VIRY.CZ

Zdravím, prosím o zkontrolování logu. Nejde mi nainstalovat program a pise to error 1303, o neoprávnenem pristupu.
Děkuji za podívání

Logfile of random's system information tool 1.09 (written by random/random)
Run by Filip at 2013-04-22 13:23:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 238 GB (52%) free of 454 GB
Total RAM: 3980 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:24:10, on 22.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Users\Filip\Desktop\Install_Prezi_Desktop_4.3.1.exe
C:\windows\SysWOW64\MSIEXEC.EXE
C:\Windows\syswow64\MsiExec.exe
C:\Program Files\trend micro\Filip.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 14927 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\system32\WLANExt.exe 3740880
\??\C:\windows\system32\conhost.exe "822033341-861816871-14510410121614525647462053902-13577917017686606341575430855
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3115467a-3e64-4d2f-a50f-66656fa4e65c -SystemEventPortName:HostProcess-92759b5b-d338-42d3-a699-48497bbc455c -IoCancelEventPortName:HostProcess-a1cfa4d1-7d53-4b45-9ccf-0794e0390530 -NonStateChangingEventPortName:HostProcess-c0c1763f-3356-413a-9b6a-3704ec309414 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5f71817d-0590-4dc1-91d4-5f3e0d74d947 -DeviceGroupId:
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6d6cc49a-6a2a-415d-841b-6cd650df1dd5 -SystemEventPortName:HostProcess-04c55c2b-d6df-49c3-a6e2-3b3093cf865a -IoCancelEventPortName:HostProcess-f79399a4-5123-401e-95ad-6accd0711a08 -NonStateChangingEventPortName:HostProcess-7978fac0-be44-417c-b3b2-38ed987a4a08 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6bcb899b-c0c1-45ac-b8f4-6a07dc976b1d -DeviceGroupId:WpdFsGroup
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe"
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\svchost.exe -k swprv
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
-Minimized
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe"
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5864.15c7bd00.944170297 "C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox" E7CF176E110C211B 5864 "\\.\pipe\gecko-crash-server-pipe.5864" plugin
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --proxy-stub-channel=Flash2132.63731D90.26946 --host-broker-channel=Flash2132.63731D90.1181 --host-pid=2132 --host-npapi-version=27 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll"
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --channel=5076.0036F66C.248470586 --proxy-stub-channel=Flash2132.63731D90.26946 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" --host-npapi-version=27 --type=renderer
"C:\Users\Filip\Desktop\Install_Prezi_Desktop_4.3.1.exe"
MSIEXEC.EXE /i "C:\Users\Filip\AppData\Local\Temp\{FBCB211C-4D22-4F55-AA59-058FF8E9EBA7}\Prezi Desktop.msi" TRANSFORMS="C:\Users\Filip\AppData\Local\Temp\{FBCB211C-4D22-4F55-AA59-058FF8E9EBA7}\1033.MST" SETUPEXEDIR="C:\Users\Filip\Desktop" SETUPEXENAME="Install_Prezi_Desktop_4.3.1.exe"
C:\windows\system32\msiexec.exe /V
C:\Windows\syswow64\MsiExec.exe -Embedding A7FCD0A034DED05917C01D4938F3F481 C
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Filip\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\AutoKMS.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\HPCeeScheduleForFilip.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\2uk9gjmx.default

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\2uk9gjmx.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\2uk9gjmx.default\searchplugins\
university-of-ostrava-catalogue.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22 122456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-01-19 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-14 1307928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-14 1307928]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-09 2887440]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-01-19 1016992]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2012-01-19 800416]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2012-04-02 170264]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2012-04-02 398616]
"Persistence"=C:\windows\system32\igfxpers.exe [2012-04-02 439064]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2012-03-14 15232]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-03-05 1425408]
"MfeEpePcMonitor"=C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe []
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-03-01 56088]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2012-03-07 684024]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
""= []
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"DTRun"=c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-03-16 184704]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2012-03-22 12310616]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]

C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2012-03-27 434688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-04-22 13:23:58 ----D---- C:\Program Files\trend micro
2013-04-22 13:23:57 ----D---- C:\rsit
2013-04-22 13:20:32 ----SHD---- C:\Config.Msi
2013-04-22 12:22:33 ----D---- C:\Users\Filip\AppData\Roaming\SUPERAntiSpyware.com
2013-04-22 12:22:25 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2013-04-22 12:22:25 ----D---- C:\Program Files\SUPERAntiSpyware
2013-04-22 12:04:29 ----D---- C:\Program Files\CCleaner
2013-04-22 11:46:05 ----D---- C:\Program Files (x86)\Prezi Desktop 4
2013-04-19 16:08:45 ----D---- C:\Program Files (x86)\DX-Ball
2013-04-11 22:22:10 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-04-11 15:43:09 ----D---- C:\Users\Filip\AppData\Roaming\Pamela
2013-04-11 01:09:45 ----A---- C:\windows\system32\mshtmled.dll
2013-04-11 01:09:44 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-04-11 01:09:44 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-04-11 01:09:42 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-04-11 01:09:41 ----A---- C:\windows\SYSWOW64\url.dll
2013-04-11 01:09:41 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-04-11 01:09:41 ----A---- C:\windows\system32\url.dll
2013-04-11 01:09:41 ----A---- C:\windows\system32\ieUnatt.exe
2013-04-11 01:09:41 ----A---- C:\windows\system32\ieui.dll
2013-04-11 01:09:40 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-04-11 01:09:39 ----A---- C:\windows\system32\urlmon.dll
2013-04-11 01:09:38 ----A---- C:\windows\system32\msfeeds.dll
2013-04-11 01:09:38 ----A---- C:\windows\system32\jscript9.dll
2013-04-11 01:09:37 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-04-11 01:09:36 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-04-11 01:09:36 ----A---- C:\windows\system32\wininet.dll
2013-04-11 01:09:36 ----A---- C:\windows\system32\jsproxy.dll
2013-04-11 01:09:35 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-04-11 01:09:35 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-04-11 01:09:34 ----A---- C:\windows\system32\vbscript.dll
2013-04-11 01:09:34 ----A---- C:\windows\system32\jscript.dll
2013-04-11 01:09:33 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-04-11 01:09:33 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-04-11 01:09:33 ----A---- C:\windows\system32\iertutil.dll
2013-04-11 01:09:29 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-04-11 01:09:28 ----A---- C:\windows\system32\mshtml.dll
2013-04-11 01:09:26 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-04-11 01:09:26 ----A---- C:\windows\system32\ieframe.dll
2013-04-10 23:05:36 ----A---- C:\windows\system32\mstscax.dll
2013-04-10 23:05:35 ----A---- C:\windows\SYSWOW64\mstscax.dll
2013-04-10 23:05:34 ----A---- C:\windows\SYSWOW64\aaclient.dll
2013-04-10 23:05:34 ----A---- C:\windows\system32\aaclient.dll
2013-04-10 23:05:33 ----A---- C:\windows\system32\tsgqec.dll
2013-04-10 23:05:32 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2013-04-10 23:05:25 ----A---- C:\windows\system32\win32k.sys
2013-04-10 23:05:24 ----A---- C:\windows\system32\drivers\ntfs.sys
2013-04-10 23:05:22 ----A---- C:\windows\system32\drivers\fvevol.sys
2013-04-10 23:05:20 ----A---- C:\windows\system32\ntoskrnl.exe
2013-04-10 23:05:18 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2013-04-10 23:05:18 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2013-04-10 23:05:17 ----A---- C:\windows\system32\smss.exe
2013-04-10 23:05:16 ----A---- C:\windows\system32\csrsrv.dll
2013-04-10 23:05:15 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2013-03-29 22:34:46 ----D---- C:\Program Files (x86)\Toolbar Cleaner
2013-03-26 09:34:05 ----A---- C:\windows\system32\drivers\usb8023.sys

======List of files/folders modified in the last 1 month======

2013-04-22 13:23:58 ----RD---- C:\Program Files
2013-04-22 13:23:55 ----D---- C:\windows\Prefetch
2013-04-22 13:23:50 ----D---- C:\windows\Temp
2013-04-22 13:20:32 ----SHD---- C:\windows\Installer
2013-04-22 13:19:46 ----SHD---- C:\System Volume Information
2013-04-22 13:18:01 ----D---- C:\windows\system32\config
2013-04-22 13:00:56 ----D---- C:\windows\System32
2013-04-22 13:00:56 ----D---- C:\windows\inf
2013-04-22 13:00:56 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-04-22 12:59:42 ----A---- C:\windows\SYSWOW64\log.txt
2013-04-22 12:58:32 ----D---- C:\windows\Tasks
2013-04-22 12:57:37 ----D---- C:\ProgramData\PDFC
2013-04-22 12:57:34 ----D---- C:\windows\system32\Tasks
2013-04-22 12:56:55 ----D---- C:\Windows
2013-04-22 12:55:54 ----D---- C:\windows\system32\wbem
2013-04-22 12:55:22 ----D---- C:\windows\SysWOW64
2013-04-22 12:55:22 ----D---- C:\windows\system32\DriverStore
2013-04-22 12:55:22 ----D---- C:\windows\system32\CodeIntegrity
2013-04-22 12:55:22 ----D---- C:\windows\system32\catroot2
2013-04-22 12:55:21 ----D---- C:\windows\Minidump
2013-04-22 12:55:20 ----D---- C:\windows\AutoKMS
2013-04-22 12:55:20 ----D---- C:\Users\Filip\AppData\Roaming\uTorrent
2013-04-22 12:54:58 ----D---- C:\ProgramData\Atheros
2013-04-22 12:54:50 ----D---- C:\windows\registration
2013-04-22 12:54:09 ----HD---- C:\ProgramData
2013-04-22 12:17:36 ----D---- C:\Users\Filip\AppData\Roaming\DAEMON Tools Pro
2013-04-22 12:17:36 ----D---- C:\Users\Filip\AppData\Roaming\DAEMON Tools Lite
2013-04-22 12:17:17 ----D---- C:\windows\Panther
2013-04-22 12:17:16 ----D---- C:\windows\debug
2013-04-19 16:08:45 ----RD---- C:\Program Files (x86)
2013-04-19 15:56:31 ----D---- C:\Users\Filip\AppData\Roaming\Skype
2013-04-13 15:27:49 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-04-11 14:20:20 ----D---- C:\ProgramData\Skype
2013-04-11 14:20:14 ----RD---- C:\Program Files (x86)\Skype
2013-04-11 14:20:14 ----D---- C:\Program Files (x86)\Common Files
2013-04-11 08:47:33 ----D---- C:\windows\winsxs
2013-04-11 08:45:00 ----D---- C:\windows\system32\drivers
2013-04-11 08:45:00 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-11 08:44:57 ----D---- C:\windows\SYSWOW64\migration
2013-04-11 08:44:56 ----D---- C:\windows\system32\migration
2013-04-11 08:44:55 ----D---- C:\Program Files\Internet Explorer
2013-04-11 01:11:44 ----A---- C:\windows\system32\MRT.exe
2013-04-11 01:11:01 ----D---- C:\ProgramData\Microsoft Help
2013-04-11 01:10:02 ----D---- C:\windows\system32\catroot
2013-04-10 20:04:52 ----D---- C:\windows\Logs
2013-04-08 14:16:07 ----D---- C:\windows\system32\NDF
2013-04-02 12:34:28 ----N---- C:\windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-03-16 30488]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iaStor.sys [2012-02-02 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 MfeEpeOpal;MfeEpeOpal; C:\windows\system32\drivers\MfeEpeOpal.sys [2012-03-22 93640]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2012-03-22 158792]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-05 283200]
R1 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-03-16 43800]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2012-02-03 42816]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2012-03-21 2808832]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2012-01-19 30368]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2012-03-27 14748416]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-28 84864]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-11-24 648808]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2012-03-26 2891512]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-03-05 536064]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2012-03-09 425232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2012-01-19 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2012-01-19 339616]
S3 btath_avdt;Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2012-01-19 110752]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2012-01-19 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2012-01-19 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2012-01-19 280992]
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2012-01-19 550560]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2012-04-17 80384]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2012-01-31 64312]
S3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2012-02-28 173656]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-01-19 106144]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-03-15 493904]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-03-14 152992]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-03-22 372824]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-03-16 33560]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-03-01 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-28 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-28 165144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-28 277784]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2012-03-22 1327104]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-28 12784]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-03-07 1134584]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-03-05 314880]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2012-02-03 498352]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-28 363800]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2012-03-20 2694224]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-14 240408]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-03-16 1420160]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-28 288272]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-14 193816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-28 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2012-04-02 276248]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2012-01-31 477056]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-28 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-07 115608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-10-13 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-03-09 117552]

-----------------EOF-----------------

Zdravim

O jaky program jde?

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

program ktery mi nejde nainstalovat se jmenuje "prezi deskopt"

a tady posilam ty vypisy

OTL logfile created on: 23.4.2013 1:31:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Filip\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,89 Gb Total Physical Memory | 1,62 Gb Available Physical Memory | 41,66% Memory free
7,77 Gb Paging File | 4,94 Gb Available in Paging File | 63,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,16 Gb Total Space | 237,15 Gb Free Space | 53,51% Space Free | Partition Type: NTFS
Drive E: | 1,99 Gb Total Space | 1,95 Gb Free Space | 98,22% Space Free | Partition Type: FAT32
Drive G: | 20,31 Gb Total Space | 3,10 Gb Free Space | 15,25% Space Free | Partition Type: NTFS

Computer Name: FILIP-HP | User Name: Filip | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.04.23 01:30:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Filip\Desktop\OTL.exe
PRC - [2013.04.11 22:22:54 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.03.13 12:27:27 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013.03.07 01:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.03.07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.06.22 10:32:12 | 000,625,816 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
PRC - [2012.03.28 19:38:26 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.03.28 19:38:24 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.03.28 19:38:16 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012.03.28 19:38:08 | 000,165,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012.03.27 11:14:26 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012.03.22 03:13:48 | 000,372,824 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2012.03.22 03:13:44 | 012,310,616 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
PRC - [2012.03.22 00:36:32 | 001,327,104 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
PRC - [2012.03.16 00:16:58 | 001,420,160 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2012.03.15 19:47:54 | 001,045,328 | R--- | M] (DigitalPersona, Inc.) -- c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
PRC - [2012.03.14 23:50:56 | 000,365,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
PRC - [2012.03.09 20:22:46 | 000,070,960 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
PRC - [2012.03.07 06:10:04 | 001,134,584 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2012.03.01 04:06:42 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012.03.01 04:06:36 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.02.14 06:19:20 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE
PRC - [2012.02.03 06:42:00 | 000,498,352 | ---- | M] (ArcSoft, Inc.) -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
PRC - [2012.01.19 22:40:32 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe

========== Modules (No Company Name) ==========

MOD - [2013.04.11 22:22:25 | 003,133,336 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.03.13 12:27:25 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013.02.14 09:22:48 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013.02.14 09:22:36 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.01.11 22:16:49 | 000,489,472 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8c78244854f84b69701fcee19b543645\IAStorUtil.ni.dll
MOD - [2013.01.11 22:16:49 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\1c402ca365b68a2616ea3a5194d38310\IAStorCommon.ni.dll
MOD - [2013.01.10 10:41:14 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.10 10:40:28 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.10 10:40:11 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.01.10 10:40:04 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.10 10:40:00 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.10 10:39:58 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.10 10:39:49 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012.04.17 06:17:19 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2012.01.31 23:19:18 | 000,366,464 | ---- | M] () -- C:\Windows\SysWOW64\flcdlmsg.dll
MOD - [2010.11.13 04:00:59 | 000,303,104 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013.03.07 01:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012.03.22 00:36:32 | 001,327,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe -- (McAfee Endpoint Encryption Agent)
SRV:64bit: - [2012.03.20 16:45:18 | 002,694,224 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2012.03.16 03:25:00 | 000,033,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2012.03.15 19:47:56 | 000,493,904 | R--- | M] (DigitalPersona, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2012.03.14 23:23:06 | 000,152,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:64bit: - [2012.03.07 11:00:46 | 000,629,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2012.03.05 17:04:18 | 000,314,880 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011.04.28 02:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011.04.28 02:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.03.13 12:27:27 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.07 16:29:15 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.09.27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012.06.22 10:32:12 | 000,625,816 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2012.04.02 10:30:08 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.03.28 19:38:26 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.03.28 19:38:24 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.03.28 19:38:16 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012.03.28 19:38:08 | 000,165,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.03.22 03:13:48 | 000,372,824 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2012.03.20 16:28:20 | 002,325,584 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2012.03.16 00:16:58 | 001,420,160 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2012.03.14 23:50:56 | 000,365,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2012.03.09 20:22:42 | 000,117,552 | ---- | M] (Portrait Displays, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2012.03.07 06:10:04 | 001,134,584 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2012.03.01 04:06:36 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.02.14 06:19:20 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012.02.14 06:19:20 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE -- (BBSvc)
SRV - [2012.02.03 06:42:00 | 000,498,352 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe -- (uArcCapture)
SRV - [2012.01.31 23:19:14 | 000,477,056 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- c:\Windows\SysWOW64\flcdlock.exe -- (FLCDLOCK)
SRV - [2012.01.19 22:40:32 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2012.01.19 22:22:08 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 20:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.03.07 01:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.03.07 01:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.03.07 01:33:21 | 000,178,624 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.03.07 01:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.03.07 01:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.03.07 01:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.03.07 01:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.03.07 01:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.03.05 18:16:42 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.03.27 11:13:20 | 000,789,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.03.27 11:13:20 | 000,356,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.03.27 11:13:18 | 000,019,224 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.03.27 07:09:56 | 014,748,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.03.26 17:14:04 | 002,891,512 | ---- | M] (Sunplus Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SPUVCBv_x64.sys -- (SPUVCbv)
DRV:64bit: - [2012.03.22 01:08:46 | 000,093,640 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\MfeEpeOpal.sys -- (MfeEpeOpal)
DRV:64bit: - [2012.03.22 01:08:20 | 000,158,792 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\MfeEpePc.sys -- (MfeEpePc)
DRV:64bit: - [2012.03.21 15:43:02 | 002,808,832 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012.03.16 03:25:00 | 000,043,800 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012.03.16 03:24:00 | 000,030,488 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012.03.09 05:55:26 | 000,425,232 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.03.05 17:04:18 | 000,536,064 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.28 01:28:10 | 000,173,656 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2012.02.03 06:42:00 | 000,042,816 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV:64bit: - [2012.02.02 03:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012.01.31 20:59:30 | 000,064,312 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DAMDrv64.sys -- (DAMDrv)
DRV:64bit: - [2012.01.19 22:31:32 | 000,550,560 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012.01.19 22:30:50 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012.01.19 22:30:32 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012.01.19 22:30:02 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012.01.19 22:29:44 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012.01.19 22:29:32 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012.01.19 22:29:14 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012.01.19 22:29:02 | 000,339,616 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.12.06 16:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.11.24 09:02:20 | 000,648,808 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.11.09 22:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.07.25 18:44:58 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.07.25 18:44:58 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.07.18 17:11:44 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2011.04.28 00:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1254816485-3975074625-1544191660-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
IE - HKU\S-1-5-21-1254816485-3975074625-1544191660-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
IE - HKU\S-1-5-21-1254816485-3975074625-1544191660-1001\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found
IE - HKU\S-1-5-21-1254816485-3975074625-1544191660-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1254816485-3975074625-1544191660-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-1254816485-3975074625-1544191660-1001\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
IE - HKU\S-1-5-21-1254816485-3975074625-1544191660-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.04.23 01:13:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.11 22:22:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.11 22:22:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012.10.12 19:26:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Filip\AppData\Roaming\Mozilla\Extensions
[2013.03.29 22:36:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\2uk9gjmx.default\extensions
[2013.03.29 22:36:38 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\2uk9gjmx.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.12.13 19:52:36 | 000,005,770 | ---- | M] () -- C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\2uk9gjmx.default\searchplugins\university-of-ostrava-catalogue.xml
[2013.04.11 22:22:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.04.11 22:22:54 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.03.07 20:59:09 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.03.07 20:59:09 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.03.07 20:59:09 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.03.07 20:59:09 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.03.07 20:59:09 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Disk Google = C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\2.3.19.11_0\
CHR - Extension: avast! WebRep = C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: Gmail = C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe (Hewlett-Packard Company, L.P.)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MfeEpePcMonitor] "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" File not found
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DTRun] c:\Program Files (x86)\Arcsoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1254816485-3975074625-1544191660-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.30.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94E91876-6AA9-4B3C-8D91-2BEF24AFAF22}: DhcpNameServer = 192.168.30.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\SysWow64\DeviceNP.dll (Hewlett-Packard Company)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{f2d39fd6-8441-11e2-aecc-b4b52f7734e3}\Shell - "" = AutoRun
O33 - MountPoints2\{f2d39fd6-8441-11e2-aecc-b4b52f7734e3}\Shell\AutoRun\command - "" = D:\start.exe ar
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.04.23 01:30:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Filip\Desktop\OTL.exe
[2013.04.23 01:26:40 | 000,000,000 | ---D | C] -- C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DX-Ball Game
[2013.04.22 13:23:58 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.04.22 13:23:57 | 000,000,000 | ---D | C] -- C:\rsit
[2013.04.22 12:22:33 | 000,000,000 | ---D | C] -- C:\Users\Filip\AppData\Roaming\SUPERAntiSpyware.com
[2013.04.22 12:22:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013.04.22 12:22:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013.04.22 12:22:25 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013.04.22 12:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.04.22 12:04:29 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.04.22 11:46:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Prezi Desktop 4
[2013.04.19 16:08:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DX-Ball Game
[2013.04.19 16:08:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DX-Ball
[2013.04.12 20:58:35 | 000,000,000 | ---D | C] -- C:\Users\Filip\Desktop\Subs
[2013.04.11 22:22:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.11 15:43:33 | 000,000,000 | ---D | C] -- C:\Users\Filip\Documents\Pamela
[2013.04.11 15:43:09 | 000,000,000 | ---D | C] -- C:\Users\Filip\AppData\Roaming\Pamela
[2013.04.11 14:20:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.11 01:09:45 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013.04.11 01:09:44 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013.04.11 01:09:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013.04.11 01:09:41 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013.04.11 01:09:41 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013.04.11 01:09:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013.04.11 01:09:41 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013.04.11 01:09:41 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013.04.11 01:09:39 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013.04.11 01:09:39 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013.04.11 01:09:38 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013.04.11 01:09:38 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013.04.11 01:09:35 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013.04.11 01:09:34 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013.04.11 01:09:34 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013.04.10 23:05:36 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2013.04.10 23:05:35 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2013.04.10 23:05:34 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
[2013.04.10 23:05:34 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
[2013.04.10 23:05:33 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2013.04.10 23:05:32 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2013.04.10 23:05:20 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013.04.10 23:05:18 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2013.04.10 23:05:18 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2013.04.10 23:05:17 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe
[2013.04.10 23:05:16 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2013.04.10 23:05:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll
[2013.04.07 16:03:55 | 000,000,000 | ---D | C] -- C:\Users\Filip\Desktop\at-jedi-kolace-S01E01-dvd-rip-By-dellething
[2013.03.30 18:14:28 | 000,000,000 | ---D | C] -- C:\Users\Filip\Desktop\truman
[2013.03.29 22:34:46 | 000,000,000 | ---D | C] -- C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Toolbar Cleaner
[2013.03.29 22:34:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2013.03.26 09:34:05 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023.sys

========== Files - Modified Within 30 Days ==========

[2013.04.23 01:34:51 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.04.23 01:34:01 | 000,000,950 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.23 01:31:03 | 000,028,576 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.23 01:31:03 | 000,028,576 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.23 01:30:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Filip\Desktop\OTL.exe
[2013.04.23 01:29:27 | 000,668,544 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2013.04.23 01:29:27 | 000,654,248 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.04.23 01:29:27 | 000,141,108 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2013.04.23 01:29:27 | 000,122,080 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.04.23 01:29:26 | 001,583,082 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.04.23 01:27:02 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.04.23 01:26:03 | 000,000,266 | ---- | M] () -- C:\windows\tasks\AutoKMS.job
[2013.04.23 01:24:20 | 000,000,946 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.23 01:23:44 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.04.23 01:23:38 | 4173,053,952 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.19 16:07:59 | 000,840,345 | ---- | M] () -- C:\Users\Filip\Desktop\dxball.exe
[2013.04.18 20:05:14 | 000,509,182 | ---- | M] () -- C:\Users\Filip\Desktop\test5.jpg
[2013.04.18 20:05:05 | 000,482,304 | ---- | M] () -- C:\Users\Filip\Desktop\test1.jpg
[2013.04.18 20:01:22 | 000,358,213 | ---- | M] () -- C:\Users\Filip\Desktop\test3.jpg
[2013.04.18 20:00:30 | 000,476,186 | ---- | M] () -- C:\Users\Filip\Desktop\test.jpg
[2013.04.18 19:57:19 | 008,548,504 | ---- | M] () -- C:\Users\Filip\Desktop\novotny-politologie.pdf
[2013.04.18 19:45:21 | 000,423,094 | ---- | M] () -- C:\Users\Filip\Desktop\politologie-test.rar
[2013.04.12 20:19:51 | 1808,802,494 | ---- | M] () -- C:\Users\Filip\Desktop\neodcházej.avi
[2013.04.11 08:46:15 | 000,343,280 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.04.09 19:04:13 | 064,112,901 | ---- | M] () -- C:\Users\Filip\Desktop\Kis,-Současná-politická-filosofie---Komplet.pdf
[2013.04.07 16:03:45 | 000,012,921 | ---- | M] () -- C:\Users\Filip\Desktop\at-jedi-kolace-S01E01-dvd-rip-By-dellething.zip
[2013.04.02 00:50:46 | 1200,549,888 | ---- | M] () -- C:\Users\Filip\Desktop\Utek-do-divociny-DVDRip-CZ-(DD-5,1)-Petr3007.avi
[2013.04.01 22:31:39 | 001,131,595 | ---- | M] () -- C:\Users\Filip\Desktop\Zimni_skola_v_prirode_jako_soucast_skolniho_vzdelavaciho_programu_na_1._stupni_zakladni_skoly.pdf
[2013.04.01 22:31:34 | 001,431,492 | ---- | M] () -- C:\Users\Filip\Desktop\kniha her.pdf
[2013.03.30 18:57:47 | 000,000,332 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForFilip.job
[2013.03.29 22:34:46 | 000,001,090 | ---- | M] () -- C:\Users\Filip\Desktop\Toolbar Cleaner.lnk

========== Files Created - No Company Name ==========

[2013.04.22 13:44:30 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.04.19 16:07:58 | 000,840,345 | ---- | C] () -- C:\Users\Filip\Desktop\dxball.exe
[2013.04.18 20:05:13 | 000,509,182 | ---- | C] () -- C:\Users\Filip\Desktop\test5.jpg
[2013.04.18 20:05:04 | 000,482,304 | ---- | C] () -- C:\Users\Filip\Desktop\test1.jpg
[2013.04.18 20:01:22 | 000,358,213 | ---- | C] () -- C:\Users\Filip\Desktop\test3.jpg
[2013.04.18 20:00:30 | 000,476,186 | ---- | C] () -- C:\Users\Filip\Desktop\test.jpg
[2013.04.18 19:56:08 | 008,548,504 | ---- | C] () -- C:\Users\Filip\Desktop\novotny-politologie.pdf
[2013.04.18 19:45:16 | 000,423,094 | ---- | C] () -- C:\Users\Filip\Desktop\politologie-test.rar
[2013.04.12 16:45:11 | 1808,802,494 | ---- | C] () -- C:\Users\Filip\Desktop\neodcházej.avi
[2013.04.09 19:00:19 | 064,112,901 | ---- | C] () -- C:\Users\Filip\Desktop\Kis,-Současná-politická-filosofie---Komplet.pdf
[2013.04.07 16:03:43 | 000,012,921 | ---- | C] () -- C:\Users\Filip\Desktop\at-jedi-kolace-S01E01-dvd-rip-By-dellething.zip
[2013.04.01 22:31:39 | 001,131,595 | ---- | C] () -- C:\Users\Filip\Desktop\Zimni_skola_v_prirode_jako_soucast_skolniho_vzdelavaciho_programu_na_1._stupni_zakladni_skoly.pdf
[2013.04.01 22:31:32 | 001,431,492 | ---- | C] () -- C:\Users\Filip\Desktop\kniha her.pdf
[2013.04.01 22:30:43 | 1200,549,888 | ---- | C] () -- C:\Users\Filip\Desktop\Utek-do-divociny-DVDRip-CZ-(DD-5,1)-Petr3007.avi
[2013.03.29 22:34:46 | 000,001,090 | ---- | C] () -- C:\Users\Filip\Desktop\Toolbar Cleaner.lnk
[2013.03.07 23:15:04 | 000,167,227 | ---- | C] () -- C:\windows\Chytrá angličtina - DEMO Uninstaller.exe
[2013.01.02 01:40:42 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini
[2013.01.02 01:23:35 | 000,000,094 | ---- | C] () -- C:\windows\SpeechPad.INI
[2013.01.02 00:26:33 | 093,733,376 | ---- | C] () -- C:\Program Files\realspeaksoloczc.msi
[2012.11.15 21:49:10 | 000,003,766 | -HS- | C] () -- C:\windows\SysWow64\KGyGaAvL.sys
[2012.11.15 21:49:10 | 000,000,088 | RHS- | C] () -- C:\windows\SysWow64\67C6F6A650.sys
[2012.11.15 21:48:00 | 000,000,184 | ---- | C] () -- C:\windows\{1A15507A-8551-4626-915D-3D5FA095CC1B}.ini
[2012.11.15 21:48:00 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\{1A15507A-8551-4626-915D-3D5FA095CC1B}.ini
[2012.08.28 19:19:20 | 000,094,776 | ---- | C] () -- C:\windows\un_dext.exe
[2012.08.28 19:19:20 | 000,087,928 | ---- | C] () -- C:\windows\SPRemove_x64.exe
[2012.08.28 19:19:20 | 000,014,479 | ---- | C] () -- C:\windows\TWAIN2080.ini
[2012.08.28 19:19:20 | 000,003,926 | ---- | C] () -- C:\windows\Dext_12.ini
[2012.08.28 19:19:20 | 000,003,892 | ---- | C] () -- C:\windows\Dext_27.ini
[2012.08.28 19:19:20 | 000,003,884 | ---- | C] () -- C:\windows\Dext_25.ini
[2012.08.28 19:19:20 | 000,003,882 | ---- | C] () -- C:\windows\Dext_21.ini
[2012.08.28 19:19:20 | 000,003,820 | ---- | C] () -- C:\windows\Dext_11.ini
[2012.08.28 19:19:20 | 000,003,802 | ---- | C] () -- C:\windows\Dext_14.ini
[2012.08.28 19:19:20 | 000,003,802 | ---- | C] () -- C:\windows\Dext_05.ini
[2012.08.28 19:19:20 | 000,003,704 | ---- | C] () -- C:\windows\Dext_10.ini
[2012.08.28 19:19:20 | 000,003,700 | ---- | C] () -- C:\windows\Dext_16.ini
[2012.08.28 19:19:20 | 000,003,682 | ---- | C] () -- C:\windows\Dext_08.ini
[2012.08.28 19:19:20 | 000,003,672 | ---- | C] () -- C:\windows\Dext_31.ini
[2012.08.28 19:19:20 | 000,003,648 | ---- | C] () -- C:\windows\Dext_36.ini
[2012.08.28 19:19:20 | 000,003,624 | ---- | C] () -- C:\windows\Dext_1046.ini
[2012.08.28 19:19:20 | 000,003,622 | ---- | C] () -- C:\windows\Dext_20.ini
[2012.08.28 19:19:20 | 000,003,588 | ---- | C] () -- C:\windows\Dext_06.ini
[2012.08.28 19:19:20 | 000,003,586 | ---- | C] () -- C:\windows\Dext_22.ini
[2012.08.28 19:19:20 | 000,003,550 | ---- | C] () -- C:\windows\Dext_19.ini
[2012.08.28 19:19:20 | 000,003,550 | ---- | C] () -- C:\windows\Dext_07.ini
[2012.08.28 19:19:20 | 000,003,522 | ---- | C] () -- C:\windows\Dext_02.ini
[2012.08.28 19:19:20 | 000,003,492 | ---- | C] () -- C:\windows\Dext_24.ini
[2012.08.28 19:19:20 | 000,003,450 | ---- | C] () -- C:\windows\Dext_29.ini
[2012.08.28 19:19:20 | 000,003,416 | ---- | C] () -- C:\windows\Dext_01.ini
[2012.08.28 19:19:20 | 000,003,342 | ---- | C] () -- C:\windows\Dext_30.ini
[2012.08.28 19:19:20 | 000,003,220 | ---- | C] () -- C:\windows\Dext_09.ini
[2012.08.28 19:19:20 | 000,003,174 | ---- | C] () -- C:\windows\Dext_13.ini
[2012.08.28 19:19:20 | 000,002,895 | ---- | C] () -- C:\windows\remove.ini
[2012.08.28 19:19:20 | 000,002,850 | ---- | C] () -- C:\windows\Dext_04.ini
[2012.08.28 19:19:20 | 000,002,750 | ---- | C] () -- C:\windows\Dext_17.ini
[2012.08.28 19:19:20 | 000,002,674 | ---- | C] () -- C:\windows\Dext_18.ini
[2012.08.28 19:19:20 | 000,002,638 | ---- | C] () -- C:\windows\Dext_2052.ini
[2012.04.18 04:50:16 | 086,271,980 | ---- | C] () -- C:\windows\SysWow64\BioTrustFace.dat
[2012.04.17 07:24:42 | 001,562,304 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012.03.27 07:08:44 | 000,963,912 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2012.03.27 07:08:44 | 000,261,208 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2012.03.27 07:08:44 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2012.03.27 07:03:48 | 000,058,880 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012.03.27 05:47:56 | 013,212,672 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2012.03.21 21:08:52 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\vcsAPIShared.dll.hpsign
[2012.03.15 19:48:52 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApiUI.dll.hpsign
[2012.03.15 19:48:26 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPPassFilter.dll.hpsign
[2012.03.15 19:48:26 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPCrProv.dll.hpsign
[2012.03.15 19:47:56 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPSCEL.dll.hpsign
[2012.03.15 19:47:56 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPFPApi.dll.hpsign
[2012.03.15 19:47:54 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPClback.dll.hpsign
[2012.03.15 19:47:12 | 000,000,256 | R--- | C] () -- C:\windows\SysWow64\DPLic.dll.hpsign
[2012.03.12 23:09:58 | 000,020,480 | ---- | C] () -- C:\windows\SysWow64\CogHPUsageTrackingReport.dll
[2012.03.12 23:09:58 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\HPUsageTrackingSDK.exe.hpsign
[2012.03.12 23:09:56 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\CogHPUsageTrackingReport.dll.hpsign
[2012.03.07 10:40:52 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
[2012.02.10 02:43:04 | 000,014,192 | ---- | C] () -- C:\windows\HPun2430Version.dll
[2012.01.31 23:19:18 | 000,366,464 | ---- | C] () -- C:\windows\SysWow64\flcdlmsg.dll
[2011.10.12 11:02:14 | 000,187,728 | ---- | C] () -- C:\windows\SysWow64\PassThroughOTP.dll
[2011.10.12 11:02:14 | 000,000,256 | ---- | C] () -- C:\windows\SysWow64\PassThroughOTP.dll.hpsign
[2011.09.07 19:35:30 | 000,065,536 | R--- | C] () -- C:\windows\SysWow64\scardsyn.dll

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.12.12 18:06:17 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\BSplayer
[2012.10.28 00:51:38 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\BSplayer Pro
[2012.12.21 22:27:37 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\Canneverbe Limited
[2013.04.22 12:17:36 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\DAEMON Tools Lite
[2013.04.22 12:17:36 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\DAEMON Tools Pro
[2012.10.12 17:00:46 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\DigitalPersona
[2013.03.05 19:30:40 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\LangSoft
[2012.12.21 22:27:27 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\OpenCandy
[2013.04.11 15:48:38 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\Pamela
[2012.10.12 19:04:56 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\Synaptics
[2012.12.21 22:28:08 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\TuneUp Software
[2013.04.23 01:16:06 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,540 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2012.04.17 07:34:44 | 000,000,830 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2012.10.15 13:50:46 | 000,000,266 | ---- | C] () -- C:\windows\Tasks\AutoKMS.job
[2012.10.21 22:59:04 | 000,000,332 | ---- | C] () -- C:\windows\Tasks\HPCeeScheduleForFilip.job
[2012.11.28 19:24:02 | 000,000,946 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.11.28 19:24:03 | 000,000,950 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.06.02 06:52:32 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=063DD65889D21035311463337BD268E7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012.06.04 09:52:35 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=7E7D2DACF65D750D466F36BD3D09AE20 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\SysWOW64\cryptsvc.dll
[2012.06.02 06:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=96C0E38905CFD788313BE8E11DAE3F2F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\windows\SysNative\cryptsvc.dll
[2012.06.02 07:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=9C01375BE382E834CC26D1B7EAF2C4FE -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.07.25 18:40:28 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.07.25 18:40:28 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.07.25 18:40:28 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.07.25 18:40:28 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.07.25 18:40:28 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.07.25 18:40:28 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTOR.SYS >
[2012.02.02 03:06:58 | 000,470,808 | ---- | M] (Intel Corporation) MD5=76C3966183BD5382E14CEB6DF97D9709 -- C:\swsetup\INTELRST\Drivers\x32\iaStor.sys
[2012.02.02 03:16:40 | 000,568,600 | ---- | M] (Intel Corporation) MD5=D1753C06EE17E29352B065EACF3F10D0 -- C:\swsetup\INTELRST\Drivers\x64\iaStor.sys
[2012.02.02 03:16:40 | 000,568,600 | ---- | M] (Intel Corporation) MD5=D1753C06EE17E29352B065EACF3F10D0 -- C:\windows\SysNative\drivers\iaStor.sys
[2012.02.02 03:16:40 | 000,568,600 | ---- | M] (Intel Corporation) MD5=D1753C06EE17E29352B065EACF3F10D0 -- C:\windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_4b6764daf5ce9174\iaStor.sys
[2012.02.02 03:16:40 | 000,568,600 | ---- | M] (Intel Corporation) MD5=D1753C06EE17E29352B065EACF3F10D0 -- C:\windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_4ffa60c18b7e0989\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.07.25 18:44:58 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.07.25 18:44:58 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2011.07.25 18:44:58 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.07.25 18:44:58 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2012.04.17 06:35:23 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2012.04.17 06:35:23 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\windows\SysNative\lsass.exe
[2012.04.17 06:35:23 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2012.04.17 06:35:23 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe

< MD5 for: NDIS.SYS >
[2010.12.29 12:33:33 | 000,950,656 | ---- | M] (Microsoft Corporation) MD5=303310C91F8C0740ED1C76851C759874 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.21628_none_066fff3d4bd0b870\ndis.sys
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2010.12.29 12:57:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=C38B8AE57F78915905064A9A24DC1586 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17530_none_05d3903632c269df\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.07.25 18:44:58 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\drivers\nvraid.sys
[2011.07.25 18:44:58 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.07.25 18:44:58 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.07.25 18:44:58 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.07.25 18:44:58 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.07.25 18:44:58 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2011.07.25 18:44:58 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.07.25 18:44:58 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013.03.19 04:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\windows\SysNative\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2012.04.17 06:31:50 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.07.25 18:36:53 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2012.04.17 06:28:52 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\windows\SysNative\drivers\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.07.25 18:36:53 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.04.17 06:28:52 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2012.04.17 06:31:50 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\windows\SysNative\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[3 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[5 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2013.04.23 01:13:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Adobe
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Application Data
[2013.04.23 01:13:55 | 000,000,000 | -H-D | M] -- C:\ProgramData\Application Data\ArcSoft
[2013.04.23 01:15:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Atheros
[2013.04.23 01:13:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\AVAST Software
[2012.12.21 22:27:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Canneverbe Limited
[2012.12.21 22:27:47 | 000,000,000 | -H-D | M] -- C:\ProgramData\Application Data\Common Files
[2013.04.23 01:15:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\DAEMON Tools Lite
[2013.04.23 01:15:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\DAEMON Tools Pro
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Desktop
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Documents
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Favorites
[2013.04.23 01:13:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\FLEXnet
[2013.01.02 01:40:40 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\FreeRIP
[2013.04.23 01:15:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Hewlett-Packard
[2012.08.28 19:10:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\HPQLOG
[2012.08.28 19:16:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Intel
[2013.03.05 19:26:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\LangSoft
[2013.04.23 01:15:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Macrovision
[2012.11.26 13:05:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\McAfee
[2013.04.23 01:15:36 | 000,000,000 | --SD | M] -- C:\ProgramData\Application Data\Microsoft
[2013.04.11 01:11:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Microsoft Help
[2012.10.12 19:26:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Mozilla
[2012.12.21 20:18:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Nero
[2013.04.23 10:03:28 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\PDFC
[2013.04.23 01:15:43 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Skype
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Start Menu
[2013.04.22 12:22:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\SUPERAntiSpyware.com
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\Templates
[2012.12.21 22:28:08 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\TuneUp Software
[2012.08.28 19:42:39 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Validity
[2013.04.23 01:14:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\WinZip
[2013.04.23 01:15:43 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
[2013.04.23 01:15:44 | 000,000,000 | -H-D | M] -- C:\ProgramData\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}
[2013.04.23 01:15:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2012.06.15 16:31:25 | 003,713,856 | ---- | M] (MusicJet ) -- C:\ProgramData\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\MusicJet-Setup.exe
[2012.06.15 16:31:02 | 004,098,384 | ---- | M] () -- C:\ProgramData\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\OFFLINE\1B61B9AE\191E5E31\MusicJet.exe
[2012.01.03 19:46:15 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-A95000000001}\Setup.exe
[2012.06.15 16:31:25 | 003,713,856 | ---- | M] (MusicJet ) -- C:\ProgramData\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\MusicJet-Setup.exe
[2012.06.15 16:31:02 | 004,098,384 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\OFFLINE\1B61B9AE\191E5E31\MusicJet.exe
[2012.01.03 19:46:15 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-A95000000001}\Setup.exe
[2012.06.15 16:31:25 | 003,713,856 | ---- | M] (MusicJet ) -- C:\ProgramData\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\MusicJet-Setup.exe
[2012.06.15 16:31:02 | 004,098,384 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\OFFLINE\1B61B9AE\191E5E31\MusicJet.exe
[2012.01.03 19:46:15 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-A95000000001}\Setup.exe
[2012.06.15 16:31:25 | 003,713,856 | ---- | M] (MusicJet ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\MusicJet-Setup.exe
[2012.06.15 16:31:02 | 004,098,384 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\OFFLINE\1B61B9AE\191E5E31\MusicJet.exe
[2012.01.03 19:46:15 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-A95000000001}\Setup.exe
[2012.06.15 16:31:25 | 003,713,856 | ---- | M] (MusicJet ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\MusicJet-Setup.exe
[2012.06.15 16:31:02 | 004,098,384 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\OFFLINE\1B61B9AE\191E5E31\MusicJet.exe
[2012.01.03 19:46:15 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-A95000000001}\Setup.exe
[2012.06.15 16:31:25 | 003,713,856 | ---- | M] (MusicJet ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\MusicJet-Setup.exe
[2012.06.15 16:31:02 | 004,098,384 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\OFFLINE\1B61B9AE\191E5E31\MusicJet.exe
[2012.01.03 19:46:15 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-A95000000001}\Setup.exe
[2012.06.15 16:31:25 | 003,713,856 | ---- | M] (MusicJet ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\MusicJet-Setup.exe
[2012.06.15 16:31:02 | 004,098,384 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\OFFLINE\1B61B9AE\191E5E31\MusicJet.exe
[2012.01.03 19:46:15 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-A95000000001}\Setup.exe
[2012.06.15 16:31:25 | 003,713,856 | ---- | M] (MusicJet ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\MusicJet-Setup.exe
[2012.06.15 16:31:02 | 004,098,384 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\OFFLINE\1B61B9AE\191E5E31\MusicJet.exe
[2012.01.03 19:46:15 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-A95000000001}\Setup.exe
[2012.06.15 16:31:25 | 003,713,856 | ---- | M] (MusicJet ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\MusicJet-Setup.exe
[2012.06.15 16:31:02 | 004,098,384 | ---- | M] () -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\OFFLINE\1B61B9AE\191E5E31\MusicJet.exe
[2012.01.03 19:46:15 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-A95000000001}\Setup.exe
[2012.06.15 16:31:25 | 003,713,856 | ---- | M] (MusicJet ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\MusicJet-Setup.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\OFFLINE\1B61B9AE\191E5E31\MusicJet.exe
[2012.01.03 19:46:15 | 000,345,520 | ---- | M] (Adobe Systems Incorporated) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-A95000000001}\Setup.exe
[2012.06.15 16:31:25 | 003,713,856 | ---- | M] (MusicJet ) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\{B69EB34A-91EB-4FF3-B741-664179483319}\MusicJet-Setup.exe
File not found -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-A95000000001}\Setup.exe
[2012.08.28 19:08:01 | 001,373,552 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,206,112 | ---- | M] (InstallShield Software Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\dwusplay.exe
[2012.08.28 19:08:01 | 000,439,664 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\isdm.exe
[2012.08.28 19:08:02 | 000,087,408 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\issch.exe
[2012.08.28 19:08:02 | 000,718,192 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,742,768 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\6\agent.exe
[2012.08.28 19:08:01 | 001,373,552 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,206,112 | ---- | M] (InstallShield Software Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\dwusplay.exe
[2012.08.28 19:08:01 | 000,439,664 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\isdm.exe
[2012.08.28 19:08:02 | 000,087,408 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\issch.exe
[2012.08.28 19:08:02 | 000,718,192 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,742,768 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\6\agent.exe
[2012.08.28 19:08:01 | 001,373,552 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,206,112 | ---- | M] (InstallShield Software Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\dwusplay.exe
[2012.08.28 19:08:01 | 000,439,664 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\isdm.exe
[2012.08.28 19:08:02 | 000,087,408 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\issch.exe
[2012.11.12 17:08:52 | 000,178,592 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFdetect.exe
[2012.08.20 19:19:16 | 000,248,736 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFfix.exe
[2012.11.29 13:22:22 | 000,603,008 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
[2011.04.13 16:16:52 | 000,067,128 | ---- | M] (Hewlett-Packard) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\unzip.exe
[2011.06.08 17:58:36 | 000,165,432 | ---- | M] (Microsoft) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\WaitWindow.exe
[2012.08.28 19:08:02 | 000,718,192 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,742,768 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\6\agent.exe
[2012.08.28 19:08:01 | 001,373,552 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,206,112 | ---- | M] (InstallShield Software Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\dwusplay.exe
[2012.08.28 19:08:01 | 000,439,664 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\isdm.exe
[2012.08.28 19:08:02 | 000,087,408 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\issch.exe
[2012.11.12 17:08:52 | 000,178,592 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFdetect.exe
[2012.08.20 19:19:16 | 000,248,736 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFfix.exe
[2012.11.29 13:22:22 | 000,603,008 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
[2011.04.13 16:16:52 | 000,067,128 | ---- | M] (Hewlett-Packard) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\unzip.exe
[2011.06.08 17:58:36 | 000,165,432 | ---- | M] (Microsoft) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\WaitWindow.exe
[2012.08.28 19:08:02 | 000,718,192 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,742,768 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\6\agent.exe
[2012.08.28 19:08:01 | 001,373,552 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,206,112 | ---- | M] (InstallShield Software Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\dwusplay.exe
[2012.08.28 19:08:01 | 000,439,664 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\isdm.exe
[2012.08.28 19:08:02 | 000,087,408 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\issch.exe
[2012.11.12 17:08:52 | 000,178,592 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFdetect.exe
[2012.08.20 19:19:16 | 000,248,736 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFfix.exe
[2012.11.29 13:22:22 | 000,603,008 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
[2011.04.13 16:16:52 | 000,067,128 | ---- | M] (Hewlett-Packard) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\unzip.exe
[2011.06.08 17:58:36 | 000,165,432 | ---- | M] (Microsoft) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\WaitWindow.exe
[2012.08.28 19:08:02 | 000,718,192 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,742,768 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\6\agent.exe
[2012.08.28 19:08:01 | 001,373,552 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,206,112 | ---- | M] (InstallShield Software Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\dwusplay.exe
[2012.08.28 19:08:01 | 000,439,664 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\isdm.exe
[2012.08.28 19:08:02 | 000,087,408 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\issch.exe
[2012.11.12 17:08:52 | 000,178,592 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFdetect.exe
[2012.08.20 19:19:16 | 000,248,736 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFfix.exe
[2012.11.29 13:22:22 | 000,603,008 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
[2011.04.13 16:16:52 | 000,067,128 | ---- | M] (Hewlett-Packard) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\unzip.exe
[2011.06.08 17:58:36 | 000,165,432 | ---- | M] (Microsoft) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\WaitWindow.exe
[2012.08.28 19:08:02 | 000,718,192 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,742,768 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\6\agent.exe
[2012.08.28 19:08:01 | 001,373,552 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,206,112 | ---- | M] (InstallShield Software Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\dwusplay.exe
[2012.08.28 19:08:01 | 000,439,664 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\isdm.exe
[2012.08.28 19:08:02 | 000,087,408 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\issch.exe
[2012.11.12 17:08:52 | 000,178,592 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFdetect.exe
[2012.08.20 19:19:16 | 000,248,736 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFfix.exe
[2012.11.29 13:22:22 | 000,603,008 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
[2011.04.13 16:16:52 | 000,067,128 | ---- | M] (Hewlett-Packard) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\unzip.exe
[2011.06.08 17:58:36 | 000,165,432 | ---- | M] (Microsoft) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\WaitWindow.exe
[2012.08.28 19:08:02 | 000,718,192 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,742,768 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\6\agent.exe
[2012.08.28 19:08:01 | 001,373,552 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,206,112 | ---- | M] (InstallShield Software Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\dwusplay.exe
[2012.08.28 19:08:01 | 000,439,664 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\isdm.exe
[2012.08.28 19:08:02 | 000,087,408 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\issch.exe
[2012.11.12 17:08:52 | 000,178,592 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFdetect.exe
[2012.08.20 19:19:16 | 000,248,736 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFfix.exe
[2012.11.29 13:22:22 | 000,603,008 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
[2011.04.13 16:16:52 | 000,067,128 | ---- | M] (Hewlett-Packard) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\unzip.exe
[2011.06.08 17:58:36 | 000,165,432 | ---- | M] (Microsoft) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\WaitWindow.exe
[2012.08.28 19:08:02 | 000,718,192 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,742,768 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\6\agent.exe
[2012.08.28 19:08:01 | 001,373,552 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,206,112 | ---- | M] (InstallShield Software Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\dwusplay.exe
[2012.08.28 19:08:01 | 000,439,664 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\isdm.exe
[2012.08.28 19:08:02 | 000,087,408 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\FLEXnet\Connect\11\issch.exe
[2012.11.12 17:08:52 | 000,178,592 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFdetect.exe
[2012.08.20 19:19:16 | 000,248,736 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFfix.exe
[2012.11.29 13:22:22 | 000,603,008 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
[2011.04.13 16:16:52 | 000,067,128 | ---- | M] (Hewlett-Packard) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\unzip.exe
[2011.06.08 17:58:36 | 000,165,432 | ---- | M] (Microsoft) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\WaitWindow.exe
[2012.08.28 19:08:02 | 000,718,192 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,742,768 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\6\agent.exe
[2012.08.28 19:08:01 | 001,373,552 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\FLEXnet\Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,206,112 | ---- | M] (InstallShield Software Corporation) -- C:\ProgramData\Application Data\Application Data\Application Data\FLEXnet\Connect\11\dwusplay.exe
[2012.08.28 19:08:01 | 000,439,664 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\FLEXnet\Connect\11\isdm.exe
[2012.08.28 19:08:02 | 000,087,408 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\FLEXnet\Connect\11\issch.exe
[2012.11.12 17:08:52 | 000,178,592 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFdetect.exe
[2012.08.20 19:19:16 | 000,248,736 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFfix.exe
[2012.11.29 13:22:22 | 000,603,008 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
[2011.04.13 16:16:52 | 000,067,128 | ---- | M] (Hewlett-Packard) -- C:\ProgramData\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\unzip.exe
[2011.06.08 17:58:36 | 000,165,432 | ---- | M] (Microsoft) -- C:\ProgramData\Application Data\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\WaitWindow.exe
[2012.08.28 19:08:02 | 000,718,192 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,742,768 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Application Data\Macrovision\FLEXnet Connect\6\agent.exe
[2012.08.28 19:08:01 | 001,373,552 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\FLEXnet\Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,206,112 | ---- | M] (InstallShield Software Corporation) -- C:\ProgramData\Application Data\Application Data\FLEXnet\Connect\11\dwusplay.exe
[2012.08.28 19:08:01 | 000,439,664 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\FLEXnet\Connect\11\isdm.exe
[2012.08.28 19:08:02 | 000,087,408 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\FLEXnet\Connect\11\issch.exe
[2012.11.12 17:08:52 | 000,178,592 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFdetect.exe
[2012.08.20 19:19:16 | 000,248,736 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFfix.exe
[2012.11.29 13:22:22 | 000,603,008 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
[2011.04.13 16:16:52 | 000,067,128 | ---- | M] (Hewlett-Packard) -- C:\ProgramData\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\unzip.exe
[2011.06.08 17:58:36 | 000,165,432 | ---- | M] (Microsoft) -- C:\ProgramData\Application Data\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\WaitWindow.exe
[2012.08.28 19:08:02 | 000,718,192 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Macrovision\FLEXnet Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,742,768 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Application Data\Macrovision\FLEXnet Connect\6\agent.exe
[2012.08.28 19:08:01 | 001,373,552 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\FLEXnet\Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,206,112 | ---- | M] (InstallShield Software Corporation) -- C:\ProgramData\Application Data\FLEXnet\Connect\11\dwusplay.exe
[2012.08.28 19:08:01 | 000,439,664 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\FLEXnet\Connect\11\isdm.exe
[2012.08.28 19:08:02 | 000,087,408 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\FLEXnet\Connect\11\issch.exe
[2012.11.12 17:08:52 | 000,178,592 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFdetect.exe
[2012.08.20 19:19:16 | 000,248,736 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFfix.exe
[2012.11.29 13:22:22 | 000,603,008 | ---- | M] (Hewlett-Packard Company) -- C:\ProgramData\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
[2011.04.13 16:16:52 | 000,067,128 | ---- | M] (Hewlett-Packard) -- C:\ProgramData\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\unzip.exe
[2011.06.08 17:58:36 | 000,165,432 | ---- | M] (Microsoft) -- C:\ProgramData\Application Data\Hewlett-Packard\HP Support Framework\Resources\Updater7\WaitWindow.exe
[2012.08.28 19:08:02 | 000,718,192 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Macrovision\FLEXnet Connect\11\agent.exe
[2012.08.28 19:08:02 | 000,742,768 | ---- | M] (Flexera Software, Inc.) -- C:\ProgramData\Application Data\Macrovision\FLEXnet Connect\6\agent.exe

< %APPDATA%\*. >
[2012.10.12 19:07:01 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\Adobe
[2012.10.15 10:40:10 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\ArcSoft
[2012.10.12 19:04:55 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\Atheros
[2012.12.12 18:06:17 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\BSplayer
[2012.10.28 00:51:38 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\BSplayer Pro
[2012.12.21 22:27:37 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\Canneverbe Limited
[2012.11.15 21:47:47 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\Corel
[2013.04.22 12:17:36 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\DAEMON Tools Lite
[2013.04.22 12:17:36 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\DAEMON Tools Pro
[2012.10.12 17:00:46 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\DigitalPersona
[2012.11.15 21:49:35 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\FLEXnet
[2012.10.21 22:58:58 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\Hewlett-Packard
[2012.10.12 19:04:59 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\hpqLog
[2012.10.12 19:04:34 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\Identities
[2013.01.02 01:11:27 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\InstallShield
[2012.10.12 19:05:58 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\Intel Corporation
[2013.03.05 19:30:40 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\LangSoft
[2012.10.12 19:11:05 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\Macromedia
[2013.03.21 00:24:27 | 000,000,000 | --SD | M] -- C:\Users\Filip\AppData\Roaming\Microsoft
[2012.10.12 19:26:31 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\Mozilla
[2012.12.21 20:19:44 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\Nero
[2012.12.21 22:27:27 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\OpenCandy
[2013.04.11 15:48:38 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\Pamela
[2013.04.19 15:56:31 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\Skype
[2013.04.22 12:22:33 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\SUPERAntiSpyware.com
[2012.10.12 19:04:56 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\Synaptics
[2012.12.21 22:28:08 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\TuneUp Software
[2013.04.23 01:16:06 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\uTorrent
[2012.10.13 15:15:55 | 000,000,000 | ---D | M] -- C:\Users\Filip\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009.08.11 22:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Filip\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 22:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Filip\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 15:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Filip\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012.10.11 10:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Filip\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 11:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Filip\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 11:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Filip\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 11:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Filip\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 16:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Filip\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2012.11.28 01:39:16 | 027,905,968 | ---- | M] (TuneUp Software) -- C:\Users\Filip\AppData\Roaming\OpenCandy\B942CE7515104FB39CFFF31B03935DBA\TuneUpUtilities2013_2200329_cs-CZ.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.04.23 01:27:01 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.21 05:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013.01.08 10:41:08 | 003,674,320 | ---- | M] (DT Soft Ltd)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.04.23 01:34:51 | 000,000,512 | ---- | M] () MD5=254BA3FB6A7BFB037F55D2E6BDA703B7 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2006.04.07 18:08:18 | 000,234,324 | ---- | M] () -- \Documents and Settings\Filip\Downloads\Corel-PaintShop-Pro-X\Corel PaintShop Pro X\Corel PaintShop Pro X 10.03 - Crack.exe
[2006.04.07 18:08:18 | 000,234,324 | ---- | M] () -- \Users\Filip\Downloads\Corel-PaintShop-Pro-X\Corel PaintShop Pro X\Corel PaintShop Pro X 10.03 - Crack.exe

< *keygen* /s >
[2013.01.02 00:58:32 | 000,626,688 | ---- | M] () -- \Documents and Settings\Filip\Downloads\Acapela Eliska\Infovox Desktop keygen.exe
[2013.01.02 00:58:32 | 000,626,688 | ---- | M] () -- \Users\Filip\Downloads\Acapela Eliska\Infovox Desktop keygen.exe

< *loader* /s >
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.03.30 20:37:47 | 000,000,673 | ---- | M] () -- \Documents and Settings\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\2.3.19.11_0\Media\ajax-loader.gif
[2011.10.12 15:04:18 | 000,006,643 | ---- | M] () -- \Documents and Settings\Filip\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.1.403\js\downloader.js
[2013.03.21 23:31:52 | 000,006,643 | ---- | M] () -- \Documents and Settings\Filip\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.2.235\js\downloader.js
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Documents and Settings\Filip\AppData\Local\Microsoft\BingBar\Apps\FacebookLike_08e57417866d4faa981702780b0d36c4\7.1.362\js\downloader.js
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Documents and Settings\Filip\AppData\Local\Microsoft\BingBar\Apps\fbsharedservices_bb9c6e8b961d477e9ec95f9698bde610\7.1.362\js\downloader.js
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Documents and Settings\Filip\AppData\Local\Microsoft\BingBar\Apps\Featured_ce53daa069a4a3ad2e3d7d81081f340d\7.1.362\js\downloader.js
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Documents and Settings\Filip\AppData\Local\Microsoft\BingBar\Apps\Chat_cf57b0088a3b4f61a0bfaad0ba784240\7.1.361\js\downloader.js
[2013.01.08 18:54:38 | 000,000,723 | ---- | M] () -- \Documents and Settings\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2DZGOTK3\downloaderror[1].js
[2013.01.08 18:54:38 | 000,001,174 | ---- | M] () -- \Documents and Settings\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2DZGOTK3\downloader[1].js
[2012.12.21 22:00:07 | 000,000,000 | ---- | M] () -- \Documents and Settings\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CI4O53E1\kmplayer_downloader[1].exe
[2013.01.09 12:08:17 | 000,105,903 | ---- | M] () -- \Documents and Settings\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWZH4SLO\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.01.08 18:54:36 | 000,003,784 | ---- | M] () -- \Documents and Settings\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWZH4SLO\bundleloader[1].js
[2013.03.13 01:41:02 | 000,002,895 | ---- | M] () -- \Documents and Settings\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QSB58528\rmsloaderdelayed[1].js
[2013.03.20 16:42:54 | 000,002,895 | ---- | M] () -- \Documents and Settings\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QSB58528\rmsloaderdelayed[2].js
[2012.10.12 19:06:54 | 000,002,756 | ---- | M] () -- \Documents and Settings\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QSB58528\RmsLoader[1].js
[2013.03.21 15:16:39 | 000,002,895 | ---- | M] () -- \Documents and Settings\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2CQDDWF\rmsloaderdelayed[1].js
[2012.12.16 20:44:09 | 004,659,424 | ---- | M] () -- \Documents and Settings\Filip\Downloads\the_war_you_dont_see.avi_downloader_98828.exe
[2009.11.19 04:40:08 | 000,076,288 | ---- | M] () -- \Program Files (x86)\Arcsoft\TotalMedia Suite\Label Maker\uACM_Loader.dll
[2009.11.27 17:22:00 | 000,084,480 | ---- | M] () -- \Program Files (x86)\Arcsoft\TotalMedia Suite\WebCam Companion 3\ASDownloader.exe
[2012.03.06 21:42:34 | 000,370,752 | ---- | M] () -- \Program Files (x86)\Arcsoft\TotalMedia Suite\WebCam Companion 3\SnapFishUploader.dll
[2010.10.07 04:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2006.03.27 11:03:00 | 000,061,440 | ---- | M] () -- \Program Files (x86)\Corel\Corel Paint Shop Pro X\PCULoader.exe
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.362.0\apps\facebook\7.1.362\js\downloader.js
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.362.0\apps\facebooklike\7.1.362\js\downloader.js
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.362.0\apps\fbsharedservices\7.1.362\js\downloader.js
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.362.0\apps\featured\7.1.362\js\downloader.js
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.362.0\apps\games\7.1.362\js\shared\downloader.js
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.362.0\apps\chat\7.1.362\js\downloader.js
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.362.0\scripts\io\downloader.js
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2010.10.07 04:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 04:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
File not found -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Application Data\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Application Data\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Application Data\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Application Data\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.03.30 20:37:47 | 000,000,673 | ---- | M] () -- \Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\2.3.19.11_0\Media\ajax-loader.gif
[2011.10.12 15:04:18 | 000,006,643 | ---- | M] () -- \Users\Filip\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.1.403\js\downloader.js
[2013.03.21 23:31:52 | 000,006,643 | ---- | M] () -- \Users\Filip\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.2.235\js\downloader.js
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Users\Filip\AppData\Local\Microsoft\BingBar\Apps\FacebookLike_08e57417866d4faa981702780b0d36c4\7.1.362\js\downloader.js
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Users\Filip\AppData\Local\Microsoft\BingBar\Apps\fbsharedservices_bb9c6e8b961d477e9ec95f9698bde610\7.1.362\js\downloader.js
[2012.02.01 01:16:24 | 000,006,643 | ---- | M] () -- \Users\Filip\AppData\Local\Microsoft\BingBar\Apps\Featured_ce53daa069a4a3ad2e3d7d81081f340d\7.1.362\js\downloader.js
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Users\Filip\AppData\Local\Microsoft\BingBar\Apps\Chat_cf57b0088a3b4f61a0bfaad0ba784240\7.1.361\js\downloader.js
[2013.01.08 18:54:38 | 000,000,723 | ---- | M] () -- \Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2DZGOTK3\downloaderror[1].js
[2013.01.08 18:54:38 | 000,001,174 | ---- | M] () -- \Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2DZGOTK3\downloader[1].js
[2012.12.21 22:00:07 | 000,000,000 | ---- | M] () -- \Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CI4O53E1\kmplayer_downloader[1].exe
[2013.01.09 12:08:17 | 000,105,903 | ---- | M] () -- \Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWZH4SLO\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.01.08 18:54:36 | 000,003,784 | ---- | M] () -- \Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWZH4SLO\bundleloader[1].js
[2013.03.13 01:41:02 | 000,002,895 | ---- | M] () -- \Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QSB58528\rmsloaderdelayed[1].js
[2013.03.20 16:42:54 | 000,002,895 | ---- | M] () -- \Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QSB58528\rmsloaderdelayed[2].js
[2012.10.12 19:06:54 | 000,002,756 | ---- | M] () -- \Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QSB58528\RmsLoader[1].js
[2013.03.21 15:16:39 | 000,002,895 | ---- | M] () -- \Users\Filip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U2CQDDWF\rmsloaderdelayed[1].js
[2012.12.16 20:44:09 | 004,659,424 | ---- | M] () -- \Users\Filip\Downloads\the_war_you_dont_see.avi_downloader_98828.exe
[2010.03.24 20:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.04.17 06:25:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.04.17 06:25:02 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.04.17 06:29:09 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.04.17 06:25:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.04.17 06:25:02 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.04.17 06:29:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.04.17 06:17:46 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2012.04.17 06:17:46 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2012.04.17 06:17:46 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2012.04.17 06:17:46 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2012.04.17 06:17:46 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.07.25 18:37:15 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.07.25 18:37:15 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.07.25 18:37:15 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.07.25 18:37:15 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.07.25 18:37:15 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2012.04.17 06:16:19 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.07.25 18:37:13 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.07.25 18:37:13 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.04.17 06:25:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.04.17 06:25:02 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.04.17 06:29:09 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.04.17 06:25:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.04.17 06:25:02 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.04.17 06:29:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[2012.10.15 13:50:46 | 001,923,584 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.exe
[2012.10.15 13:50:46 | 000,000,715 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.ini
[2013.04.23 01:26:03 | 000,089,220 | ---- | M] () -- \Windows\AutoKMS\AutoKMS.log
[2013.04.22 09:21:15 | 000,048,614 | ---- | M] () -- \Windows\Prefetch\AUTOKMS.EXE-7CC2D49E.pf
[2013.04.23 01:26:03 | 000,000,266 | ---- | M] () -- \Windows\Tasks\AutoKMS.job

< *activator* /s >

< *serial* /s >
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012.04.17 06:17:28 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.03.14 23:10:46 | 000,000,256 | ---- | M] () -- \Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll.hpsign
[2013.01.24 23:32:40 | 000,434,264 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012.04.17 06:17:28 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.04.17 06:17:18 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.10 10:48:06 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013.01.10 10:40:36 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.10 10:47:09 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\32072ac29ee7bc9e2ccab4fb8aa46d54\System.Runtime.Serialization.ni.dll
[2013.01.10 10:44:09 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8e03b29f6562f1b7ce14fa3337d9cee2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.11 22:42:23 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.11 22:42:57 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
[2013.01.11 22:46:11 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2013.01.10 11:10:36 | 003,412,992 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\a3a3ccd41789ba4eb01f51db6c508222\System.Runtime.Serialization.ni.dll
[2013.01.11 22:34:24 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\c79d7323e38d906c09917fe1d40b2ad7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.11 22:39:09 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\7711bba76f0bf9a22deaa8bb2e09bb16\System.Xml.Serialization.ni.dll
[2013.02.14 08:56:56 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.02.14 08:56:54 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.02.14 08:57:03 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.04.17 06:17:19 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 22:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 22:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.04.17 06:17:16 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 22:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 22:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2012.04.17 06:17:09 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2012.04.17 06:17:09 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2012.04.17 06:17:16 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.04.17 06:17:19 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2012.04.17 06:17:28 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2012.04.17 06:17:21 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011.07.25 18:37:15 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.07.25 18:37:15 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2012.04.17 06:17:47 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2012.04.17 06:17:46 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.07.25 18:37:13 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.07.25 18:37:13 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2012.04.17 06:16:42 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2012.04.17 06:17:18 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2012.04.17 06:17:28 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2012.04.17 06:17:19 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.04.17 06:17:09 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2012.04.17 06:17:28 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

OTL Extras logfile created on: 23.4.2013 1:31:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Filip\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,89 Gb Total Physical Memory | 1,62 Gb Available Physical Memory | 41,66% Memory free
7,77 Gb Paging File | 4,94 Gb Available in Paging File | 63,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,16 Gb Total Space | 237,15 Gb Free Space | 53,51% Space Free | Partition Type: NTFS
Drive E: | 1,99 Gb Total Space | 1,95 Gb Free Space | 98,22% Space Free | Partition Type: FAT32
Drive G: | 20,31 Gb Total Space | 3,10 Gb Free Space | 15,25% Space Free | Partition Type: NTFS

Computer Name: FILIP-HP | User Name: Filip | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1254816485-3975074625-1544191660-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0856AFE0-C858-4B40-80B8-3880B728321D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{109840E8-4317-4A9A-9472-B563FE7911A0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1AEED485-F466-45FE-8C04-BDDC7A42C6CC}" = rport=138 | protocol=17 | dir=out | app=system |
"{1EF03E62-CF2D-42A3-8AB8-BB94C6666220}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{393482C7-5B9B-47E2-92B8-FEED909316B3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3C5996C5-C2B9-41FE-86D6-9E8080C9587E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4C5A84FE-D425-4967-A49A-A58FC641D9DF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{4D36193E-3C39-48AF-9FE7-8B86DCE6FAA1}" = rport=139 | protocol=6 | dir=out | app=system |
"{56170B96-3CFF-4601-A717-7B31E7EC28B7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6A8B7021-B41A-40AC-834F-7781A3ACF9B9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6BC56FD5-E503-444D-AB01-82DBD49ECE83}" = lport=445 | protocol=6 | dir=in | app=system |
"{73D5DFC7-A530-467B-BE4F-588669DA95CE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7B0921E3-B0E5-4C82-95D1-50B82BACFF27}" = rport=137 | protocol=17 | dir=out | app=system |
"{7ECE621D-A690-42A7-91F7-3CC562069881}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ADCDA3BD-DBD0-40A7-8745-6B9897B88FF9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B66B7F0D-37F7-48D3-BC39-0EAD13EC3571}" = lport=139 | protocol=6 | dir=in | app=system |
"{C2BD7F4A-B3F2-41EE-8343-D732DE5172E3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DDF8E9EA-05CC-40A4-8884-DAD8DE38676E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{DE962C4A-CFDB-4951-B686-449BCE89B6CA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F080D0C2-DBD6-407D-B451-371AC3055831}" = rport=445 | protocol=6 | dir=out | app=system |
"{F6B48DEB-3100-4061-9940-8B15500F390C}" = lport=138 | protocol=17 | dir=in | app=system |
"{FB000E90-D497-4514-A01E-4F6EAAE84671}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0226FB71-643B-45B6-95FC-7F85321C8104}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{04722102-5658-42D6-910B-A96285BC2EA8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0501002A-1D56-49E2-9A0F-88C1B9FB5FF0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0934B6DE-0601-433C-8D3C-9F8EC73B0C11}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{20DE9C4F-E2F1-47DD-86E6-78BCE25854E7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{37175FB6-8178-490E-971C-728E9C73955B}" = protocol=6 | dir=out | app=system |
"{506BC99C-A025-404C-8A96-2DC4EA2B1BBD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5464AF3A-1B72-4D6D-B128-A950074550F8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{5467BA96-9D4E-4A3F-B421-00FF4E928520}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{673353F1-7313-4BBC-86CF-353FC36028B4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{782C0D71-B981-4704-8DF0-6F9AB560A2DB}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{AF1F200A-A120-453F-8E72-4590C4FCF660}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B260C215-409B-47A5-BA12-BE3D06CE9E99}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B5B4A10D-BAEA-4B16-85A9-67438D44874A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BB566CEB-BE32-4972-8EFB-CF40DD662120}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BC67BD3F-B3C4-4614-A9AA-59E40CEA042B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BE028994-49FD-4D88-911C-918785EF098C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C036B2C0-6189-4D52-A302-5B3C54A648AC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C4D556D3-CC5F-4C2E-9FEE-7F229B298E07}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C6C91D4F-EB71-4652-AC5A-EB71ACD8F01A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C71FA2DB-E4CC-4C17-80F4-EF0AA19ACA18}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{CB68FE35-A21B-4904-973A-1CDB2C340C07}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{CE470931-6542-4B67-872C-4663AFD9C1BF}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{D7B6911B-C016-4B59-B9AB-7FB38906FDB8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D8F91654-873E-444E-BA26-E874C10B607F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DEB136C8-25B2-4AE4-9535-CED8B264D762}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{F820532D-7388-45C2-B41F-320C7AF4E77F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{F93353D1-1F5A-4CAB-8663-33F6BD4B242F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{2534B7B5-3A8F-466F-B125-0BE73929B0E9}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{38AC266C-FD33-4A59-9620-E88F761664DA}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{93AB3BAB-0C8C-48ED-86AA-4B7C86B28EF6}C:\program files (x86)\relevantknowledge\rlvknlg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\relevantknowledge\rlvknlg.exe |
"UDP Query User{38C682B5-3A4C-4732-BA5C-4C008CEBB6AF}C:\program files (x86)\relevantknowledge\rlvknlg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\relevantknowledge\rlvknlg.exe |
"UDP Query User{A90E9B5D-103B-4839-98DA-91605E110CE1}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{F1D4128D-0FC0-4C53-87B8-29E936D04F31}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{08300D81-FADB-4652-B2FD-58400CC57497}" = Microsoft Antimalware Service Multi-Language Pack
"{171C7193-1BB5-4619-BF23-E962598CAB13}" = Intel® Trusted Connect Service Client
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}" = Drive Encryption For HP ProtectTools
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{5B4F3B85-83F0-4BBF-9052-7A38B6B09634}" = HP 3D DriveGuard
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{84642787-58C0-44AE-8B26-E2F544E380A1}" = HP Power Assistant
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{93581599-ECF1-4DCD-BE36-BD969A6C8DB5}" = Validity Fingerprint Sensor Driver
"{98A823BA-F3C6-4CD3-A166-DE5B8ACCCED2}" = Microsoft Security Client MUI Language Pack
"{A535F266-291E-447F-ABE6-0BE17D0CB036}" = HP ProtectTools Security Manager
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CA2F6FAD-D8CD-42C1-B04D-6E5B1B1CFDCC}" = Privacy Manager for HP ProtectTools
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CF}" = WinZip 15.0
"{D3A775F2-2674-4452-8D80-1FC1446052EE}" = Face Recognition for HP ProtectTools
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Face Recognition for HP ProtectTools" = Face Recognition for HP ProtectTools
"HPProtectTools" = HP ProtectTools Security Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}" = Theft Recovery for HP ProtectTools
"{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}" = HP Wallpaper
"{16793295-2366-40F7-A045-A3E42A81365E}" = Bing Bar
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{223AE3E8-4445-410F-8EDA-13EC137E3BDB}" = HP SoftPaq Download Manager
"{22706ADC-74A1-43A0-ABAE-47F84966B909}" = HP Connection Manager
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{438363A8-F486-4C37-834C-4955773CB3D3}" = HP Setup
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP 3.92
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{52C32940-C538-40CF-8DE9-B91090F49938}" = Infovox Desktop 2.2
"{550BFF6E-7376-11E1-99EA-984BE15F174E}" = Evernote v. 4.5.4
"{6357258D-2BF9-49E7-A9EF-0C609D52C46D}" = HP ESU for Microsoft Windows 7
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{658A8756-7B1E-44FD-A434-D777DD906232}" = HP Software Setup
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{683315B1-68E0-4A1B-9397-509C3EB911D2}" = MusicJet
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{90120000-00B0-0409-0000-0000000FF1CE}" = Microsoft Save as PDF Add-in for 2007 Microsoft Office programs
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.SingleImage_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.SingleImage_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0405-1000-0000000FF1CE}_Office14.SingleImage_{AB90513B-B892-41B5-8F8B-1D356A449652}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.SingleImage_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.SingleImage_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{962CB079-85E6-405F-8704-1C62365AE46F}" = HP Software Framework
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A351CC1B-C92C-4F37-8109-9F6D33ACF5EF}" = HP Documentation
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{B3B67519-2201-4C38-8002-D54473D651F9}" = ArcSoft TotalMedia
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C4E9E8A4-EEC4-4F9E-B140-520A8B75F430}" = HP System Default Settings
"{C97CC14E-4789-4FC5-BC75-79191F7CE009}" = HP Hotkey Support
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArcSoft TotalMedia" = ArcSoft TotalMedia
"avast" = avast! Free Antivirus
"BSPlayerf" = BS.Player FREE
"Convert WAV To MP3_is1" = Convert WAV To MP3 1.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"DX-Ball 1.09" = DX-Ball 1.09
"euroword_anglictina" = DEMO euroword_anglictina
"Google Chrome" = Google Chrome
"Chytrá angličtina - DEMO" = Chytrá angličtina - DEMO
"InnerEnc 1.2_is1" = InnerEnc 1.2
"InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}" = Theft Recovery for HP ProtectTools
"Mozilla Firefox 19.0.2 (x86 cs)" = Mozilla Firefox 19.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MusicJet" = MusicJet
"Office14.SingleImage" = Microsoft Office 2010 pro podnikatele
"PDF Complete" = PDF Complete Corporate Edition
"Sunplus SPUVCb" = HP HD Webcam Driver
"The KMPlayer" = The KMPlayer (remove only)
"Toolbar Cleaner" = Toolbar Cleaner 1.0
"TS Angličtina 5 (plná instalace)" = TS Angličtina 5 (plná instalace)
"uTorrent" = µTorrent
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1254816485-3975074625-1544191660-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 20.0.1 (x86 cs)" = Mozilla Firefox 20.0.1 (x86 cs)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 21.3.2013 12:52:12 | Computer Name = Filip-HP | Source = WinMgmt | ID = 10
Description =

Error - 21.3.2013 14:31:17 | Computer Name = Filip-HP | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.

Error - 24.3.2013 15:36:43 | Computer Name = Filip-HP | Source = WinMgmt | ID = 10
Description =

Error - 25.3.2013 6:40:39 | Computer Name = Filip-HP | Source = WinMgmt | ID = 10
Description =

Error - 25.3.2013 7:56:31 | Computer Name = Filip-HP | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.

Error - 26.3.2013 3:29:09 | Computer Name = Filip-HP | Source = WinMgmt | ID = 10
Description =

Error - 26.3.2013 7:57:53 | Computer Name = Filip-HP | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.

Error - 28.3.2013 14:56:48 | Computer Name = Filip-HP | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.

Error - 29.3.2013 16:58:45 | Computer Name = Filip-HP | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.

Error - 30.3.2013 6:49:31 | Computer Name = Filip-HP | Source = WinMgmt | ID = 10
Description =

[ Hewlett-Packard Events ]
Error - 12.10.2012 11:02:54 | Computer Name = Filip-HP | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 v System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) v System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) v System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) v System.Activator.CreateInstance(Type
type, Boolean nonPublic) v HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
v System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)

v System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)

v System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) v System.Activator.CreateInstance(Type type, Boolean nonPublic)

v HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib

Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: cs-CZ RAM: 3979 Ram
Utilization: TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)

[ HP Connection Manager Events ]
Error - 4.2.2013 6:03:19 | Computer Name = Filip-HP | Source = hpMobile | ID = 5
Description = 2013.02.04 11:03:19.791|00000608|Error |[HP.Mobile]Wlan::b{void()}|Neplatné
údaje. (Výjimka na základě hodnoty HRESULT: 0x8007000D)

Error - 20.3.2013 10:37:29 | Computer Name = Filip-HP | Source = hpMobile | ID = 5
Description = 2013.03.20 15:37:29.973|00000F04|Error |[HP.Mobile]Wlan::b{void()}|Neplatné
údaje. (Výjimka na základě hodnoty HRESULT: 0x8007000D)

Error - 21.3.2013 9:15:17 | Computer Name = Filip-HP | Source = hpMobile | ID = 5
Description = 2013.03.21 14:15:17.783|00000314|Error |[HP.Mobile]Wlan::b{void()}|Neplatné
údaje. (Výjimka na základě hodnoty HRESULT: 0x8007000D)

Error - 30.3.2013 12:16:41 | Computer Name = Filip-HP | Source = hpMobile | ID = 5
Description = 2013.03.30 17:16:41.909|00001584|Error |[HP.Mobile]Wlan::b{void()}|Neplatné
údaje. (Výjimka na základě hodnoty HRESULT: 0x8007000D)

Error - 4.4.2013 2:45:21 | Computer Name = Filip-HP | Source = hpMobile | ID = 5
Description = 2013.04.04 08:45:21.927|00001160|Error |[HP.Mobile]Wlan::b{void()}|Neplatné
údaje. (Výjimka na základě hodnoty HRESULT: 0x8007000D)

Error - 4.4.2013 2:56:25 | Computer Name = Filip-HP | Source = hpMobile | ID = 5
Description = 2013.04.04 08:56:25.355|00001160|Error |[HP.Mobile]Wlan::b{void()}|Neplatné
údaje. (Výjimka na základě hodnoty HRESULT: 0x8007000D)

Error - 8.4.2013 8:15:53 | Computer Name = Filip-HP | Source = hpMobile | ID = 5
Description = 2013.04.08 14:15:53.299|00001714|Error |[HP.Mobile]Wlan::b{void()}|Neplatné
údaje. (Výjimka na základě hodnoty HRESULT: 0x8007000D)

[ HP Software Framework Events ]
Error - 7.4.2013 16:24:26 | Computer Name = Filip-HP | Source = CaslSmBios | ID = 5
Description = 2013.04.07 22:24:26.079|00001BB8|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Odkaz na objekt není nastaven na instanci
objektu.

Error - 7.4.2013 16:24:26 | Computer Name = Filip-HP | Source = CaslSmBios | ID = 5
Description = 2013.04.07 22:24:26.116|00001BB8|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged.2.0 event. Exception: Odkaz na objekt
není nastaven na instanci objektu.

Error - 15.4.2013 5:55:02 | Computer Name = Filip-HP | Source = CaslSmBios | ID = 5
Description = 2013.04.15 11:55:02.250|000013F4|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Odkaz na objekt není nastaven na instanci
objektu.

Error - 15.4.2013 5:55:02 | Computer Name = Filip-HP | Source = CaslSmBios | ID = 5
Description = 2013.04.15 11:55:02.285|000013F4|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged.2.0 event. Exception: Odkaz na objekt
není nastaven na instanci objektu.

Error - 16.4.2013 18:54:31 | Computer Name = Filip-HP | Source = CaslSmBios | ID = 5
Description = 2013.04.17 00:54:31.435|00001240|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Odkaz na objekt není nastaven na instanci
objektu.

Error - 16.4.2013 18:54:31 | Computer Name = Filip-HP | Source = CaslSmBios | ID = 5
Description = 2013.04.17 00:54:31.471|00001240|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged.2.0 event. Exception: Odkaz na objekt
není nastaven na instanci objektu.

Error - 22.4.2013 6:31:55 | Computer Name = Filip-HP | Source = CaslSmBios | ID = 5
Description = 2013.04.22 12:31:55.520|00000488|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Odkaz na objekt není nastaven na instanci
objektu.

Error - 22.4.2013 6:31:55 | Computer Name = Filip-HP | Source = CaslSmBios | ID = 5
Description = 2013.04.22 12:31:55.673|00000488|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged.2.0 event. Exception: Odkaz na objekt
není nastaven na instanci objektu.

Error - 22.4.2013 6:52:41 | Computer Name = Filip-HP | Source = CaslSmBios | ID = 5
Description = 2013.04.22 12:52:41.199|00000EBC|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Odkaz na objekt není nastaven na instanci
objektu.

Error - 22.4.2013 6:52:41 | Computer Name = Filip-HP | Source = CaslSmBios | ID = 5
Description = 2013.04.22 12:52:41.236|00000EBC|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged.2.0 event. Exception: Odkaz na objekt
není nastaven na instanci objektu.

[ System Events ]
Error - 6.4.2013 6:17:04 | Computer Name = Filip-HP | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842

Error - 7.4.2013 4:16:51 | Computer Name = Filip-HP | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842

Error - 8.4.2013 1:37:55 | Computer Name = Filip-HP | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842

Error - 8.4.2013 3:25:34 | Computer Name = Filip-HP | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842

Error - 8.4.2013 3:35:07 | Computer Name = Filip-HP | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.147.1234.0 Zdroj aktualizace: %%859 Fáze aktualizace:
%%852 Zdrojová cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace:
%%803 Uživatel: NT AUTHORITY\SYSTEM Aktuální verze stroje: Předchozí verze stroje:
1.1.9302.0 Kód chyby: 0x8024402c Popis chyby: Při zjišťování aktualizací došlo k
neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete
v nápovědě a podpoře.

Error - 9.4.2013 9:12:13 | Computer Name = Filip-HP | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842

Error - 11.4.2013 2:45:26 | Computer Name = Filip-HP | Source = Ntfs | ID = 262281
Description = Výchozí správce prostředků transakcí na svazku H: zaznamenal neopakovatelnou
chybu a nemohl být spuštěn. Data obsahují kód chyby.

Error - 11.4.2013 2:47:43 | Computer Name = Filip-HP | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842

Error - 12.4.2013 5:16:09 | Computer Name = Filip-HP | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842

Error - 13.4.2013 3:55:13 | Computer Name = Filip-HP | Source = Microsoft Antimalware | ID = 3002
Description = %%860 – funkce ochrany v reálném čase selhala z důvodu chyby. Funkce:
%%835 Kód chyby: 0x80004005 Popis chyby: Nespecifikovaná chyba Důvod: %%842

< End of report >

diky;)

Ten program neznam. Je to normalni oficialni ferze - free? Nebo cracknuta?

A co provedem s tim office?

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

je to normalni ofic verze https://prezi.com/desktop, jedna se o program pro tvorbu "prezentaci" u rodicu na pc mi sel normalne a na notasu mi nejde :-/

mam v planu zacit pouzivat openoffice

jdu na to skenovani

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.04.23.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Filip :: FILIP-HP [administrátor]

Ochrana: Povolena

23.4.2013 11:22:06
MBAM-log-2013-04-23 (12-13-54).txt

Typ: Kompletní kontrola (C:\|E:\|G:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 359637
Uplynulý čas: 51 minut, 15 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\Users\Filip\Downloads\ConvertWAVToMP3Setup.exe (PUP.Adware.RKN) -> Nebyla provedena žádná instrukce.
C:\Windows\AutoKMS\AutoKMS.exe (Trojan.AutoKMS) -> Nebyla provedena žádná instrukce.

(konec)

A jaky tam maji operacni system?

Ten plan s OpenOffice budete muset urychlit, jinak podle pravidel fora nemuzem pokracovat.

Nalezy smazte, pak MBAM odinstalujte.

Pak dejte novy log z RSIT, uz bez tech cracknutych office a docistime to

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu