Purity Check ==========

========== Custom Scans ==========

< >
[2013/08/22 16:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013/12/22 14:16:05 | 000,000,702 | ---- | C] () -- C:\WINDOWS\Tasks\McAfee Cleanup.job
[2014/06/21 17:49:36 | 000,000,966 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2014/06/21 17:49:37 | 000,000,970 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2014/05/01 02:37:10 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\drivers\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_1758c63a7f3ec2bf\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\AGP440.sys

< MD5 for: ATAPI.SYS >
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2014/05/01 02:39:05 | 000,028,249 | ---- | M] () MD5=0CBDE27FB26761852F7B22AFB8C51ACB -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2014/02/22 13:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014/02/22 13:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014/02/22 14:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\WINDOWS\SysNative\autochk.exe
[2014/02/22 14:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe
[2014/05/01 03:17:01 | 000,023,596 | ---- | M] () MD5=83A4C9BE342BC296EC09492FF7594F13 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_7693b1d0dd5ab82d\autochk.exe

< MD5 for: CDROM.SYS >
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2013/08/22 12:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\WINDOWS\SysNative\cryptsvc.dll
[2013/08/22 12:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.16384_none_66bdf96f6ec6545d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2014/03/04 13:16:50 | 002,088,160 | ---- | M] (Microsoft Corporation) MD5=119E091B5386379BC5AA598BE9440C75 -- C:\Windows\SysWOW64\explorer.exe
[2014/03/04 13:16:50 | 002,088,160 | ---- | M] (Microsoft Corporation) MD5=119E091B5386379BC5AA598BE9440C75 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2014/05/01 03:07:56 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2014/05/01 03:07:52 | 000,238,918 | ---- | M] () MD5=5177BB4FECDDB9CDBCF10EF65916968D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2014/05/01 02:45:44 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014/03/04 14:25:49 | 002,373,784 | ---- | M] (Microsoft Corporation) MD5=81394C91B7B5A7C799E249AE82491F13 -- C:\Windows\explorer.exe
[2014/03/04 14:25:49 | 002,373,784 | ---- | M] (Microsoft Corporation) MD5=81394C91B7B5A7C799E249AE82491F13 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2014/05/01 02:45:41 | 000,283,735 | ---- | M] () MD5=FA98C5D746E7C9E0912E88AC44FF9926 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe

< MD5 for: HAL.DLL >
[2014/02/22 17:44:06 | 000,424,280 | ---- | M] (Microsoft Corporation) MD5=4DFCE03EEB1BA325B8077A626B2F25F0 -- C:\WINDOWS\SysNative\hal.dll
[2014/02/22 17:44:06 | 000,424,280 | ---- | M] (Microsoft Corporation) MD5=4DFCE03EEB1BA325B8077A626B2F25F0 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll
[2014/03/31 22:56:01 | 000,014,096 | ---- | M] () MD5=64D2873F32BB723BFFF3F8895032AA35 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16408_none_9c41d51d2d5cc0c4\hal.dll
[2014/05/01 02:46:37 | 000,066,843 | ---- | M] () MD5=D714202F057A317C8E31776EBEA0AEA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16500_none_9c39d4b32d63f333\hal.dll

< MD5 for: IASTORV.SYS >
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2014/05/01 02:37:11 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\drivers\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_1758c63a7f3ec2bf\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\isapnp.sys

< MD5 for: LSASS.EXE >
[2013/08/22 15:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\WINDOWS\SysNative\lsass.exe
[2013/08/22 15:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16408_none_2e8484166600f08e\lsass.exe

< MD5 for: NDIS.SYS >
[2014/02/18 15:18:59 | 000,046,734 | ---- | M] () MD5=68A9BA38BB275850F91165D1C1FCA8DA -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16408_none_4a6e60adfbbe952c\ndis.sys
[2014/05/01 02:52:51 | 000,140,607 | ---- | M] () MD5=7B886741BDAE33AC4F116DF991D1E3CB -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16475_none_4a1fb05bfbfa0cbe\ndis.sys
[2014/02/22 17:40:03 | 001,118,552 | ---- | M] (Microsoft Corporation) MD5=F21B77B4D74092A543807D3CEB711A88 -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2014/02/22 17:40:03 | 001,118,552 | ---- | M] (Microsoft Corporation) MD5=F21B77B4D74092A543807D3CEB711A88 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17031_none_4a46d083fbdd5ca3\ndis.sys

< MD5 for: NETLOGON.DLL >
[2014/03/06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) MD5=2468C21E34C49E4735B4BA430D448E91 -- C:\WINDOWS\SysNative\netlogon.dll
[2014/03/06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) MD5=2468C21E34C49E4735B4BA430D448E91 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_ee9e39a60bd3552e\netlogon.dll
[2014/05/01 03:12:38 | 000,058,552 | ---- | M] () MD5=35048C9600694C3BF01D644D1AAE62BE -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2014/03/06 08:29:17 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=582918F96C2B7E1E3AE17D08DB6DAC41 -- C:\Windows\SysWOW64\netlogon.dll
[2014/03/06 08:29:17 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=582918F96C2B7E1E3AE17D08DB6DAC41 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_f8f2e3f840341729\netlogon.dll
[2014/05/01 02:56:40 | 000,108,975 | ---- | M] () MD5=D817ED82C2A0E1CED9B396826F52F7CB -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll

< MD5 for: NVRAID.SYS >
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\drivers\nvraid.sys
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys

< MD5 for: SCECLI.DLL >
[2013/08/22 04:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\SysWOW64\scecli.dll
[2013/08/22 04:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2013/08/22 11:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\WINDOWS\SysNative\scecli.dll
[2013/08/22 11:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll

< MD5 for: SMSS.EXE >
[2014/05/01 02:58:19 | 000,019,120 | ---- | M] () MD5=5FBA1F5F9AA1E09595F015118AE83A36 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.16384_none_6f1f364dbcc273d3\smss.exe
[2014/02/22 17:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\WINDOWS\SysNative\smss.exe
[2014/02/22 17:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.17031_none_6f522891bc9cbe45\smss.exe

< MD5 for: SVCHOST.EXE >
[2013/08/22 07:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\SysWOW64\svchost.exe
[2013/08/22 07:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2013/08/22 14:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\WINDOWS\SysNative\svchost.exe
[2013/08/22 14:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe

< MD5 for: TCPIP.SYS >
[2014/02/18 15:20:13 | 000,210,441 | ---- | M] () MD5=01941724D120729E2B680B22F05D4123 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16423_none_a41c53813a2d8394\tcpip.sys
[2014/03/31 23:01:06 | 000,271,861 | ---- | M] () MD5=2102610D6FD1D928A3D7155077A78B82 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16456_none_a3fee49b3a43236c\tcpip.sys
[2014/05/01 03:00:16 | 000,481,295 | ---- | M] () MD5=2F83A7537A9B8CF98E6B4710A3E3D381 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16521_none_a41a54d33a2f4e0d\tcpip.sys
[2014/04/03 09:59:18 | 002,518,872 | ---- | M] (Microsoft Corporation) MD5=4B666AE119D2ADBAC816BEA7DB4D6881 -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2014/04/03 09:59:18 | 002,518,872 | ---- | M] (Microsoft Corporation) MD5=4B666AE119D2ADBAC816BEA7DB4D6881 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17088_none_a3e0570b3a59cef2\tcpip.sys
[2014/06/14 19:51:41 | 000,169,715 | ---- | M] () MD5=CAE57515958601B06673312E039328B2 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17085_none_a3dd562d3a5c82ed\tcpip.sys
[2014/06/14 19:51:37 | 000,231,862 | ---- | M] () MD5=DC0CC6B2E43738CBF51E96EA3AB7A223 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17039_none_a41766f13a305c94\tcpip.sys

< MD5 for: USERINIT.EXE >
[2013/08/22 12:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\WINDOWS\SysNative\userinit.exe
[2013/08/22 12:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2013/08/22 04:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\SysWOW64\userinit.exe
[2013/08/22 04:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe

< MD5 for: WINLOGON.EXE >
[2014/02/22 11:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\WINDOWS\SysNative\winlogon.exe
[2014/02/22 11:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2014/05/01 03:02:57 | 000,089,459 | ---- | M] () MD5=E40DC8DF924E02F04F3620DBAC1ACE31 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe

< MD5 for: WS2_32.DLL >
[2013/08/22 07:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\SysWOW64\ws2_32.dll
[2013/08/22 07:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_87577549e9ef9b02\ws2_32.dll
[2013/08/22 15:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\WINDOWS\SysNative\ws2_32.dll
[2013/08/22 15:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_e37610cda24d0c38\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[8 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[77 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/05/29 21:09:44 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\Adobe
[2013/11/12 00:19:36 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\CyberLink
[2013/12/01 16:23:09 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\ESET
[2014/02/18 14:30:22 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\HP
[2014/02/25 14:45:16 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\HpUpdate
[2014/01/01 16:40:55 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\Identities
[2014/05/29 21:10:26 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\koobits.koobits4.com
[2013/09/26 03:47:54 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\lm
[2013/11/28 13:20:50 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\Macromedia
[2014/01/01 16:24:18 | 000,000,000 | --SD | M] -- C:\Users\Hana Hašková\AppData\Roaming\Microsoft
[2014/06/22 04:16:20 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\Mozilla
[2014/05/17 09:40:22 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\Skype
[2013/10/16 12:32:52 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\WildTangent
[2013/12/08 15:30:39 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\WinRAR
[2014/04/16 18:35:40 | 000,000,000 | ---D | M] -- C:\Users\Hana Hašková\AppData\Roaming\Xi

< %APPDATA%\*.exe /s >
[2012/05/22 03:34:34 | 000,571,040 | ---- | M] (WildTangent, Inc.) -- C:\Users\Hana Hašková\AppData\Roaming\WildTangent\WildTangent Games\App\Update\Updater.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014/06/23 19:14:52 | 000,000,018 | ---- | M] () -- C:\WINDOWS\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/06/25 22:17:50 | 000,000,512 | ---- | M] () MD5=AA5A2CECED9AC0E66404FBAC294E988E -- C:\PhysicalMBR.bin
[4 C:\*.tmp files -> C:\*.tmp -> ]

< >

< *crack* /s >
[2014/01/02 17:55:40 | 000,023,487 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe\Assets\Episode1\Data\Scenes\Canyon\WallCrackZoom.xml
[2014/01/02 17:55:40 | 000,079,559 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe\Assets\Episode2\Data\Scenes\CrackedWall\CrackedWall.xml
[2014/01/02 17:55:40 | 000,005,094 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe\Assets\Episode3\Data\Scenes\StoneCocoonChamber\FloorCrackZoom.xml
[2014/04/30 12:35:54 | 004,498,732 | ---- | M] () -- \Users\Hana Hašková\Music\Punk-O-Rama - Vol 1\Punk-O-Rama - Vol 1 - 13 - Wayne Kramer - Crack in the Universe.mp3
[2006/09/30 13:27:57 | 002,879,488 | ---- | M] () -- \Users\Hana Hašková\Music\Ramones 9 Albums\8 MONDO BIZARRO\02 -Cabbies On Crack.mp3

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2012/08/24 07:24:56 | 001,592,464 | ---- | M] () -- \Program Files (x86)\Acer\Acer Cloud\BT\Win32\SmBIOSWmiLoader.dll
[2012/08/24 07:24:58 | 002,168,976 | ---- | M] () -- \Program Files (x86)\Acer\Acer Cloud\BT\x64\SmBIOSWmiLoader.dll
[2012/08/08 11:27:00 | 000,010,776 | ---- | M] () -- \Program Files (x86)\Acer\clear.fi SDK21\Movie\mm\MediaCtrl\ImageLoader.kc
[2012/08/08 11:27:03 | 000,003,505 | ---- | M] () -- \Program Files (x86)\Acer\clear.fi SDK21\Movie\widget\langloader.kc
[2012/08/08 11:27:03 | 000,012,808 | ---- | M] () -- \Program Files (x86)\Acer\clear.fi SDK21\Movie\widget\layoutloader.kc
[2012/07/25 05:52:09 | 000,126,064 | ---- | M] () -- \Program Files (x86)\Acer\clear.fi SDK21\Video\koan\pyloader.dll
[2007/10/12 17:19:58 | 000,052,232 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\8.0\AddinLoader.dll
[2007/10/12 17:20:18 | 000,129,024 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\8.0\VSTOLoader.dll
[2007/10/12 17:20:14 | 000,017,416 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\8.0\1033\VSTOLoaderUI.dll
[2008/07/30 00:23:46 | 000,211,456 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\9.0\VSTOLoader.dll
[2008/06/17 19:39:56 | 000,018,952 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\9.0\1033\VSTOLoaderUI.dll
[2012/07/04 19:58:08 | 000,126,064 | ---- | M] () -- \Program Files (x86)\CyberLink\MediaEspresso\Koan\pyloader.dll
[2012/07/04 19:58:14 | 000,018,123 | ---- | M] () -- \Program Files (x86)\CyberLink\MediaEspresso\subsys\DataCenter\ImageLoader.kc
[2011/04/29 13:27:44 | 000,145,082 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\HelpViewer\Resources\Loader.gif
[2010/06/02 00:29:14 | 000,367,872 | ---- | M] () -- \Program Files (x86)\NTI\NTI Media Maker 9\LauncherLoader.exe
[2012/05/04 04:38:36 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012/05/04 04:39:16 | 000,063,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012/05/21 14:03:06 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012/05/21 14:03:06 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2008/02/25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2012/05/21 23:56:04 | 000,002,196 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\GamePlay_Loader.html
[2012/05/21 23:56:04 | 000,009,085 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Scripts\gameplay_loader.js
[2010/11/03 23:17:00 | 000,002,355 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Skins\default\gameplay_loader.css
[2012/07/29 19:51:22 | 000,003,282 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_01.scale-100.png
[2012/07/29 19:51:22 | 000,003,471 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_01.scale-140.png
[2014/01/02 18:21:59 | 000,001,754 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_01.scale-180.png
[2012/07/29 19:51:22 | 000,003,303 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_02.scale-100.png
[2012/07/29 19:51:22 | 000,003,447 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_02.scale-140.png
[2014/01/02 18:21:59 | 000,001,752 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_02.scale-180.png
[2012/07/29 19:51:22 | 000,003,290 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_03.scale-100.png
[2012/07/29 19:51:22 | 000,003,450 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_03.scale-140.png
[2014/01/02 18:21:59 | 000,001,745 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_03.scale-180.png
[2012/07/29 19:51:22 | 000,003,307 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_04.scale-100.png
[2012/07/29 19:51:22 | 000,003,478 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_04.scale-140.png
[2014/01/02 18:21:59 | 000,001,752 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_04.scale-180.png
[2012/07/29 19:51:22 | 000,003,272 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_05.scale-100.png
[2012/07/29 19:51:22 | 000,003,456 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_05.scale-140.png
[2014/01/02 18:21:59 | 000,001,752 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_05.scale-180.png
[2012/07/29 19:51:22 | 000,003,303 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_06.scale-100.png
[2012/07/29 19:51:22 | 000,003,458 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_06.scale-140.png
[2014/01/02 18:21:59 | 000,001,754 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_06.scale-180.png
[2012/07/29 19:51:22 | 000,003,286 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_07.scale-100.png
[2012/07/29 19:51:22 | 000,003,469 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_07.scale-140.png
[2014/01/02 18:21:59 | 000,001,766 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_07.scale-180.png
[2012/07/29 19:51:22 | 000,003,298 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_08.scale-100.png
[2012/07/29 19:51:22 | 000,003,456 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_08.scale-140.png
[2014/01/02 18:21:59 | 000,001,745 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3001_neutral__48frkmn4z8aw4\Data\UISource\loader_08.scale-180.png
[2014/01/02 18:12:29 | 000,001,849 | ---- | M] () -- \Program Files\WindowsApps\esobiIncorporated.newsXpressoMetro_2.0.2.208_neutral__sngswjb5h6fyg\Assets\Web\lib\galleria\classic-loader.gif
[2014/01/02 17:47:53 | 000,001,849 | ---- | M] () -- \Program Files\WindowsApps\Evernote.Skitch_2.4.2000.1918_neutral__q4d96b2w5wcc2\app\win\map\images\ajax-loader_rev.gif
[2014/01/02 17:47:55 | 000,001,748 | ---- | M] () -- \Program Files\WindowsApps\Evernote.Skitch_2.4.2000.1918_neutral__q4d96b2w5wcc2\lib\require\deploader.js
[2014/02/18 04:22:05 | 000,000,856 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.258_x64__8wekyb3d8bbwe\js\HtmlFileLoader.js
[2014/03/11 05:06:28 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.3.1403.3117_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2014/03/11 05:06:28 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.3.1403.3117_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2014/01/02 17:13:16 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.3.1403.3117_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2014/01/02 17:13:16 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.3.1403.3117_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2014/01/02 17:18:44 | 000,001,338 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.3.1403.3117_x86__8wekyb3d8bbwe\LoaderPage.xbf
[2014/01/02 17:18:46 | 000,011,943 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.3.1403.3117_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\PreloaderPage.xbf
[2014/01/02 17:18:46 | 000,002,178 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.3.1403.3117_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\StandartPreloaderControl.xbf
[2014/01/02 17:24:16 | 000,001,290 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.3.1406.1149_x86__8wekyb3d8bbwe\ApplicationLoader.xbf
[2014/03/11 05:06:28 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.3.1406.1149_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2014/03/11 05:06:28 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.3.1406.1149_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2014/01/02 17:13:16 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.3.1406.1149_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2014/01/02 17:13:16 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.3.1406.1149_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2014/01/02 17:31:20 | 000,004,686 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.3.1406.1149_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\PreloaderControl.xbf
[2014/03/11 05:06:28 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.1.1405.2329_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2014/03/11 05:06:28 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.1.1405.2329_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2014/01/02 17:13:16 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.1.1405.2329_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2014/01/02 17:13:16 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.1.1405.2329_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2014/05/15 18:02:44 | 000,011,287 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.1.1405.2329_x86__8wekyb3d8bbwe\Controls\PreloaderPage.xbf
[2014/05/15 18:02:44 | 000,001,262 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.1.1405.2329_x86__8wekyb3d8bbwe\Pages\LoaderPage.xbf
[2013/11/14 14:26:50 | 000,001,160 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\modernpeople\appframe\backgroundloader.js
[2013/11/14 14:26:50 | 000,004,996 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\modernshareanything\sharedataloader.js
[2013/11/14 14:26:50 | 000,002,125 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\modernsharetarget\sharemaildataloader.js
[2013/11/14 14:29:10 | 000,043,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2014/05/14 08:06:11 | 000,101,046 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_2.2.902.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/11/11 15:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013/11/11 15:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013/11/11 15:39:40 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013/11/11 15:39:40 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2013/11/11 15:39:40 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013/11/11 15:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013/11/11 15:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013/11/11 15:39:40 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013/11/11 15:39:40 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2013/11/11 15:39:40 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2014/06/19 13:06:53 | 000,002,942 | ---- | M] () -- \Users\Hana Hašková\AppData\Local\Microsoft\Windows\INetCache\Low\IE\OCN7HDK6\rmsloaderdelayed[1].js
[2008/06/17 19:39:56 | 000,205,312 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\05835BF8A6427053A8ED000690F3EF6A\9.0.21022\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2014/04/17 12:12:33 | 000,592,677 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.efi
[2014/04/17 12:12:32 | 000,536,051 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.exe
[2014/02/22 17:49:46 | 001,390,936 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.efi
[2014/02/22 17:49:46 | 001,263,960 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.exe
[2014/03/04 14:26:22 | 001,390,936 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.efi
[2014/03/04 14:26:22 | 001,263,960 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.exe
[2013/08/22 13:21:30 | 000,046,592 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_36b27bfc6399d5ce\dmloader.dll
[2013/08/22 15:25:37 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:37 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:36 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 13:45:31 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 13:45:33 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 13:45:35 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 13:45:30 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 13:45:40 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 13:45:44 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-1.dll
[2014/04/29 21:22:22 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb.manifest
[2014/05/01 03:25:32 | 000,009,588 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winload.efi.mui_35ee487d
[2014/05/01 03:25:32 | 000,009,604 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winload.exe.mui_3bc5b827
[2014/05/01 03:25:32 | 000,007,885 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winresume.efi.mui_f412814e
[2014/05/01 03:25:32 | 000,007,900 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winresume.exe.mui_ff8b5358
[2014/04/29 21:23:03 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e.manifest
[2014/05/01 03:25:36 | 000,724,144 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e_winload.efi_75834aa0
[2014/05/01 03:25:37 | 000,660,345 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e_winload.exe_75835076
[2014/05/01 03:25:38 | 000,646,217 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e_winresume.efi_85cd069f
[2014/05/01 03:25:39 | 000,586,798 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e_winresume.exe_85cd1215
[2013/08/22 17:34:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2013/11/14 14:22:40 | 000,000,463 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089.manifest
[2014/04/15 06:23:20 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb.manifest
[2013/08/22 17:22:38 | 000,000,542 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc.manifest
[2013/11/14 14:38:28 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16411_none_4c2dcab94067d447.manifest
[2013/11/14 14:50:45 | 000,000,546 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16415_none_4c31cbe1406439a3.manifest
[2014/01/03 11:23:39 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62.manifest
[2014/04/15 06:23:23 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e.manifest
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_da93e078ab3c6498\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-1.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2013/08/03 06:41:46 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/01/01 16:03:01 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/01/01 16:03:02 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012/09/15 06:18:02 | 000,004,185 | ---- | M] () -- \ProgramData\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2012/09/15 06:18:02 | 000,004,185 | ---- | M] () -- \Users\All Users\HP\LGT\Data\Models\Images\identifying_serial.jpg
[2014/06/24 08:15:20 | 000,000,716 | ---- | M] () -- \Users\Hana Hašková\AppData\Roaming\Microsoft\Windows\Recent\serial.lnk
[2014/02/27 01:00:00 | 000,000,043 | ---- | M] () -- \Users\Hana Hašková\Desktop\Cyklotrasy\serial.txt
[2014/04/30 14:52:20 | 009,742,658 | ---- | M] () -- \Users\Hana Hašková\Music\The Exploited (1996) - Beat The Bastards\13 Serial Killer.mp3
[2014/04/30 20:02:04 | 009,744,344 | ---- | M] () -- \Users\Hana Hašková\Music\The exploited- discography\The exploited -1996- beat the bastards\13. Serial Killer.mp3
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/17 02:06:31 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014/01/01 16:03:02 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014/01/01 16:03:02 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/05/01 02:35:51 | 002,804,736 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\183eaaded316165bfbd32a991e4e8c8a\System.Runtime.Serialization.ni.dll
[2014/05/01 02:35:51 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\183eaaded316165bfbd32a991e4e8c8a\System.Runtime.Serialization.ni.dll.aux
[2014/05/01 02:32:19 | 003,530,752 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\209aa0718fe1f200de5ea360d5d4de25\System.Runtime.Serialization.ni.dll
[2014/05/01 02:32:19 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\209aa0718fe1f200de5ea360d5d4de25\System.Runtime.Serialization.ni.dll.aux
[2013/08/22 17:32:39 | 000,001,032 | ---- | M] () -- \Windows\Inf\c_multiportserial.inf
[2013/11/14 14:23:26 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013/11/14 14:23:26 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:55:16 | 001,060,528 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2013/08/17 02:06:31 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/01/01 16:03:03 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/08/10 02:55:16 | 001,060,528 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013/11/14 14:23:26 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/11/14 14:23:26 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2013/08/17 02:06:27 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014/01/01 16:03:03 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/08/10 02:41:27 | 001,060,528 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013/08/10 02:41:27 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:41:27 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/08/10 02:41:28 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/08/10 02:41:28 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:42:08 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013/08/10 02:42:08 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013/11/14 14:23:25 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/11/14 14:23:26 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2013/08/22 23:12:22 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.cat
[2013/08/22 22:40:12 | 000,000,781 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.mum
[2013/08/22 14:55:01 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013/08/22 08:47:48 | 000,000,511 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.mum
[2013/08/22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\System32\serialui.dll
[2013/08/22 23:12:22 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.cat
[2013/08/22 14:55:01 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013/11/14 14:23:17 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2013/11/14 14:23:10 | 000,000,232 | ---- | M] () -- \Windows\System32\DriverStore\en-US\c_multiportserial.inf_loc
[2013/08/22 08:57:38 | 000,001,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.inf
[2014/01/01 16:12:43 | 000,004,224 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.PNF
[2013/08/22 13:40:08 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_1be60ad3a61e5531\serial.sys
[2013/08/22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2013/11/14 14:23:17 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2013/11/14 14:23:10 | 000,000,232 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb\c_multiportserial.inf_loc
[2013/08/22 08:57:38 | 000,001,032 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff\c_multiportserial.inf
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_b0eacafe7f4d1992\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/11/14 14:23:17 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_3f29419cb7a1caf0\serialui.dll.mui
[2013/08/22 13:13:54 | 000,017,920 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_e5c00198f2a1c32d\serialui.dll
[2014/01/01 16:03:02 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_4e32729c2675dfcf\System.RunTime.Serialization.Resources.dll
[2013/11/14 14:23:10 | 000,009,728 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_b574829120336a99\serial.sys.mui
[2013/08/22 13:40:08 | 000,083,456 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf_31bf3856ad364e35_6.3.9600.16384_none_e95610bc8c554aa7\serial.sys
[2013/11/14 14:23:26 | 000,113,864 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..alization.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_1da5c476c59b0e5b\System.RunTime.Serialization.resources.dll
[2013/08/10 02:41:27 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_f73c7de0bb1de286\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:41:28 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..lization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_64635c6af076b012\System.Runtime.Serialization.Primitives.dll
[2013/11/14 14:23:25 | 000,027,920 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ters.soap.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_65f374ee29342685\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 02:41:27 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288\System.Runtime.Serialization.Json.dll
[2013/08/10 02:41:28 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:41:27 | 001,060,528 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba\System.Runtime.Serialization.dll
[2013/08/10 02:42:08 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399\System.Xml.Serialization.dll
[2013/08/10 02:42:08 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c\System.Xml.XmlSerializer.dll
[2013/08/17 02:06:27 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_f057a9271ce694b1\System.Runtime.Serialization.Formatters.Soap.dll
[2014/01/01 16:03:03 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7\System.Runtime.Serialization.dll
[2014/01/01 16:03:01 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060\System.Runtime.Serialization.dll
[2013/11/14 14:22:01 | 000,000,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.3.9600.16384_cs-cz_c3036df581d2c4e4.manifest
[2013/11/14 14:22:15 | 000,000,249 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb.manifest
[2013/08/22 17:20:14 | 000,000,210 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff.manifest
[2013/08/22 15:25:34 | 000,000,297 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.3.9600.16384_none_0273ed2980a1f589.manifest
[2013/08/22 17:22:11 | 000,001,512 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-serial-classextension_31bf3856ad364e35_6.3.9600.16384_none_26d3123b2d2a9360.manifest
[2013/08/22 17:22:07 | 000,000,110 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.3.9600.16384_none_1d7b32f2da6cfe0c.manifest
[2013/08/22 17:24:27 | 000,000,402 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288.manifest
[2013/08/22 17:24:29 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5.manifest
[2013/08/22 17:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba.manifest
[2013/08/22 17:24:28 | 000,000,397 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399.manifest
[2013/08/22 17:24:27 | 000,000,403 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c.manifest
[2013/08/22 17:24:13 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7.manifest
[2013/08/22 17:24:13 | 000,000,416 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060.manifest
[2013/08/22 17:24:29 | 000,000,418 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245.manifest
[2013/08/22 17:24:24 | 000,000,430 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d.manifest
[2013/08/22 17:24:13 | 000,000,400 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1.manifest
[2013/11/14 14:22:50 | 000,000,448 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_cs-cz_25789e4d6d93f144.manifest
[2013/11/14 14:22:49 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_cs-cz_7adb458f8b8eae0b.manifest
[2013/08/22 17:24:24 | 000,000,419 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4.manifest
[2013/08/22 17:24:27 | 000,000,471 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d.manifest
[2013/08/22 17:24:13 | 000,000,422 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24.manifest
[2013/08/22 17:24:28 | 000,000,447 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202.manifest
[2013/08/22 17:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755.manifest
[2013/08/22 17:24:56 | 000,000,411 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966.manifest
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_0dbd81c1c9e100df\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/17 02:06:31 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_63202903e7dbbda6\System.Runtime.Serialization.Formatters.Soap.dll
[2013/11/14 14:23:26 | 000,027,920 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_c6e6982dc37909d8\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.16384_cs-cz_1c493f6fe173c69f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d\System.Runtime.Serialization.Primitives.dll
[2014/01/01 16:03:03 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1\System.Runtime.Serialization.dll
[2013/11/14 14:23:26 | 000,113,864 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_cs-cz_25789e4d6d93f144\System.RunTime.Serialization.resources.dll
[2014/01/01 16:03:02 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_cs-cz_7adb458f8b8eae0b\System.RunTime.Serialization.Resources.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:55:16 | 001,060,528 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d\System.Runtime.Serialization.dll
[2014/01/01 16:03:02 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24\System.Runtime.Serialization.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755\System.Xml.XmlSerializer.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_54cc2f7ac6efa85c\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/11/14 14:23:17 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_e30aa618ff4459ba\serialui.dll.mui
[2013/08/22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_89a166153a4451f7\serialui.dll
[2013/08/03 06:41:46 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

hasmic · #15 Příspěvek od **hasmic** » 25 čer 2014 22:06

A tu je Extras:

OTL Extras logfile created on: 25. 6. 2014 22:15:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hana Hašková\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

3,82 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 29,20% Memory free
5,01 Gb Paging File | 1,52 Gb Available in Paging File | 30,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 681,85 Gb Total Space | 430,26 Gb Free Space | 63,10% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Hana Hašková | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2310395481-1935701993-3987270-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10D1C0AD-450C-4597-8098-4E9E6BF67096}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2689212F-13ED-4C65-A23B-CA5209DDAA34}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48EABFF0-5D13-419D-9770-FE263270FB91}" = lport=2869 | protocol=6 | dir=in | app=system |
"{514BFF2B-07B1-49AA-AF2C-457B72B482F2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6767C684-4347-48FA-A19E-47748DA3D2E3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6924586E-C0F3-4B72-BE21-E45D7C587F76}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7351F782-6C48-4CA7-AAF1-3C2C01A6A083}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B4360EE2-ED0D-4C79-8E26-E8393668CFFB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FDC5C31B-91A5-4031-B280-F4A93CCB0C08}" = lport=10243 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01EBBF6D-149B-4895-A41E-C758C578FE73}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0314973B-1A3B-4F5A-A45A-919579D43449}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{05372098-993E-4392-A2BF-B59B58647AEC}" = dir=out | name=skitch touch |
"{064CC009-3FF8-4C9F-85A8-2F54FA038C05}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{09029546-14E2-47C9-AC7C-CF93E7ED90E4}" = dir=out | name=windows_ie_ac_001 |
"{0AA4D763-7865-4ACC-AA86-AE9E3DB03C06}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{0E90E9B7-848F-47FF-8052-D3FA2D568C92}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{10446562-0CDF-4C79-B338-444C78DD3E1E}" = dir=out | name=pinball fx2 |
"{11089751-B296-4325-BBA1-A1287CF4B388}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{11E27EF0-4F0D-49A3-A653-AD79F6289ADF}" = dir=out | name=wordament |
"{11FBDE60-1E19-4314-B952-49937B8BF436}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{12BACF96-FA20-4236-8112-F7AFA33AFA2B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{191A951B-D83F-4E27-AAA3-1560F5BC3BD3}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{19222D05-6DC4-4E1C-8693-6BC02B156C6F}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{1A6B0B7F-609D-4D79-AE23-C2DDDB0E66A4}" = dir=out | name=@{microsoft.zunevideo_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{1AF6D14A-E07D-4382-9F35-8DB58190E669}" = dir=out | name=acer crystal eye |
"{1B57967D-35D1-4AEC-A381-A40063CD26C7}" = dir=in | name=pinball fx2 |
"{21DA7E2A-4C6A-4562-A6A1-4C76E7456978}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{240F07C1-F60D-4F33-B156-270A97B75C4E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{258DCD52-F2D2-4ABC-B7A1-BB632F784E94}" = dir=in | name=skype |
"{25E37011-1138-4535-92C7-9EDED4DA420C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{27C639D6-48D8-4244-A67D-AD74E2B7940C}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{27E66A62-8EE9-4985-8960-F36EF49AC615}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{2C60A607-7669-4F06-B47A-519FDE065CD2}" = protocol=6 | dir=in | app=c:\users\hana hašková\desktop\nová složka (3)\netxfer\nettransport.exe |
"{31A1035A-3FCE-4603-87C0-275FAF5FE75C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{324E5EE2-922E-4D2A-B4F1-4287005C13E0}" = dir=out | name=7digital music store |
"{325C51F0-76B0-4E6F-9DB3-749DD881CFE7}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{338A0D27-F6CC-4370-896C-185205B4CBB1}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\ischedulesvc.exe |
"{34EF9307-3D9B-4CE3-9E30-5E8C98E5181E}" = dir=out | name=evernote touch |
"{35775E4F-7EF4-494E-A917-A85D362AD0B2}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{39BE001A-4241-49CF-9B05-C5897138807C}" = dir=out | name=windows_ie_ac_001 |
"{39C2FA7E-AF5C-41EA-BE03-F1C71AEAFE86}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{3A312ED6-0800-4BF0-B390-6CED34CECE2D}" = dir=out | name=shark dash |
"{3CCE9F8C-2F49-45FF-89BD-229225116DE4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{454FAB02-035F-4C88-9113-E4C26AAC89F8}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{4571E0BE-14C0-4984-AD36-F9C2A016CC91}" = dir=out | name=cut the rope |
"{4591251E-72BE-4709-8539-E0709A848563}" = dir=in | name=microsoft solitaire collection |
"{46963201-1971-4FD1-85F6-E0FDECC9B90B}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{475D30BC-5D58-4F03-81A1-300E94CDF22A}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\videoplayer.exe |
"{47C5A562-8FBE-4C3C-803C-E41A3E6C8395}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{480DAABE-179D-4107-B6B4-927592944FCB}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{52C28AE9-5A35-4B2F-A449-F6C4E2F0AE40}" = dir=in | name=newsxpresso |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5B7EBD36-E81D-4FD4-8D0A-0FDC0BB580E3}" = dir=in | name=evernote touch |
"{5C5B4971-DEF3-4205-B257-CB654F8EB0B0}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{5E43E175-4160-4B2B-BCE0-575B02EB96BC}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{5E7FF3AF-5E66-4D0F-855D-8172E06C984C}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\movie\playmovie.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{5FE15C47-B204-44DC-B583-054F723D1BFB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{6113CEB3-E2D9-4B83-B7E7-BC8B71A33C7C}" = dir=out | name=windows_ie_ac_001 |
"{612E0719-C9CD-4612-92AE-9AEE088FE017}" = protocol=6 | dir=out | app=system |
"{640C7EB3-F0D1-4DF6-8898-D00658928151}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{6637D14D-7E2D-453D-B6E2-7F72027DFD82}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6835A236-7550-4A88-AF81-36F879C8029B}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{69EFD110-2306-4D6C-B2CB-7AA53442508C}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{6B635AF5-43C8-4D50-96F3-F67B989E5663}" = protocol=6 | dir=in | app=c:\users\hana hašková\desktop\nová složka (3)\netxfer\ftptransport.exe |
"{6BF82F8F-FE91-4727-8FAF-2B94F4FFC2DE}" = dir=out | name=@{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{6D600D7C-AD85-43EA-BB4B-616BD538044F}" = dir=out | name=@{microsoft.bingnews_3.0.2.261_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{715B9689-0F14-4CC0-8EFD-1ED8F57CCDFB}" = dir=out | name=f5 vpn |
"{72961425-0F01-4E00-8A92-2F5E0E496284}" = dir=out | name=weatherbug |
"{735B5AFA-A6C5-4A90-A1EE-A68C7BDAFB06}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{767BD810-ABBB-4E19-8951-37C1ED06AA08}" = dir=in | name=microsoft mahjong |
"{78E4D982-678B-455B-9DBB-485556DFF290}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{7AF8E5D6-ECBF-4CE1-9B76-0C578EB25245}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{7BFBD58E-E335-4060-A8D7-2E76EE584906}" = dir=out | name=@{microsoft.bingweather_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{7CAF9B21-92D4-4150-8A36-6AFCCFE0776D}" = dir=in | name=f5 vpn |
"{7E294BE0-81DA-4CAC-A915-54A4B4D3A96A}" = protocol=17 | dir=in | app=c:\users\hana hašková\desktop\nová složka (3)\netxfer\x86\nettransport.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8245C4E2-6B9A-4C04-B6C9-4106BE43773E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{83A102AA-51A2-4168-93A2-C0B6048F73B6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8681E506-4E60-474E-B21E-7061DF1C987A}" = dir=out | name=tunein radio |
"{86A9818B-B2E8-4F6B-A33C-8B31152A8B4C}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{87C25E0A-38FA-416C-8673-A3FF153CFDE5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{8ACFE0E7-01A9-44C7-8C37-5CC82B347673}" = dir=out | name=@{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{8AE7C6BD-1DDA-48DD-B2FC-E9F4C5E5B850}" = dir=out | name=check point vpn |
"{8C220C93-6D7D-481D-9A1E-3CB26584C853}" = dir=in | name=juniper networks junos pulse |
"{8D66B82D-B36B-4F8C-9F0C-82AFCEBCB9F3}" = protocol=6 | dir=in | app=c:\users\hana hašková\desktop\nová složka (3)\netxfer\x86\nettransport.exe |
"{9065C1E9-4CF6-4278-A23E-3095A70F24BE}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\fileexplorer.exe |
"{913D08C3-6997-4388-9B22-47267A920B35}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{939943EE-F9BE-4599-AC5A-0426184EFB11}" = protocol=17 | dir=in | app=c:\users\hana hašková\desktop\nová složka (3)\netxfer\nettransport.exe |
"{96132463-8714-444F-867A-B7DD3B273E4C}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\musicplayer.exe |
"{98315D6F-149A-4305-A708-A926C6AD58E0}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9E6A8B46-A5B9-4CEC-924F-D3DCCFF8450C}" = dir=in | name=acer explorer |
"{9EBFAA72-A4A9-4941-9E5B-208FF7D61C82}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{9FCCD165-9CBF-480A-BDEF-44FCACFF3220}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{A0E8D293-3891-4249-940A-B8068C211CD0}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{A1315068-25FB-4CAA-95C6-05FB62E526EC}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{A176D34B-8AF2-4A57-AF07-29BFF17737DE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A2642DE2-A819-4872-AF3B-2583EC0DDBE9}" = dir=in | name=taptiles |
"{A26E1B4D-8D6A-4334-9A7D-C345E2BF6EA8}" = dir=out | name=@{microsoft.zunemusic_2.2.903.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{A2C00C31-64AE-4DAD-8429-E19E21800A5D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{A2C2D531-D5DC-4011-849B-44443BAB520F}" = dir=out | name=the treasures of montezuma 3 |
"{A4D58F07-B5F8-49DE-810E-6C6952B11B9E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{A5EBEC86-DEC4-4DFE-B7B5-F3EDDAB0213D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{A6CA3E98-6197-4833-82CD-8188F63BE883}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{A6D11C8B-5A69-4A82-A32C-2B1AFB30C83D}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{A870DB4A-ADEF-422A-B2BE-4D9CC8226C00}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\backupmanager.exe |
"{A88E5A84-390C-4D94-AFA3-E67ADE62C6E8}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{AE615F2B-B5BC-4A82-9D1F-C263327A094B}" = dir=out | name=microsoft mahjong |
"{B0F8F334-C27E-4C57-ABB6-AD07507EDAA2}" = protocol=17 | dir=in | app=c:\users\hana hašková\desktop\nová složka (3)\netxfer\x86\ftptransport.exe |
"{B3620A66-83C8-4007-B566-B81635BC2B41}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\kmpprocess.exe |
"{B40C3D47-85D1-4E0F-AC29-8925AAD4580E}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B5710C85-77CA-482B-97A1-D83C25F880B6}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{BA9AACBD-D48F-4A97-AB51-72C2766AEB4D}" = dir=out | name=taptiles |
"{BD8E6C0C-DDE8-4E6B-8187-5779A78FFE47}" = dir=out | name=@{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{BEC9A802-8DEF-4FBE-8B38-2CEFA1A990C1}" = dir=in | name=check point vpn |
"{BF02B7A0-D77C-40E9-A01D-A97147FBBAD0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{C007F2D1-6DFD-45F5-B747-1E9A9DE3D7B9}" = dir=out | name=microsoft solitaire collection |
"{C0EB6019-A485-443B-8425-2DA01D367C37}" = dir=out | name=kindle |
"{C478082F-B375-4DD9-B30A-691539A076FA}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{C598D8CE-D4A9-444B-963C-ACC39CCFD586}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{C6C714EB-690A-4C96-8C83-DF68D7C8FB00}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{C92FC181-0B72-4B99-B5E4-0C928E86C728}" = dir=out | name=newsxpresso |
"{CEDAC2E6-2C3F-4AEC-B2EE-DCFDD9BBF693}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{D2255085-6DC3-4D8D-8499-FE5EC0A22E7E}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{D5297158-0096-43AC-89D2-9BF2A630238A}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{D5C8675F-0F0C-456F-A2DB-21793AE6157C}" = protocol=17 | dir=in | app=c:\users\hana hašková\desktop\nová složka (3)\netxfer\ftptransport.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D7AB9A08-3725-4565-93BD-371FAFDE90B7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DB41634E-DB6B-4B4D-B831-7A7CB13258AB}" = protocol=6 | dir=in | app=c:\users\hana hašková\desktop\nová složka (3)\netxfer\x86\ftptransport.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DBE02494-C13E-4C93-99D1-31C734D4CECE}" = dir=out | name=adera |
"{DBFE46B6-FE5C-43DD-ADBA-9EA954188A5A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DDA303DE-717D-4E6F-8CA1-95E2C534A5D2}" = dir=out | name=acer explorer |
"{DFA06DCD-5857-4CAE-A58F-730F93AA842B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{E0D4D78C-6FD5-4803-8C62-8762D7ED17DF}" = dir=out | name=sonicwall mobile connect |
"{E6EAC590-B646-4C63-ABCE-E1457F2DF3DA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E8C58D50-6B0C-4030-99CE-D1384292086E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{E959E7CA-6D4A-48C6-AFEB-DC30CA4ED7B0}" = dir=in | name=sonicwall mobile connect |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{ECC1EE65-F5EA-4CAC-9594-156F7A56ADE8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ED94A706-911D-4A03-A048-75BAAF7811CC}" = dir=out | name=social jogger |
"{F1D49AFE-D820-45AF-B3D3-EF76A8961E0B}" = dir=out | name=skype |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FA0C798A-A08D-4A3D-BFE5-84EC87B26184}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{FB4CA6FE-41B2-4C55-B13F-A29FBECFE7A2}" = dir=out | name=juniper networks junos pulse |
"{FBC00C18-F64A-4C1B-B10D-12CEA576A1AE}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{FE2288F1-4D3F-467C-B310-A249D8A52626}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}" = Acer Device Fast-lane
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{B1920A83-25A3-4DBB-B1F5-2395BD05370E}" = ESET Smart Security
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.14.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0613
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.14.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F0A7DF2F-0BE0-470F-B137-D7A19F977189}" = Broadcom Card Reader Driver Installer
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"Elantech" = ETDWare PS/2-X64 11.6.13.004_WHQL
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0919D141-CCBC-4751-997D-E022345643BE}" = 1400
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FCC073B-CC01-4443-AD20-E559F66E6E83}" = Office Addin 2003
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2DFDE21D-AFFE-4CDD-BBD4-3B7832BEC036}" = AIO_CDB_Software
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}" = clear.fi SDK- Movie 2
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A3C2391-BCE2-4D28-A336-73B953B4502F}" = 1400Trb
"{6D2BBE1D-E600-4695-BA37-0B0E605542CC}" = Office Addin
"{6FBE200D-1F00-40B7-BF48-FEB265AADE94}" = 1400_Help
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Backup Manager v4
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = AcerCloud
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = clear.fi Photo
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = AcerCloud Docs
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D5045A94-1D46-44A7-9C4F-7D05B40D82EC}" = AIO_CDB_ProductContext
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = clear.fi Media
"{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}" = clear.fi SDK - Video 2
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = KMP Service
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"FBReader for Windows" = FBReader for Windows
"Google Chrome" = Google Chrome
"inethnfd" = Network System Driver
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Acer Backup Manager
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"LManager" = Launch Manager
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Firefox 30.0 (x86 cs)" = Mozilla Firefox 30.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"RadioController" = Dritek Radio Controller
"The KMPlayer" = The KMPlayer (remove only)
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinRAR archiver" = WinRAR 5.01 (32-bit)
"WTA-0bce1745-f6f5-4b2f-932f-7ee9e0a454ba" = Agatha Christie - Death on the Nile
"WTA-1b88055f-a01b-4566-8241-3df4753a978b" = Penguins!
"WTA-1b9fc0ad-38e1-4900-868e-89d5bd5002ad" = Governor of Poker 2 Premium Edition
"WTA-3e5a527a-7a63-48c7-af66-dfc32e796fbb" = Aloha TriPeaks
"WTA-53238afc-7344-40f8-b6b7-3add7a3ca2bb" = Bejeweled 3
"WTA-696bb97c-eca7-4d12-9023-0225e94c0cce" = John Deere Drive Green
"WTA-6b12324b-fa04-493d-a22a-0916f8046c8b" = Island Tribe
"WTA-6ff8307a-7f81-4464-a518-90abc52f6aa3" = Polar Bowler
"WTA-6ffadc5e-201e-46f7-88ce-8d9327d9cd30" = Magic Academy
"WTA-7410fc0b-d261-4574-9ed0-d5a6b7d41155" = Zuma's Revenge
"WTA-75ac782f-b691-47da-86d4-1018999a9249" = Delicious: Emily's True Love Premium Edition
"WTA-9b1a825d-21a8-4a9f-afb0-1ecf23e9e2e1" = Plants vs. Zombies - Game of the Year
"WTA-d53c3e20-086f-401f-9fca-82e23b61ffb8" = Tales of Lagoona
"WTA-d562887b-508e-4d2a-a758-aa41f9689142" = Jewel Match 3

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2310395481-1935701993-3987270-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 30. 5. 2014 11:13:40 | Computer Name = PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Acer\Office
Addin 2003\PowerPointAddIn2003.dll.Manifest se nezdařilo. Chyba v souboru manifestu
nebo zásady C:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest
na řádku 4. Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint,
což tato verze systému Windows nepodporuje.

Error - 31. 5. 2014 2:42:08 | Computer Name = PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Acer\Office
Addin 2003\WordAddIn2003.dll.Manifest se nezdařilo. Chyba v souboru manifestu nebo
zásady C:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest
na řádku 4. Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint,
což tato verze systému Windows nepodporuje.

Error - 31. 5. 2014 2:42:09 | Computer Name = PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Acer\Office
Addin 2003\ExcelAddIn2003.dll.Manifest se nezdařilo. Chyba v souboru manifestu
nebo zásady C:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest
na řádku 4. Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint,
což tato verze systému Windows nepodporuje.

Error - 31. 5. 2014 2:42:09 | Computer Name = PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Acer\Office
Addin 2003\PowerPointAddIn2003.dll.Manifest se nezdařilo. Chyba v souboru manifestu
nebo zásady C:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest
na řádku 4. Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint,
což tato verze systému Windows nepodporuje.

Error - 31. 5. 2014 2:42:50 | Computer Name = PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Acer\Office
Addin 2003\WordAddIn2003.dll.Manifest se nezdařilo. Chyba v souboru manifestu nebo
zásady C:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest
na řádku 4. Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint,
což tato verze systému Windows nepodporuje.

Error - 31. 5. 2014 2:42:50 | Computer Name = PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Acer\Office
Addin 2003\ExcelAddIn2003.dll.Manifest se nezdařilo. Chyba v souboru manifestu
nebo zásady C:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest
na řádku 4. Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint,
což tato verze systému Windows nepodporuje.

Error - 31. 5. 2014 2:42:50 | Computer Name = PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Acer\Office
Addin 2003\PowerPointAddIn2003.dll.Manifest se nezdařilo. Chyba v souboru manifestu
nebo zásady C:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest
na řádku 4. Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint,
což tato verze systému Windows nepodporuje.

Error - 1. 6. 2014 1:21:17 | Computer Name = PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Acer\Office
Addin 2003\WordAddIn2003.dll.Manifest se nezdařilo. Chyba v souboru manifestu nebo
zásady C:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest
na řádku 4. Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint,
což tato verze systému Windows nepodporuje.

Error - 1. 6. 2014 1:21:17 | Computer Name = PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Acer\Office
Addin 2003\ExcelAddIn2003.dll.Manifest se nezdařilo. Chyba v souboru manifestu
nebo zásady C:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest
na řádku 4. Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint,
což tato verze systému Windows nepodporuje.

Error - 1. 6. 2014 1:21:17 | Computer Name = PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Acer\Office
Addin 2003\PowerPointAddIn2003.dll.Manifest se nezdařilo. Chyba v souboru manifestu
nebo zásady C:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest
na řádku 4. Prvek asmv2:clrClassInvocation je zřejmě podřízeným prvku urn:schemas-microsoft-com:asm.v1^entryPoint,
což tato verze systému Windows nepodporuje.

[ System Events ]
Error - 19. 6. 2014 6:12:14 | Computer Name = PC | Source = DCOM | ID = 10010
Description =

Error - 19. 6. 2014 6:12:45 | Computer Name = PC | Source = DCOM | ID = 10010
Description =

Error - 19. 6. 2014 9:22:14 | Computer Name = PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (15:10:26, ?19. ?6. ?2014) bylo neočekávané.

Error - 19. 6. 2014 9:42:46 | Computer Name = PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 20. 6. 2014 3:22:07 | Computer Name = PC | Source = DCOM | ID = 10010
Description =

Error - 20. 6. 2014 3:22:37 | Computer Name = PC | Source = DCOM | ID = 10010
Description =

Error - 20. 6. 2014 8:14:32 | Computer Name = PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 21. 6. 2014 3:47:49 | Computer Name = PC | Source = DCOM | ID = 10010
Description =

Error - 21. 6. 2014 3:48:19 | Computer Name = PC | Source = DCOM | ID = 10010
Description =

Error - 21. 6. 2014 21:37:47 | Computer Name = PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby CCDMonitorService bylo dosaženo
časového limitu (30000 ms).

< End of report >

Díky moc,

hasmic!

VIRY.CZ

Prosím o kontrolu logu - nežádoucí reklama

Prosím o kontrolu logu - nežádoucí reklama

Re: Prosím o kontrolu logu - nežádoucí reklama

Re: Prosím o kontrolu logu - nežádoucí reklama

Re: Prosím o kontrolu logu - nežádoucí reklama

Re: Prosím o kontrolu logu - nežádoucí reklama

Re: Prosím o kontrolu logu - nežádoucí reklama

Re: Prosím o kontrolu logu - nežádoucí reklama

Re: Prosím o kontrolu logu - nežádoucí reklama

Re: Prosím o kontrolu logu - nežádoucí reklama

Re: Prosím o kontrolu logu - nežádoucí reklama

Re: Prosím o kontrolu logu - nežádoucí reklama

Re: Prosím o kontrolu logu - nežádoucí reklama

Re: Prosím o kontrolu logu - nežádoucí reklama

Re: Prosím o kontrolu logu - nežádoucí reklama

Re: Prosím o kontrolu logu - nežádoucí reklama