VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

preventivna kontrola logu

https://forum.viry.cz:443/viewtopic.php?t=127469

Stránka 1 z 2

preventivna kontrola logu

Napsal: 22 led 2013 00:04
od jossi9432
Poprosim o kontrolu logu. Dakujem
Logfile of random's system information tool 1.09 (written by random/random)
Run by user at 2013-01-22 00:01:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 384 GB (41%) free of 935 GB
Total RAM: 8140 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:01:52, on 22. 1. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=HPNTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = cache.fi.muni.cz:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: CrossriderApp0014987 - {11111111-1111-1111-1111-110111491187} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Odoslať do rozhrania Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odoslať do &Zariadenie s rozhraním Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Connectify - Unknown owner - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10129 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 14804 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-04767a2b-c1a6-464e-8783-69d39e6e3a9f -SystemEventPortName:HostProcess-21453b63-a4a2-48a1-bfbd-7dfa096dc9c8 -IoCancelEventPortName:HostProcess-66300eeb-ccd6-48b8-a433-05aa6f628fe1 -NonStateChangingEventPortName:HostProcess-756882e4-1fe0-42d1-91de-aab8b0da8d16 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7d29120a-feaa-44ac-b1a4-500f560acba7 -DeviceGroupId:
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 19817280
\??\C:\Windows\system32\conhost.exe "-1277087930-1251445088-109514904220462557861616118343-1972928842-15505895971047561498
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"ConnectifyD.exe"
\??\C:\Windows\system32\conhost.exe "1180915785689357915-465720397-1250041171343164302-584190146-962546392-2131589102
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2568
"C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
taskeng.exe {0BFCF20A-9798-44A9-8439-AAF6A8267AD3}
"C:\Windows\system32\Dwm.exe"
C:\Users\user\Documents\Programy\GPUMeter_2.02\PCMeter\PCMeter\PCMeterV0.3.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\System32\hkcmd.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7424.1.755149945\75056409" --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.830.6.3000 --ignored=" --type=renderer " /prefetch:12
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/8/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="7424.2.343063208\140689298" /prefetch:3
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/8/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="7424.3.183282683\1312853483" /prefetch:3
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/8/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="7424.4.1302406264\458884332" /prefetch:3
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="7424.6.311389581\301949906" --lang=sk --ignored=" --type=renderer " /prefetch:13
"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"
"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding
C:\Windows\ehome\ehRecvr.exe
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/8/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="7424.219.1700811129\878893191" /prefetch:3
"taskhost.exe"
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/8/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --extension-process --renderer-print-preview --channel="7424.252.1928512069\370797432" /prefetch:3
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\npwebsitelogon.dll" --lang=sk --channel="7424.264.547447287\657642708" /prefetch:4
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/8/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="7424.271.1901913288\598168356" /prefetch:3
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/8/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="7424.273.2004721090\1615529359" /prefetch:3
taskeng.exe {6F4A95C9-7D40-4843-9A7D-BCF6934CD96C}
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/8/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwnd10/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/warm_socket/ --renderer-print-preview --channel="7424.274.2019311874\1163851445" /prefetch:3
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\user\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForuser.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-02-17 1744200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-07 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110111491187}]
PC Speed Up Extension

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-01-12 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-02-17 1596232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-01-12 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-11-08 2847016]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-03-11 1128448]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-15 168216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-15 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-15 416024]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-06-14 5634800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-12-18 38112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe [2009-09-18 205976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify]
C:\Program Files (x86)\Connectify\Connectify.exe [2012-11-09 4013928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPConnectionManager]
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-06-14 103992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HydraVisionDesktopManager]
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-12-12 152544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files (x86)\Zrychlenie PC\PCSUNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Powersuite Monitor]
C:\Program Files (x86)\Uniblue\PowerSuite\powersuite_monitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Prime95]
C:\Users\user\Downloads\p95v277.win64\prime95.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2012-11-23 1353080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Obrazovková spinka a spúšťač programu OneNote 2010.lnk]
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE [2010-12-21 245120]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]
""= []
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-01-27 318520]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-15 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-01-17 00:23:40 ----D---- C:\Users\user\AppData\Roaming\ts3overlay_hook_win64
2013-01-17 00:23:40 ----D---- C:\Users\user\AppData\Roaming\ts3overlay
2013-01-17 00:22:12 ----D---- C:\Users\user\AppData\Roaming\TS3Client
2013-01-17 00:15:37 ----D---- C:\Program Files\TeamSpeak 3 Client
2013-01-17 00:10:00 ----D---- C:\Program Files (x86)\Counter Strike Source
2013-01-15 15:31:52 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-01-15 15:31:52 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-01-15 15:31:52 ----A---- C:\Windows\SYSWOW64\java.exe
2013-01-15 15:31:09 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-01-13 11:56:22 ----D---- C:\ProgramData\Connectify
2013-01-12 22:12:11 ----D---- C:\Program Files (x86)\PANDORA.TV
2013-01-11 19:52:07 ----A---- C:\Windows\system32\drivers\cnnctfy2.sys
2013-01-11 19:51:56 ----D---- C:\Program Files (x86)\Connectify
2013-01-09 06:03:48 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-01-09 06:03:48 ----A---- C:\Windows\system32\win32spl.dll
2013-01-09 06:03:30 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-09 06:03:30 ----A---- C:\Windows\system32\msxml6.dll
2013-01-09 06:03:30 ----A---- C:\Windows\system32\msxml3.dll
2013-01-09 06:03:29 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-09 06:03:29 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-09 06:03:29 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-09 06:03:26 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-01-09 06:03:26 ----A---- C:\Windows\system32\usp10.dll
2013-01-09 06:03:19 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-01-09 06:03:19 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-01-09 06:03:19 ----A---- C:\Windows\system32\Wpc.dll
2013-01-09 06:03:19 ----A---- C:\Windows\system32\gameux.dll
2013-01-09 06:02:45 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-09 06:02:44 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-01-09 06:02:44 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-09 06:02:44 ----A---- C:\Windows\system32\kernel32.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 06:02:43 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-01-09 06:02:43 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-01-09 06:02:43 ----A---- C:\Windows\system32\wow64win.dll
2013-01-09 06:02:43 ----A---- C:\Windows\system32\wow64cpu.dll
2013-01-09 06:02:43 ----A---- C:\Windows\system32\wow64.dll
2013-01-09 06:02:43 ----A---- C:\Windows\system32\winsrv.dll
2013-01-09 06:02:43 ----A---- C:\Windows\system32\ntvdm64.dll
2013-01-09 06:02:43 ----A---- C:\Windows\system32\conhost.exe
2013-01-09 06:02:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 06:02:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 06:02:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 06:02:40 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 06:02:40 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 06:02:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 06:02:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 06:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 06:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 06:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 06:02:33 ----A---- C:\Windows\SYSWOW64\user.exe
2013-01-09 06:02:33 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-01-09 06:02:33 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-01-09 06:02:08 ----A---- C:\Windows\system32\win32k.sys
2013-01-09 06:02:06 ----A---- C:\Windows\system32\taskhost.exe
2012-12-31 07:30:08 ----D---- C:\ProgramData\ESET
2012-12-28 16:19:13 ----SHD---- C:\Windows\ftpcache
2012-12-28 16:19:02 ----A---- C:\Windows\system32\HPSIsvc.exe
2012-12-28 16:13:28 ----A---- C:\Windows\system32\HPM1210SM.exe
2012-12-28 16:13:28 ----A---- C:\Windows\system32\HPM1210LM.DLL
2012-12-28 16:12:27 ----D---- C:\Program Files\HP
2012-12-28 16:12:27 ----A---- C:\Windows\system32\mvhlewsi.dll
2012-12-28 16:12:23 ----A---- C:\Windows\system32\m1130wia.dll
2012-12-28 16:12:22 ----A---- C:\Windows\system32\HPM1210SMs.dll

======List of files/folders modified in the last 1 month======

2013-01-22 00:01:52 ----D---- C:\Windows\Prefetch
2013-01-22 00:01:51 ----D---- C:\Windows\temp
2013-01-22 00:01:51 ----D---- C:\Program Files\trend micro
2013-01-21 20:26:13 ----D---- C:\Windows\System32
2013-01-21 20:26:13 ----D---- C:\Windows\inf
2013-01-21 20:26:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-21 18:29:35 ----D---- C:\Windows\system32\config
2013-01-20 01:54:29 ----D---- C:\Program Files (x86)\The KMPlayer
2013-01-18 20:20:09 ----D---- C:\Windows\Tasks
2013-01-18 20:20:09 ----D---- C:\Windows\system32\Tasks
2013-01-18 20:19:44 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-01-17 02:29:24 ----A---- C:\Windows\SYSWOW64\log.txt
2013-01-17 02:27:03 ----D---- C:\Windows
2013-01-17 00:15:37 ----RD---- C:\Program Files
2013-01-17 00:10:16 ----RD---- C:\Program Files (x86)
2013-01-16 23:19:08 ----D---- C:\Users\user\AppData\Roaming\Skype
2013-01-16 01:54:52 ----SHD---- C:\System Volume Information
2013-01-15 15:31:58 ----SHD---- C:\Windows\Installer
2013-01-15 15:31:57 ----D---- C:\Config.Msi
2013-01-15 15:31:52 ----D---- C:\Windows\SysWOW64
2013-01-15 15:31:51 ----D---- C:\Program Files (x86)\Java
2013-01-13 11:56:33 ----D---- C:\Windows\system32\DriverStore
2013-01-13 11:56:33 ----D---- C:\Windows\system32\catroot
2013-01-13 11:56:22 ----D---- C:\ProgramData
2013-01-11 23:31:10 ----D---- C:\Windows\system32\NDF
2013-01-11 19:52:14 ----D---- C:\Windows\system32\drivers
2013-01-10 22:16:18 ----D---- C:\Windows\rescache
2013-01-10 00:31:07 ----D---- C:\Windows\debug
2013-01-09 16:01:49 ----RSD---- C:\Windows\assembly
2013-01-09 16:01:49 ----D---- C:\Windows\Microsoft.NET
2013-01-09 15:34:00 ----D---- C:\ProgramData\wxDownload
2013-01-09 12:23:40 ----D---- C:\Program Files (x86)\Realtek
2013-01-09 12:22:59 ----D---- C:\Program Files (x86)\Hewlett-Packard
2013-01-09 12:17:21 ----D---- C:\Windows\system32\catroot2
2013-01-09 12:07:43 ----D---- C:\Windows\winsxs
2013-01-09 12:05:49 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-01-09 12:05:48 ----D---- C:\Windows\system32\sk-SK
2013-01-09 12:05:46 ----D---- C:\Windows\AppPatch
2013-01-09 12:02:21 ----D---- C:\ProgramData\Microsoft Help
2013-01-09 12:01:39 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-01-09 11:56:00 ----A---- C:\Windows\system32\MRT.exe
2013-01-08 15:07:19 ----D---- C:\Program Files (x86)\Intel
2013-01-08 14:38:37 ----D---- C:\SWSetup
2013-01-01 12:06:24 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-12-31 21:37:10 ----D---- C:\Windows\Logs
2012-12-28 22:45:39 ----D---- C:\Counter-Strike 1.6
2012-12-28 16:14:45 ----D---- C:\Windows\twain_32
2012-12-25 17:03:49 ----D---- C:\ProgramData\CyberLink

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-06-14 62536]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2012-04-25 30488]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2012-11-08 647736]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2012-11-08 28216]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-11-08 19264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-09-18 868848]
R1 cnnctfy2;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy2.sys [2013-01-11 31344]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-06-14 211344]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-06-14 149592]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-06-14 38328]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-06-14 188696]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2012-04-25 43800]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-15 11270656]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-15 546304]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2012-11-19 3065408]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-11-08 331264]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-04-15 12228128]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 pmkbdfltr;PenMount Keyboard Device Filter Driver; C:\Windows\system32\DRIVERS\pmkbdfltr.sys [2012-11-08 18832]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 338536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-11-08 43832]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10329; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-03-11 521728]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-11-08 401456]
S3 AVerAF35;HP USB DVB-T TV Tuner; C:\Windows\System32\Drivers\HPAF35.sys [2009-10-19 511104]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
S3 busenum;SteelBusSvc; C:\Windows\system32\DRIVERS\SteelBus64.sys [2012-11-12 131072]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CpqDfw;Compaq Dfw; C:\Windows\system32\drivers\CpqDfw.sys []
S3 HPIR;HP TV Tuner Infrared Receiver; C:\Windows\system32\DRIVERS\HPIR.sys [2009-11-16 93184]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-09-25 20480]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-09-28 53760]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-15 240640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2012-11-09 65536]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-06-14 1288104]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-17 265544]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2010-04-29 127800]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-04-25 31000]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-06-28 2413056]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-22 325656]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-12-06 76888]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10129; C:\Program Files\IDT\WDM\STacSV64.exe [2011-03-11 297984]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 641504]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-11 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-11 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 HPAuto;HP Auto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-16 682040]
S3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-06-14 1098296]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-11-23 529744]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-13 1255736]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S4 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S4 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S4 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]

-----------------EOF-----------------

Re: preventivna kontrola logu

Napsal: 22 led 2013 17:03
od vyosek
Zdravim :)

:arrow: Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222
  • Provedte aktualizaci
  • Provedte uplny sken - nic nemazte :!:
  • MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

Re: preventivna kontrola logu

Napsal: 23 led 2013 17:39
od jossi9432
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verzia databázy: v2013.01.23.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
user :: GREJTAK_HP [administrátor]

23. 1. 2013 14:08:41
MBAM-log-2013-01-23 (15-54-25).txt

Typ kontroly: Úplná kontrola (C:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 526029
Uplynutý čas: 1 hod, 41 min, 57 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 2
C:\Users\user\Documents\Programy\ESET-PureFix-v2.02-(TimC0de)\ESET PureFix v2.02 (TimC0de)\ESET PureFix v2.02.exe (RiskWare.Tool.CK) -> Žiadna úloha nevykonaná.
C:\Users\user\Downloads\Connectify-Pro-3.7.1.25486\Connectify Pro 3.7.1.25486\Keygen.exe (RiskWare.Tool.CK) -> Žiadna úloha nevykonaná.

(koniec)

Re: preventivna kontrola logu

Napsal: 23 led 2013 20:43
od vyosek
:arrow: Nalezy MBAMu smazte

:arrow: Pred pokracovanim, vas musim pozadat o odstraneni NELEGALNIHO ESETu. Tento muj "pozadavek" vychazi z platnych pravidel fora http://forum.viry.cz/viewtopic.php?f=12&t=115512, ktere jste vy i ja povinnen dodrzovat
Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.
:arrow: Takze pokud chcete pomoci, tak jej odinstalujte, nainstalujte free reseni (napr. Avast), napiste a budeme pokracovat

Re: preventivna kontrola logu

Napsal: 23 led 2013 22:48
od jossi9432
OK,suhlasim,uz uninstallujem

Re: preventivna kontrola logu

Napsal: 23 led 2013 22:52
od vyosek
OK, pak nainstalujte free reseni a dejte novy log z RSIT

Re: preventivna kontrola logu

Napsal: 23 led 2013 22:57
od jossi9432
Logfile of random's system information tool 1.09 (written by random/random)
Run by user at 2013-01-23 22:56:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 391 GB (42%) free of 935 GB
Total RAM: 8140 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:56:43, on 23. 1. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\trend micro\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=HPNTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = cache.fi.muni.cz:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: CrossriderApp0014987 - {11111111-1111-1111-1111-110111491187} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Odoslať do rozhrania Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odoslať do &Zariadenie s rozhraním Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Connectify - Unknown owner - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10129 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 15227 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-093daba3-3532-4e59-9e8b-439003375c7e -SystemEventPortName:HostProcess-6958b6bb-8634-41fe-9f44-6d6caa563df9 -IoCancelEventPortName:HostProcess-9bd0d8e9-3d66-4614-9e32-e8e5e0add4ee -NonStateChangingEventPortName:HostProcess-1d9e8084-e597-4e00-b0f4-370bf8c459ec -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c79f5e2b-b90f-49ea-9d5a-d9a505b941cc -DeviceGroupId:
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 24610080
\??\C:\Windows\system32\conhost.exe "1006309954-1028338670-2143820586-502199634131638431412548084471175993752-113930825
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
"ConnectifyD.exe"
\??\C:\Windows\system32\conhost.exe "-14229446565339832811793781988-726771371-1567932146-1323940004-373415681402517242
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2784
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"
taskeng.exe {FB8C4195-48D2-4633-8311-B2FCF25C4319}
C:\Users\user\Documents\Programy\GPUMeter_2.02\PCMeter\PCMeter\PCMeterV0.3.exe
"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {C617DDDA-5C83-43C1-9872-351EE8B4480D}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1444.1.34529485\423626489" --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.830.6.3000 --ignored=" --type=renderer " /prefetch:12
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/8/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --channel="1444.2.658882653\1951973218" /prefetch:3
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/8/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --channel="1444.3.1013033119\2001604582" /prefetch:3
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/8/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --extension-process --renderer-print-preview --channel="1444.4.1512978192\1264688658" /prefetch:3
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/8/OneClickSignIn/Standard/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="1444.5.1347006379\709529493" /prefetch:3
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1444.6.1785871560\1930538557" --lang=sk --ignored=" --type=renderer " /prefetch:13
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/8/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="1444.8.1916191289\2005889271" /prefetch:3
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\npwebsitelogon.dll" --lang=sk --channel="1444.11.840811648\2104836285" /prefetch:4
C:\Windows\system32\msiexec.exe /V
"C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/EnableStage3D/enabled_default/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/NewTabButton/default/OmniboxDisallowInlineHQP/Standard/OmniboxHQPNewScoring/Standard/OmniboxSearchSuggest/8/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V2/SpdyCwnd/cwndMin16/SpeculativePrefetchingLearning/SpeculativePrefetchingDisabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_93/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --renderer-print-preview --channel="1444.20.1239639298\78504039" /prefetch:3
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000018a4
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min /NOSPLASH /SETUPSTART
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\user\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForuser.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-02-17 1744200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-07 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110111491187}]
PC Speed Up Extension

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-01-12 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-02-17 1596232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-01-12 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-11-08 2847016]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-03-11 1128448]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-15 168216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-15 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-15 416024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-12-18 38112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe [2009-09-18 205976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify]
C:\Program Files (x86)\Connectify\Connectify.exe [2012-11-09 4013928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPConnectionManager]
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-06-14 103992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HydraVisionDesktopManager]
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-12-12 152544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files (x86)\Zrychlenie PC\PCSUNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Powersuite Monitor]
C:\Program Files (x86)\Uniblue\PowerSuite\powersuite_monitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Prime95]
C:\Users\user\Downloads\p95v277.win64\prime95.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2012-11-23 1353080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Obrazovková spinka a spúšťač programu OneNote 2010.lnk]
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE [2010-12-21 245120]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]
""= []
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-01-27 318520]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2012-12-04 384800]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-15 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-01-23 22:52:54 ----D---- C:\ProgramData\Avira
2013-01-23 22:52:54 ----D---- C:\Program Files (x86)\Avira
2013-01-23 22:52:54 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2013-01-23 22:52:54 ----A---- C:\Windows\system32\drivers\avipbb.sys
2013-01-23 22:52:54 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2013-01-17 00:23:40 ----D---- C:\Users\user\AppData\Roaming\ts3overlay_hook_win64
2013-01-17 00:23:40 ----D---- C:\Users\user\AppData\Roaming\ts3overlay
2013-01-17 00:22:12 ----D---- C:\Users\user\AppData\Roaming\TS3Client
2013-01-17 00:15:37 ----D---- C:\Program Files\TeamSpeak 3 Client
2013-01-17 00:10:00 ----D---- C:\Program Files (x86)\Counter Strike Source
2013-01-15 15:31:52 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-01-15 15:31:52 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-01-15 15:31:52 ----A---- C:\Windows\SYSWOW64\java.exe
2013-01-15 15:31:09 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-01-13 11:56:22 ----D---- C:\ProgramData\Connectify
2013-01-12 22:12:11 ----D---- C:\Program Files (x86)\PANDORA.TV
2013-01-11 19:52:07 ----A---- C:\Windows\system32\drivers\cnnctfy2.sys
2013-01-11 19:51:56 ----D---- C:\Program Files (x86)\Connectify
2013-01-09 06:03:48 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-01-09 06:03:48 ----A---- C:\Windows\system32\win32spl.dll
2013-01-09 06:03:30 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-09 06:03:30 ----A---- C:\Windows\system32\msxml6.dll
2013-01-09 06:03:30 ----A---- C:\Windows\system32\msxml3.dll
2013-01-09 06:03:29 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-09 06:03:29 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-09 06:03:29 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-09 06:03:26 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-01-09 06:03:26 ----A---- C:\Windows\system32\usp10.dll
2013-01-09 06:03:19 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-01-09 06:03:19 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-01-09 06:03:19 ----A---- C:\Windows\system32\Wpc.dll
2013-01-09 06:03:19 ----A---- C:\Windows\system32\gameux.dll
2013-01-09 06:02:45 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-09 06:02:44 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-01-09 06:02:44 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-09 06:02:44 ----A---- C:\Windows\system32\kernel32.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 06:02:43 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 06:02:43 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-01-09 06:02:43 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-01-09 06:02:43 ----A---- C:\Windows\system32\wow64win.dll
2013-01-09 06:02:43 ----A---- C:\Windows\system32\wow64cpu.dll
2013-01-09 06:02:43 ----A---- C:\Windows\system32\wow64.dll
2013-01-09 06:02:43 ----A---- C:\Windows\system32\winsrv.dll
2013-01-09 06:02:43 ----A---- C:\Windows\system32\ntvdm64.dll
2013-01-09 06:02:43 ----A---- C:\Windows\system32\conhost.exe
2013-01-09 06:02:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 06:02:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 06:02:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 06:02:40 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 06:02:40 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 06:02:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 06:02:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 06:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 06:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 06:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 06:02:33 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 06:02:33 ----A---- C:\Windows\SYSWOW64\user.exe
2013-01-09 06:02:33 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-01-09 06:02:33 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-01-09 06:02:08 ----A---- C:\Windows\system32\win32k.sys
2013-01-09 06:02:06 ----A---- C:\Windows\system32\taskhost.exe
2012-12-28 16:19:13 ----SHD---- C:\Windows\ftpcache
2012-12-28 16:19:02 ----A---- C:\Windows\system32\HPSIsvc.exe
2012-12-28 16:13:28 ----A---- C:\Windows\system32\HPM1210SM.exe
2012-12-28 16:13:28 ----A---- C:\Windows\system32\HPM1210LM.DLL
2012-12-28 16:12:27 ----D---- C:\Program Files\HP
2012-12-28 16:12:27 ----A---- C:\Windows\system32\mvhlewsi.dll
2012-12-28 16:12:23 ----A---- C:\Windows\system32\m1130wia.dll
2012-12-28 16:12:22 ----A---- C:\Windows\system32\HPM1210SMs.dll

======List of files/folders modified in the last 1 month======

2013-01-23 22:56:42 ----D---- C:\Windows\temp
2013-01-23 22:56:42 ----D---- C:\Program Files\trend micro
2013-01-23 22:54:48 ----SHD---- C:\System Volume Information
2013-01-23 22:53:02 ----D---- C:\Windows\system32\catroot
2013-01-23 22:52:54 ----RD---- C:\Program Files (x86)
2013-01-23 22:52:54 ----D---- C:\Windows\system32\drivers
2013-01-23 22:52:54 ----D---- C:\ProgramData
2013-01-23 22:51:50 ----SHD---- C:\Windows\Installer
2013-01-23 22:51:36 ----D---- C:\Config.Msi
2013-01-23 22:51:28 ----D---- C:\Windows\system32\DriverStore
2013-01-23 22:51:28 ----D---- C:\Windows\inf
2013-01-23 22:47:33 ----D---- C:\Windows\system32\config
2013-01-23 22:45:25 ----D---- C:\Users\user\AppData\Roaming\Skype
2013-01-23 20:59:33 ----A---- C:\Windows\SYSWOW64\log.txt
2013-01-23 20:56:46 ----D---- C:\Windows
2013-01-23 19:09:51 ----D---- C:\Windows\Prefetch
2013-01-23 18:57:26 ----D---- C:\Program Files (x86)\The KMPlayer
2013-01-23 14:01:23 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-21 20:26:13 ----D---- C:\Windows\System32
2013-01-21 20:26:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-18 20:20:09 ----D---- C:\Windows\Tasks
2013-01-18 20:20:09 ----D---- C:\Windows\system32\Tasks
2013-01-18 20:19:44 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-01-17 00:15:37 ----RD---- C:\Program Files
2013-01-15 15:31:52 ----D---- C:\Windows\SysWOW64
2013-01-15 15:31:51 ----D---- C:\Program Files (x86)\Java
2013-01-11 23:31:10 ----D---- C:\Windows\system32\NDF
2013-01-10 22:16:18 ----D---- C:\Windows\rescache
2013-01-10 00:31:07 ----D---- C:\Windows\debug
2013-01-09 16:01:49 ----RSD---- C:\Windows\assembly
2013-01-09 16:01:49 ----D---- C:\Windows\Microsoft.NET
2013-01-09 15:34:00 ----D---- C:\ProgramData\wxDownload
2013-01-09 12:23:40 ----D---- C:\Program Files (x86)\Realtek
2013-01-09 12:22:59 ----D---- C:\Program Files (x86)\Hewlett-Packard
2013-01-09 12:17:21 ----D---- C:\Windows\system32\catroot2
2013-01-09 12:07:43 ----D---- C:\Windows\winsxs
2013-01-09 12:05:49 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-01-09 12:05:48 ----D---- C:\Windows\system32\sk-SK
2013-01-09 12:05:46 ----D---- C:\Windows\AppPatch
2013-01-09 12:02:21 ----D---- C:\ProgramData\Microsoft Help
2013-01-09 12:01:39 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-01-09 11:56:00 ----A---- C:\Windows\system32\MRT.exe
2013-01-08 15:07:19 ----D---- C:\Program Files (x86)\Intel
2013-01-08 14:38:37 ----D---- C:\SWSetup
2013-01-01 12:06:24 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-12-31 21:37:10 ----D---- C:\Windows\Logs
2012-12-28 22:45:39 ----D---- C:\Counter-Strike 1.6
2012-12-28 16:14:45 ----D---- C:\Windows\twain_32
2012-12-25 17:03:49 ----D---- C:\ProgramData\CyberLink

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2012-04-25 30488]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2012-11-08 647736]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2012-11-08 28216]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-11-08 19264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-09-18 868848]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-12-03 129216]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]
R1 cnnctfy2;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy2.sys [2013-01-11 31344]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-12-03 99912]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2012-04-25 43800]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-15 11270656]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-15 546304]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2012-11-19 3065408]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-11-08 331264]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-04-15 12228128]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 pmkbdfltr;PenMount Keyboard Device Filter Driver; C:\Windows\system32\DRIVERS\pmkbdfltr.sys [2012-11-08 18832]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 338536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-11-08 43832]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10329; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-03-11 521728]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-11-08 401456]
R4 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
R4 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R4 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys []
R4 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys []
S3 AVerAF35;HP USB DVB-T TV Tuner; C:\Windows\System32\Drivers\HPAF35.sys [2009-10-19 511104]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
S3 busenum;SteelBusSvc; C:\Windows\system32\DRIVERS\SteelBus64.sys [2012-11-12 131072]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CpqDfw;Compaq Dfw; C:\Windows\system32\drivers\CpqDfw.sys []
S3 HPIR;HP TV Tuner Infrared Receiver; C:\Windows\system32\DRIVERS\HPIR.sys [2009-11-16 93184]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-09-25 20480]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-09-28 53760]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S4 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-06-14 38328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-15 240640]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-12-04 109344]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-04 85280]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2012-11-09 65536]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-17 265544]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2010-04-29 127800]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-04-25 31000]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-06-28 2413056]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-22 325656]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-12-06 76888]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10129; C:\Program Files\IDT\WDM\STacSV64.exe [2011-03-11 297984]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-11 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-11 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 HPAuto;HP Auto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-16 682040]
S3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-06-14 1098296]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 641504]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-11-23 529744]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-13 1255736]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S4 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S4 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]

-----------------EOF-----------------

Re: preventivna kontrola logu

Napsal: 23 led 2013 23:19
od vyosek
:arrow: Stahnete na plochu CKScanner
  • Spustte a kliknete na Search for files
  • Po dokonceni skenu kliknete na Save List to File a nasledne OK
  • Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte

Re: preventivna kontrola logu

Napsal: 24 led 2013 00:13
od jossi9432
CKScanner 2.1 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\assassins creed iii\skidrowcrack.com.txt
c:\program files (x86)\assassins creed iii\skidrowcrack.com.url
c:\program files (x86)\counter strike source\cstrike\materials\concrete\prodwllecracked.vmt
c:\program files (x86)\counter strike source\cstrike\materials\concrete\prodwllecracked.vtf
c:\program files (x86)\counter strike source\hl2\materials\glass\glasswindow018a_cracked.vmt
c:\program files (x86)\counter strike source\hl2\materials\glass\glasswindow018a_cracked.vtf
c:\users\user\documents\blur\vitality(to je asi crack)\blur.exe
c:\users\user\documents\games for install\nfs.mw\crack-na-nfs-most-wanted-(alik).exe
scanner sequence 3.DD.11.UGAPWU
----- EOF -----

Re: preventivna kontrola logu

Napsal: 25 led 2013 23:32
od vyosek
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Re: preventivna kontrola logu

Napsal: 26 led 2013 16:22
od jossi9432
OTL logfile created on: 26.1.2013 15:48:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

7,95 Gb Total Physical Memory | 4,82 Gb Available Physical Memory | 60,62% Memory free
13,95 Gb Paging File | 10,23 Gb Available in Paging File | 73,39% Paging File free
Paging file location(s): C:\pagefile.sys 6142 6142 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 912,89 Gb Total Space | 378,26 Gb Free Space | 41,44% Space Free | Partition Type: NTFS
Drive D: | 18,32 Gb Total Space | 1,96 Gb Free Space | 10,69% Space Free | Partition Type: NTFS

Computer Name: GREJTAK_HP | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.01.26 15:43:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
PRC - [2012.12.18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.06 01:21:20 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.12.04 15:36:48 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.12.04 12:13:51 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.12.04 12:04:24 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.11.09 20:30:26 | 000,287,592 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\Connectifyd.exe
PRC - [2012.11.09 20:30:12 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Connectify\ConnectifyService.exe
PRC - [2012.09.28 09:25:56 | 000,586,904 | ---- | M] (PandoraTV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
PRC - [2012.09.28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
PRC - [2011.05.20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.05.20 10:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.03.22 11:42:40 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011.02.17 22:48:24 | 000,265,544 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011.02.17 22:48:12 | 000,642,888 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011.02.17 22:47:58 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011.01.27 12:38:04 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010.12.22 21:25:02 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.22 21:24:58 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.17 18:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.11.09 15:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010.11.09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe


========== Modules (No Company Name) ==========

MOD - [2013.01.09 12:14:43 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\346a7a67978cead8e2ff52c6d80bbeb7\IAStorUtil.ni.dll
MOD - [2013.01.09 12:14:43 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\500a8ae2a5d27132d87ccac9f97b0069\IAStorCommon.ni.dll
MOD - [2013.01.09 12:12:31 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll
MOD - [2013.01.09 12:12:27 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.09 12:12:06 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013.01.09 12:12:01 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.09 12:11:52 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.01.09 12:11:48 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.09 12:11:46 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.09 12:11:44 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.09 12:11:40 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012.10.31 23:15:05 | 000,460,312 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
MOD - [2012.10.31 23:15:04 | 012,455,448 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
MOD - [2012.10.31 23:15:02 | 004,007,448 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\23.0.1271.64\pdf.dll
MOD - [2012.10.31 23:13:47 | 000,587,288 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\23.0.1271.64\libglesv2.dll
MOD - [2012.10.31 23:13:46 | 000,123,928 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\23.0.1271.64\libegl.dll
MOD - [2012.10.31 23:13:35 | 000,156,712 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\23.0.1271.64\avutil-51.dll
MOD - [2012.10.31 23:13:34 | 000,274,984 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\23.0.1271.64\avformat-54.dll
MOD - [2012.10.31 23:13:32 | 002,168,360 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV:64bit: - [2012.11.15 18:22:04 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.04.25 14:02:52 | 000,031,000 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011.03.11 11:23:16 | 000,297,984 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011.02.16 21:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2010.10.11 01:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.07.29 19:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010.04.29 18:10:40 | 000,127,800 | ---- | M] (HP) [Auto | Running] -- C:\Windows\SysNative\HPSIsvc.exe -- (HPSIService)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.03.03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012.12.18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.06 01:21:20 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.12.04 12:13:51 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.12.04 12:04:24 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.11.23 19:53:46 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.11.09 20:30:12 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Connectify\ConnectifyService.exe -- (Connectify)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.09.28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2012.09.27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011.06.28 17:12:08 | 002,413,056 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011.06.14 17:11:46 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011.05.20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.02.17 22:48:24 | 000,265,544 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2010.12.22 21:25:02 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.22 21:24:58 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.11.09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010.10.12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.03.25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Disabled | Stopped] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.01.11 19:52:07 | 000,031,344 | ---- | M] (Connectify) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cnnctfy2.sys -- (cnnctfy2)
DRV:64bit: - [2012.12.03 15:36:36 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.12.03 15:36:35 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.11.19 19:48:21 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012.11.16 20:17:15 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.11.15 19:13:32 | 011,270,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.11.15 17:57:48 | 000,546,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.11.12 00:40:38 | 000,131,072 | ---- | M] (SteelSeries Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SteelBus64.sys -- (busenum)
DRV:64bit: - [2012.11.08 16:20:52 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.11.08 16:20:11 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012.11.08 16:19:08 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.11.08 16:18:44 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.11.08 16:18:44 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2012.11.08 16:18:40 | 000,010,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\whfltr2k.sys -- (whfltr2k)
DRV:64bit: - [2012.11.08 16:17:45 | 000,401,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.11.08 16:17:16 | 000,018,832 | ---- | M] (PenMount) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pmkbdfltr.sys -- (pmkbdfltr)
DRV:64bit: - [2012.09.28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.09.25 10:52:10 | 000,020,480 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mvusbews.sys -- (mvusbews)
DRV:64bit: - [2012.09.18 09:21:56 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.04.25 14:02:52 | 000,043,800 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012.04.25 14:02:52 | 000,030,488 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.09.07 18:41:40 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.09.07 18:41:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.05.30 16:03:34 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.05.20 09:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.04.15 05:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.03.11 11:23:16 | 000,521,728 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011.02.17 02:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.12.10 22:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.12.10 22:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.11.21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.07.28 09:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010.07.20 22:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.07.20 22:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.07.20 22:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.07.14 15:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.03.02 23:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.11.16 07:28:46 | 000,093,184 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HPIR.sys -- (HPIR)
DRV:64bit: - [2009.10.19 04:35:40 | 000,511,104 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HPAF35.sys -- (AVerAF35)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{1E730549-9B74-45EA-A304-35F48E05FCB7}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://sk.wikipedia.org/wiki/Special:Se ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDF
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes\{1E730549-9B74-45EA-A304-35F48E05FCB7}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://sk.wikipedia.org/wiki/Special:Se ... earchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=HPNTDF
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\..\SearchScopes,DefaultScope = {31290F6C-5AF3-498B-B781-5577E915366C}
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\..\SearchScopes\{1E730549-9B74-45EA-A304-35F48E05FCB7}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\..\SearchScopes\{31290F6C-5AF3-498B-B781-5577E915366C}: "URL" = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searc&l=dis&o=HPNTDF
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://sk.wikipedia.org/wiki/Special:Se ... earchTerms}
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = cache.fi.muni.cz:3128


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird


========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Simple Pass 2011 (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\npwebsitelogon.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 6 U35 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Website Logon = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\
CHR - Extension: YouTube = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Woodark = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\daiallmdmonifegjibcalpdgnjaomkme\1_0\
CHR - Extension: AdBlock = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.56_0\
CHR - Extension: Gmail = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.11.26 18:38:37 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2 - BHO: (PC Speed Up Extension) - {11111111-1111-1111-1111-110111491187} - Reg Error: Value error. File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4204391165-3645872910-4001035389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Odoslať do rozhrania Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odoslať do &Zariadenie s rozhraním Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 147.251.209.1 147.251.197.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD8C8268-1CA8-4210-83D7-D0B94049673A}: DhcpNameServer = 147.251.209.1 147.251.197.2
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013/01/26 15:43:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2013/01/25 04:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Y Soft
[2013/01/25 00:12:44 | 000,026,112 | ---- | C] (RICOH CO.,Ltd.) -- C:\Windows\SysNative\ricA5Hlm.dll
[2013/01/23 22:58:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Avira
[2013/01/23 22:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013/01/23 22:52:54 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013/01/23 22:52:54 | 000,099,912 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013/01/23 22:52:54 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013/01/23 22:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013/01/23 22:52:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013/01/23 14:01:00 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Programs
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[17 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013/01/26 15:50:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/01/26 15:43:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2013/01/26 14:58:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/26 09:42:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/25 20:14:37 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForuser.job
[2013/01/25 18:40:31 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/25 04:36:44 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/25 04:36:44 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/25 04:29:01 | 2106,478,591 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/25 04:24:01 | 000,000,606 | ---- | M] () -- C:\Windows\SysNative\ricdb.ini
[2013/01/24 18:50:31 | 000,259,522 | ---- | M] () -- C:\Users\user\Desktop\PB001-uvod-do-it-prepracovane-odpovede.pdf
[2013/01/24 18:49:40 | 000,836,207 | ---- | M] () -- C:\Users\user\Desktop\PB001-pb001-poznamky.pdf
[2013/01/21 20:26:13 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/01/21 20:26:13 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/01/21 20:26:13 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/01/21 07:05:45 | 000,205,509 | ---- | M] () -- C:\Users\user\Desktop\testy.pdf
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[17 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/26 15:50:39 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/01/25 04:24:01 | 000,000,606 | ---- | C] () -- C:\Windows\SysNative\ricdb.ini
[2013/01/25 04:23:50 | 004,062,208 | ---- | C] () -- C:\Windows\SysNative\SAFEQVS64.DLL
[2013/01/25 04:23:50 | 000,683,520 | ---- | C] () -- C:\Windows\SysNative\SafeQCairoLib64.DLL
[2013/01/25 04:23:50 | 000,154,112 | ---- | C] () -- C:\Windows\SysNative\SAFEQ64UI.DLL
[2013/01/25 04:23:50 | 000,001,536 | ---- | C] () -- C:\Windows\SysNative\SafeQEvent.dll
[2013/01/24 18:50:31 | 000,259,522 | ---- | C] () -- C:\Users\user\Desktop\PB001-uvod-do-it-prepracovane-odpovede.pdf
[2013/01/24 18:49:40 | 000,836,207 | ---- | C] () -- C:\Users\user\Desktop\PB001-pb001-poznamky.pdf
[2012/12/03 18:07:27 | 000,000,049 | ---- | C] () -- C:\Users\user\AppData\Roaming\mbam.context.scan
[2012/12/01 14:05:16 | 000,001,353 | ---- | C] () -- C:\Windows\cm108.ini
[2012/11/26 18:23:25 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/11/26 18:23:25 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/11/26 18:23:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/11/26 18:23:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/11/26 18:23:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/11/12 16:45:37 | 000,007,597 | ---- | C] () -- C:\Users\user\AppData\Local\Resmon.ResmonCfg
[2012/11/07 15:15:31 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012/10/16 13:50:21 | 000,000,263 | ---- | C] () -- C:\Users\user\AppData\Roaming\GPU MeterV2_Settings.ini
[2012/10/15 17:58:13 | 000,000,532 | ---- | C] () -- C:\Users\user\AppData\Roaming\All CPU MeterV3_Settings.ini
[2012/10/06 15:09:26 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/10/06 15:09:18 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/10/02 01:04:55 | 000,764,746 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/07/28 02:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/07/28 02:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/06/19 13:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/05/02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011/11/25 14:27:36 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/11/25 14:15:10 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/11/25 14:15:10 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/11/25 14:15:10 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/11/25 14:15:10 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/11/25 14:15:09 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/11/25 14:10:22 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/09/07 09:17:06 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/03 21:04:58 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 14:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 14:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 14:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/11/22 00:17:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\BitTorrent
[2012/11/09 22:25:21 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\bizarre creations
[2012/09/28 21:15:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DarknessII
[2012/11/12 04:16:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ESET
[2012/11/24 16:51:20 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GHISLER
[2012/09/14 18:35:12 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\IDT
[2012/10/10 20:10:00 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Need for Speed World
[2012/09/17 21:09:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PowerISO
[2012/10/22 21:14:46 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PunkBuster
[2012/12/01 14:12:09 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SteelSeries
[2012/09/13 09:35:28 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Synaptics
[2012/11/13 12:57:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TestApp
[2012/11/21 01:33:21 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Theta
[2013/01/25 23:20:23 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TS3Client
[2013/01/17 00:24:12 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ts3overlay
[2013/01/17 00:27:10 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ts3overlay_hook_win64
[2012/11/13 23:09:38 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Uniblue
[2012/12/06 07:52:13 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Unity
[2012/12/01 22:28:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\WildTangent

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,032,546 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/09/15 14:42:05 | 000,000,328 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForuser.job
[2012/10/11 16:53:55 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/10/11 16:53:56 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

Re: preventivna kontrola logu

Napsal: 26 led 2013 16:23
od jossi9432
< MD5 for: EXPLORER.EXE >
[2011/09/07 18:36:59 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/09/07 18:36:59 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/09/07 18:36:59 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/09/07 18:36:59 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/09/07 18:36:59 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/09/07 18:36:59 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/09/07 18:36:59 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\erdnt\cache64\tcpip.sys
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010/11/21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012/08/22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 11:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011/09/07 18:32:42 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2012/03/30 12:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011/09/07 18:32:42 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/11/26 00:07:49 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9d\tcpip.sys
[2012/10/03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011/11/26 00:07:49 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20\tcpip.sys
[2012/08/22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[5 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[42 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*.tmp -> ]
[27 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/09/25 09:36:27 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Adobe
[2012/11/03 06:46:54 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Apple Computer
[2012/09/13 09:36:30 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ATI
[2013/01/23 22:58:22 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Avira
[2012/11/22 00:17:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\BitTorrent
[2012/11/09 22:25:21 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\bizarre creations
[2012/12/19 04:12:51 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\codeblocks
[2012/09/23 22:22:23 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\CyberLink
[2012/09/28 21:15:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DarknessII
[2012/11/12 04:16:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ESET
[2012/11/24 16:51:20 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GHISLER
[2012/09/15 15:13:46 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Hewlett-Packard
[2012/12/01 14:25:59 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\hpqLog
[2012/11/20 17:08:52 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Identities
[2012/09/14 18:35:12 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\IDT
[2012/11/12 16:33:42 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\InstallShield
[2012/09/13 09:35:30 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Intel Corporation
[2012/09/15 23:06:10 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Macromedia
[2012/11/13 23:06:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Malwarebytes
[2011/11/26 00:06:04 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Media Center Programs
[2012/12/16 02:35:37 | 000,000,000 | --SD | M] -- C:\Users\user\AppData\Roaming\Microsoft
[2012/10/10 20:10:00 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Need for Speed World
[2012/09/14 18:38:42 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Nero
[2012/09/17 21:09:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PowerISO
[2012/10/22 21:14:46 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PunkBuster
[2013/01/25 21:39:56 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Skype
[2012/12/01 14:12:09 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SteelSeries
[2012/09/13 09:35:28 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Synaptics
[2012/11/13 12:57:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TestApp
[2012/11/21 01:33:21 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Theta
[2013/01/25 23:20:23 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TS3Client
[2013/01/17 00:24:12 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ts3overlay
[2013/01/17 00:27:10 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ts3overlay_hook_win64
[2012/11/13 23:09:38 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Uniblue
[2012/12/06 07:52:13 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Unity
[2012/12/01 22:28:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\WildTangent
[2012/09/18 00:49:09 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2011/11/23 17:38:29 | 003,123,272 | R--- | M] () -- C:\Users\user\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
[2012/12/01 22:28:17 | 000,728,256 | ---- | M] (WildTangent, Inc.) -- C:\Users\user\AppData\Roaming\WildTangent\Updater\GameConsole\GameConsole-4.0.23.37-to-4.0.26.34.exe
[2012/05/22 02:34:34 | 000,049,824 | ---- | M] (WildTangent) -- C:\Users\user\AppData\Roaming\WildTangent\Updater\GameConsole\Park-{d7a52a6f-6bc1-4d52-981c-f308944b8479}.exe
[2012/09/14 12:17:41 | 001,008,008 | ---- | M] (WildTangent) -- C:\Users\user\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-hp.exe
[2012/12/01 22:28:17 | 001,007,576 | ---- | M] (WildTangent) -- C:\Users\user\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-wildgames.exe
[2012/09/14 12:17:29 | 000,000,172 | ---- | M] () -- C:\Users\user\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-hp.exe_filedata
[2012/05/22 02:34:34 | 000,571,040 | ---- | M] (WildTangent, Inc.) -- C:\Users\user\AppData\Roaming\WildTangent\WildTangent Games\App\Update\Updater.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013/01/25 18:40:31 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/01/26 15:58:00 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/01/25 20:14:37 | 000,000,328 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForuser.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013/01/25 20:14:24 | 000,000,052 | ---- | M] () -- C:\Windows\system32\DOErrors.log
[2013/01/25 04:31:40 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010/11/21 04:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012/11/14 03:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=0D286C0FE561D1A7EB30E83A0FF305B2 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/01/26 15:50:39 | 000,000,512 | ---- | M] () MD5=3E55343007E697E2FE40F631D2055282 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012/10/26 09:57:21 | 000,000,032 | ---- | M] () -- \Program Files (x86)\Assassins Creed III\SKIDROWCRACK.COM.txt
[2012/10/26 09:57:02 | 000,000,113 | ---- | M] () -- \Program Files (x86)\Assassins Creed III\SKIDROWCRACK.COM.url
[2011/09/05 17:48:47 | 000,000,100 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\cstrike\materials\concrete\prodwllecracked.vmt
[2011/09/05 17:48:47 | 000,174,968 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\cstrike\materials\concrete\prodwllecracked.vtf
[2011/09/05 18:01:20 | 000,000,540 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\Glass\glasswindow018a_cracked.vmt
[2011/09/05 18:01:20 | 000,022,064 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\Glass\glasswindow018a_cracked.vtf
[2012/10/06 15:49:07 | 006,029,312 | ---- | M] () -- \Users\user\Documents\Games for install\nfs.mw\Crack-na-NFS-most-wanted-(alik).exe
[2012/10/31 20:04:00 | 007,082,092 | ---- | M] () -- \Users\user\Music\iTunes\iTunes Media\Music\Norman Doray ft. Andreas Moe\Amnezia Super Hits 78\2-15 Cracks.mp3
[2012/10/31 20:04:00 | 007,082,092 | ---- | M] () -- \Users\user\Music\part 2\15. Norman Doray ft. Andreas Moe - Cracks.mp3

< *keygen* /s >
[2012/09/14 14:28:49 | 000,012,736 | ---- | M] () -- \Users\user\AppData\Roaming\BitTorrent\Nero 10.0 + Serials en Keygen - DivXNL-Team.torrent

< *loader* /s >
[2003/09/15 15:02:00 | 000,169,384 | ---- | M] () -- \Counter-Strike 1.6\cstrike\models\qloader.mdl
[2003/09/15 14:55:50 | 000,352,548 | ---- | M] () -- \Counter-Strike 1.6\valve\models\loader.mdl
[2003/09/15 14:56:04 | 000,012,764 | ---- | M] () -- \Counter-Strike 1.6\valve\sound\ambience\loader_hydra1.wav
[2003/09/15 14:56:04 | 000,012,164 | ---- | M] () -- \Counter-Strike 1.6\valve\sound\ambience\loader_step1.wav
[2012/11/25 10:30:05 | 000,228,864 | ---- | M] () -- \Program Files (x86)\Assassins Creed III\ubiorbitapi_r2_loader.dll
[2012/11/19 07:58:16 | 000,003,584 | ---- | M] () -- \Program Files (x86)\Assassins Creed III\uplay_r1_loader.dll
[2012/11/22 15:47:51 | 000,052,512 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.dll
[2012/11/23 19:59:23 | 000,232,224 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
[2012/12/03 09:45:50 | 001,713,952 | ---- | M] () -- \Program Files (x86)\Avira\AntiVir Desktop\avwebloadergui.dll
[2011/10/03 16:15:22 | 000,064,872 | ---- | M] () -- \Program Files (x86)\Batman Arkham City\Binaries\Win32\PhysXLoader.dll
[2012/02/09 04:12:58 | 000,058,368 | ---- | M] () -- \Program Files (x86)\Black_Box\The Darkness II\Tools\Physx\x86\PhysXLoader.dll
[2008/08/21 09:06:16 | 000,013,921 | ---- | M] () -- \Program Files (x86)\City Interactive\MOTORM4X Offroad Extreme\media\texts\texts_loader.xml
[2011/04/15 15:29:28 | 000,000,118 | ---- | M] () -- \Program Files (x86)\Codemasters\DiRT 3\audio\audio_loader.xml
[2008/10/30 15:40:36 | 000,000,115 | R--- | M] () -- \Program Files (x86)\Codemasters\DiRT2\audio\audio_loader.xml
[2011/08/08 09:08:30 | 000,000,115 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\audio\audio_loader.xml
[2011/08/08 09:18:26 | 000,000,342 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\garage_loader.xml
[2011/08/08 09:18:26 | 000,001,042 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\paddock_gameloader.xml
[2011/08/08 09:18:26 | 000,000,645 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\paddock_loader.xml
[2011/08/08 09:18:26 | 000,000,577 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\paddock_unloader.xml
[2011/08/08 09:18:26 | 000,001,796 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\parcferme_loader.xml
[2011/08/08 09:18:26 | 000,001,801 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\parcferme_loader_gaqa.xml
[2011/08/08 09:18:26 | 000,001,801 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\parcferme_loader_gara.xml
[2011/08/08 09:18:26 | 000,001,802 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\parcferme_loader_gate.xml
[2011/08/08 09:18:26 | 000,001,807 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\parcferme_loader_gate_nt.xml
[2011/08/08 09:18:26 | 000,001,801 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\parcferme_loader_gawc.xml
[2011/08/08 09:18:26 | 000,001,801 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\parcferme_loader_pfqa.xml
[2011/08/08 09:18:26 | 000,001,801 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\parcferme_loader_pfra.xml
[2011/08/08 09:18:28 | 000,001,801 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\parcferme_loader_pfwc.xml
[2011/08/08 09:18:28 | 000,000,619 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\pitstop_loader.xml
[2011/08/08 09:18:28 | 000,000,521 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\pitstop_unloader.xml
[2011/08/15 11:50:46 | 000,000,695 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\race_marshal_loader.xml
[2011/08/08 09:18:28 | 000,001,555 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\trackside_garage_loader.xml
[2011/08/08 09:18:28 | 000,001,578 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\scenes\trackside_garage_reloader.xml
[2011/08/08 09:18:30 | 000,000,149 | ---- | M] () -- \Program Files (x86)\Codemasters\F1 2011\system\osd_loader.xml
[2012/08/27 20:33:18 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2010/10/07 04:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010/10/07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011/09/05 18:02:03 | 000,000,179 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loaderCHROME.vmt
[2011/09/05 18:02:03 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loaderCHROME.vtf
[2011/09/05 18:02:02 | 000,000,073 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_base.vmt
[2011/09/05 18:02:02 | 000,011,128 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_base.vtf
[2011/09/05 18:02:02 | 000,000,080 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_base_panels.vmt
[2011/09/05 18:02:02 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_base_panels.vtf
[2011/09/05 18:02:02 | 000,000,079 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_base_sides.vmt
[2011/09/05 18:02:02 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_base_sides.vtf
[2011/09/05 18:02:02 | 000,000,079 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_body_hatch.vmt
[2011/09/05 18:02:02 | 000,011,128 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_body_hatch.vtf
[2011/09/05 18:02:02 | 000,000,078 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_body_side.vmt
[2011/09/05 18:02:02 | 000,011,128 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_body_side.vtf
[2011/09/05 18:02:02 | 000,000,184 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_darkCHROME.vmt
[2011/09/05 18:02:02 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_darkCHROME.vtf
[2011/09/05 18:02:02 | 000,000,073 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_head.vmt
[2011/09/05 18:02:02 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_head.vtf
[2011/09/05 18:02:02 | 000,000,078 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_leg_hydro.vmt
[2011/09/05 18:02:02 | 000,001,512 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_leg_hydro.vtf
[2011/09/05 18:02:03 | 000,000,082 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_leg_hydro_cut.vmt
[2011/09/05 18:02:03 | 000,000,888 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_leg_hydro_cut.vtf
[2011/09/05 18:02:03 | 000,000,078 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_leg_side1.vmt
[2011/09/05 18:02:03 | 000,011,048 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_leg_side1.vtf
[2011/09/05 18:02:03 | 000,000,186 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_steelchrome1.vmt
[2011/09/05 18:02:03 | 000,002,936 | ---- | M] () -- \Program Files (x86)\Counter Strike Source\hl2\materials\PerfTest\loader\loader_steelchrome1.vtf
[2010/08/23 10:07:00 | 000,053,248 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\Koan\pyloader.dll
[2011/03/22 11:42:38 | 000,015,118 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\Uploader\PyUploader.kc
[2011/03/22 11:42:38 | 000,175,200 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\Uploader\_PyUploader.pyd
[2010/09/08 15:53:28 | 000,167,720 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\YouCam\CES_3DLoaderC3S.dll
[2010/09/08 15:53:28 | 002,525,480 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\YouCam\CES_3DLoaderFBX.dll
[2011/01/31 02:11:32 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2011/01/31 02:06:58 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2012/11/20 04:19:28 | 000,051,200 | ---- | M] () -- \Program Files (x86)\Hitman Absolution\PhysXLoader.dll
[2010/10/15 03:58:52 | 000,001,012 | R--- | M] () -- \Program Files (x86)\HP Games\onplay\downloader_bg_400.gif
[2012/11/19 19:19:28 | 000,051,200 | ---- | M] () -- \Program Files (x86)\SQUARE ENIX\Hitman Absolution\PhysXLoader.dll
[2008/02/25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2012/11/21 14:10:20 | 000,228,864 | ---- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed III\ubiorbitapi_r2_loader.dll
[2012/11/16 14:19:14 | 000,297,552 | ---- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed III\uplay_r1_loader.dll
[2011/11/23 17:38:29 | 000,228,864 | ---- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ubiorbitapi_r2_loader.dll
[2011/10/30 06:10:24 | 000,169,080 | ---- | M] () -- \Program Files (x86)\Ubisoft\Assassin's Creed Revelations\uplay_r1_loader.dll
[2012/10/30 01:08:46 | 000,328,784 | ---- | M] () -- \Program Files (x86)\Ubisoft\FarCry3\bin\ubiorbitapi_r2_loader.dll
[2012/10/30 01:08:50 | 000,298,576 | ---- | M] () -- \Program Files (x86)\Ubisoft\FarCry3\bin\uplay_r1_loader.dll
[2012/12/07 18:32:18 | 000,329,056 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2012/12/07 18:32:19 | 000,294,400 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\uplay_r1_loader.dll
[2013/01/24 10:43:51 | 000,329,496 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\cache\patch\ubiorbitapi_r2_loader.dll
[2013/01/24 10:43:51 | 000,294,400 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\cache\patch\uplay_r1_loader.dll
[2012/05/21 22:56:04 | 000,002,196 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\GamePlay_Loader.html
[2012/07/19 00:18:28 | 000,000,598 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\EULA\images\downloader_bg_400.gif
[2012/05/21 22:56:04 | 000,009,085 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Scripts\gameplay_loader.js
[2010/11/03 22:17:00 | 000,002,355 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Skins\default\gameplay_loader.css
[2010/10/07 04:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010/10/07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012/02/17 19:55:10 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012/10/10 19:45:46 | 000,004,068 | ---- | M] () -- \ProgramData\Electronic Arts\Need For Speed World\Data\GFX\_RadialFlareLoader_Double.gfx
[2010/03/15 11:33:54 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012/10/10 10:23:52 | 000,001,050 | ---- | M] () -- \ProgramData\RICOH\RICOH Aficio MP C3001 PCL 6\_common\script\lua\lib\ExtensionLoader.luac
[2012/11/08 15:16:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/11/08 15:16:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012/11/08 15:16:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012/12/18 21:49:13 | 000,003,208 | ---- | M] () -- \Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\skin\ajax-loader.gif
[2012/12/11 22:47:59 | 000,000,121 | ---- | M] () -- \Users\user\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\WC7XSLR8\no-vg.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[2013/01/25 21:22:05 | 000,000,753 | ---- | M] () -- \Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3RRULWZ\AdLoader[1].htm
[2013/01/25 21:22:05 | 000,105,903 | ---- | M] () -- \Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JY2QWQXE\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2007/09/17 04:50:38 | 000,169,384 | ---- | M] () -- \Users\user\Documents\Games for install\Counter-Strike\cstrike\models\qloader.mdl
[2007/10/12 12:08:58 | 000,352,548 | ---- | M] () -- \Users\user\Documents\Games for install\Counter-Strike\valve\models\loader.mdl
[2007/10/12 12:10:00 | 000,012,764 | ---- | M] () -- \Users\user\Documents\Games for install\Counter-Strike\valve\sound\ambience\loader_hydra1.wav
[2007/10/12 12:10:00 | 000,012,164 | ---- | M] () -- \Users\user\Documents\Games for install\Counter-Strike\valve\sound\ambience\loader_step1.wav
[2012/05/16 21:43:52 | 009,580,713 | ---- | M] () -- \Users\user\Music\Lukas_ music\Far East Movement ft. Justin Bieber - Live My Life (CDQ) (SuntUploader@www.mp3md.org).mp3
[2012/04/02 21:26:24 | 739,131,392 | ---- | M] () -- \Users\user\Videos\Movie\Jay a mlcenlivy bob\jay-a-mlcenlivy-bob-vraci-uder-2001-dvdrip-cz-by-wundabaaa-of-poweruploaders.avi
[2012/10/27 14:13:35 | 682,261,428 | ---- | M] () -- \Users\user\Videos\Seriály\Top-Gear-18x01-CZ-CucajUploaders.avi
[2010/03/24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010/03/24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012/11/30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011/02/02 14:31:20 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012/11/30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2011/02/02 14:31:20 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2010/11/21 08:06:45 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010/11/21 08:06:45 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2010/11/21 08:06:45 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2010/11/21 08:06:45 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2010/11/21 08:06:45 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2011/09/07 18:33:22 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/09/07 18:33:22 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/09/07 18:33:22 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/09/07 18:33:22 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/09/07 18:33:22 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010/11/21 08:05:43 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010/11/21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/09/07 18:33:17 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/09/07 18:33:17 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 192 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84

< End of report >

Re: preventivna kontrola logu

Napsal: 26 led 2013 16:23
od jossi9432
OTL Extras logfile created on: 26.1.2013 15:48:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

7,95 Gb Total Physical Memory | 4,82 Gb Available Physical Memory | 60,62% Memory free
13,95 Gb Paging File | 10,23 Gb Available in Paging File | 73,39% Paging File free
Paging file location(s): C:\pagefile.sys 6142 6142 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 912,89 Gb Total Space | 378,26 Gb Free Space | 41,44% Space Free | Partition Type: NTFS
Drive D: | 18,32 Gb Total Space | 1,96 Gb Free Space | 10,69% Space Free | Partition Type: NTFS

Computer Name: GREJTAK_HP | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06D3FEA9-B776-4B9F-AF26-4839EEF49C0D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0FB3B7F2-196C-45B6-B0CA-8CDC4F64A2BC}" = lport=137 | protocol=17 | dir=in | app=system |
"{158A8824-1C03-45B6-8C9F-1C4FD66C4F6F}" = lport=53 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{17A394C3-E8B3-4D92-B26B-3E420AAE54F1}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{193DFBC1-FB3B-4696-B423-DECDB3662F8C}" = rport=139 | protocol=6 | dir=out | app=system |
"{251A73D5-2400-4266-87DA-CB809A6F651E}" = lport=1317 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{2670493D-959B-4239-AC49-187CF3DCFA19}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2D306369-006C-48EE-AA99-6C2532CE8126}" = lport=2869 | protocol=6 | dir=in | app=system |
"{302D6FFC-0FFA-440D-837B-E42212559C74}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{38A15956-D974-424B-828C-3C489A42AB8F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{521BD08D-C306-417D-9EA0-53E2B5160672}" = lport=67 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{5E65EC99-7A08-4B25-A2B1-474DFC9BD580}" = lport=10243 | protocol=6 | dir=in | app=system |
"{686F365A-49E7-4F98-ADFE-6258B6907CDD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6941B564-8385-4339-B99F-2F2C142BC98E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{73AACB4E-9ECE-4C0C-86E1-76298408CE2C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{822CD2D5-D05B-4EA3-9010-9549A7382509}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{83DD5750-6E4B-459D-A8A8-6519C1E965C9}" = rport=138 | protocol=17 | dir=out | app=system |
"{8FC54641-EEE8-4B74-AF00-D23CDFF2CF4A}" = rport=137 | protocol=17 | dir=out | app=system |
"{9B15EFAC-6294-406C-B3CD-77C9C8307205}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
"{9FD74E17-4E34-4A7E-AEFF-D6EC44592C36}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A95DA989-FAA3-4475-9E99-DC31E56850D5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA50F0D6-E7D0-450C-B9B0-F0D1A96C8773}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{BA0FDD5A-5A8F-4B05-AE5B-81DCB7514B41}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C10665DC-A57A-4665-879A-8430148E2C8A}" = lport=445 | protocol=6 | dir=in | app=system |
"{CF45D037-F037-4EBF-A123-8E7DE81E7217}" = rport=445 | protocol=6 | dir=out | app=system |
"{D3F764D3-45AF-43D4-8060-C150604AA659}" = lport=68 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{D3FEE9D9-E34E-4A42-B8E7-C6833F80B29C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DC11F9D8-90B7-4042-8DA2-0DA37D6F8752}" = lport=138 | protocol=17 | dir=in | app=system |
"{DD6968F5-381C-4BE1-8C87-DD29B87C1DF9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DF9B2850-8E3D-4D27-9562-D1469A90DC28}" = lport=139 | protocol=6 | dir=in | app=system |
"{EF40ADF0-7FA8-4402-B8D6-4997CBC770CD}" = rport=2869 | protocol=6 | dir=out | app=system |
"{F73D0CCD-1DD8-4442-8A3F-491A06E22C9B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FBF9F422-960A-44E1-A1B2-502F8B453C2F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FD5265DC-CD49-44C9-9C9C-20A2C1A15425}" = lport=1303 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01CBE655-B0DF-408B-9C65-4F43EB6437EC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{03137DD5-168C-4186-A3AD-1FFE1840837D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{08F45E39-8944-4845-B940-39E16C815143}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0B0DFF03-1AA5-42D3-942A-DBE661B2D5F5}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{0DD762A2-4C42-48E2-9551-828C63CA5265}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3mp.exe |
"{135AECE3-4DC3-45A1-80B7-48AE4D845792}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1797478F-8A55-4191-A739-132E3088DCA4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1B7D217D-81C8-47FD-A680-955D530B5548}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{1F0FD723-08CD-4912-9A26-96FE9CA49BE3}" = protocol=6 | dir=in | app=c:\program files\7-zip\7zfm.exe |
"{200E6FE8-7736-41C5-8672-BC42BE032757}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{20382DA6-8F46-410F-8291-DCC616F892CF}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\assassinscreed3.exe |
"{3687ADCA-0FD4-46D8-8462-EB9A927B7442}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\blur(tm)\blur.exe |
"{3B78BBC6-4DB7-49FD-BBEE-236D83A05845}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\blur(tm)\blur.exe |
"{3BF29F33-80E1-4279-A097-74DD9D6D6571}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{4089C84B-5A13-403A-8FD2-5A58B56EA788}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\dirt 3\dirt3_game.exe |
"{42C0B87B-4621-4BB4-8B9A-9F87E1F04F22}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{45A15C5C-D2BE-4CB3-809C-E63E317AF5EB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4674DCDE-D65E-4461-BB2E-AE9AC8051CA6}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{47889B65-93FF-4DAC-BD28-5FCA6F397F23}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{484CC3E1-371F-44EC-95C2-430FFDFFFDC3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{494FE56A-9DEC-4EE5-A025-F18AD79F2ED7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{49F81302-D7CD-4360-B2C3-3387250095DF}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) |
"{4E132064-3C8C-4B1A-A3B7-06E85B8F8F5D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4EF4A9CC-947B-4242-BB5A-FBFDEFA2C61D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3sp.exe |
"{5576BB4A-A9ED-4ACE-8C4F-FAAD0669F472}" = protocol=58 | dir=in | app=system |
"{5B25E9A2-AC03-4ED5-858C-16657DB0E7D3}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{5E87D6F3-4089-4A19-AEEB-B6F60670DABE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5F1476B3-C428-4F5E-AB6B-B469DC14AC08}" = protocol=6 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{60963B52-5E7D-4953-8EC2-06B81D235CFB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{662629B5-A11B-4476-9723-86FB4F543F9B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6FD530F2-635E-41DE-A969-49FB90D6DD13}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{70B93BE6-D514-4DD2-86FA-7E888E4B41A9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{71184A8E-DFC4-4A01-9863-9DFDE34AFDFB}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{73CB7947-D5F8-4257-A06F-6F7021314A31}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{77BFCEE7-482F-47F8-81CE-CE0481EB4EB0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7B084AB8-CBBC-48B1-B73C-80CC9C2926A1}" = dir=out | app=c:\windows\system32\svchost.exe |
"{7E099372-264B-4610-B071-7238AA04784A}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\f1 2011\f1_2011.exe |
"{7EB6C8CC-EB9C-4D0C-B254-FA202F93CBD1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{80D51258-440D-4AA9-B3F9-DA7CBD6F2523}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8F1E8EF4-56A2-465E-912B-C338C0DC353B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{93B64DEC-7310-41B5-9633-103391CCA588}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{9620C9A6-0AAB-4A18-B536-9BB7AC25004E}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\f1 2011\f1_2011.exe |
"{96D5FD65-2F6A-480E-B762-0E60389077CB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{981A050B-BB08-4388-8799-619B1E05DB4B}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{98F20B4B-FF09-4A34-8930-6591CB1BC2AF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{99AB8D58-AD79-4D15-B0F1-D6F8EF054849}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{9D711AE0-810C-4ECD-8709-50A9CFB2C86D}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\need for speed most wanted\nfs13.exe |
"{9EBEA91F-E4AA-4ED3-A41A-C90836F1FF53}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9F7D6545-9F43-4585-8629-52E2625138F0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A1CA518D-2370-4D0B-A45E-0ED6C83F6523}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{A6F204A6-0132-4700-9817-4FB7A3C9B70B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{A826A6A3-7F15-4129-80C8-A895041FD611}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{AC519664-7B7E-41A5-A4B3-80E6DAB7AEE6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AEF6EC6F-492A-4456-887E-851589B0D6E3}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{AFEAED60-FE31-49FB-BD77-19CEF8FA6598}" = protocol=17 | dir=in | app=c:\program files\7-zip\7zfm.exe |
"{B3754BC9-B33F-43D7-AA26-1A882A849403}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{B43A5A08-9FA0-4E24-97E5-F99999E4AAA7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B9EBDEF9-433B-4604-89DE-0F13B85ABD4B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\assassinscreed3.exe |
"{BB316B08-7F98-4DB6-93E6-523C1D523E45}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe |
"{C4EDF2FE-9810-4B31-A4DA-DE2BC082A269}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C6FB01A4-87D6-49DB-89FF-AD4454688817}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C83908C2-83C4-4CCF-95C5-8EF55079B21C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C9B84B6B-9218-4CDB-BF12-9D5D719739C6}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\dirt2\dirt2_game.exe |
"{D0AB2832-80E8-4FAF-A8C5-3ED50265B4AD}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{D4CF65B0-1061-4BF5-AFA7-BCCD82AD4172}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\need for speed most wanted\nfs13.exe |
"{D617DA82-80E9-43E0-9FF3-CFDC61B34D7D}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{D71300D3-2A9E-4BE9-936E-2F1C303253AC}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3sp.exe |
"{D717C4F1-50ED-4412-B85A-69B237631AED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D878F929-CD99-4D89-85C0-B539D3B5C6EC}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{DE69FDDE-810D-437C-8B39-E594B8EEFF3D}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{DF63FAEC-988E-4CBB-9B5E-751EAD8573EB}" = protocol=17 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{E1ECD991-0EBF-4B08-AE6C-A1CFB2414A3F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E2DF2292-3FD1-487F-A6A2-0AF41877F2E7}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\dirt2\dirt2_game.exe |
"{E3CC74B8-A0E5-421F-BEF4-851B74169609}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{EA1C5AFE-4629-4392-8115-089F7D4C86A7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ED466891-4161-4310-BFCF-626FB0F8CBB6}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{F21955E4-A843-4AA0-84BC-FFFA8063329C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3mp.exe |
"{F4C440D2-6D1A-452A-830E-4ABBA3147DBB}" = protocol=6 | dir=out | app=system |
"{FAE1EA5E-DCAF-4C8F-968D-0D8F35BDD6C2}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\dirt 3\dirt3_game.exe |
"TCP Query User{0309C865-E8FE-4011-BEDE-04B0898D5DDB}C:\users\user\documents\games for install\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\users\user\documents\games for install\counter-strike\hl.exe |
"UDP Query User{5CA4CAD6-0724-49BD-A771-B16A78467795}C:\users\user\documents\games for install\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\users\user\documents\games for install\counter-strike\hl.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{13C15C17-5C47-6402-4101-5A70495E9E0C}" = AMD Accelerated Video Transcoding
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{399CCDB8-BD46-4ED6-872C-F19191938158}" = HP 3D DriveGuard
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{4410F113-1329-7229-650C-91973877D2F4}" = AMD Catalyst Install Manager
"{45CB0703-D49C-31B2-0DBD-FDD98D7DEF7A}" = AMD Drag and Drop Transcoding
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6C2E334F-37F5-C312-53BA-1482F9A6FD4D}" = ccc-utility64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7AF072BF-E1BD-69EC-52ED-AFA1239E8BBC}" = AMD Media Foundation Decoders
"{7C54D017-21BB-43AE-9746-33E78AF4A425}" = Validity WBF DDK
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0015-041B-1000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0015-041B-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-041B-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0016-041B-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-041B-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0018-041B-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-041B-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-0019-041B-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-041B-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001A-041B-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-041B-1000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001B-041B-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040E-1000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-040E-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{70A6C738-452C-4999-9780-B2C23339711D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-041B-1000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-002C-041B-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{8F7BCAD4-B6E7-485B-AA1A-F1D702A6A0CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-041B-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Slovak) 2010
"{90140000-0043-041B-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{D5B1D4C9-AF5A-4653-AB6D-D8AFFBE363AC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-041B-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-0044-041B-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-041B-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-006E-041B-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{4A62DCE9-94CF-491F-B8EF-B5E3396F2421}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-041B-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00A1-041B-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-041B-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{90140000-00BA-041B-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{81C439F3-C0CB-4E02-B316-EFF566C1701B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0100-041B-1000-0000000FF1CE}" = Microsoft Office O MUI (Slovak) 2010
"{90140000-0100-041B-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{3FAB6FB3-2A8E-499D-AF54-C8C3F9F99C69}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0101-041B-1000-0000000FF1CE}" = Microsoft Office X MUI (Slovak) 2010
"{90140000-0101-041B-1000-0000000FF1CE}_Office14.OMUI.sk-sk_{0334D588-052B-49AB-8361-093A8D4167C2}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E8A34AC8-0137-4515-A94B-0A0946DDC251}" = Scan To
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"Connectify" = Connectify Hotspot
"HP LaserJet Professional M1130-M1210 MFP Series" = HP LaserJet Professional M1130-M1210 MFP Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Office14.OMUI.sk-sk" = Microsoft Office Language Pack 2010 - Slovak/Slovenčina
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"SynTPDeinstKey" = Synaptics TouchPad Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 4.11 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01496C89-6117-AD97-3CB3-98AF2026070C}" = CCC Help German
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0486991B-63F4-5106-06CE-404D7BA55041}" = CCC Help Italian
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{177A3BC5-ECD3-BFF1-4D87-C4B417924DF2}" = CCC Help Russian
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19D368B2-5601-007B-A296-535706E00D97}" = CCC Help English
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{210A03F5-B2ED-4947-B27E-516F50CBB292}" = HP Setup
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 11
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{278FA289-F502-D888-A3BA-5FA10308AAAD}" = CCC Help Danish
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3C5AB11A-2DDB-49E6-9FC0-CFD88A7DDFE4}" = HP Documentation
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{434D0FA1-3E0C-4D03-A5D4-5E1000008100}" = F1 2011
"{44F77218-4BBD-1B74-88B7-FC302868F2B3}" = CCC Help Japanese
"{450F1178-3D4F-3693-39B9-9449382B269E}" = Catalyst Control Center InstallProxy
"{489BC3B4-AEF9-E14A-11BC-B70FDE9D543D}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A85AE1B-9727-261D-9EAF-07C1AECCF977}" = CCC Help Turkish
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{502699FF-F586-54B1-91E8-E85D9FAE0D6D}" = CCC Help Greek
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2
"{53EF1C4D-0705-98F2-1889-A69BBF9F03F3}" = CCC Help Thai
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{548A4EF3-BD97-0813-B469-E1E2FC9DE487}" = CCC Help Korean
"{55533224-CAD0-39B5-6297-E1B2D1D8F176}" = Catalyst Control Center
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Activision(R)
"{590828E0-9BA6-3E4D-8491-A1D9CC3EB8CE}" = CCC Help French
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5E63C0AB-19B0-47D4-842E-6B324EB0614B}" = HP Connection Manager
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6563FAF5-84F9-0A35-C032-182EBC4C3BDB}" = CCC Help Finnish
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{69FAF41F-C0BA-4B71-B3B9-639D30FFED88}" = HP Software Framework
"{6D46F639-5F2F-90F3-4B60-EB2EF264B82E}" = CCC Help Spanish
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70210CF8-CAB1-8FEB-D964-C33AFE18730B}" = CCC Help Czech
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72263053-50D1-4598-9502-51ED64E54C51}" = Borland Delphi 7
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{872B1C80-38EC-4A31-A25C-980820593900}" = HP Power Manager
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B1AEC85-4507-28BD-F3BA-4A5D732752E7}" = CCC Help Hungarian
"{8B7IL77L-87234A-Darkness-18CD6E6334R1}_is1" = The Darkness II version 1.0
"{8C5ACED4-34D3-23BB-F90E-2F90420321BC}" = Catalyst Control Center Localization All
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}" = HP On Screen Display
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed (R) III
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.5) MUI
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B0B1A8A5-4711-BB6C-DD59-9794AD928368}" = CCC Help Dutch
"{B33D2348-2938-1A03-0CD3-E6F7101244E0}" = CCC Help Polish
"{B531E735-8ED5-4270-ACCE-3809086FBD02}_is1" = Batman Arkham City version 1.0
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B7C8D838-9C3A-1177-B80A-E3C512FD8AF5}" = CCC Help Swedish
"{B810D852-DFD6-ACIII-89A5-CC4D47756DAF}_is1" = Assassins Creed III version 5.1
"{B810D852-DFD6-HIT3A-89A5-CC4D47756DAF}_is1" = Hitman Absolution version 5.1
"{BCFAA37D-A6DB-43BF-A351-43F183E52D07}" = HP SimplePass 2011
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CC419DDC-E0F0-4013-B25A-6FA036516F0D}" = Need for Speed™ ProStreet
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.9 Game
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDCB737A-EEC8-3815-42DA-69011A55E3E5}" = Catalyst Control Center Graphics Previews Common
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E170E984-6B20-79C2-1E9F-0256EC5ADFB4}" = CCC Help Chinese Standard
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E866E52C-1F56-4CCF-0071-CA915F8CFEDA}" = CCC Help Norwegian
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F5D245CC-C332-1E8E-CCB1-75E0C3C4D6F1}" = CCC Help Portuguese
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB0127F3-985B-44CE-AE29-378CAF60B361}" = Need for Speed™ Most Wanted
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"BitTorrent" = BitTorrent
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"GFWL_{434D0FA1-3E0C-4D03-A5D4-5E1000008100}" = F1 2011
"Hitman Absolution_is1" = Hitman Absolution
"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Blur(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verzia 1.70.0.1100
"MOTORM4X" = MOTORM4X
"Need for Speed Most Wanted_is1" = Need for Speed Most Wanted
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"The KMPlayer" = The KMPlayer (remove only)
"Uplay" = Uplay
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT087328" = Blackhawk Striker 2
"WT087330" = Bounce Symphony
"WT087335" = Build-a-lot 2
"WT087343" = Dora's World Adventure
"WT087393" = Mah Jong Medley
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089307" = Virtual Villagers 4 - The Tree of Life
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"WT089453" = Bejeweled 2 Deluxe
"WT089454" = Chuzzle Deluxe
"WT089455" = Zuma Deluxe
"WT089457" = Slingo Supreme
"WT089458" = Plants vs. Zombies - Game of the Year
"WT089470" = FATE - The Traitor Soul
"WT089484" = Namco All-Stars PAC-MAN
"WT089496" = Mystery P.I. - Stolen in San Francisco
"WT089498" = Bejeweled 3
"WT089504" = Final Drive Nitro

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4204391165-3645872910-4001035389-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CodeBlocks" = CodeBlocks
"Counter-Strike 1.6_is1" = Counter-Strike 1.6 v42
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 25. 11. 2012 19:23:42 | Computer Name = Grejtak_HP | Source = WinMgmt | ID = 10
Description =

Error - 25. 11. 2012 19:28:29 | Computer Name = Grejtak_HP | Source = WinMgmt | ID = 10
Description =

Error - 25. 11. 2012 19:47:24 | Computer Name = Grejtak_HP | Source = WinMgmt | ID = 10
Description =

Error - 25. 11. 2012 19:59:11 | Computer Name = Grejtak_HP | Source = WinMgmt | ID = 10
Description =

Error - 25. 11. 2012 21:53:30 | Computer Name = Grejtak_HP | Source = WinMgmt | ID = 10
Description =

Error - 25. 11. 2012 22:02:51 | Computer Name = Grejtak_HP | Source = WinMgmt | ID = 10
Description =

Error - 25. 11. 2012 22:14:49 | Computer Name = Grejtak_HP | Source = WinMgmt | ID = 10
Description =

Error - 25. 11. 2012 22:41:29 | Computer Name = Grejtak_HP | Source = WinMgmt | ID = 10
Description =

Error - 25. 11. 2012 22:47:38 | Computer Name = Grejtak_HP | Source = WinMgmt | ID = 10
Description =

Error - 25. 11. 2012 23:10:00 | Computer Name = Grejtak_HP | Source = WinMgmt | ID = 10
Description =

Error - 25. 11. 2012 23:22:33 | Computer Name = Grejtak_HP | Source = WinMgmt | ID = 10
Description =

[ Hewlett-Packard Events ]
Error - 1. 12. 2012 13:13:00 | Computer Name = Grejtak_HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2147024864 at System.IO.__Error.WinIOError(Int32 errorCode,
String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode,
FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize,
FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)

at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access,
FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean
bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess
access, FileShare share) at System.Xml.XmlDOMTextWriter..ctor(String filename,
Encoding encoding) at System.Xml.XmlDocument.Save(String filename) at HP.SupportFramework.Service.ACLM.AssetAgent.AAProcessExited()
Message:
The process cannot access the file 'C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\Logs\SystemInfo2.xml' because it is being used by another process. StackTrace:
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String
path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare
share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options,
String msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path,
FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDOMTextWriter..ctor(String
filename, Encoding encoding) at System.Xml.XmlDocument.Save(String filename)
at HP.SupportFramework.Service.ACLM.AssetAgent.AAProcessExited() Source: mscorlib

Name:
hpsa_service.exe Version: 07.00.00.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\hpsa_service.exe Format: sk-SK RAM: 8139 Ram Utilization: 20 TargetSite:
Void WinIOError(Int32, System.String)

Error - 8. 1. 2013 9:17:30 | Computer Name = Grejtak_HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: sk-SK
RAM:
8139 Ram Utilization: 20 TargetSite: HP.SupportFramework.Utilities.HPSAIssues.ActionCategoryItem
GetMatchingActiveCheckCategoryItem(System.String)

Error - 8. 1. 2013 9:17:30 | Computer Name = Grejtak_HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: sk-SK
RAM:
8139 Ram Utilization: 20 TargetSite: HP.SupportFramework.Utilities.HPSAIssues.ActionCategoryItem
GetMatchingActiveCheckCategoryItem(System.String)

Error - 8. 1. 2013 9:17:58 | Computer Name = Grejtak_HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261HPSF.exe at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: sk-SK
RAM:
8139 Ram Utilization: 20 TargetSite: HP.SupportFramework.Utilities.HPSAIssues.ActionCategoryItem
GetMatchingActiveCheckCategoryItem(System.String)

Error - 8. 1. 2013 9:17:58 | Computer Name = Grejtak_HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261HPSF.exe at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: sk-SK
RAM:
8139 Ram Utilization: 20 TargetSite: HP.SupportFramework.Utilities.HPSAIssues.ActionCategoryItem
GetMatchingActiveCheckCategoryItem(System.String)

Error - 8. 1. 2013 9:18:45 | Computer Name = Grejtak_HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261HPSF.exe at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: sk-SK
RAM:
8139 Ram Utilization: 30 TargetSite: HP.SupportFramework.Utilities.HPSAIssues.ActionCategoryItem
GetMatchingActiveCheckCategoryItem(System.String)

Error - 8. 1. 2013 9:18:45 | Computer Name = Grejtak_HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261HPSF.exe at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: sk-SK
RAM:
8139 Ram Utilization: 30 TargetSite: HP.SupportFramework.Utilities.HPSAIssues.ActionCategoryItem
GetMatchingActiveCheckCategoryItem(System.String)

Error - 8. 1. 2013 9:19:19 | Computer Name = Grejtak_HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261HPSF.exe at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: sk-SK
RAM:
8139 Ram Utilization: 30 TargetSite: HP.SupportFramework.Utilities.HPSAIssues.ActionCategoryItem
GetMatchingActiveCheckCategoryItem(System.String)

Error - 8. 1. 2013 9:19:19 | Computer Name = Grejtak_HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261HPSF.exe at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: sk-SK
RAM:
8139 Ram Utilization: 30 TargetSite: HP.SupportFramework.Utilities.HPSAIssues.ActionCategoryItem
GetMatchingActiveCheckCategoryItem(System.String)

Error - 8. 1. 2013 9:19:19 | Computer Name = Grejtak_HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261HPSF.exe at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.GetMatchingActiveCheckCategoryItem(String
originalCategory) at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: sk-SK
RAM:
8139 Ram Utilization: 30 TargetSite: HP.SupportFramework.Utilities.HPSAIssues.ActionCategoryItem
GetMatchingActiveCheckCategoryItem(System.String)

[ HP Connection Manager Events ]
Error - 8. 11. 2012 15:27:16 | Computer Name = Grejtak_HP | Source = hpMobile | ID = 5
Description = 2012. 11. 08 20:27:16.835|000004FC|Error |[HP.Mobile]Wlan::.ctor{}|Retrieving
the COM class factory for component with CLSID {000098D5-6857-477B-B1D2-8B04CD9EB234}
failed due to the following error: 80080005.

Error - 8. 11. 2012 15:27:17 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2012/11/08 20:27:17.007|00000FAC|Error |CWWANInterface::Start|GetWmiState
failed with 0x80004005

Error - 8. 11. 2012 15:27:17 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2012/11/08 20:27:17.007|00000FAC|Error |ChpCMSrvModule::Run|Failed
PreMessageLoop hr:0x80004005

Error - 8. 11. 2012 15:27:46 | Computer Name = Grejtak_HP | Source = hpMobile | ID = 5
Description = 2012. 11. 08 20:27:46.943|000004FC|Error |[HP.Mobile]Bluetooth::.ctor{}|Retrieving
the COM class factory for component with CLSID {2A8DDB1F-EE72-4FB7-A2F8-7B1530D94850}
failed due to the following error: 80080005.

Error - 8. 11. 2012 20:14:51 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2012/11/09 01:14:51.125|00000C60|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 8. 11. 2012 20:42:08 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2012/11/09 01:42:08.844|000014AC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 8. 11. 2012 21:18:38 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2012/11/09 02:18:38.690|00001784|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 8. 11. 2012 21:34:24 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2012/11/09 02:34:24.057|00000E6C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 8. 11. 2012 21:34:24 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2012/11/09 02:34:24.637|00000E6C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - 8. 11. 2012 21:44:44 | Computer Name = Grejtak_HP | Source = hpCMSrv | ID = 5
Description = 2012/11/09 02:44:44.437|0000075C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

[ Media Center Events ]
Error - 12. 1. 2013 9:05:19 | Computer Name = Grejtak_HP | Source = MCUpdate | ID = 0
Description = 14:05:14 - Chyba pripájania na Internet. 14:05:14 - Nebolo možné
spojiť sa so serverom..

Error - 12. 1. 2013 10:05:28 | Computer Name = Grejtak_HP | Source = MCUpdate | ID = 0
Description = 15:05:28 - Nepodarilo sa načítať položku Directory (chyba: The remote
name could not be resolved: 'data.tvdownload.microsoft.com')

Error - 12. 1. 2013 11:06:04 | Computer Name = Grejtak_HP | Source = MCUpdate | ID = 0
Description = 16:06:04 - Nepodarilo sa načítať položku MCEClientUX (chyba: The remote
name could not be resolved: 'data.tvdownload.microsoft.com')

Error - 12. 1. 2013 11:06:04 | Computer Name = Grejtak_HP | Source = MCUpdate | ID = 0
Description = 16:06:04 - Nepodarilo sa načítať položku Broadband (chyba: The remote
name could not be resolved: 'data.tvdownload.microsoft.com')

Error - 12. 1. 2013 11:06:08 | Computer Name = Grejtak_HP | Source = MCUpdate | ID = 0
Description = 16:06:04 - Nepodarilo sa načítať položku EpgListings (chyba: The remote
name could not be resolved: 'data.tvdownload.microsoft.com')

Error - 12. 1. 2013 12:06:17 | Computer Name = Grejtak_HP | Source = MCUpdate | ID = 0
Description = 17:06:17 - Nepodarilo sa načítať položku Directory (chyba: The remote
name could not be resolved: 'data.tvdownload.microsoft.com')

Error - 12. 1. 2013 13:07:21 | Computer Name = Grejtak_HP | Source = MCUpdate | ID = 0
Description = 18:07:21 - Nepodarilo sa načítať položku Broadband (chyba: The remote
name could not be resolved: 'data.tvdownload.microsoft.com')

Error - 12. 1. 2013 13:07:23 | Computer Name = Grejtak_HP | Source = MCUpdate | ID = 0
Description = 18:07:21 - Nepodarilo sa načítať položku EpgListings (chyba: The remote
name could not be resolved: 'data.tvdownload.microsoft.com')

Error - 12. 1. 2013 14:07:27 | Computer Name = Grejtak_HP | Source = MCUpdate | ID = 0
Description = 19:07:27 - Nepodarilo sa načítať položku Directory (chyba: The remote
name could not be resolved: 'data.tvdownload.microsoft.com')

Error - 17. 1. 2013 14:08:57 | Computer Name = Grejtak_HP | Source = ehRecvr | ID = 3
Description = TV tuner encountered an error. (0x80070001) HP USB DVB-T TV Tuner

[ System Events ]
Error - 24. 11. 2012 2:05:58 | Computer Name = Grejtak_HP | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 24. 11. 2012 2:07:14 | Computer Name = Grejtak_HP | Source = Service Control Manager | ID = 7000
Description = Spustenie služby PC Speed Up Service zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 24. 11. 2012 2:07:17 | Computer Name = Grejtak_HP | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Easybits Services for Windows zlyhalo kvôli nasledujúcej
chybe: %%3

Error - 24. 11. 2012 2:07:35 | Computer Name = Grejtak_HP | Source = Service Control Manager | ID = 7000
Description = Spustenie služby WinRing0_1_2_0 zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 24. 11. 2012 2:08:27 | Computer Name = Grejtak_HP | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 24. 11. 2012 2:12:10 | Computer Name = Grejtak_HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu
aktualizáciu. Vyskytla sa chyba 0x80070643: Definition Update for Windows Defender
- KB915597 (Definition 1.141.288.0).

Error - 24. 11. 2012 2:19:49 | Computer Name = Grejtak_HP | Source = Service Control Manager | ID = 7000
Description = Spustenie služby PC Speed Up Service zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 24. 11. 2012 2:19:52 | Computer Name = Grejtak_HP | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Easybits Services for Windows zlyhalo kvôli nasledujúcej
chybe: %%3

Error - 24. 11. 2012 2:20:31 | Computer Name = Grejtak_HP | Source = Service Control Manager | ID = 7000
Description = Spustenie služby WinRing0_1_2_0 zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 24. 11. 2012 8:18:11 | Computer Name = Grejtak_HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu
aktualizáciu. Vyskytla sa chyba 0x80070643: Definition Update for Windows Defender
- KB915597 (Definition 1.141.288.0).


< End of report >

Re: preventivna kontrola logu

Napsal: 26 led 2013 23:20
od vyosek
Dovolim si otazku, ma cenu lecit PC, ktere si uzivatel s prominutim zaliska hend vlastni blbosti zpatky diky crackum\keygenum a podobnym "dobrotami" :?: :twisted:

Re: preventivna kontrola logu

Napsal: 26 led 2013 23:35
od jossi9432
Ale od kedy ste zacali liecit moj PC,tak odvtedy som okrem noveho anti-viroveho programu nic ine neinstaloval. Teda uz si ani nespominam,kedy som nieco instaloval,jasne okrem anti-viru. Ja by som Vas inac neotravoval,ale pamät RAM mi v poslednom case len tak vybehne na 50% z vyuzitelnosti a pritom mam 8GB a rovnaky pocet otvorenych aplikacii ako ma kamarat. A kedze mi ne tomto fore uz vyliecili PC,tak preto som to dal do zlozky "Preventivky".
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz