VIRY.CZ

LOG JE DLOUHÝ TAK HO DÁVÁM NA DVĚ ČÁSTI


Logfile of random's system information tool 1.09 (written by random/random)
Run by Monty at 2013-07-06 09:19:03
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 352 GB (77%) free of 455 GB
Total RAM: 4044 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:19:11, on 6.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Seznam.cz\bin\postak.exe
C:\Program Files (x86)\Codyssey(FREERASER)\Freeraser\Freeraser.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Monty.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7076] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\Desk 365.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9541] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\Desk 365.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1014] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\eUninstall.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2103] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\eUninstall.lnk"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4036] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\accelerate"
O4 - HKLM\..\RunOnce: [SpybotDeletingC139] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\accelerate"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5578] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_bkg_list.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC825] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_bkg_list.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3207] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_list.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6306] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_list.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8264] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_settings.ini"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8404] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_settings.ini"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7513] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\process_mgr.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7712] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\process_mgr.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5531] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\promote.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9526] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\promote.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5779] command.com /c del "C:\Program Files (x86)\Desk 365\desk_bkg_list.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7208] cmd.exe /c del "C:\Program Files (x86)\Desk 365\desk_bkg_list.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2012] command.com /c del "C:\Program Files (x86)\Desk 365\desk_list.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8326] cmd.exe /c del "C:\Program Files (x86)\Desk 365\desk_list.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6865] command.com /c del "C:\Program Files (x86)\Desk 365\desk_settings.ini"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9831] cmd.exe /c del "C:\Program Files (x86)\Desk 365\desk_settings.ini"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7395] command.com /c del "C:\Program Files (x86)\Desk 365\desk365.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9261] cmd.exe /c del "C:\Program Files (x86)\Desk 365\desk365.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5219] command.com /c del "C:\Program Files (x86)\Desk 365\deskSvc.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8056] cmd.exe /c del "C:\Program Files (x86)\Desk 365\deskSvc.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9342] command.com /c del "C:\Program Files (x86)\Desk 365\ebase.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5756] cmd.exe /c del "C:\Program Files (x86)\Desk 365\ebase.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3927] command.com /c del "C:\Program Files (x86)\Desk 365\edeskcmn.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6475] cmd.exe /c del "C:\Program Files (x86)\Desk 365\edeskcmn.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA71] command.com /c del "C:\Program Files (x86)\Desk 365\eDhelper.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5677] cmd.exe /c del "C:\Program Files (x86)\Desk 365\eDhelper.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7070] command.com /c del "C:\Program Files (x86)\Desk 365\eDhelper64.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2000] cmd.exe /c del "C:\Program Files (x86)\Desk 365\eDhelper64.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA559] command.com /c del "C:\Program Files (x86)\Desk 365\edis.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5100] cmd.exe /c del "C:\Program Files (x86)\Desk 365\edis.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6093] command.com /c del "C:\Program Files (x86)\Desk 365\edis64.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4130] cmd.exe /c del "C:\Program Files (x86)\Desk 365\edis64.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA2963] command.com /c del "C:\Program Files (x86)\Desk 365\ElexDbg.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC8641] cmd.exe /c del "C:\Program Files (x86)\Desk 365\ElexDbg.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7986] command.com /c del "C:\Program Files (x86)\Desk 365\eUninstall.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2864] cmd.exe /c del "C:\Program Files (x86)\Desk 365\eUninstall.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8085] command.com /c del "C:\Program Files (x86)\Desk 365\libpng.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3741] cmd.exe /c del "C:\Program Files (x86)\Desk 365\libpng.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8682] command.com /c del "C:\Program Files (x86)\Desk 365\main"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4490] cmd.exe /c del "C:\Program Files (x86)\Desk 365\main"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1511] command.com /c del "C:\Program Files (x86)\Desk 365\ouilibnl.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1565] cmd.exe /c del "C:\Program Files (x86)\Desk 365\ouilibnl.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9767] command.com /c del "C:\Program Files (x86)\Desk 365\process_mgr.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1845] cmd.exe /c del "C:\Program Files (x86)\Desk 365\process_mgr.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9474] command.com /c del "C:\Program Files (x86)\Desk 365\promote.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC232] cmd.exe /c del "C:\Program Files (x86)\Desk 365\promote.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4348] command.com /c del "C:\Program Files (x86)\Desk 365\recent.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7487] cmd.exe /c del "C:\Program Files (x86)\Desk 365\recent.xml"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3019] command.com /c del "C:\Program Files (x86)\Desk 365\sqlite3.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5942] cmd.exe /c del "C:\Program Files (x86)\Desk 365\sqlite3.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8532] command.com /c del "C:\Program Files (x86)\Desk 365\svc.conf"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5985] cmd.exe /c del "C:\Program Files (x86)\Desk 365\svc.conf"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9443] command.com /c del "C:\Program Files (x86)\Desk 365\TrayDownloader.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7514] cmd.exe /c del "C:\Program Files (x86)\Desk 365\TrayDownloader.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9528] command.com /c del "C:\Program Files (x86)\Desk 365\zlib1.dll"
O4 - HKLM\..\RunOnce: [SpybotDeletingC105] cmd.exe /c del "C:\Program Files (x86)\Desk 365\zlib1.dll"
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files (x86)\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [Freeraser] C:\Program Files (x86)\Codyssey(FREERASER)\Freeraser\Freeraser.exe
O4 - HKCU\..\Run: [DS Clock] "C:\Program Files\DS Clock\DSClock.exe"
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB8545] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\Desk 365.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5583] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\Desk 365.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9736] command.com /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\eUninstall.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7101] cmd.exe /c del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\eUninstall.lnk"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4803] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\accelerate"
O4 - HKCU\..\RunOnce: [SpybotDeletingD294] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\accelerate"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3548] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_bkg_list.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2391] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_bkg_list.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7055] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_list.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD318] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_list.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1970] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_settings.ini"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2744] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\desk_settings.ini"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3829] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\process_mgr.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4081] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\process_mgr.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5029] command.com /c del "C:\Users\Monty\AppData\Roaming\Desk 365\promote.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8464] cmd.exe /c del "C:\Users\Monty\AppData\Roaming\Desk 365\promote.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4922] command.com /c del "C:\Program Files (x86)\Desk 365\desk_bkg_list.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7805] cmd.exe /c del "C:\Program Files (x86)\Desk 365\desk_bkg_list.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1487] command.com /c del "C:\Program Files (x86)\Desk 365\desk_list.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1300] cmd.exe /c del "C:\Program Files (x86)\Desk 365\desk_list.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7840] command.com /c del "C:\Program Files (x86)\Desk 365\desk_settings.ini"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4048] cmd.exe /c del "C:\Program Files (x86)\Desk 365\deskSvc.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1108] command.com /c del "C:\Program Files (x86)\Desk 365\desk365.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6615] cmd.exe /c del "C:\Program Files (x86)\Desk 365\desk365.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6308] command.com /c del "C:\Program Files (x86)\Desk 365\deskSvc.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4594] command.com /c del "C:\Program Files (x86)\Desk 365\ebase.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5971] cmd.exe /c del "C:\Program Files (x86)\Desk 365\ebase.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5560] command.com /c del "C:\Program Files (x86)\Desk 365\edeskcmn.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7424] cmd.exe /c del "C:\Program Files (x86)\Desk 365\edeskcmn.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5884] command.com /c del "C:\Program Files (x86)\Desk 365\eDhelper.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4132] cmd.exe /c del "C:\Program Files (x86)\Desk 365\eDhelper.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6460] command.com /c del "C:\Program Files (x86)\Desk 365\eDhelper64.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3157] cmd.exe /c del "C:\Program Files (x86)\Desk 365\eDhelper64.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8273] command.com /c del "C:\Program Files (x86)\Desk 365\edis.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7343] cmd.exe /c del "C:\Program Files (x86)\Desk 365\edis.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9703] command.com /c del "C:\Program Files (x86)\Desk 365\edis64.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9793] cmd.exe /c del "C:\Program Files (x86)\Desk 365\edis64.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4345] command.com /c del "C:\Program Files (x86)\Desk 365\ElexDbg.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8018] cmd.exe /c del "C:\Program Files (x86)\Desk 365\ElexDbg.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7402] command.com /c del "C:\Program Files (x86)\Desk 365\eUninstall.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4982] cmd.exe /c del "C:\Program Files (x86)\Desk 365\eUninstall.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6948] command.com /c del "C:\Program Files (x86)\Desk 365\libpng.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9585] cmd.exe /c del "C:\Program Files (x86)\Desk 365\libpng.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9307] command.com /c del "C:\Program Files (x86)\Desk 365\main"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8518] cmd.exe /c del "C:\Program Files (x86)\Desk 365\main"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5249] command.com /c del "C:\Program Files (x86)\Desk 365\ouilibnl.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2613] cmd.exe /c del "C:\Program Files (x86)\Desk 365\ouilibnl.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4706] command.com /c del "C:\Program Files (x86)\Desk 365\process_mgr.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7008] cmd.exe /c del "C:\Program Files (x86)\Desk 365\process_mgr.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9794] command.com /c del "C:\Program Files (x86)\Desk 365\promote.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4602] cmd.exe /c del "C:\Program Files (x86)\Desk 365\promote.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3308] command.com /c del "C:\Program Files (x86)\Desk 365\recent.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9180] cmd.exe /c del "C:\Program Files (x86)\Desk 365\recent.xml"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7386] command.com /c del "C:\Program Files (x86)\Desk 365\sqlite3.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1547] cmd.exe /c del "C:\Program Files (x86)\Desk 365\sqlite3.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4778] command.com /c del "C:\Program Files (x86)\Desk 365\svc.conf"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9353] cmd.exe /c del "C:\Program Files (x86)\Desk 365\svc.conf"
O4 - HKCU\..\RunOnce: [SpybotDeletingB593] command.com /c del "C:\Program Files (x86)\Desk 365\TrayDownloader.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2548] cmd.exe /c del "C:\Program Files (x86)\Desk 365\TrayDownloader.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6516] command.com /c del "C:\Program Files (x86)\Desk 365\zlib1.dll"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7835] cmd.exe /c del "C:\Program Files (x86)\Desk 365\zlib1.dll"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: DS Clock Synchronization Service www.dualitysoft.com (DSClockSyncTime) - Duality Software - C:\Program Files\DS Clock\dsetime.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC Service (SamsungAllShare) - Unknown owner - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\WiselinkPro.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe

--
End of file - 29836 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\AUDIODG.EXE 0x328
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\DS Clock\dsetime.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
"C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\diMaster.dll" /prefetch:1
C:\Windows\SysWOW64\IoctlSvc.exe
"C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\WiselinkPro.exe"
"taskhost.exe"
"C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe"
\??\C:\Windows\system32\conhost.exe "-777284502422592462-8974451883969022401533281735192444471492993708395472631
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe" /c /a /s UserSession
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe" /c /a /s UserSession2
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3504
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {C1F03041-C321-4F50-A357-5DEF127EE327}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Seznam.cz\bin\postak.exe" -s
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Codyssey(FREERASER)\Freeraser\Freeraser.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\DS Clock\dsclock.exe"
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\ProgramData\eSafe\eGdpSvc.exe
taskeng.exe {EEE4F6F5-FDAD-48F1-9EF6-7DC10408A33B}
"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"
"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.google.cz
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2600.0.1212525722\1365100454" --supports-dual-gpus=false --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.830.6.3000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/1/OneClickSignIn/Standard/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --enable-threaded-compositing --channel="2600.2.586601609\826672196" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/1/OneClickSignIn/Standard/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="2600.3.1924136161\791710019" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/1/OneClickSignIn/Standard/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --extension-process --renderer-print-preview --enable-threaded-compositing --channel="2600.4.1483320234\1949748772" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Monty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0\npcoplgn.dll" --lang=cs --channel="2600.5.2074200027\1709068162" /prefetch:-390060480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/1/OneClickSignIn/Standard/Prerender/PrerenderEnabled/SpdyCwnd/cwndMin16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="2600.6.839990896\1150848296" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2600.7.1687581482\2081448666" --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/1/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndMin16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="2600.22.502122821\1647762344" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/1/OneClickSignIn/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndMin16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --channel="2600.25.1155151916\1381937731" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe56_ Global\UsGthrCtrlFltPipeMssGthrPipe56 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Monty\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForMonty.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-05-06 1746760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL [2013-04-08 387040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-05-06 1598280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-06-14 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll [2013-05-30 509776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-06-10 2799912]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-06-08 1128448]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-06-14 932000]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-06-14 795808]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-15 168216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-15 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-15 416024]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Seznam Postak"=C:\Program Files (x86)\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"Freeraser"=C:\Program Files (x86)\Codyssey(FREERASER)\Freeraser\Freeraser.exe [2009-04-15 1903104]
"DS Clock"=C:\Program Files\DS Clock\DSClock.exe [2012-12-17 1350608]
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-05-23 1106288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingB8545"=command.com /c del C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\Desk 365.lnk []
"SpybotDeletingD5583"=cmd.exe /c del C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\Desk 365.lnk []
"SpybotDeletingB9736"=command.com /c del C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\eUninstall.lnk []
"SpybotDeletingD7101"=cmd.exe /c del C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\eUninstall.lnk []
"SpybotDeletingB4803"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\accelerate []
"SpybotDeletingD294"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\accelerate []
"SpybotDeletingB3548"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_bkg_list.xml []
"SpybotDeletingD2391"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_bkg_list.xml []
"SpybotDeletingB7055"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_list.xml []
"SpybotDeletingD318"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_list.xml []
"SpybotDeletingB1970"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_settings.ini []
"SpybotDeletingD2744"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_settings.ini []
"SpybotDeletingB3829"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\process_mgr.xml []
"SpybotDeletingD4081"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\process_mgr.xml []
"SpybotDeletingB5029"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\promote.xml []
"SpybotDeletingD8464"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\promote.xml []
"SpybotDeletingB4922"=command.com /c del C:\Program Files (x86)\Desk 365\desk_bkg_list.xml []
"SpybotDeletingD7805"=cmd.exe /c del C:\Program Files (x86)\Desk 365\desk_bkg_list.xml []
"SpybotDeletingB1487"=command.com /c del C:\Program Files (x86)\Desk 365\desk_list.xml []
"SpybotDeletingD1300"=cmd.exe /c del C:\Program Files (x86)\Desk 365\desk_list.xml []
"SpybotDeletingB7840"=command.com /c del C:\Program Files (x86)\Desk 365\desk_settings.ini []
"SpybotDeletingD4048"=cmd.exe /c del C:\Program Files (x86)\Desk 365\deskSvc.exe []
"SpybotDeletingB1108"=command.com /c del C:\Program Files (x86)\Desk 365\desk365.exe []
"SpybotDeletingD6615"=cmd.exe /c del C:\Program Files (x86)\Desk 365\desk365.exe []
"SpybotDeletingB6308"=command.com /c del C:\Program Files (x86)\Desk 365\deskSvc.exe []
"SpybotDeletingB4594"=command.com /c del C:\Program Files (x86)\Desk 365\ebase.dll []
"SpybotDeletingD5971"=cmd.exe /c del C:\Program Files (x86)\Desk 365\ebase.dll []
"SpybotDeletingB5560"=command.com /c del C:\Program Files (x86)\Desk 365\edeskcmn.dll []
"SpybotDeletingD7424"=cmd.exe /c del C:\Program Files (x86)\Desk 365\edeskcmn.dll []
"SpybotDeletingB5884"=command.com /c del C:\Program Files (x86)\Desk 365\eDhelper.exe []
"SpybotDeletingD4132"=cmd.exe /c del C:\Program Files (x86)\Desk 365\eDhelper.exe []
"SpybotDeletingB6460"=command.com /c del C:\Program Files (x86)\Desk 365\eDhelper64.exe []
"SpybotDeletingD3157"=cmd.exe /c del C:\Program Files (x86)\Desk 365\eDhelper64.exe []
"SpybotDeletingB8273"=command.com /c del C:\Program Files (x86)\Desk 365\edis.dll []
"SpybotDeletingD7343"=cmd.exe /c del C:\Program Files (x86)\Desk 365\edis.dll []
"SpybotDeletingB9703"=command.com /c del C:\Program Files (x86)\Desk 365\edis64.dll []
"SpybotDeletingD9793"=cmd.exe /c del C:\Program Files (x86)\Desk 365\edis64.dll []
"SpybotDeletingB4345"=command.com /c del C:\Program Files (x86)\Desk 365\ElexDbg.dll []
"SpybotDeletingD8018"=cmd.exe /c del C:\Program Files (x86)\Desk 365\ElexDbg.dll []
"SpybotDeletingB7402"=command.com /c del C:\Program Files (x86)\Desk 365\eUninstall.exe []
"SpybotDeletingD4982"=cmd.exe /c del C:\Program Files (x86)\Desk 365\eUninstall.exe []
"SpybotDeletingB6948"=command.com /c del C:\Program Files (x86)\Desk 365\libpng.dll []
"SpybotDeletingD9585"=cmd.exe /c del C:\Program Files (x86)\Desk 365\libpng.dll []
"SpybotDeletingB9307"=command.com /c del C:\Program Files (x86)\Desk 365\main []
"SpybotDeletingD8518"=cmd.exe /c del C:\Program Files (x86)\Desk 365\main []
"SpybotDeletingB5249"=command.com /c del C:\Program Files (x86)\Desk 365\ouilibnl.dll []
"SpybotDeletingD2613"=cmd.exe /c del C:\Program Files (x86)\Desk 365\ouilibnl.dll []
"SpybotDeletingB4706"=command.com /c del C:\Program Files (x86)\Desk 365\process_mgr.xml []
"SpybotDeletingD7008"=cmd.exe /c del C:\Program Files (x86)\Desk 365\process_mgr.xml []
"SpybotDeletingB9794"=command.com /c del C:\Program Files (x86)\Desk 365\promote.xml []
"SpybotDeletingD4602"=cmd.exe /c del C:\Program Files (x86)\Desk 365\promote.xml []
"SpybotDeletingB3308"=command.com /c del C:\Program Files (x86)\Desk 365\recent.xml []
"SpybotDeletingD9180"=cmd.exe /c del C:\Program Files (x86)\Desk 365\recent.xml []
"SpybotDeletingB7386"=command.com /c del C:\Program Files (x86)\Desk 365\sqlite3.dll []
"SpybotDeletingD1547"=cmd.exe /c del C:\Program Files (x86)\Desk 365\sqlite3.dll []
"SpybotDeletingB4778"=command.com /c del C:\Program Files (x86)\Desk 365\svc.conf []
"SpybotDeletingD9353"=cmd.exe /c del C:\Program Files (x86)\Desk 365\svc.conf []
"SpybotDeletingB593"=command.com /c del C:\Program Files (x86)\Desk 365\TrayDownloader.exe []
"SpybotDeletingD2548"=cmd.exe /c del C:\Program Files (x86)\Desk 365\TrayDownloader.exe []
"SpybotDeletingB6516"=command.com /c del C:\Program Files (x86)\Desk 365\zlib1.dll []
"SpybotDeletingD7835"=cmd.exe /c del C:\Program Files (x86)\Desk 365\zlib1.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [2011-02-18 250768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2779024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-03-28 1611160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desk 365]
C:\Program Files (x86)\Desk 365\desk365.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easybits Recovery]
C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-05-17 61112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2011-04-08 586808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPQuickWebProxy]
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-06-28 168504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iconoid]
C:\Program Files\Iconoid\iconoid64.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-05-23 1561968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-05-23 311152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefault]
C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [2011-06-27 42808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [2012-10-18 752736]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-04-30 284440]
""= []
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-01-27 318520]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingA7076"=command.com /c del C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\Desk 365.lnk []
"SpybotDeletingC9541"=cmd.exe /c del C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\Desk 365.lnk []
"SpybotDeletingA1014"=command.com /c del C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\eUninstall.lnk []
"SpybotDeletingC2103"=cmd.exe /c del C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365\eUninstall.lnk []
"SpybotDeletingA4036"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\accelerate []
"SpybotDeletingC139"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\accelerate []
"SpybotDeletingA5578"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_bkg_list.xml []
"SpybotDeletingC825"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_bkg_list.xml []
"SpybotDeletingA3207"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_list.xml []
"SpybotDeletingC6306"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_list.xml []
"SpybotDeletingA8264"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_settings.ini []
"SpybotDeletingC8404"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\desk_settings.ini []
"SpybotDeletingA7513"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\process_mgr.xml []
"SpybotDeletingC7712"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\process_mgr.xml []
"SpybotDeletingA5531"=command.com /c del C:\Users\Monty\AppData\Roaming\Desk 365\promote.xml []
"SpybotDeletingC9526"=cmd.exe /c del C:\Users\Monty\AppData\Roaming\Desk 365\promote.xml []
"SpybotDeletingA5779"=command.com /c del C:\Program Files (x86)\Desk 365\desk_bkg_list.xml []
"SpybotDeletingC7208"=cmd.exe /c del C:\Program Files (x86)\Desk 365\desk_bkg_list.xml []
"SpybotDeletingA2012"=command.com /c del C:\Program Files (x86)\Desk 365\desk_list.xml []
"SpybotDeletingC8326"=cmd.exe /c del C:\Program Files (x86)\Desk 365\desk_list.xml []
"SpybotDeletingA6865"=command.com /c del C:\Program Files (x86)\Desk 365\desk_settings.ini []
"SpybotDeletingC9831"=cmd.exe /c del C:\Program Files (x86)\Desk 365\desk_settings.ini []
"SpybotDeletingA7395"=command.com /c del C:\Program Files (x86)\Desk 365\desk365.exe []
"SpybotDeletingC9261"=cmd.exe /c del C:\Program Files (x86)\Desk 365\desk365.exe []
"SpybotDeletingA5219"=command.com /c del C:\Program Files (x86)\Desk 365\deskSvc.exe []
"SpybotDeletingC8056"=cmd.exe /c del C:\Program Files (x86)\Desk 365\deskSvc.exe []
"SpybotDeletingA9342"=command.com /c del C:\Program Files (x86)\Desk 365\ebase.dll []
"SpybotDeletingC5756"=cmd.exe /c del C:\Program Files (x86)\Desk 365\ebase.dll []
"SpybotDeletingA3927"=command.com /c del C:\Program Files (x86)\Desk 365\edeskcmn.dll []
"SpybotDeletingC6475"=cmd.exe /c del C:\Program Files (x86)\Desk 365\edeskcmn.dll []
"SpybotDeletingA71"=command.com /c del C:\Program Files (x86)\Desk 365\eDhelper.exe []
"SpybotDeletingC5677"=cmd.exe /c del C:\Program Files (x86)\Desk 365\eDhelper.exe []
"SpybotDeletingA7070"=command.com /c del C:\Program Files (x86)\Desk 365\eDhelper64.exe []
"SpybotDeletingC2000"=cmd.exe /c del C:\Program Files (x86)\Desk 365\eDhelper64.exe []
"SpybotDeletingA559"=command.com /c del C:\Program Files (x86)\Desk 365\edis.dll []
"SpybotDeletingC5100"=cmd.exe /c del C:\Program Files (x86)\Desk 365\edis.dll []
"SpybotDeletingA6093"=command.com /c del C:\Program Files (x86)\Desk 365\edis64.dll []
"SpybotDeletingC4130"=cmd.exe /c del C:\Program Files (x86)\Desk 365\edis64.dll []
"SpybotDeletingA2963"=command.com /c del C:\Program Files (x86)\Desk 365\ElexDbg.dll []
"SpybotDeletingC8641"=cmd.exe /c del C:\Program Files (x86)\Desk 365\ElexDbg.dll []
"SpybotDeletingA7986"=command.com /c del C:\Program Files (x86)\Desk 365\eUninstall.exe []
"SpybotDeletingC2864"=cmd.exe /c del C:\Program Files (x86)\Desk 365\eUninstall.exe []
"SpybotDeletingA8085"=command.com /c del C:\Program Files (x86)\Desk 365\libpng.dll []
"SpybotDeletingC3741"=cmd.exe /c del C:\Program Files (x86)\Desk 365\libpng.dll []
"SpybotDeletingA8682"=command.com /c del C:\Program Files (x86)\Desk 365\main []
"SpybotDeletingC4490"=cmd.exe /c del C:\Program Files (x86)\Desk 365\main []
"SpybotDeletingA1511"=command.com /c del C:\Program Files (x86)\Desk 365\ouilibnl.dll []
"SpybotDeletingC1565"=cmd.exe /c del C:\Program Files (x86)\Desk 365\ouilibnl.dll []
"SpybotDeletingA9767"=command.com /c del C:\Program Files (x86)\Desk 365\process_mgr.xml []
"SpybotDeletingC1845"=cmd.exe /c del C:\Program Files (x86)\Desk 365\process_mgr.xml []
"SpybotDeletingA9474"=command.com /c del C:\Program Files (x86)\Desk 365\promote.xml []
"SpybotDeletingC232"=cmd.exe /c del C:\Program Files (x86)\Desk 365\promote.xml []
"SpybotDeletingA4348"=command.com /c del C:\Program Files (x86)\Desk 365\recent.xml []
"SpybotDeletingC7487"=cmd.exe /c del C:\Program Files (x86)\Desk 365\recent.xml []
"SpybotDeletingA3019"=command.com /c del C:\Program Files (x86)\Desk 365\sqlite3.dll []
"SpybotDeletingC5942"=cmd.exe /c del C:\Program Files (x86)\Desk 365\sqlite3.dll []
"SpybotDeletingA8532"=command.com /c del C:\Program Files (x86)\Desk 365\svc.conf []
"SpybotDeletingC5985"=cmd.exe /c del C:\Program Files (x86)\Desk 365\svc.conf []
"SpybotDeletingA9443"=command.com /c del C:\Program Files (x86)\Desk 365\TrayDownloader.exe []
"SpybotDeletingC7514"=cmd.exe /c del C:\Program Files (x86)\Desk 365\TrayDownloader.exe []
"SpybotDeletingA9528"=command.com /c del C:\Program Files (x86)\Desk 365\zlib1.dll []
"SpybotDeletingC105"=cmd.exe /c del C:\Program Files (x86)\Desk 365\zlib1.dll []
"SpybotSnD"=C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe [2009-01-26 5365592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-15 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-07-29 52920]
"UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-07-06 09:19:03 ----D---- C:\rsit
2013-07-06 09:13:41 ----A---- C:\AdwCleaner[R13].txt
2013-07-06 09:05:20 ----A---- C:\AdwCleaner[R12].txt
2013-07-06 08:41:48 ----A---- C:\AdwCleaner[R11].txt
2013-07-04 13:57:36 ----A---- C:\AdwCleaner[R10].txt
2013-07-04 13:57:03 ----A---- C:\AdwCleaner[R9].txt
2013-07-04 13:55:49 ----A---- C:\AdwCleaner[R8].txt
2013-07-04 13:50:14 ----A---- C:\AdwCleaner[R7].txt
2013-07-04 13:45:17 ----A---- C:\AdwCleaner[R6].txt
2013-07-04 13:44:31 ----A---- C:\AdwCleaner[R5].txt
2013-07-04 13:44:17 ----A---- C:\AdwCleaner[R4].txt
2013-07-04 13:42:44 ----A---- C:\AdwCleaner[R3].txt
2013-07-04 11:57:50 ----A---- C:\AdwCleaner[R2].txt
2013-07-04 11:57:25 ----A---- C:\AdwCleaner[R1].txt
2013-07-04 11:28:29 ----D---- C:\ProgramData\eSafe
2013-07-04 11:26:15 ----D---- C:\Users\Monty\AppData\Roaming\eIntaller
2013-07-04 11:01:05 ----D---- C:\PCShareManagerUpload
2013-07-04 07:12:59 ----D---- C:\Program Files\Common Files\Symantec Shared
2013-07-04 07:12:59 ----A---- C:\Windows\system32\drivers\SYMEVENT64x86.SYS
2013-07-04 07:12:14 ----D---- C:\Windows\system32\drivers\NISx64
2013-07-04 07:12:12 ----D---- C:\Program Files (x86)\Norton Internet Security
2013-07-03 21:56:50 ----D---- C:\ProgramData\OviInstallerCache
2013-07-02 20:50:12 ----D---- C:\Program Files (x86)\MyFree Codec
2013-07-02 20:29:32 ----D---- C:\Users\Monty\AppData\Roaming\Samsung
2013-07-02 20:23:02 ----A---- C:\Windows\SYSWOW64\Redemption.dll
2013-07-02 20:22:24 ----A---- C:\Windows\SYSWOW64\dgderapi.dll
2013-07-02 20:21:48 ----D---- C:\ProgramData\Samsung
2013-07-02 20:21:48 ----D---- C:\Program Files (x86)\Samsung

======List of files/folders modified in the last 1 month======

2013-07-06 09:19:11 ----D---- C:\Windows\Prefetch
2013-07-06 09:19:08 ----D---- C:\Program Files\trend micro
2013-07-06 09:18:57 ----D---- C:\Windows\Temp
2013-07-05 19:32:15 ----D---- C:\Users\Monty\AppData\Roaming\Skype
2013-07-04 18:40:16 ----A---- C:\Windows\wininit.ini
2013-07-04 18:40:12 ----RD---- C:\Program Files (x86)
2013-07-04 18:32:50 ----D---- C:\Windows\system32\config
2013-07-04 15:42:46 ----SHD---- C:\Windows\Installer
2013-07-04 15:37:42 ----D---- C:\Windows\Tasks
2013-07-04 14:03:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-07-04 13:54:47 ----D---- C:\Windows\system32\Tasks
2013-07-04 13:44:57 ----D---- C:\Windows\inf
2013-07-04 13:44:56 ----D---- C:\Windows
2013-07-04 13:38:18 ----SHD---- C:\System Volume Information
2013-07-04 13:37:28 ----A---- C:\Windows\SYSWOW64\log.txt
2013-07-04 13:21:31 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-07-04 13:21:21 ----D---- C:\Windows\system32\catroot2
2013-07-04 11:28:29 ----HD---- C:\ProgramData
2013-07-04 11:27:53 ----A---- C:\Windows\SYSWOW64\msvcp100.dll
2013-07-04 11:01:05 ----D---- C:\Windows\SysWOW64
2013-07-04 07:23:08 ----D---- C:\ProgramData\Norton
2013-07-04 07:12:59 ----D---- C:\Windows\system32\drivers
2013-07-04 07:12:59 ----D---- C:\Program Files\Common Files
2013-07-04 07:12:02 ----D---- C:\Program Files (x86)\NortonInstaller
2013-07-04 07:09:32 ----D---- C:\Windows\system32\catroot
2013-07-04 07:08:25 ----D---- C:\ProgramData\NortonInstaller
2013-07-03 23:56:25 ----D---- C:\Program Files (x86)\Nokia
2013-07-03 23:50:35 ----D---- C:\Windows\system32\wfp
2013-07-03 23:50:35 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2013-07-03 23:50:32 ----D---- C:\Windows\system32\wbem
2013-07-03 23:48:57 ----D---- C:\Windows\system32\DriverStore
2013-07-03 23:48:56 ----D---- C:\Windows\System32
2013-07-03 23:48:55 ----D---- C:\Windows\system32\drivers\UMDF
2013-07-03 23:48:54 ----D---- C:\Windows\system32\drivers\etc
2013-07-03 23:48:46 ----D---- C:\ProgramData\Nokia
2013-07-03 23:48:46 ----D---- C:\ProgramData\IObit
2013-07-03 23:48:09 ----D---- C:\Windows\registration
2013-07-03 23:48:07 ----DC---- C:\Windows\system32\DRVSTORE
2013-07-03 23:46:44 ----D---- C:\Program Files (x86)\Common Files
2013-07-03 22:00:55 ----D---- C:\Users\Monty\AppData\Roaming\Nokia
2013-07-03 21:24:10 ----D---- C:\Users\Monty\AppData\Roaming\Nokia Suite
2013-07-03 18:43:23 ----D---- C:\Users\Monty\AppData\Roaming\ICQ
2013-07-02 20:24:54 ----D---- C:\Windows\Microsoft.NET
2013-07-02 15:30:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-02 12:11:27 ----D---- C:\Windows\system32\NDF
2013-07-02 09:12:43 ----D---- C:\Program Files\Symantec
2013-07-01 16:38:40 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-06-19 14:16:50 ----D---- C:\Windows\system32\drivers\NSTx64
2013-06-12 19:54:45 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-06-11 22:09:29 ----D---- C:\ProgramData\Skype
2013-06-11 22:09:23 ----RD---- C:\Program Files (x86)\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-04-26 557848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [2013-05-20 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [2013-05-22 1139800]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [2013-05-20 1393240]
R1 ccSet_NIS;Norton Internet Security Settings Manager; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [2013-04-15 169048]
R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\Windows\system32\drivers\NSTx64\7DD04000.00A\ccSetx64.sys [2013-04-16 169048]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-07-01 484512]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130705.001\IDSvia64.sys [2013-07-03 513184]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [2013-03-04 36952]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [2013-03-04 224416]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS [2013-04-24 433752]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-08 9259520]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-08 301568]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-06-14 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-04-21 2727424]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-06-14 330400]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-06-14 110240]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-06-14 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-06-14 167072]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-06-14 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-06-14 280992]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-06-14 496800]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2012-08-03 40432]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-07-01 138912]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-04-15 12228128]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130705.017\ENG64.SYS [2013-07-01 126040]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130705.017\EX64.SYS [2013-07-01 2098776]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-27 425064]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS [2013-05-15 796760]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-06-08 528384]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-07-04 177312]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-06-10 1451056]
S2 thdudf;TOSHIBA UDF2.5 Reader File System Driver; C:\Windows\system32\DRIVERS\thdudf.sys []
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-06-11 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-06-11 27136]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 PCASp60;PCASp60 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp60.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 203672]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-06-11 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-06-11 9216]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S4 IObitUnlocker;IObitUnlocker; \??\C:\Program Files (x86)\IObit(UNLOCKER)\IObit Unlocker\IObitUnlocker.sys [2011-08-26 35256]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-08 203776]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-06-14 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-06-14 97952]
R2 DSClockSyncTime;DS Clock Synchronization Service www.dualitysoft.com; C:\Program Files\DS Clock\dsetime.exe [2009-11-19 62264]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-05-06 263496]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-04-08 26680]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-02-19 2372096]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NCO;Norton Identity Safe; C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe [2013-05-21 144368]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [2013-05-20 144368]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 SamsungAllShare;Samsung AllShare PC Service; C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\WiselinkPro.exe [2011-02-18 7233952]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2011-06-08 301568]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-03-22 93072]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-27 116648]
S2 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2011-02-18 22464]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-27 116648]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-17 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-09 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

Zdravim

Pokud ho tam jeste mate, odinstalujte Spybot - Search & Destroy.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

Vidim, ze jste ho pouzil uz mockrat, ale chci videt aktualni log.

Spybot uninstal
adwcleaner hází--line 3646 error:variable used without being declared

Zkuste stahnout jiny, treba zde http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/ . Pokud to nepujde, zkuste jeste v nouzovem rezimu. Kdyby ani to neslo, napiste, pujdem na to jinak.

Stáhnul jsem jiný ale ten se nespustí bez aktualizace na nej.verzi.
V nouz.režimu stejná hláška

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.07.06.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Monty :: MONTY-HP [administrátor]

Ochrana: Povolena

6.7.2013 11:01:40
mbam-log-2013-07-06 (11-01-40).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 413069
Uplynulý čas: 1 hodin, 36 minut, 49 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

MBAM zase odinstalujte.


Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Cannot create file C:\users\monty\desktop\cmd.bat.

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

OTL logfile created on: 6.7.2013 14:16:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Monty\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,95 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 33,42% Memory free
7,90 Gb Paging File | 5,07 Gb Available in Paging File | 64,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444,52 Gb Total Space | 346,51 Gb Free Space | 77,95% Space Free | Partition Type: NTFS
Drive D: | 17,07 Gb Total Space | 1,84 Gb Free Space | 10,78% Space Free | Partition Type: NTFS
Drive E: | 3,96 Gb Total Space | 1,08 Gb Free Space | 27,32% Space Free | Partition Type: FAT32
Drive G: | 931,51 Gb Total Space | 689,54 Gb Free Space | 74,02% Space Free | Partition Type: NTFS

Computer Name: MONTY-HP | User Name: Monty | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.07.06 13:44:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Monty\Desktop\OTL.exe
PRC - [2013.07.04 09:16:47 | 000,386,112 | ---- | M] (Wsys Co., Ltd.) -- C:\ProgramData\eSafe\eGdpSvc.exe
PRC - [2013.06.15 03:28:44 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.05.23 15:17:00 | 001,106,288 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013.05.21 06:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccsvchst.exe
PRC - [2013.05.20 22:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
PRC - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.03.22 06:07:18 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.10.26 10:53:00 | 000,139,792 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012.08.10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files (x86)\Seznam.cz\bin\postak.exe
PRC - [2011.06.14 18:19:42 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011.05.06 00:06:46 | 000,263,496 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011.05.06 00:06:28 | 000,653,128 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011.05.06 00:06:02 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011.04.30 01:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.04.30 01:32:50 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.04.08 12:01:16 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011.02.24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011.02.18 16:30:32 | 007,233,952 | ---- | M] () -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\WiselinkPro.exe
PRC - [2011.02.18 16:30:26 | 000,428,088 | ---- | M] () -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe
PRC - [2011.02.01 23:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.01 23:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.01.27 12:38:04 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010.04.23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.04.23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2009.11.19 23:39:16 | 000,062,264 | ---- | M] (Duality Software) -- C:\Program Files\DS Clock\dsetime.exe
PRC - [2009.04.15 12:46:26 | 001,903,104 | ---- | M] (Codyssey) -- C:\Program Files (x86)\Codyssey(FREERASER)\Freeraser\Freeraser.exe
PRC - [2006.12.19 11:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe


========== Modules (No Company Name) ==========

MOD - [2013.06.15 03:28:42 | 000,393,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppgooglenaclpluginchrome.dll
MOD - [2013.06.15 03:28:41 | 013,140,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
MOD - [2013.06.15 03:28:40 | 004,051,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
MOD - [2013.06.15 03:27:51 | 000,599,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libglesv2.dll
MOD - [2013.06.15 03:27:50 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\libegl.dll
MOD - [2013.06.15 03:27:48 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
MOD - [2013.05.30 08:04:04 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\e818fbdb44667fdf48e69d032ed038a9\System.Web.ni.dll
MOD - [2013.05.30 08:03:19 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5834c2e32926bd93a32a395ca46ba54b\System.Windows.Forms.ni.dll
MOD - [2013.05.30 08:03:12 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3f2469c7ac53b46894068958e799c173\System.Configuration.ni.dll
MOD - [2013.05.30 08:03:02 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\8a1c2834b299dfb22eb106d719f0f63c\WindowsBase.ni.dll
MOD - [2013.01.19 16:23:10 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6444e15b421a8ff83f052aab3c6e6948\IAStorUtil.ni.dll
MOD - [2013.01.19 16:23:10 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6fd278018f0cf369362fc810f8aefcb5\IAStorCommon.ni.dll
MOD - [2013.01.17 09:38:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e95c75bede9a6ba6654d3a5e56da7e86\System.Runtime.Remoting.ni.dll
MOD - [2013.01.17 09:38:28 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8f045547dc39be38a6c3348b524b5d96\System.Drawing.ni.dll
MOD - [2013.01.17 09:38:23 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\39cb017c2a46136cf3ca8a877d4fa741\System.Xml.ni.dll
MOD - [2013.01.17 09:37:57 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f3bcf05501f25211734e003e40c1fc4d\System.ni.dll
MOD - [2013.01.17 09:37:38 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012.05.30 16:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\wincfi39.dll
MOD - [2012.05.30 08:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll
MOD - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files (x86)\Seznam.cz\bin\postak.exe
MOD - [2012.01.10 14:51:40 | 000,822,816 | ---- | M] () -- C:\Program Files (x86)\Seznam.cz\bin\email.4.dll
MOD - [2012.01.10 14:51:14 | 001,151,520 | ---- | M] () -- C:\Program Files (x86)\Seznam.cz\bin\core.4.dll
MOD - [2011.07.30 08:07:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 04:00:59 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.01.30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV:64bit: - [2011.06.08 00:21:54 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011.05.08 12:25:40 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.10.11 02:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2009.11.19 23:39:16 | 000,062,264 | ---- | M] (Duality Software) [Auto | Running] -- C:\Program Files\DS Clock\dsetime.exe -- (DSClockSyncTime)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.07.04 09:16:47 | 000,386,112 | ---- | M] (Wsys Co., Ltd.) [Auto | Running] -- C:\ProgramData\eSafe\eGdpSvc.exe -- (WsysSvc)
SRV - [2013.06.12 19:54:50 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.21 06:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe -- (NCO)
SRV - [2013.05.20 22:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe -- (NIS)
SRV - [2013.05.10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.03.22 06:07:18 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.03 16:51:04 | 000,725,400 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.09.27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012.08.10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012.07.09 01:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011.06.14 18:19:42 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.06.14 18:18:06 | 000,097,952 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011.05.06 00:06:46 | 000,263,496 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011.04.30 01:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.04.08 12:01:16 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011.02.24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011.02.19 00:37:00 | 002,372,096 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011.02.18 16:30:32 | 007,233,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\WiselinkPro.exe -- (SamsungAllShare)
SRV - [2011.02.18 16:30:22 | 000,022,464 | ---- | M] (Samsung Electronics) [Auto | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2011.02.01 23:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.01 23:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006.12.19 11:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2013.07.04 07:12:59 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013.06.04 09:15:02 | 000,103,448 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.06.04 09:15:00 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013.05.22 23:25:28 | 001,139,800 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2013.05.20 23:02:00 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymDS64.sys -- (SymDS)
DRV:64bit: - [2013.05.15 23:02:14 | 000,796,760 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013.04.24 18:43:56 | 000,433,752 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symnets.sys -- (SymNetS)
DRV:64bit: - [2013.04.16 04:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DD04000.00A\ccsetx64.sys -- (ccSet_NST)
DRV:64bit: - [2013.04.15 20:41:14 | 000,169,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ccSetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2013.03.04 19:40:08 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2013.03.04 19:21:36 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012.08.03 18:49:18 | 000,040,432 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2012.06.27 16:18:52 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.06.11 15:17:44 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2012.06.11 15:17:44 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.06.11 15:17:44 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.06.11 15:17:44 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.30 08:24:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.07.30 08:24:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.06.14 18:18:32 | 000,496,800 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.06.14 18:18:32 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.06.14 18:18:30 | 000,167,072 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.06.14 18:18:30 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.06.14 18:18:30 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.06.14 18:18:30 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.06.14 18:18:28 | 000,330,400 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.06.14 18:18:28 | 000,110,240 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011.06.10 04:19:54 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.06.08 00:21:58 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011.05.08 12:58:06 | 009,259,520 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.05.08 11:50:14 | 000,301,568 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.04.26 12:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.04.21 21:17:10 | 002,727,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.04.15 21:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.02.15 21:37:00 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.01.27 07:35:26 | 000,425,064 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.15 11:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013.07.03 15:09:36 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130705.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013.07.01 01:00:00 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130705.023\ex64.sys -- (NAVEX15)
DRV - [2013.07.01 01:00:00 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013.07.01 01:00:00 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013.07.01 01:00:00 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130705.023\eng64.sys -- (NAVENG)
DRV - [2013.05.20 22:41:34 | 001,393,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130702.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012.01.10 11:18:18 | 000,066,944 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\thdudf.sys -- (thdudf)
DRV - [2011.08.26 16:11:26 | 000,035,256 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files (x86)\IObit(UNLOCKER)\IObit Unlocker\IObitUnlocker.sys -- (IObitUnlocker)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2E2523CE-E607-481C-BB3D-A5F90EB09D8B}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.qvo6.com/web/?utm_source= ... ts=3473461
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes\{2E2523CE-E607-481C-BB3D-A5F90EB09D8B}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1372929995
IE - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\..\SearchScopes,DefaultScope = {6390691C-739F-49C7-B946-1BDE44850E2A}
IE - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\..\SearchScopes\{6390691C-739F-49C7-B946-1BDE44850E2A}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.0.26\coFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFFPlgn\ [2013.07.04 07:13:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\ [2013.07.06 10:44:47 | 000,000,000 | ---D | M]

[2012.11.28 02:28:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monty\AppData\Roaming\Mozilla\Extensions
[2012.11.28 02:28:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Monty\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Norton Identity Safe (Enabled) = C:\Users\Monty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
CHR - Extension: AdBlock = C:\Users\Monty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
CHR - Extension: Norton Identity Protection = C:\Users\Monty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0\
CHR - Extension: AdBlock = C:\Users\Monty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
CHR - Extension: Norton Identity Protection = C:\Users\Monty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0\

O1 HOSTS File: ([2013.07.06 09:51:25 | 000,000,938 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000..\Run: [DS Clock] C:\Program Files\DS Clock\DSClock.exe (Duality Software)
O4 - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000..\Run: [Freeraser] C:\Program Files (x86)\Codyssey(FREERASER)\Freeraser\Freeraser.exe (Codyssey)
O4 - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000..\Run: [Seznam Postak] C:\Program Files (x86)\Seznam.cz\bin\postak.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-4053761563-1308773097-1894922761-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3941FFE0-BA2F-489C-A30F-467A9EBBE393}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFA18997-11F0-4293-BDCE-4499CC014175}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O28 - HKLM ShellExecuteHooks: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.11.29 02:20:31 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.07.06 13:44:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Monty\Desktop\OTL.exe
[2013.07.06 09:19:03 | 000,000,000 | ---D | C] -- C:\rsit
[2013.07.04 11:29:47 | 000,000,000 | ---D | C] -- C:\Users\Monty\Documents\My Videos
[2013.07.04 11:28:29 | 000,000,000 | ---D | C] -- C:\ProgramData\eSafe
[2013.07.04 11:01:05 | 000,000,000 | ---D | C] -- C:\PCShareManagerUpload
[2013.07.04 10:37:51 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.07.04 07:12:59 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013.07.04 07:12:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013.07.04 07:12:22 | 001,139,800 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymEFA64.sys
[2013.07.04 07:12:22 | 000,796,760 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.sys
[2013.07.04 07:12:22 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymDS64.sys
[2013.07.04 07:12:22 | 000,433,752 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symnets.sys
[2013.07.04 07:12:22 | 000,224,416 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\Ironx64.sys
[2013.07.04 07:12:22 | 000,169,048 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ccSetx64.sys
[2013.07.04 07:12:22 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtspx64.sys
[2013.07.04 07:12:22 | 000,023,448 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymELAM.sys
[2013.07.04 07:12:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64
[2013.07.04 07:12:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1404000.028
[2013.07.04 07:12:12 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2013.07.04 07:12:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2013.07.03 21:56:50 | 000,000,000 | ---D | C] -- C:\ProgramData\OviInstallerCache
[2013.07.03 21:15:20 | 000,000,000 | ---D | C] -- C:\Users\Monty\Documents\Nokia Suite
[2013.07.02 20:50:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
[2013.07.02 20:50:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyFree Codec
[2013.07.02 20:49:20 | 000,000,000 | ---D | C] -- C:\Users\Monty\Documents\SelfMV
[2013.07.02 20:29:38 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2013.07.02 20:29:34 | 000,000,000 | ---D | C] -- C:\Users\Monty\AppData\Local\Samsung
[2013.07.02 20:29:32 | 000,000,000 | ---D | C] -- C:\Users\Monty\AppData\Roaming\Samsung
[2013.07.02 20:29:27 | 000,000,000 | ---D | C] -- C:\Users\Monty\Documents\samsung
[2013.07.02 20:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2013.07.02 20:23:02 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2013.07.02 20:22:24 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2013.07.02 20:21:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2013.07.02 20:21:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2013.07.02 15:32:35 | 000,000,000 | -HSD | C] -- C:\Users\Monty\Phone Browser
[2012.12.31 12:28:00 | 000,905,728 | ---- | C] (Share-rapid.com) -- C:\Program Files (x86)\SRDownloader.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.07.06 14:18:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.07.06 13:51:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.06 13:44:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Monty\Desktop\OTL.exe
[2013.07.06 13:42:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.06 10:52:13 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.06 10:52:13 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.06 10:43:33 | 000,000,434 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2013.07.06 10:41:50 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.06 10:41:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.06 10:41:25 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.06 10:35:56 | 000,650,027 | ---- | M] () -- C:\Users\Monty\Desktop\adwcleaner.exe
[2013.07.06 09:51:25 | 000,000,938 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.07.06 09:18:15 | 000,935,175 | ---- | M] () -- C:\Users\Monty\Desktop\RSITx64.exe
[2013.07.06 08:55:34 | 000,001,575 | ---- | M] () -- C:\Users\Monty\Desktop\iexplore – zástupce.lnk
[2013.07.05 21:42:31 | 000,002,310 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.07.04 18:40:16 | 000,003,086 | ---- | M] () -- C:\Windows\wininit.ini
[2013.07.04 11:29:17 | 000,002,029 | ---- | M] () -- C:\Users\Public\Desktop\Samsung AllShare.lnk
[2013.07.04 11:27:53 | 000,420,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll
[2013.07.04 07:13:16 | 001,497,725 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\Cat.DB
[2013.07.04 07:12:59 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013.07.04 07:12:59 | 000,007,631 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013.07.04 07:12:59 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013.07.03 06:21:46 | 013,454,676 | ---- | M] () -- C:\Users\Monty\Desktop\GT-I9300_UM_Open_Jellybean_Cze_Rev.1.3_130213_Screen.pdf
[2013.07.02 20:49:31 | 000,003,584 | ---- | M] () -- C:\Users\Monty\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.07.02 20:26:00 | 000,002,006 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.07.02 20:26:00 | 000,001,996 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2013.07.02 15:30:50 | 001,582,262 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.02 15:30:50 | 000,668,376 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.07.02 15:30:50 | 000,653,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.02 15:30:50 | 000,141,004 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.07.02 15:30:50 | 000,121,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.19 14:06:20 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMonty.job
[2013.06.12 19:54:45 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.12 19:54:45 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.10 19:29:52 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\isolate.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.07.06 13:51:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.07.06 10:35:55 | 000,650,027 | ---- | C] () -- C:\Users\Monty\Desktop\adwcleaner.exe
[2013.07.06 09:18:15 | 000,935,175 | ---- | C] () -- C:\Users\Monty\Desktop\RSITx64.exe
[2013.07.04 15:37:42 | 000,000,952 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.04 15:37:40 | 000,000,948 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.04 11:29:17 | 000,002,029 | ---- | C] () -- C:\Users\Public\Desktop\Samsung AllShare.lnk
[2013.07.04 07:25:41 | 000,014,818 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\VT20130115.021
[2013.07.04 07:13:00 | 001,497,725 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\Cat.DB
[2013.07.04 07:12:59 | 000,007,631 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013.07.04 07:12:59 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013.07.04 07:12:14 | 000,014,818 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymVTcer.dat
[2013.07.04 07:12:14 | 000,009,670 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymELAM64.cat
[2013.07.04 07:12:14 | 000,008,067 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symnet64.cat
[2013.07.04 07:12:14 | 000,008,067 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.cat
[2013.07.04 07:12:14 | 000,008,063 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymDS64.cat
[2013.07.04 07:12:14 | 000,007,667 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ccsetx64.cat
[2013.07.04 07:12:14 | 000,007,593 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\iron.cat
[2013.07.04 07:12:14 | 000,007,589 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtspx64.cat
[2013.07.04 07:12:14 | 000,007,587 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymEFA64.cat
[2013.07.04 07:12:14 | 000,003,434 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymEFA.inf
[2013.07.04 07:12:14 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymDS.inf
[2013.07.04 07:12:14 | 000,001,440 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\SymNet.inf
[2013.07.04 07:12:14 | 000,001,437 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.inf
[2013.07.04 07:12:14 | 000,001,420 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtspx64.inf
[2013.07.04 07:12:14 | 000,000,996 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symELAM.inf
[2013.07.04 07:12:14 | 000,000,853 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ccSetx64.inf
[2013.07.04 07:12:14 | 000,000,767 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\Iron.inf
[2013.07.04 07:12:14 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\isolate.ini
[2013.07.03 06:21:45 | 013,454,676 | ---- | C] () -- C:\Users\Monty\Desktop\GT-I9300_UM_Open_Jellybean_Cze_Rev.1.3_130213_Screen.pdf
[2013.07.02 20:49:31 | 000,003,584 | ---- | C] () -- C:\Users\Monty\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.07.02 20:26:00 | 000,002,006 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.07.02 20:26:00 | 000,001,996 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2013.05.22 20:43:52 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013.05.22 20:43:48 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2013.05.22 20:43:48 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2013.05.22 20:43:48 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2013.05.22 20:43:48 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2013.04.09 18:54:47 | 000,054,272 | ---- | C] () -- C:\Users\Monty\AppData\Local\NIS
[2013.01.17 00:12:22 | 000,003,086 | ---- | C] () -- C:\Windows\wininit.ini
[2013.01.03 18:02:08 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.12.31 12:35:30 | 000,037,441 | ---- | C] () -- C:\Users\Monty\AppData\Local\SRDownloader.err
[2012.12.31 12:30:23 | 000,001,168 | ---- | C] () -- C:\Users\Monty\AppData\Local\SRDownloader.nast
[2012.12.26 15:41:58 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012.12.25 12:55:31 | 000,000,543 | ---- | C] () -- C:\Users\Monty\AppData\Roaming\All CPU MeterV3_Settings.ini
[2012.12.21 17:38:52 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.12.12 20:59:48 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2012.12.11 21:52:29 | 000,007,617 | ---- | C] () -- C:\Users\Monty\AppData\Local\resmon.resmoncfg
[2012.12.08 13:29:56 | 001,558,096 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.02 13:23:21 | 000,000,074 | ---- | C] () -- C:\Windows\pslabeler3.ini
[2012.12.02 13:23:13 | 000,000,025 | ---- | C] () -- C:\Windows\calcpslab3.ini
[2012.11.28 22:21:22 | 000,000,729 | ---- | C] () -- C:\Users\Monty\AppData\Roaming\EggTimeCounter_Prefs.plist
[2012.11.28 21:57:35 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012.11.28 19:18:06 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2012.03.25 01:56:11 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.03.25 01:44:14 | 000,003,155 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2012.03.25 01:38:28 | 000,000,048 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.07.29 23:04:07 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.03.23 14:56:27 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Audacity
[2012.12.29 19:25:39 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\avidemux
[2013.01.03 16:12:40 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Broad Intelligence
[2012.12.12 22:58:08 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Canon
[2013.01.03 17:23:53 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Digiarty
[2013.01.09 23:09:01 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Duality Software
[2013.05.30 23:11:38 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\DVDVideoSoft
[2013.01.10 00:39:57 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\FolderColorize
[2013.04.11 06:52:46 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\GoforFiles
[2013.07.03 18:43:23 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\ICQ
[2012.11.28 18:52:45 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\IrfanView
[2013.04.09 18:18:53 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Joyvy
[2013.01.03 18:28:22 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Leawo
[2012.12.11 22:54:16 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Namco
[2013.07.03 22:00:55 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Nokia
[2013.07.03 21:24:10 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Nokia Suite
[2012.12.28 16:55:28 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\PC Suite
[2012.12.26 18:44:27 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Posta
[2013.07.04 11:29:20 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Samsung
[2013.01.29 14:53:53 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Seznam.cz
[2012.12.06 11:44:21 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\SpinTop Games
[2013.01.31 15:38:39 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Stereoscopic Player
[2012.11.27 20:38:37 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Synaptics
[2013.01.03 18:03:12 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\tiger-k
[2012.11.28 02:28:26 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\TomTom
[2012.12.15 02:19:55 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\TuneUp Software
[2013.05.06 07:45:15 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Tyre
[2012.12.01 17:30:10 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\VitySoft
[2012.11.29 23:49:55 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\WildTangent
[2012.12.25 22:15:31 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Windows Live Writer
[2012.12.03 20:00:19 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\xrecode2
[2012.11.28 21:00:48 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Zoner
[2012.12.11 22:38:52 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\_MDLogs

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,540 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.03.17 14:33:26 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.04.20 06:58:44 | 000,000,332 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForMonty.job
[2013.07.04 15:37:40 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.07.04 15:37:42 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.07.30 08:21:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.07.30 08:21:52 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.07.30 08:21:52 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.07.30 08:21:52 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.07.30 08:21:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.07.30 08:21:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2012.03.25 11:34:23 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2012.03.25 11:34:23 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011.07.30 08:22:05 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9d\tcpip.sys
[2011.07.30 08:22:05 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.11.28 21:27:44 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Adobe
[2013.05.26 15:25:13 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Atheros
[2012.11.27 20:39:41 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\ATI
[2013.03.23 14:56:27 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Audacity
[2012.12.29 19:25:39 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\avidemux
[2013.01.03 16:12:40 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Broad Intelligence
[2012.12.12 22:58:08 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Canon
[2012.11.29 20:43:19 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\CyberLink
[2013.01.03 17:23:53 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Digiarty
[2013.01.09 23:09:01 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Duality Software
[2013.01.03 16:01:52 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\dvdcss
[2013.05.30 23:11:38 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\DVDVideoSoft
[2013.01.10 00:39:57 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\FolderColorize
[2013.04.11 06:52:46 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\GoforFiles
[2013.04.18 17:37:57 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Hewlett-Packard
[2013.04.20 06:53:58 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\hpqlog
[2013.07.03 18:43:23 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\ICQ
[2012.12.02 13:43:24 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Identities
[2013.01.18 11:06:49 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\InstallShield
[2012.11.27 20:38:40 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Intel Corporation
[2012.11.28 18:52:45 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\IrfanView
[2013.04.09 18:18:53 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Joyvy
[2013.01.03 18:28:22 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Leawo
[2012.11.27 23:46:56 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Macromedia
[2012.11.28 18:47:02 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Malwarebytes
[2012.03.25 11:31:35 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Media Center Programs
[2013.07.06 10:15:49 | 000,000,000 | --SD | M] -- C:\Users\Monty\AppData\Roaming\Microsoft
[2012.11.28 02:28:29 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Mozilla
[2012.12.11 22:54:16 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Namco
[2012.11.28 19:25:24 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Nero
[2013.07.03 22:00:55 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Nokia
[2013.07.03 21:24:10 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Nokia Suite
[2012.12.28 16:55:28 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\PC Suite
[2012.12.26 18:44:27 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Posta
[2013.07.04 11:29:20 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Samsung
[2013.01.29 14:53:53 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Seznam.cz
[2013.07.05 19:32:15 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Skype
[2013.02.12 18:13:13 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\skypePM
[2012.12.06 11:44:21 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\SpinTop Games
[2013.01.31 15:38:39 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Stereoscopic Player
[2012.11.27 20:24:17 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Symantec
[2012.11.27 20:38:37 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Synaptics
[2013.01.03 18:03:12 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\tiger-k
[2012.11.28 02:28:26 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\TomTom
[2012.12.15 02:19:55 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\TuneUp Software
[2013.05.06 07:45:15 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Tyre
[2012.12.01 17:30:10 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\VitySoft
[2012.11.29 23:49:55 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\WildTangent
[2012.12.25 22:15:31 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Windows Live Writer
[2012.11.27 22:29:34 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\WinRAR
[2012.12.03 20:00:19 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\xrecode2
[2012.11.28 21:00:48 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\Zoner
[2012.12.11 22:38:52 | 000,000,000 | ---D | M] -- C:\Users\Monty\AppData\Roaming\_MDLogs

< %APPDATA%\*.exe /s >
[2013.05.23 15:17:02 | 000,604,528 | ---- | M] (ml) -- C:\Users\Monty\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2013.05.23 15:17:02 | 000,604,528 | ---- | M] (ml) -- C:\Users\Monty\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2006.12.01 10:13:48 | 000,040,960 | ---- | M] () -- C:\Users\Monty\AppData\Roaming\Tyre\appstop.exe
[2012.11.09 17:22:00 | 000,041,472 | ---- | M] () -- C:\Users\Monty\AppData\Roaming\Tyre\gpx2itn.exe
[2013.05.05 19:38:49 | 002,584,148 | ---- | M] ('t Schrijverke ) -- C:\Users\Monty\AppData\Roaming\Tyre\TyreSetup.exe
[2013.05.26 12:37:37 | 000,311,416 | ---- | M] (WildTangent, Inc.) -- C:\Users\Monty\AppData\Roaming\WildTangent\Updater\GameConsole\GameConsole-4.0.26.43-to-4.0.26.54.exe
[2012.11.29 03:52:32 | 000,049,824 | ---- | M] (WildTangent) -- C:\Users\Monty\AppData\Roaming\WildTangent\Updater\GameConsole\Park-{922c49d0-ba6f-4080-ae1e-e8714b224d06}.exe
[2012.11.28 22:10:37 | 000,000,172 | ---- | M] () -- C:\Users\Monty\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-hp.exe_filedata
[2012.11.29 03:52:32 | 000,572,064 | ---- | M] (WildTangent, Inc.) -- C:\Users\Monty\AppData\Roaming\WildTangent\WildTangent Games\App\Update\Updater.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.07.06 13:51:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.07.06 10:41:50 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.07.06 13:42:00 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.06.19 14:06:20 | 000,000,332 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForMonty.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.07.06 10:43:09 | 000,001,878 | ---- | M] () -- C:\Windows\system32\http_ss.log
[2013.07.04 11:01:05 | 000,000,074 | ---- | M] () -- C:\Windows\system32\log.log
[2013.07.06 10:46:52 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2013.07.04 11:27:53 | 000,420,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcp100.dll

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2008.02.28 21:27:56 | 000,009,858 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_es\Data\Sounds\bear_crack_cat.ogg
[2008.02.28 21:27:54 | 000,014,005 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_es\Data\Sounds\bear_crack_cow.ogg
[2008.02.28 21:27:54 | 000,009,910 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_es\Data\Sounds\bear_crack_goose.ogg
[2008.02.28 21:27:54 | 000,044,166 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_es\Data\Sounds\bear_crack_product.ogg
[2008.02.28 21:27:56 | 000,015,006 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_es\Data\Sounds\bear_crack_sheep.ogg
[2008.02.28 21:27:56 | 000,009,858 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_it\Data\Sounds\bear_crack_cat.ogg
[2008.02.28 21:27:54 | 000,014,005 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_it\Data\Sounds\bear_crack_cow.ogg
[2008.02.28 21:27:54 | 000,009,910 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_it\Data\Sounds\bear_crack_goose.ogg
[2008.02.28 21:27:54 | 000,044,166 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_it\Data\Sounds\bear_crack_product.ogg
[2008.02.28 21:27:56 | 000,015,006 | ---- | M] () -- \Program Files (x86)\HP Games\Farm Frenzy\wtmui_it\Data\Sounds\bear_crack_sheep.ogg
[2012.12.01 17:36:59 | 000,005,369 | ---- | M] () -- \Users\Monty\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp

< *keygen* /s >
[2007.04.24 23:06:14 | 000,064,000 | ---- | M] () -- \Users\Monty\Documents\Tom-aktivátor aj\Tomtom\Tomtom Home 2.5\nový aktivátor\Easytools_CZ_pro_PNA\Easytools_CZ_pro PNA\Progs\keygen6.exe
[2009.11.02 21:12:20 | 000,062,464 | ---- | M] () -- \Users\Monty\Documents\Tom-aktivátor aj\Tomtom\Tomtom Home 2.5\nový aktivátor\Easytools_CZ_pro_PNA\Easytools_CZ_pro PNA\Progs\tt8_keygen2.exe

< *AntiWPA* /s >

< *loader* /s >
[2012.12.31 12:28:02 | 000,905,728 | ---- | M] () -- \Program Files (x86)\SRDownloader.exe
[2010.03.24 20:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2008.06.24 14:45:14 | 000,111,912 | ---- | M] () -- \Program Files (x86)\Common Files\Nero\Shared\NSCLoader.dll
[2012.10.26 10:54:20 | 000,127,504 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\Koan\pyloader.dll
[2012.10.22 17:30:36 | 000,021,001 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\Uploader\PyUploader.kc
[2012.10.22 17:30:36 | 000,224,368 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\Uploader\_PyUploader.pyd
[2012.10.26 10:54:08 | 000,171,024 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\YouCam\CES_3DLoaderC3S.dll
[2012.10.26 10:54:16 | 002,528,784 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\YouCam\CES_3DLoaderFBX.dll
[2011.06.27 17:08:58 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2011.02.23 18:12:16 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2010.10.15 17:58:50 | 000,001,012 | ---- | M] () -- \Program Files (x86)\HP Games\onplay\downloader_bg_400.gif
[2012.12.10 21:17:26 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.12.10 21:17:26 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.12.10 21:17:25 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.04.20 11:29:39 | 000,002,886 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2012.12.10 21:19:23 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.03.17 15:44:48 | 001,009,664 | ---- | M] () -- \Program Files (x86)\IObit(UNLOCKER)\IObit Unlocker\Freeware\UnLock_FreeSoftwareDownloader.exe
[2011.07.05 10:03:46 | 000,004,386 | ---- | M] () -- \Program Files (x86)\Leawo(AVI na 3D)\Total Media Converter Ultimate\res\skin_en\get_downloader.png
[2012.06.26 13:36:20 | 000,002,560 | ---- | M] () -- \Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2013.05.23 15:13:44 | 000,069,120 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2013.07.04 10:39:53 | 000,266,128 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\GT-I9300\BinaryLoaderMgr.exe
[2013.07.04 10:39:54 | 000,247,704 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\GT-I9300\DeviceDownloader.dll
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2012.05.21 23:56:04 | 000,002,196 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\GamePlay_Loader.html
[2012.07.19 01:18:28 | 000,000,598 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\EULA\images\downloader_bg_400.gif
[2012.05.21 23:56:04 | 000,009,085 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Scripts\gameplay_loader.js
[2010.11.03 23:17:00 | 000,002,355 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Skins\default\gameplay_loader.css
[2010.03.24 20:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.06.09 20:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.10.18 18:48:18 | 000,430,080 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 16:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSPluginLoader.exe
[2012.10.18 18:47:30 | 000,442,368 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 16:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSPluginLoader.exe
[2012.10.18 18:48:44 | 000,194,560 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 16:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPluginLoader.exe
[2012.10.18 18:56:18 | 000,103,520 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\8bfLoader.exe
[2012.10.18 18:56:32 | 000,017,504 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\WICLoader.exe
[2012.10.18 18:57:26 | 000,020,064 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program64\WICLoader.exe
[2008.02.04 13:32:50 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2008.02.04 13:32:50 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.31 15:53:04 | 000,037,441 | ---- | M] () -- \Users\Monty\AppData\Local\SRDownloader.err
[2013.01.26 12:11:15 | 000,001,168 | ---- | M] () -- \Users\Monty\AppData\Local\SRDownloader.nast
[2013.07.05 09:11:58 | 000,109,448 | ---- | M] () -- \Users\Monty\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DYI9ABVQ\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[1].js
[2013.07.05 09:11:58 | 000,001,511 | ---- | M] () -- \Users\Monty\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HEYC2MO8\AdLoader[1].htm
[2013.07.03 21:53:30 | 000,019,497 | ---- | M] () -- \Users\Monty\AppData\Local\Temp\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2012.12.31 16:42:08 | 000,001,339 | ---- | M] () -- \Users\Monty\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\SRDownloader.exe.lnk
[2012.12.19 12:04:16 | 000,030,608 | ---- | M] () -- \Users\Monty\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.05.23 19:23:56 | 000,000,024 | ---- | M] () -- \Users\Monty\Documents\TomTom\HOME\Backup\ONE XL\Backup01\InternalMemory\bootloaderversion.txt
[2012.09.22 12:23:38 | 000,000,024 | ---- | M] () -- \Users\Monty\Documents\TomTom\Záloha 23.5 2013\bootloaderversion.txt
[2012.12.14 21:05:09 | 000,916,616 | ---- | M] () -- \Users\Public\Downloads\Norton\{NIS202019-SHPD-FSD31014}\NISDownloader.exe
[2013.04.08 19:51:57 | 000,916,648 | ---- | M] () -- \Users\Public\Downloads\Norton\{NIS202122-SHPD-FSD31014}\NISDownloader.exe
[2013.07.04 07:01:44 | 001,019,408 | ---- | M] () -- \Users\Public\Downloads\Norton\{NIS204040-SHPD-FSD33017}\NISDownloader.exe
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.10.04 10:12:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012.10.17 19:32:58 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2012.10.04 10:12:02 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012.10.17 19:32:58 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.30 08:08:27 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.07.30 08:08:27 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.07.30 08:08:27 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.07.30 08:08:27 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.07.30 08:08:27 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.07.30 08:19:16 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.07.30 08:19:16 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.07.30 08:19:16 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.07.30 08:19:16 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.07.30 08:19:16 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.07.30 08:05:05 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.07.30 08:19:12 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.07.30 08:19:12 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[2013.05.30 20:59:03 | 000,000,184 | ---- | M] () -- \Windows\AutoKMS.ini
[1 \Windows\*.tmp files -> \Windows\*.tmp -> ]

< *activator* /s >

< *serial* /s >
[2013.01.24 20:09:36 | 000,434,264 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.dll
[2013.05.25 21:54:30 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.07.30 08:08:02 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.07.30 08:08:02 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2011.07.30 08:07:51 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.17 09:38:34 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.17 09:47:33 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\fde22ad3592f537464b769ae693152aa\System.Runtime.Serialization.ni.dll
[2013.01.17 09:46:56 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\32072ac29ee7bc9e2ccab4fb8aa46d54\System.Runtime.Serialization.ni.dll
[2013.01.17 09:41:10 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8e03b29f6562f1b7ce14fa3337d9cee2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.19 16:27:51 | 000,304,640 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\04839b2872960ef907d53a47537489d3\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.19 16:27:51 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\04839b2872960ef907d53a47537489d3\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013.01.19 16:27:51 | 002,785,280 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\5c4a765df1f320d8a263679d33fc45a4\System.Runtime.Serialization.ni.dll
[2013.01.19 16:27:51 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\5c4a765df1f320d8a263679d33fc45a4\System.Runtime.Serialization.ni.dll.aux
[2013.01.19 16:29:12 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\bdd71090224c9e8b7d4ea0f940e7a822\System.Xml.Serialization.ni.dll
[2013.01.19 16:29:12 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\bdd71090224c9e8b7d4ea0f940e7a822\System.Xml.Serialization.ni.dll.aux
[2013.01.19 17:13:05 | 000,373,248 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\49760fe82994fbfd3995272c128f94c8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.19 17:13:05 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\49760fe82994fbfd3995272c128f94c8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013.01.19 17:13:04 | 003,599,872 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\d5815e9193ed3c2361585bb697f9c81c\System.Runtime.Serialization.ni.dll
[2013.01.19 17:13:04 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\d5815e9193ed3c2361585bb697f9c81c\System.Runtime.Serialization.ni.dll.aux
[2013.01.19 17:15:27 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\522ab96fd18691393f2a10ba921f2388\System.Xml.Serialization.ni.dll
[2013.01.19 17:15:27 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\522ab96fd18691393f2a10ba921f2388\System.Xml.Serialization.ni.dll.aux
[2012.07.09 03:42:12 | 000,027,760 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.07.09 01:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 01:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2012.07.09 01:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2012.07.09 03:42:12 | 000,113,704 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.07.09 01:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2012.07.09 01:40:08 | 001,050,096 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.07.09 01:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2012.07.09 01:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.07.30 08:07:52 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2012.07.09 01:40:08 | 001,050,096 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2012.07.09 01:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 01:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012.07.09 01:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012.07.09 01:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012.07.09 01:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2012.07.09 01:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2012.07.09 03:42:12 | 000,027,760 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.07.09 03:42:12 | 000,113,704 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.07.30 08:07:48 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2012.07.09 01:40:08 | 001,050,096 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2012.07.09 01:40:10 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 01:40:08 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012.07.09 01:40:08 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012.07.09 01:40:08 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012.07.09 01:40:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2012.07.09 01:40:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2012.09.27 22:44:46 | 000,027,824 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.07.09 03:42:12 | 000,113,704 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011.07.30 08:07:42 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011.07.30 08:07:42 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011.07.30 08:07:48 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.07.30 08:07:53 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011.07.30 08:08:02 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011.07.30 08:07:54 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011.07.30 08:19:16 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.07.30 08:19:16 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.07.30 08:08:27 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.07.30 08:08:27 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.07.30 08:19:12 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.07.30 08:19:12 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011.07.30 08:06:32 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011.07.30 08:07:51 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011.07.30 08:08:02 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011.07.30 08:07:52 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.07.30 08:07:42 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.07.30 08:08:02 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

OTL Extras logfile created on: 6.7.2013 14:16:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Monty\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,95 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 33,42% Memory free
7,90 Gb Paging File | 5,07 Gb Available in Paging File | 64,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 444,52 Gb Total Space | 346,51 Gb Free Space | 77,95% Space Free | Partition Type: NTFS
Drive D: | 17,07 Gb Total Space | 1,84 Gb Free Space | 10,78% Space Free | Partition Type: NTFS
Drive E: | 3,96 Gb Total Space | 1,08 Gb Free Space | 27,32% Space Free | Partition Type: FAT32
Drive G: | 931,51 Gb Total Space | 689,54 Gb Free Space | 74,02% Space Free | Partition Type: NTFS

Computer Name: MONTY-HP | User Name: Monty | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-4053761563-1308773097-1894922761-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03270073-2769-499D-A025-CADCAF500F4D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{1105AC24-3F43-457D-928D-6437779F2910}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{12AA55D8-176B-4F4F-8C85-21B7B81F049D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{192D5021-A3BA-433A-8FFD-93DFFBBA8661}" = lport=138 | protocol=17 | dir=in | app=system |
"{1BCD4CD1-59FD-4D5A-AEDF-6B8BB62DA0D6}" = rport=2869 | protocol=6 | dir=out | app=system |
"{1E64DBD1-5362-46D5-AA66-9308C3297091}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{218EBA2E-B1D9-42E6-BE19-983B657FAE85}" = rport=10243 | protocol=6 | dir=out | app=system |
"{259E3624-E95E-46A1-A02F-B51E8DC18A85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{321F4EBD-05EB-43B3-AA98-54F5CE9675BD}" = lport=137 | protocol=17 | dir=in | app=system |
"{3E30BD9F-C9EE-408D-9EA3-759DD9569357}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{416F8DDC-B59E-4B74-915D-456A52D8A5A3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{483B39CD-7798-44D4-B884-9B853B215796}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{66396134-6500-4C25-80C2-464791A686A2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{68B1EEFA-172E-44ED-B1FD-70896E384EFB}" = rport=137 | protocol=17 | dir=out | app=system |
"{6AA3D28E-E0B9-442F-8B75-FB29B3F9910B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6C2AF07F-B01B-41A3-BF9B-AB2E04EF4F8D}" = rport=138 | protocol=17 | dir=out | app=system |
"{7BE7291B-7A4C-4981-B0B5-00E76EDC137D}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7D4358A5-1D57-4C8E-A4BA-D459E6B4A25C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7DA61B5C-72A0-45AF-9626-85C496D879D7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{801D0F9D-AFFE-456D-8284-2A34BDF7F7E5}" = rport=139 | protocol=6 | dir=out | app=system |
"{81A22BA0-39B7-43C2-8E48-F05CB95E64B6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{838016DD-8F3D-418B-9F94-10A3A2EDE423}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A0289B0C-2170-45E9-8FC4-D54FB1795BA6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A255C6E7-4373-4AEF-9936-EF77ABDD4588}" = rport=445 | protocol=6 | dir=out | app=system |
"{A3A528FD-8F18-4AFD-B327-FD690EB1EB68}" = lport=139 | protocol=6 | dir=in | app=system |
"{A66D35FF-A7DB-419C-8006-C1B213E6421D}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C49DA439-5F4C-4DDF-A435-822E0F613676}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C75D14AE-194E-4DF2-B041-F0F2075740E3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EEA65B39-FC4C-4001-AD7B-67094D28F9C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EF576FA0-E0F7-4FFC-B9BF-BB768C84FFF9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FEAAC1E8-9BDB-43C7-A4BE-F06A8B24528C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FF4E17D2-5980-4BB0-9CF1-60B6AA65B03C}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C481E2A-1B99-4933-B413-BD17F399A222}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10e wireless router utilities\liveupdate.exe |
"{13D0D221-3737-49DA-A60A-C5E54F8C057C}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\wiselinkpro.exe |
"{18363989-23D2-4E59-83AB-331DDAD3A048}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{19CB3482-A588-4555-8296-90611E194892}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{1FD599BF-39DA-4A21-B446-4D0307E6E2FB}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\http_ss_win_pro.exe |
"{219C9985-6C06-4C0E-891E-C4D12955164F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{28996BBB-6E63-411E-994D-20784A792607}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{2FB93290-26BB-45C7-86A1-5F438D47E22F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{353786A2-9CFF-4B5E-A764-D8F1912A50FF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{35C1B1CE-F3EA-4B19-8FA0-D28D7E0860B3}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10e wireless router utilities\rescue.exe |
"{3B1C9663-7C88-483B-B05A-9E7D3D44E5BC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C4E5A2C-FCB2-45D3-B20B-45C2AB9BC35A}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\http_ss_win_pro.exe |
"{3EF48628-98DB-432E-B711-DC47ECCF70FC}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{4C80432A-24C2-4CB4-87FA-4A13773C3137}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareslideshowservice.exe |
"{50E9CF52-E598-45C4-8D70-B92D8E70A37E}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe |
"{526A4958-4458-4F36-8C84-6EF96BC7BB24}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10e wireless router utilities\discovery.exe |
"{580EADEE-66C2-41A4-A5A4-CBE2B4389DFE}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\http_ss_win_pro.exe |
"{581E7342-D403-4303-B150-5C4C0ED8F252}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{58361D8A-A160-496F-8ADF-87B24C6576DB}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\http_ss_win_pro.exe |
"{62943CF9-3C06-40CD-9AFE-1C9BB86AA7B9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{69B13792-B44B-4BC3-A417-325F89AF20F4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6F54FED0-5D7B-4610-8E5D-C8A8AEE14480}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{70321A25-CC1A-4BB2-9CCB-A2D85D4733FB}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10e wireless router utilities\discovery.exe |
"{77B09878-FC51-4A05-A0A0-0C546AFB9760}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7FA0747D-E987-48B6-B597-CBB24E2F7E1F}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10e wireless router utilities\liveupdate.exe |
"{81D38D98-5165-4C80-8B17-C06780737283}" = protocol=6 | dir=out | app=system |
"{84E84781-EF21-4711-972F-C2778E50EC1A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8558C35F-18F6-42A6-BD5E-A61737B7FD22}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8D29F31D-F688-4753-A0F1-EA2FCB7D0205}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\wiselinkpro.exe |
"{96993B26-40B8-43A9-91EB-3AF039D1B277}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{97029F6E-73AE-4730-9DA6-26CD0B0C74A6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A48C9F1D-592D-4CF7-A2FE-DBF70C9A4DA2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5B99BF3-A55B-4B4B-A3A2-84FDDCE19B9A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{A5CA8FF3-AF3F-46E5-8EA6-20BD243B7930}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{A74D1827-7E14-4980-846B-6561496A762A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{A893525F-66BF-4FFD-87EC-ABC93E1E7122}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\wiselinkpro.exe |
"{A8CE5636-1115-4092-A133-6B7FCE441B5A}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{B9B25713-21F7-41F0-98AC-2661B0C6C6F9}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\http_ss_win_pro.exe |
"{BD63FFC7-CA57-479B-B2D4-C9BCBA7350D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C416B0DB-8176-4FD1-AFDC-216E31721A7B}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10e wireless router utilities\qiswizard.exe |
"{C7A18F89-3A96-4808-8045-88580B8E7F57}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\wiselinkpro.exe |
"{CC238CC5-3DF9-4FC1-81A4-07BC48B63D46}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CCCA49D0-8FF6-4B93-B998-39A55ACA1181}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{CD648C32-C716-4DC2-92E5-B3787D47995C}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CE94D443-8F2F-4D69-88F6-53D094A07202}" = dir=in | app=c:\program files (x86)\easybits for kids\ezdesktop.exe |
"{D950B269-A05C-4466-856B-B50E9BE1E6D7}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe |
"{DB82521D-380B-479A-8ED9-9B8FA0BF27E4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DBA91DB9-2298-4EA1-AC37-9CF18A15F0BA}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DF52BF6E-D72C-41F1-9D81-BE0030839640}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10e wireless router utilities\rescue.exe |
"{E5C84E93-DFB5-490A-8753-CF6473A98BF6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E6202F44-52E6-4273-92E1-024599BBE066}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{EDA8AB51-44A1-4AF3-95B0-18953A18ED04}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\wiselinkpro.exe |
"{EF66BA44-18E7-45F4-919B-1618D71F02FB}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe |
"{F250F44B-4C2B-4556-BD91-F0234748C0F2}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{F33757AA-B75B-4E15-869D-0BBE675FF080}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10e wireless router utilities\qiswizard.exe |
"{F4A00009-BAD7-44D7-945A-638B0F9B379B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FCD5E61E-C07E-447D-86E7-F39A1C1FF1F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FDA32D6E-871F-4A73-A307-579AE9F023E9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FECC7146-B1F2-45DA-8524-073D1C3810DD}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series" = Canon MG2100 series MP Drivers
"{1730D13B-7517-4321-A88B-64627CF67CDC}_is1" = Logon Screen
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CAB2212-0732-4827-8EC4-61D8EF0AA65B}" = HP Launch Box
"{A133E9CD-2879-4F30-87D4-1604AFD5C5CC}_is1" = Folder Colorizer version 1.1.0
"{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"CCleaner" = CCleaner
"DS Clock_is1" = DS Clock
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"SynTPDeinstKey" = Synaptics TouchPad Driver
"Tyre_is1" = Tyre
"WinRAR archiver" = WinRAR 4.20 (64-bit)
"ZonerPhotoStudio15_CZ_is1" = Zoner Photo Studio 15

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00476F3E-3C4D-4E02-B8BB-125350157EB9}" = Windows Live Mail
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{04A92BE5-E791-E374-01CB-B88CBFC1E8D1}" = PX Profile Update
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0906982B-A432-4C06-8F01-C01BE1143779}" = Nokia Connectivity Cable Driver
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{25F3EC6C-BB03-4CEB-B36C-E656A9DD149E}" = HP Documentation
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{31CEFF4E-B6D1-46A5-9169-7C67570E7FFA}" = HP SimplePass PE 2011
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A9ECD64-DE00-4779-A89E-C878513B2B37}" = Windows Live Writer Resources
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{42B6C7E0-0DAE-488D-8DAF-838898102F19}" = Windows Live Writer
"{42D10994-A566-495D-A5E7-D0C6B5C6B35C}" = HP Product Detection
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{5036764A-435D-40C9-869C-31085A3D741D}" = HP Setup
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{580CA891-08DB-4B6F-B0C1-DF1D149671D7}" = ASUS RT-N10E Wireless Router Utilities
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D45EF03-E8EE-4355-81C3-F918CBCF1033}" = Nero 8
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}" = Windows Live Essentials
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7EDC2DCF-DF46-46B9-9FA6-07D287D040E3}" = HP Software Framework
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{872B1C80-38EC-4A31-A25C-980820593900}" = HP Power Manager
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8B52057C-15DB-433E-957C-E279BC7D07E3}" = HP QuickWeb
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}" = HP On Screen Display
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A035950F-15BA-41C0-9D8F-165FC0536012}" = Movie Maker
"{A1F39F4E-808A-46EF-A7B7-FB5F151B6915}" = ASUS Wireless Router RT-N10E Manuals
"{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}" = Fotogalerie
"{A5F041A4-812A-47C2-AD53-8893A81019FB}_is1" = Leawo Total Media Converter Ultimate version 5.2.0.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{ABEF00D0-FCAE-4E47-8D4E-D4AE5FD72B15}" = HP Quick Launch
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFE83615-88BE-47F6-B3E4-A3FEF8B7B57F}_is1" = xrecode II 1.0.0.194
"{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}" = PC Connectivity Solution
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CD046DF7-9A10-4C3F-B2A1-E5A02FFC0476}_is1" = SE-ScreenSavers 1.12.1.80
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18F981B-401C-4D90-BC57-D8903564D558}" = Windows Live UX Platform Language Pack
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E96CAA2A-0244-4A2A-8403-0C3C9534778B}" = ESU for Microsoft Windows 7 SP1
"{EB91007A-0110-42A6-B869-2709955A9B2A}" = Photo Common
"{EC5F4C1B-F838-4CB7-8561-8F809296428B}" = TomTom HOME
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Audacity_is1" = Audacity 2.0.2
"Avidemux 2.5 (64-bit)" = Avidemux 2.5
"Canon MG2100 series On-screen Manual" = Canon MG2100 series On-screen Manual
"Canon MG3100 series On-screen Manual" = Canon MG3100 series On-screen Manual
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Digital Clock - 7_is1" = Digital Clock-7 2.02
"DVDStyler_is1" = DVDStyler v2.3.4
"EasyBits Magic Desktop" = Magic Desktop
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"ffdshow_is1" = ffdshow v1.1.3892 [2011-06-20]
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.22.128
"Freeraser" = Freeraser
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"IObit Unlocker_is1" = IObit Unlocker
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.7.0 (Basic)
"LAME_is1" = LAME v3.99.3 (for Windows)
"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0
"NIS" = Norton Internet Security
"Nokia PC Suite" = Nokia PC Suite
"NST" = Norton Identity Safe
"PhotoFiltre" = PhotoFiltre
"Popisovač CD/DVD 3.0_is1" = Popisovač CD/DVD 3.00
"Pošta a kancelář 3_is1" = Pošta a kancelář 3.7
"Registrace uživatele zařízení Canon MG2100 series" = Registrace uživatele zařízení Canon MG2100 series
"Revo Uninstaller" = Revo Uninstaller 1.94
"Seznam DVD 2011_is1" = Seznam DVD 2011
"szn-software-postak" = Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)
"The KMPlayer" = The KMPlayer (remove only)
"Tyre_is1" = Tyre
"VIP Access SDK" = VIP Access SDK (1.0.1.2)
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinX DVD Ripper Platinum_is1" = WinX DVD Ripper Platinum 5.16
"WinX HD Video Converter Deluxe_is1" = WinX HD Video Converter Deluxe 3.10.0
"WTA-00769aef-26ca-4413-b85c-ff75f3eb5869" = Polar Golfer
"WTA-1168bf48-0e65-4547-b786-1e85c75eb346" = Cradle of Rome 2
"WTA-1439dce2-0717-4abb-a8e9-0f75c732a763" = Namco All-Stars: PAC-MAN
"WTA-144f6e00-87a2-492d-8743-6b577d39ff43" = Vacation Quest - The Hawaiian Islands
"WTA-1596514d-56cc-4e10-ba8d-ccd511d5cfb4" = Final Drive: Nitro
"WTA-3187c5a7-405e-4d91-8926-8d9e6ed88999" = Poker Superstars III
"WTA-4a0ac5b0-4d8d-4683-b831-a4a5b8204a4e" = Mah Jong Medley
"WTA-4ddc0f63-6cdc-4092-a781-1580601e5a91" = Farm Frenzy
"WTA-5e92e1e8-ed7c-432e-80fa-49ac11efb46f" = Polar Bowler
"WTA-63a54bc5-5fe6-4445-a29f-9af75b311773" = Plants vs. Zombies - Game of the Year
"WTA-6671b95c-d476-42ea-bd4a-b3893a33cf50" = Agatha Christie - Peril at End House
"WTA-6cc91021-f569-407d-a73c-ed34836520d2" = Jewel Quest: The Sleepless Star - Collector's Edition
"WTA-6fbfcb98-c4f2-4022-936e-9b1a586a751e" = FATE
"WTA-734250ee-77e5-4496-9cd4-fbe9313eab2b" = Blasterball 3
"WTA-73d98e40-90fa-4a47-8e7c-784169bf924b" = Zuma Deluxe
"WTA-78c299f7-abb7-42a2-af4d-381da4a45428" = Bejeweled 3
"WTA-83be4807-64e3-4068-89e1-5ce7094119aa" = Blackhawk Striker 2
"WTA-8b812b0d-d950-4ec3-8e1f-078cc97ba2c5" = Cake Mania
"WTA-99592206-386c-44cb-bf13-510dcfbfd9da" = Virtual Villagers 5 - New Believers
"WTA-b0a85320-73a0-48c6-8277-b858e85a8751" = Chuzzle Deluxe
"WTA-c9e22ec8-9021-49b3-b85f-0a522f9a918b" = Penguins!
"WTA-dea03f19-6ff2-454e-9c4f-ad814b493781" = Bounce Symphony
"WTA-ea7d7b10-02d8-46ab-b49c-4d67a9758e17" = Chronicles of Albian
"WTA-f03e8b03-2fed-4ee7-8c4a-2967027edb28" = Mystery of Mortlake Mansion
"WTA-f7c675c5-a95d-4d97-8754-ef724439c5ed" = Slingo Supreme
"WTA-f8839bfd-d3b5-435e-86f5-4c9fc7058d61" = Governor of Poker 2 Premium Edition

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4053761563-1308773097-1894922761-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 24.6.2013 4:50:11 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku
. Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která
je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 24.6.2013 4:50:12 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na
řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 24.6.2013 4:50:12 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 24.6.2013 4:52:36 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 25.6.2013 14:15:48 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 25.6.2013 14:15:48 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na
řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 28.6.2013 15:45:48 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku
. Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která
je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 28.6.2013 15:45:49 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na
řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 28.6.2013 15:45:50 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 28.6.2013 15:48:27 | Computer Name = Monty-HP | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll se nezdařilo. Závislé sestavení Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

[ Hewlett-Packard Events ]
Error - 16.1.2013 6:22:59 | Computer Name = Monty-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 16.1.2013 18:16:37 | Computer Name = Monty-HP | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 v System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) v System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) v System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) v System.Activator.CreateInstance(Type
type, Boolean nonPublic) v HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
v System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)

v System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)

v System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) v System.Activator.CreateInstance(Type type, Boolean nonPublic)

v HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib

Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: cs-CZ RAM: 4043 Ram
Utilization: TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)

Error - 8.4.2013 14:18:20 | Computer Name = Monty-HP | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 v System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) v System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) v System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) v System.Activator.CreateInstance(Type
type, Boolean nonPublic) v HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
v System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)

v System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)

v System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) v System.Activator.CreateInstance(Type type, Boolean nonPublic)

v HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib

Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: cs-CZ RAM: 4043 Ram
Utilization: 30 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)

Error - 9.4.2013 1:20:21 | Computer Name = Monty-HP | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 v System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) v System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) v System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) v System.Activator.CreateInstance(Type
type, Boolean nonPublic) v HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
v System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)

v System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)

v System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) v System.Activator.CreateInstance(Type type, Boolean nonPublic)

v HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib

Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: cs-CZ RAM: 4043 Ram
Utilization: 30 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)

[ Media Center Events ]
Error - 12.12.2012 14:33:42 | Computer Name = Monty-HP | Source = MCUpdate | ID = 0
Description = 19:33:42 - Chyba při připojování k Internetu 19:33:42 - Nelze kontaktovat
server..

Error - 12.12.2012 14:33:59 | Computer Name = Monty-HP | Source = MCUpdate | ID = 0
Description = 19:33:47 - Chyba při připojování k Internetu 19:33:47 - Nelze kontaktovat
server..

Error - 28.12.2012 5:08:59 | Computer Name = Monty-HP | Source = MCUpdate | ID = 0
Description = 10:08:51 - Chyba při připojování k Internetu 10:08:51 - Nelze kontaktovat
server..

Error - 10.1.2013 13:35:13 | Computer Name = Monty-HP | Source = MCUpdate | ID = 0
Description = 18:35:13 - Chyba při připojování k Internetu 18:35:13 - Nelze kontaktovat
server..

Error - 10.1.2013 13:35:31 | Computer Name = Monty-HP | Source = MCUpdate | ID = 0
Description = 18:35:18 - Chyba při připojování k Internetu 18:35:18 - Nelze kontaktovat
server..

[ System Events ]
Error - 29.3.2013 7:03:37 | Computer Name = Monty-HP | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR8.

Error - 29.3.2013 7:03:38 | Computer Name = Monty-HP | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR8.

Error - 29.3.2013 7:03:38 | Computer Name = Monty-HP | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 29.3.2013 15:18:40 | Computer Name = Monty-HP | Source = ipnathlp | ID = 31004
Description =

Error - 29.3.2013 15:18:42 | Computer Name = Monty-HP | Source = ipnathlp | ID = 31004
Description =

Error - 30.3.2013 1:09:31 | Computer Name = Monty-HP | Source = ipnathlp | ID = 31004
Description =

Error - 30.3.2013 1:09:33 | Computer Name = Monty-HP | Source = ipnathlp | ID = 31004
Description =

Error - 30.3.2013 1:09:40 | Computer Name = Monty-HP | Source = ipnathlp | ID = 31004
Description =

Error - 30.3.2013 13:09:31 | Computer Name = Monty-HP | Source = ipnathlp | ID = 31004
Description =

Error - 30.3.2013 18:01:00 | Computer Name = Monty-HP | Source = ipnathlp | ID = 31004
Description =


< End of report >

Vypnete antivir, at nebrani programu v praci!
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands) Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.