VIRY.CZ

Dobrý den, něco mi zahlcuje připojení k internetu podle všeho na portu 80. Bylo by možné prosím poradit, co by to mohlo být, případně jak se toho zbavit? Přikládám log z RSIT a děkuji.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Blecha at 2013-11-08 17:02:53
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 806 GB (85%) free of 954 GB
Total RAM: 8128 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:02:56, on 8.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\IR\shutTask.exe
C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Blecha.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.b1.org/?bsrc=hmior&chid=c167991
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.b1.org/?bsrc=hmior&chid=c167991
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.139.290\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe "C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe -minimized" 60
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [shutTask] "C:\Program Files (x86)\IR\shutTask.exe"
O4 - HKLM\..\Run: [msnqodhSrv] C:\Windows\inf\msnqodh.vbe
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2659259988-1664157760-1627859876-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2659259988-1664157760-1627859876-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe
O23 - Service: Služba Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Small Business Advantage - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13612 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe"
"taskhost.exe"
taskeng.exe {F36C9FE5-7131-45A2-A03F-41EE101C3284}
"C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe" -open
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe" -hide
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe" -hide
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe" -Embedding
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:2836
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" -startup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\IR\shutTask.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {C0068C9A-4E92-4F04-953B-F68C86DEB165}
"C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe" -minimized
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\system32\AUDIODG.EXE 0x9c4
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Blecha\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Blecha\AppData\Roaming\Mozilla\Firefox\Profiles\m33wj9op.default

prefs.js - "browser.startup.homepage" - "www.google.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Blecha\AppData\Roaming\Mozilla\Firefox\Profiles\m33wj9op.default\extensions\
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-11-07 800448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-11-07 1438400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-11-07 525504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2013-11-07 988864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-11-07 655040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-11-07 1179840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2013-11-07 434368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2013-11-07 793280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2013-04-24 7477016]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2013-10-30 1820584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-02-29 56088]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-05-21 291648]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2012-07-19 133440]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.139.290\AsusWSPanel.exe [2012-03-16 740704]
"IntelSBA"=C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe [2012-02-12 55520]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-12-09 336992]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"shutTask"=C:\Program Files (x86)\IR\shutTask.exe [2010-01-05 110592]
"msnqodhSrv"=C:\Windows\inf\msnqodh.vbe [2013-08-27 1558]
""= []
"HPUsageTrackingLEDM"=C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [2009-10-15 30264]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TMMonitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-11-08 17:02:53 ----D---- C:\Program Files\trend micro
2013-11-08 16:55:23 ----D---- C:\Users\Blecha\AppData\Roaming\Mozilla
2013-11-08 16:55:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-08 16:48:53 ----D---- C:\rsit
2013-11-08 16:48:53 ----D---- C:\Program Files (x86)\trend micro
2013-11-08 11:07:17 ----D---- C:\Users\Blecha\AppData\Roaming\TeamViewer
2013-11-08 10:58:25 ----D---- C:\Program Files (x86)\TeamViewer
2013-11-06 20:01:54 ----D---- C:\Program Files\CCleaner
2013-11-06 19:59:53 ----D---- C:\Program Files (x86)\Google
2013-11-06 14:26:49 ----D---- C:\Users\Blecha\AppData\Roaming\FileZilla
2013-11-06 14:26:45 ----D---- C:\Program Files (x86)\FileZilla FTP Client
2013-11-05 21:34:19 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-11-05 09:38:40 ----A---- C:\Windows\system32\klfphc.dll
2013-11-05 09:38:10 ----D---- C:\Windows\ELAMBKUP
2013-11-05 09:38:09 ----D---- C:\ProgramData\Kaspersky Lab
2013-11-05 09:38:09 ----D---- C:\Program Files (x86)\Kaspersky Lab
2013-11-05 09:38:03 ----A---- C:\Windows\system32\drivers\klif.sys
2013-11-05 09:38:03 ----A---- C:\Windows\system32\drivers\klflt.sys
2013-10-29 16:04:14 ----A---- C:\ProgramData\ntuser.dat
2013-10-21 14:33:42 ----D---- C:\Program Files (x86)\Hewlett-Packard
2013-10-21 14:33:41 ----D---- C:\ProgramData\HP
2013-10-21 14:32:50 ----D---- C:\ProgramData\HPSSUPPLY
2013-10-21 14:32:45 ----D---- C:\ProgramData\Hewlett-Packard
2013-10-21 14:32:16 ----D---- C:\Program Files (x86)\HP
2013-10-21 14:28:49 ----RA---- C:\Windows\SYSWOW64\mvusbews.dll
2013-10-21 14:26:51 ----A---- C:\Windows\system32\HPM1210SMs.dll
2013-10-21 14:26:48 ----A---- C:\Windows\system32\HPM1210SM.exe
2013-10-21 14:26:48 ----A---- C:\Windows\system32\HPM1210LM.DLL
2013-10-21 14:26:05 ----A---- C:\Windows\system32\m1130wia2.dll
2013-10-21 14:26:05 ----A---- C:\Windows\system32\HPImgFlt.dll
2013-10-21 14:24:55 ----RA---- C:\Windows\system32\HPSIsvc.exe
2013-10-21 14:24:17 ----D---- C:\Program Files\HP
2013-10-20 07:04:20 ----A---- C:\Windows\system32\drivers\klmouflt.sys
2013-10-20 07:04:20 ----A---- C:\Windows\system32\drivers\klkbdflt.sys
2013-10-20 07:04:20 ----A---- C:\Windows\system32\drivers\klim6.sys
2013-10-20 07:04:18 ----A---- C:\Windows\system32\drivers\kl1.sys
2013-10-15 10:36:55 ----D---- C:\ProgramData\Atheros
2013-10-15 10:36:05 ----D---- C:\Windows\Options
2013-10-15 10:36:05 ----A---- C:\Windows\system32\drivers\athrx.sys
2013-10-15 10:36:05 ----A---- C:\Windows\system32\athrx.sys
2013-10-15 10:35:50 ----D---- C:\ProgramData\TP-LINK

======List of files/folders modified in the last 1 month======

2013-11-08 17:02:56 ----D---- C:\Windows\Temp
2013-11-08 17:02:53 ----RD---- C:\Program Files
2013-11-08 16:55:18 ----RD---- C:\Program Files (x86)
2013-11-08 16:23:06 ----D---- C:\Program Files (x86)\Steam
2013-11-08 16:14:21 ----D---- C:\Windows\inf
2013-11-08 16:14:21 ----AD---- C:\Windows\System32
2013-11-08 16:14:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-08 16:06:56 ----A---- C:\Windows\SYSWOW64\log.txt
2013-11-08 16:05:31 ----SHD---- C:\System Volume Information
2013-11-08 16:05:25 ----D---- C:\ProgramData\NVIDIA
2013-11-08 16:05:21 ----D---- C:\Windows
2013-11-08 12:20:36 ----D---- C:\Users\Blecha\AppData\Roaming\vlc
2013-11-08 10:58:27 ----RSD---- C:\Windows\Fonts
2013-11-08 10:58:27 ----D---- C:\Windows\system32\Tasks
2013-11-07 18:30:19 ----D---- C:\Windows\Prefetch
2013-11-07 18:21:33 ----SHD---- C:\Windows\Installer
2013-11-07 18:21:29 ----AD---- C:\Windows\system32\drivers
2013-11-07 17:59:05 ----D---- C:\Users\Blecha\AppData\Roaming\Media Player Classic
2013-11-07 17:58:05 ----D---- C:\Windows\Panther
2013-11-07 17:58:04 ----D---- C:\Windows\Logs
2013-11-07 17:58:04 ----D---- C:\Windows\debug
2013-11-07 15:40:28 ----D---- C:\Windows\system32\catroot2
2013-11-06 21:44:27 ----D---- C:\Windows\Tasks
2013-11-06 17:10:55 ----D---- C:\Windows\system32\config
2013-11-05 09:38:56 ----HD---- C:\ProgramData
2013-11-05 09:38:40 ----D---- C:\Windows\system32\catroot
2013-11-05 09:38:38 ----D---- C:\Windows\system32\DriverStore
2013-10-30 07:36:41 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-26 09:43:59 ----D---- C:\Program Files\Common Files\BitDefender
2013-10-26 07:30:22 ----D---- C:\Windows\system32\drivers\etc
2013-10-24 10:44:49 ----SD---- C:\Users\Blecha\AppData\Roaming\Microsoft
2013-10-21 14:58:11 ----D---- C:\Windows\Microsoft.NET
2013-10-21 14:32:28 ----AD---- C:\Windows\SysWOW64
2013-10-21 14:32:26 ----D---- C:\Windows\winsxs
2013-10-21 14:31:58 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-10-21 14:31:38 ----RSD---- C:\Windows\assembly
2013-10-21 14:30:21 ----D---- C:\Windows\SYSWOW64\en-US
2013-10-21 14:30:21 ----D---- C:\Windows\system32\en-US
2013-10-21 14:27:23 ----D---- C:\Windows\twain_32
2013-10-15 10:40:03 ----SD---- C:\ProgramData\Microsoft
2013-10-15 10:36:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-10-09 07:17:34 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-02-01 568600]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-21 19264]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-11-07 458336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-24 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-11-07 623200]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2013-10-20 29792]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2013-04-12 15456]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2013-05-14 55904]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2013-06-06 178784]
R1 ndisrd;WinpkFilter LightWeight Filter; C:\Windows\system32\DRIVERS\ndisrd.sys [2012-05-31 32400]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-12-09 126944]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2011-06-16 32544]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 ASUSFILTER;ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [2011-09-20 46152]
R3 athr;Extensible Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athrx.sys [2011-08-31 2736640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-13 4060560]
R3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2013-09-06 113280]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-21 357184]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-21 789824]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2013-10-20 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-10-20 29280]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-01-17 66800]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-03 62784]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-25 194848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-13 726160]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-11-16 11880]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-16 48416]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan620.sys [2011-09-17 32360]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-16 48416]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 klflt;klflt; C:\Windows\system32\DRIVERS\klflt.sys [2013-06-08 112224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-06-01 920736]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-06-01 951936]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-02-17 149120]
R2 AsusFanControlService;AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe [2012-05-02 1475200]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-11-08 126856]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-01 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-19 634632]
R2 Intel(R) Small Business Advantage;Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [2012-02-12 49376]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-21 413472]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-01-31 2402080]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-10-30 566696]
S2 AVP;Služba Kaspersky Anti-Virus; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [2013-10-20 214512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-05-22 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-05-22 655624]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-26 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-05-22 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v3.011 - Report created 08/11/2013 at 18:36:25
# Updated 03/11/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Blecha - BLECHA-PC
# Running from : C:\Users\Blecha\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\Users\Blecha\AppData\Local\b1e
Folder Deleted : C:\Users\Blecha\AppData\Roaming\B1Toolbar
Folder Deleted : C:\Users\Blecha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
File Deleted : C:\Users\Blecha\AppData\Roaming\Mozilla\Firefox\Profiles\m33wj9op.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Blecha\AppData\Roaming\Mozilla\Firefox\Profiles\m33wj9op.default\bprotector_prefs.js
File Deleted : C:\Windows\System32\Tasks\BrowserProtect

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKCU\Software\5855df88e66fba10
Key Deleted : HKLM\SOFTWARE\5855df88e66fba10
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16576

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v25.0 (cs)

[ File : C:\Users\Blecha\AppData\Roaming\Mozilla\Firefox\Profiles\m33wj9op.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?affID=121562&tt=gc_&babsrc=NT_ss&mntrId=3C1A60A44C32654B");
Line Deleted : user_pref("browser.search.defaultenginename", "Delta Search");
Line Deleted : user_pref("browser.search.order.1", "Delta Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Delta Search");

-\\ Google Chrome v

[ File : C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2585 octets] - [08/11/2013 18:35:50]
AdwCleaner[S0].txt - [2351 octets] - [08/11/2013 18:36:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2411 octets] ##########

Dejte nový log RSIT.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Blecha at 2013-11-08 18:51:08
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 806 GB (84%) free of 954 GB
Total RAM: 8128 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:51:11, on 8.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\IR\shutTask.exe
C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\trend micro\Blecha.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.139.290\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe "C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe -minimized" 60
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [shutTask] "C:\Program Files (x86)\IR\shutTask.exe"
O4 - HKLM\..\Run: [msnqodhSrv] C:\Windows\inf\msnqodh.vbe
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2659259988-1664157760-1627859876-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2659259988-1664157760-1627859876-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe
O23 - Service: Služba Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Small Business Advantage - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13643 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2f0
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe"
"C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe"
"taskhost.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe"
"C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
taskeng.exe {77D771E7-F6B7-4711-9E0F-9AEAA6496CD3}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe" -open
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe" -hide
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe" -hide
"C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe" -Embedding
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:3080
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[S0].txt
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" -startup
"C:\Program Files (x86)\IR\shutTask.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
"C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {BCF1CEEB-C5FB-45D3-9EEF-A73AD08BDC0D}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe" -minimized
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5600.19f61900.305148225 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5600 "\\.\pipe\gecko-crash-server-pipe.5600" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe" --proxy-stub-channel=Flash1428.624DCA40.14451 --host-broker-channel=Flash1428.624DCA40.20098 --host-pid=1428 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe" --channel=2312.002CF8D0.1648469255 --proxy-stub-channel=Flash1428.624DCA40.14451 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Blecha\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Blecha\AppData\Roaming\Mozilla\Firefox\Profiles\m33wj9op.default

prefs.js - "browser.startup.homepage" - "www.google.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Blecha\AppData\Roaming\Mozilla\Firefox\Profiles\m33wj9op.default\extensions\
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-11-07 800448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-11-07 1438400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-11-07 525504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2013-11-07 988864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-11-07 655040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-11-07 1179840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2013-11-07 434368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2013-11-07 793280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2013-04-24 7477016]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2013-10-30 1820584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-02-29 56088]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-05-21 291648]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2012-07-19 133440]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.139.290\AsusWSPanel.exe [2012-03-16 740704]
"IntelSBA"=C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe [2012-02-12 55520]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-12-09 336992]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"shutTask"=C:\Program Files (x86)\IR\shutTask.exe [2010-01-05 110592]
"msnqodhSrv"=C:\Windows\inf\msnqodh.vbe [2013-08-27 1558]
""= []
"HPUsageTrackingLEDM"=C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [2009-10-15 30264]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TMMonitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-11-08 18:35:44 ----D---- C:\AdwCleaner
2013-11-08 17:02:53 ----D---- C:\Program Files\trend micro
2013-11-08 16:55:23 ----D---- C:\Users\Blecha\AppData\Roaming\Mozilla
2013-11-08 16:55:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-08 16:48:53 ----D---- C:\rsit
2013-11-08 16:48:53 ----D---- C:\Program Files (x86)\trend micro
2013-11-08 11:07:17 ----D---- C:\Users\Blecha\AppData\Roaming\TeamViewer
2013-11-08 10:58:25 ----D---- C:\Program Files (x86)\TeamViewer
2013-11-06 20:01:54 ----D---- C:\Program Files\CCleaner
2013-11-06 19:59:53 ----D---- C:\Program Files (x86)\Google
2013-11-06 14:26:49 ----D---- C:\Users\Blecha\AppData\Roaming\FileZilla
2013-11-06 14:26:45 ----D---- C:\Program Files (x86)\FileZilla FTP Client
2013-11-05 21:34:19 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-11-05 09:38:40 ----A---- C:\Windows\system32\klfphc.dll
2013-11-05 09:38:10 ----D---- C:\Windows\ELAMBKUP
2013-11-05 09:38:09 ----D---- C:\ProgramData\Kaspersky Lab
2013-11-05 09:38:09 ----D---- C:\Program Files (x86)\Kaspersky Lab
2013-11-05 09:38:03 ----A---- C:\Windows\system32\drivers\klif.sys
2013-11-05 09:38:03 ----A---- C:\Windows\system32\drivers\klflt.sys
2013-10-29 16:04:14 ----A---- C:\ProgramData\ntuser.dat
2013-10-21 14:33:42 ----D---- C:\Program Files (x86)\Hewlett-Packard
2013-10-21 14:33:41 ----D---- C:\ProgramData\HP
2013-10-21 14:32:50 ----D---- C:\ProgramData\HPSSUPPLY
2013-10-21 14:32:45 ----D---- C:\ProgramData\Hewlett-Packard
2013-10-21 14:32:16 ----D---- C:\Program Files (x86)\HP
2013-10-21 14:28:49 ----RA---- C:\Windows\SYSWOW64\mvusbews.dll
2013-10-21 14:26:51 ----A---- C:\Windows\system32\HPM1210SMs.dll
2013-10-21 14:26:48 ----A---- C:\Windows\system32\HPM1210SM.exe
2013-10-21 14:26:48 ----A---- C:\Windows\system32\HPM1210LM.DLL
2013-10-21 14:26:05 ----A---- C:\Windows\system32\m1130wia2.dll
2013-10-21 14:26:05 ----A---- C:\Windows\system32\HPImgFlt.dll
2013-10-21 14:24:55 ----RA---- C:\Windows\system32\HPSIsvc.exe
2013-10-21 14:24:17 ----D---- C:\Program Files\HP
2013-10-20 07:04:20 ----A---- C:\Windows\system32\drivers\klmouflt.sys
2013-10-20 07:04:20 ----A---- C:\Windows\system32\drivers\klkbdflt.sys
2013-10-20 07:04:20 ----A---- C:\Windows\system32\drivers\klim6.sys
2013-10-20 07:04:18 ----A---- C:\Windows\system32\drivers\kl1.sys
2013-10-15 10:36:55 ----D---- C:\ProgramData\Atheros
2013-10-15 10:36:05 ----D---- C:\Windows\Options
2013-10-15 10:36:05 ----A---- C:\Windows\system32\drivers\athrx.sys
2013-10-15 10:36:05 ----A---- C:\Windows\system32\athrx.sys
2013-10-15 10:35:50 ----D---- C:\ProgramData\TP-LINK

======List of files/folders modified in the last 1 month======

2013-11-08 18:51:11 ----D---- C:\Windows\Temp
2013-11-08 18:46:04 ----D---- C:\Windows\inf
2013-11-08 18:46:04 ----AD---- C:\Windows\System32
2013-11-08 18:46:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-08 18:41:07 ----D---- C:\Program Files (x86)\Steam
2013-11-08 18:38:39 ----A---- C:\Windows\SYSWOW64\log.txt
2013-11-08 18:37:09 ----SHD---- C:\System Volume Information
2013-11-08 18:37:06 ----D---- C:\ProgramData\NVIDIA
2013-11-08 18:36:25 ----HD---- C:\ProgramData
2013-11-08 18:36:25 ----D---- C:\Windows\system32\Tasks
2013-11-08 18:35:09 ----D---- C:\Users\Blecha\AppData\Roaming\vlc
2013-11-08 17:02:53 ----RD---- C:\Program Files
2013-11-08 16:55:18 ----RD---- C:\Program Files (x86)
2013-11-08 16:05:21 ----D---- C:\Windows
2013-11-08 10:58:27 ----RSD---- C:\Windows\Fonts
2013-11-07 18:30:19 ----D---- C:\Windows\Prefetch
2013-11-07 18:21:33 ----SHD---- C:\Windows\Installer
2013-11-07 18:21:29 ----AD---- C:\Windows\system32\drivers
2013-11-07 17:59:05 ----D---- C:\Users\Blecha\AppData\Roaming\Media Player Classic
2013-11-07 17:58:05 ----D---- C:\Windows\Panther
2013-11-07 17:58:04 ----D---- C:\Windows\Logs
2013-11-07 17:58:04 ----D---- C:\Windows\debug
2013-11-07 15:40:28 ----D---- C:\Windows\system32\catroot2
2013-11-06 21:44:27 ----D---- C:\Windows\Tasks
2013-11-06 17:10:55 ----D---- C:\Windows\system32\config
2013-11-05 09:38:40 ----D---- C:\Windows\system32\catroot
2013-11-05 09:38:38 ----D---- C:\Windows\system32\DriverStore
2013-10-30 07:36:41 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-26 09:43:59 ----D---- C:\Program Files\Common Files\BitDefender
2013-10-26 07:30:22 ----D---- C:\Windows\system32\drivers\etc
2013-10-24 10:44:49 ----SD---- C:\Users\Blecha\AppData\Roaming\Microsoft
2013-10-21 14:58:11 ----D---- C:\Windows\Microsoft.NET
2013-10-21 14:32:28 ----AD---- C:\Windows\SysWOW64
2013-10-21 14:32:26 ----D---- C:\Windows\winsxs
2013-10-21 14:31:58 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-10-21 14:31:38 ----RSD---- C:\Windows\assembly
2013-10-21 14:30:21 ----D---- C:\Windows\SYSWOW64\en-US
2013-10-21 14:30:21 ----D---- C:\Windows\system32\en-US
2013-10-21 14:27:23 ----D---- C:\Windows\twain_32
2013-10-15 10:40:03 ----SD---- C:\ProgramData\Microsoft
2013-10-15 10:36:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-10-09 07:17:34 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-02-01 568600]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-21 19264]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-11-07 458336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-24 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-11-07 623200]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2013-10-20 29792]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2013-04-12 15456]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2013-05-14 55904]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2013-06-06 178784]
R1 ndisrd;WinpkFilter LightWeight Filter; C:\Windows\system32\DRIVERS\ndisrd.sys [2012-05-31 32400]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-12-09 126944]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2011-06-16 32544]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 ASUSFILTER;ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [2011-09-20 46152]
R3 athr;Extensible Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athrx.sys [2011-08-31 2736640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-13 4060560]
R3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2013-09-06 113280]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-21 357184]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-21 789824]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2013-10-20 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-10-20 29280]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-01-17 66800]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-03 62784]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-02-25 194848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-13 726160]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-11-16 11880]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-16 48416]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan620.sys [2011-09-17 32360]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-16 48416]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 klflt;klflt; C:\Windows\system32\DRIVERS\klflt.sys [2013-06-08 112224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-06-01 920736]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-06-01 951936]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-02-17 149120]
R2 AsusFanControlService;AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe [2012-05-02 1475200]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-11-08 126856]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-01 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-19 634632]
R2 Intel(R) Small Business Advantage;Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [2012-02-12 49376]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-06-21 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-21 413472]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-01-31 2402080]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-10-30 566696]
S2 AVP;Služba Kaspersky Anti-Virus; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [2013-10-20 214512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-05-22 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-05-22 655624]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-26 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-05-22 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Jakpak to vypadá s legalitou vašeho oper. systému?

legální

OK. Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<. Nakonec se objeví 2 logy, které sem zkopírujte.

OTL Extras logfile created on: 8.11.2013 20:21:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Blecha\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,94 Gb Total Physical Memory | 4,73 Gb Available Physical Memory | 59,56% Memory free
15,87 Gb Paging File | 12,26 Gb Available in Paging File | 77,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 786,72 Gb Free Space | 84,47% Space Free | Partition Type: NTFS

Computer Name: BLECHA-PC | User Name: Blecha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.js [@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2659259988-1664157760-1627859876-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{044ECFCD-41DA-452D-864C-744E65312ECC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{16C8667D-38CC-4601-BC69-E9D0A7FDB883}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2036C221-6A3A-4EBD-B325-4EB5B0CCBF8B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{23A9C07C-88BF-4AEA-8CA1-178B90BF7582}" = rport=139 | protocol=6 | dir=out | app=system |
"{2DCB4245-B027-436E-8438-F32CE67154CA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5074E654-4AB7-48E8-B0A8-06CBD04B1A1D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{541B5CCD-783D-4735-80F9-093DBDEAC40B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{68A45C88-09A0-4CC8-8BA8-B4276FE3ED72}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6B137100-C79B-473B-820A-334380781AE6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7961FC86-33CD-4515-8C19-055E250B5826}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7D80A7F2-0474-445B-BEDF-46131A15A348}" = rport=137 | protocol=17 | dir=out | app=system |
"{7F5093F8-5874-4B36-A180-EDA9C3F40E46}" = lport=138 | protocol=17 | dir=in | app=system |
"{816B2F7F-78A0-4054-8A5C-9886F13F3EAD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8DDB980A-83BC-46A9-8413-A0340FD086E6}" = lport=139 | protocol=6 | dir=in | app=system |
"{9504D161-4D14-4AFF-BB03-F36722924B35}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9B5DAD5D-EEA7-427B-8355-CE5DCDD68DDF}" = rport=445 | protocol=6 | dir=out | app=system |
"{9C62459D-DD00-4A6A-A88B-BE62C64E8841}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A4BCC9B7-DCF7-4A5D-B03E-32137958F775}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{A5E1E479-CF92-441B-9D61-A80F459D807B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C15E3B1F-B558-4231-B75F-04A8DD93C68A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C2D9BCD3-62CB-4F75-8B11-486D8A217AB9}" = lport=445 | protocol=6 | dir=in | app=system |
"{CDD2421F-C08E-4FE7-86A0-1D110C06CC68}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E6470572-0417-4BD2-8508-8CA36EF14EDF}" = lport=137 | protocol=17 | dir=in | app=system |
"{F3C8A952-26A3-4125-8FBD-001A8C85F766}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F7024181-96CD-4E4B-95BF-3794C1888930}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00317889-0AE0-4789-80E9-A33E9B932B9B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{02048E4C-1FDC-4DD2-AC58-492DA00390DE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{02E8DFDC-D7B9-4787-9D95-EBD790CE0BBD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{06B4E53B-8FF1-471B-9167-8E40BFAB0869}" = protocol=58 | dir=in | app=system |
"{07238DD5-3FF3-4B1E-8BA3-6C5A7B212BF5}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{12E56545-80A4-4B7D-AD58-527107E582D6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{160BF212-68AA-4E29-83BE-2D544FB47CB0}" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia 3.5\totalmedia.exe |
"{172D9449-2528-414E-AEC1-F06730FB6466}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{1F3E643F-03AE-4433-8830-BA3933DE3C08}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{24D0D868-3B44-48D2-AA85-A5D1C911CF0D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{332A4A14-642B-4292-BF88-AF24C95915E7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro last light\metroll.exe |
"{38FC3B87-17DC-4A1B-98CA-E62CD783BD56}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{515C0C4B-1D0E-4348-AD51-FEB449AE9518}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5B09EEFC-913F-4F6F-B64D-8CDB2D2E6B25}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{63761393-4BF5-489D-94C1-E82807522D96}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{65575097-9374-4D1B-B9D1-712B25299F4D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{661A34E9-EEC3-47E7-8A4C-E400D1CD4643}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{79490FC4-F5E9-4A65-88E9-514C75E20FA2}" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia 3.5\totalmedia.exe |
"{7EFD834B-72D5-4FE9-B812-F5EDE036A811}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{872200AB-D414-4451-B664-8FCEEC9B4DE7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{91D95449-DA35-4684-82F4-85524D81D19F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{944F584F-E06B-4236-B156-F2136E273C30}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{96EE96D6-360B-4CAB-871B-416F02B09DB3}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{9BD639AE-D343-4DE4-8505-66171437330C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{9C36D1AA-5E5D-427A-A98F-B5B322C959EE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9E0103CA-0430-43F8-A6E3-8666707E93DC}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A0CFBFA8-56CD-48E2-8F6A-57D5589439F4}" = protocol=6 | dir=out | app=system |
"{A210EA08-6789-4E95-9125-200F5AA21EAC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A7F200ED-EC9C-4E41-B286-D1033B6A2E12}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{AF300B3D-8D95-4425-A413-75F7AB459682}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{AFC6C11C-6999-43A3-A48C-3042910F6F02}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B9776C33-A045-4C39-B7AD-B1D03BA4275E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C1F3116B-265C-48FC-99CE-731181C05CBC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{C861EB75-E122-4B8A-9EEE-5DCE3E093A04}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{D33EC269-40E3-44AA-BAA2-85F88AB8865D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D4D2CED2-3A75-4DB2-868B-F1B6273815BF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro last light\metroll.exe |
"{ECAFEEE9-9A6E-427D-BA57-68B308E964AB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EF12EA1D-23E9-4767-B133-E99F5CA94E64}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{FC0C4237-5B5E-4D3F-B436-7272BDB88471}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FD2C0537-F1FC-46B7-B11E-2FD21E197D2F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{FED81588-5587-46BF-AB46-4AC01D7B724C}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"TCP Query User{24A5EA03-C2EA-4444-B833-466FE4C98C2F}C:\program files (x86)\phpdesigner 8\phpdesigner.exe" = protocol=6 | dir=in | app=c:\program files (x86)\phpdesigner 8\phpdesigner.exe |
"TCP Query User{6B8E23DF-9467-4729-ADC3-9B2DACA0CBF9}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{BE785678-3792-4C1A-A812-E85FF9E8E2D5}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{EB55C7EE-FAF2-4EEC-8B72-5F9B065C7C84}C:\program files (x86)\phpdesigner 8\phpdesigner.exe" = protocol=17 | dir=in | app=c:\program files (x86)\phpdesigner 8\phpdesigner.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}" = User's Guides
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E8A34AC8-0137-4515-A94B-0A0946DDC251}" = Scan To
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"doPDF 7 printer_is1" = doPDF 7.3 printer
"HP LaserJet Professional M1130-M1210 MFP Series" = HP LaserJet Professional M1130-M1210 MFP Series
"Logitech Gaming Software" = Logitech Gaming Software 8.46
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}" = hppM1130M1210SeriesLaserJetService
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}" = ArcSoft TotalMedia 3.5
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{385C8E5A-0B4F-4DCD-BBBD-2A8AE0400A76}" = TP-LINK Wireless Client Utility
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49BE9B8A-E858-4533-A74A-64306C13DB59}" = ASUS Product Register Program
"{58F33F03-A35F-4CE4-A9C8-89DD6273A32E}" = CompuGroup Medical - AMICUS KLIENT
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A6D86CD-B004-46b7-8951-7BB75A776F8C}" = Intel(R) Small Business Advantage
"{6F6873E3-5C92-4049-B511-231A138DD090}" = Kaspersky Internet Security
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Czech
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}" = hppLaserJetService
"{DA6CC3A5-1F5B-4068-8BFF-C597BB6B8158}" = hppusgM1130M1210Series
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{E0363CCC-3535-4BAA-9F2C-200F548675D6}" = TuneUp Utilities Language Pack (cs-CZ)
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{EDFB64A7-5BFD-4137-943D-5663149A15F5}" = Heroes of Might and Magic III Complete
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BC20A5-3C48-4675-BDE6-E2E6FED30B9D}" = IRRecevie
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"ASIO4ALL" = ASIO4ALL
"ASUS WebStorage" = ASUS WebStorage
"Capture-A-ScreenShot_is1" = Capture-A-ScreenShot
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.7.3
"FL Studio 10" = FL Studio 10
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.2.430
"IL Download Manager" = IL Download Manager
"InstallShield_{EDFB64A7-5BFD-4137-943D-5663149A15F5}" = Heroes of Might and Magic III Complete
"InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}" = Kaspersky Internet Security
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.9.0
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 25.0 (x86 cs)" = Mozilla Firefox 25.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"phpDesigner8_is1" = phpDesigner 8 version 8.1.1
"PowerISO" = PowerISO
"PowerISO 1.00" = PowerISO 1.00
"Steam App 10" = Counter-Strike
"Steam App 43160" = Metro: Last Light
"TeamViewer 8" = TeamViewer 8
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"VLC media player" = VLC media player 2.0.6
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2659259988-1664157760-1627859876-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Sansa Updater" = Sansa Updater

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6.11.2013 12:16:14 | Computer Name = Blecha-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: heroes3.exe, verze: 4.0.0.0, časové razítko:
0x39b83835 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725, časové razítko:
0x4ec49b8f Kód výjimky: 0xc0000005 Posun chyby: 0x00033448 ID chybujícího procesu:
0x1c14 Čas spuštění chybující aplikace: 0x01cedb0b7dad13a7 Cesta k chybující aplikaci:
C:\Program Files (x86)\Ubisoft\Heroes 3 Complete\heroes3.exe Cesta k chybujícímu
modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy: c1c76f5a-46fe-11e3-beb1-60a44c32654b

Error - 7.11.2013 2:27:59 | Computer Name = Blecha-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error - 7.11.2013 10:25:58 | Computer Name = Blecha-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error - 7.11.2013 10:40:51 | Computer Name = Blecha-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error - 7.11.2013 12:30:12 | Computer Name = Blecha-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error - 7.11.2013 13:03:11 | Computer Name = Blecha-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error - 8.11.2013 1:55:58 | Computer Name = Blecha-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error - 8.11.2013 10:42:43 | Computer Name = Blecha-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error - 8.11.2013 11:05:28 | Computer Name = Blecha-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error - 8.11.2013 11:54:08 | Computer Name = Blecha-PC | Source = Application Hang | ID = 1002
Description = Program RSIT.exe verze 3.3.6.1 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: 9f8 Čas
spuštění: 01cedc9a22d8b4d9 Čas ukončení: 0 Cesta k aplikaci: C:\Users\Blecha\Desktop\RSIT.exe

ID
hlášení:

Error - 8.11.2013 13:37:09 | Computer Name = Blecha-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

[ System Events ]
Error - 13.8.2013 7:20:01 | Computer Name = Blecha-PC | Source = Service Control Manager | ID = 7000
Description = Služba BDSelfPr neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 13.8.2013 9:00:01 | Computer Name = Blecha-PC | Source = Service Control Manager | ID = 7000
Description = Služba BDSelfPr neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 13.8.2013 14:45:40 | Computer Name = Blecha-PC | Source = Service Control Manager | ID = 7000
Description = Služba BDSelfPr neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 14.8.2013 1:34:20 | Computer Name = Blecha-PC | Source = Service Control Manager | ID = 7000
Description = Služba BDSelfPr neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 14.8.2013 10:02:18 | Computer Name = Blecha-PC | Source = Service Control Manager | ID = 7000
Description = Služba BDSelfPr neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 14.8.2013 14:47:06 | Computer Name = Blecha-PC | Source = Service Control Manager | ID = 7000
Description = Služba BDSelfPr neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 15.8.2013 1:44:40 | Computer Name = Blecha-PC | Source = Service Control Manager | ID = 7000
Description = Služba BDSelfPr neuspěla při spuštění v důsledku následující chyby:
%%2


< End of report >

OTL logfile created on: 8.11.2013 20:21:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Blecha\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,94 Gb Total Physical Memory | 4,73 Gb Available Physical Memory | 59,56% Memory free
15,87 Gb Paging File | 12,26 Gb Available in Paging File | 77,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 786,72 Gb Free Space | 84,47% Space Free | Partition Type: NTFS

Computer Name: BLECHA-PC | User Name: Blecha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.11.08 20:18:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Blecha\Desktop\OTL.exe
PRC - [2013.10.30 20:25:56 | 000,566,696 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013.10.30 20:25:54 | 001,820,584 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013.10.26 02:53:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.10.09 07:17:34 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
PRC - [2013.10.01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.10.01 13:14:39 | 012,631,904 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013.10.01 13:05:43 | 000,195,936 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013.06.21 04:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.05.16 15:44:05 | 001,012,000 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.05.16 15:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.05.16 15:38:28 | 001,213,216 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.11 00:15:58 | 000,124,416 | ---- | M] (VideoLAN) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
PRC - [2012.12.09 10:51:30 | 000,336,992 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2012.08.08 17:17:52 | 003,101,056 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
PRC - [2012.08.07 12:42:12 | 001,504,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2012.07.19 19:00:54 | 000,365,376 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.07.19 19:00:52 | 000,277,824 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.07.19 19:00:28 | 000,166,720 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012.06.01 10:42:18 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012.06.01 10:42:18 | 000,920,736 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
PRC - [2012.05.21 09:26:26 | 000,291,648 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012.05.02 11:23:30 | 001,475,200 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe
PRC - [2012.03.13 11:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2012.02.17 07:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012.02.12 16:15:02 | 004,243,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
PRC - [2012.02.12 16:13:42 | 000,049,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
PRC - [2012.02.02 14:20:32 | 000,889,984 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
PRC - [2012.02.01 15:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.02.01 15:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.09.08 20:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010.01.05 13:01:38 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\IR\shutTask.exe
PRC - [2009.10.15 10:13:50 | 000,136,192 | ---- | M] (HP) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2009.06.26 08:26:42 | 000,258,048 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2013.10.30 20:25:56 | 001,123,240 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013.10.26 02:53:40 | 003,368,048 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.10.24 18:45:32 | 000,691,200 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013.10.23 21:07:26 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013.10.09 07:17:34 | 016,233,864 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
MOD - [2013.06.15 00:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013.06.15 00:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013.06.15 00:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2013.05.24 16:23:13 | 000,330,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\5b0667dad44a1069048497e7f4ae6f12\System.Management.Instrumentation.ni.dll
MOD - [2013.05.24 16:22:29 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll
MOD - [2013.05.24 16:22:02 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013.05.24 16:22:02 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8c78244854f84b69701fcee19b543645\IAStorUtil.ni.dll
MOD - [2013.05.24 16:22:02 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\1c402ca365b68a2616ea3a5194d38310\IAStorCommon.ni.dll
MOD - [2013.05.24 16:20:20 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013.05.24 16:20:20 | 000,141,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\1ea01658676f73cf48ebde8e904a0464\System.Configuration.Install.ni.dll
MOD - [2013.05.24 16:20:19 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
MOD - [2013.05.24 16:20:11 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.05.24 16:20:04 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll
MOD - [2013.05.24 16:19:56 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013.05.24 16:19:52 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.05.24 16:19:51 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll
MOD - [2013.05.24 16:19:51 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a7424b1be331f4b534ea24e0c21dbe47\UIAutomationTypes.ni.dll
MOD - [2013.05.24 16:19:51 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\23da92e38ffc0bbf6673adb1892aa0f4\UIAutomationProvider.ni.dll
MOD - [2013.05.24 16:19:45 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll
MOD - [2013.05.24 16:19:44 | 000,687,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\23673bbebe3c0ca7c894e614bb3ffd1a\System.Security.ni.dll
MOD - [2013.05.24 16:19:42 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.05.24 16:19:40 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.05.24 16:19:40 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013.05.24 16:19:35 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013.05.24 07:16:29 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll
MOD - [2013.05.24 07:16:27 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll
MOD - [2013.05.24 06:12:59 | 000,194,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\14850aef08b8af036fd6f1e5b38a3719\CustomMarshalers.ni.dll
MOD - [2013.05.23 21:45:37 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013.05.23 21:45:37 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013.05.23 21:45:33 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2013.04.11 00:16:50 | 002,376,192 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
MOD - [2013.04.11 00:16:48 | 011,387,392 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
MOD - [2013.04.11 00:16:48 | 000,123,392 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
MOD - [2013.04.11 00:16:48 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
MOD - [2013.04.11 00:16:48 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
MOD - [2013.04.11 00:16:48 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
MOD - [2013.04.11 00:16:48 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
MOD - [2013.04.11 00:16:48 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
MOD - [2013.04.11 00:16:48 | 000,079,360 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
MOD - [2013.04.11 00:16:48 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
MOD - [2013.04.11 00:16:42 | 000,221,696 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
MOD - [2013.04.11 00:16:42 | 000,086,528 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
MOD - [2013.04.11 00:16:42 | 000,084,992 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libaout_directx_plugin.dll
MOD - [2013.04.11 00:16:42 | 000,074,240 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
MOD - [2013.04.11 00:16:40 | 000,968,704 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
MOD - [2013.04.11 00:16:40 | 000,387,584 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
MOD - [2013.04.11 00:16:40 | 000,076,288 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
MOD - [2013.04.11 00:16:40 | 000,076,288 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
MOD - [2013.04.11 00:16:38 | 001,759,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
MOD - [2013.04.11 00:16:38 | 000,340,480 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
MOD - [2013.04.11 00:16:38 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
MOD - [2013.04.11 00:16:38 | 000,077,312 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
MOD - [2013.04.11 00:16:38 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
MOD - [2013.04.11 00:16:38 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
MOD - [2013.04.11 00:16:36 | 001,338,880 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
MOD - [2013.04.11 00:16:36 | 000,074,240 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
MOD - [2013.04.11 00:16:34 | 000,393,728 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
MOD - [2013.04.11 00:16:34 | 000,279,552 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
MOD - [2013.04.11 00:16:30 | 000,181,248 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
MOD - [2013.04.11 00:16:30 | 000,087,552 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
MOD - [2013.04.11 00:16:30 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
MOD - [2013.04.11 00:16:30 | 000,072,704 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
MOD - [2013.04.11 00:16:30 | 000,072,704 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
MOD - [2013.04.11 00:16:28 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat32_mixer_plugin.dll
MOD - [2013.04.11 00:16:22 | 001,551,872 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
MOD - [2013.04.11 00:16:22 | 000,335,872 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
MOD - [2013.04.11 00:16:22 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
MOD - [2013.04.11 00:16:22 | 000,107,520 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
MOD - [2013.04.11 00:16:22 | 000,082,432 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
MOD - [2013.04.11 00:16:22 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libconverter_fixed_plugin.dll
MOD - [2013.04.11 00:16:22 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
MOD - [2013.04.11 00:16:22 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
MOD - [2013.04.11 00:16:20 | 001,405,440 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
MOD - [2013.04.11 00:16:20 | 000,164,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
MOD - [2013.04.11 00:16:20 | 000,076,288 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
MOD - [2013.04.11 00:16:20 | 000,073,216 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
MOD - [2013.04.11 00:16:20 | 000,070,656 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
MOD - [2013.04.11 00:16:20 | 000,070,144 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
MOD - [2013.04.11 00:16:16 | 001,285,120 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
MOD - [2013.04.11 00:16:16 | 000,122,368 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
MOD - [2013.04.11 00:16:16 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll
MOD - [2013.04.11 00:16:10 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectx_plugin.dll
MOD - [2013.04.11 00:16:08 | 000,293,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
MOD - [2013.04.11 00:16:08 | 000,282,112 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
MOD - [2013.04.11 00:16:08 | 000,081,408 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
MOD - [2013.04.11 00:16:06 | 000,224,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
MOD - [2013.04.11 00:16:06 | 000,134,656 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
MOD - [2013.04.11 00:16:06 | 000,124,928 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_http_plugin.dll
MOD - [2013.04.11 00:16:06 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
MOD - [2013.04.11 00:16:06 | 000,079,360 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
MOD - [2013.04.11 00:16:06 | 000,074,240 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
MOD - [2013.04.11 00:16:04 | 000,656,896 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\liblive555_plugin.dll
MOD - [2013.04.11 00:16:04 | 000,128,512 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll
MOD - [2013.04.11 00:16:04 | 000,080,384 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
MOD - [2013.04.11 00:16:04 | 000,080,384 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll
MOD - [2013.04.11 00:16:04 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libwav_plugin.dll
MOD - [2013.04.11 00:16:04 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll
MOD - [2013.04.11 00:16:02 | 001,168,896 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll
MOD - [2013.04.11 00:16:02 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
MOD - [2013.04.11 00:16:02 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
MOD - [2013.04.11 00:16:02 | 000,075,776 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\librawvid_plugin.dll
MOD - [2013.04.11 00:16:02 | 000,072,704 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libtta_plugin.dll
MOD - [2013.04.11 00:16:00 | 000,933,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsid_plugin.dll
MOD - [2013.04.11 00:16:00 | 000,229,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
MOD - [2013.04.11 00:16:00 | 000,146,944 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libogg_plugin.dll
MOD - [2013.04.11 00:16:00 | 000,108,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
MOD - [2013.04.11 00:16:00 | 000,079,872 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll
MOD - [2013.04.11 00:16:00 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdirac_plugin.dll
MOD - [2013.04.11 00:15:58 | 000,693,760 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll
MOD - [2013.04.11 00:15:58 | 000,469,504 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll
MOD - [2013.04.11 00:15:58 | 000,144,896 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
MOD - [2013.04.11 00:15:58 | 000,071,168 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll
MOD - [2012.08.08 15:45:52 | 000,786,432 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll
MOD - [2012.07.31 14:21:32 | 000,152,064 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll
MOD - [2012.07.25 08:56:42 | 001,124,864 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
MOD - [2012.06.19 11:56:22 | 001,305,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2012.05.28 20:27:04 | 001,622,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2012.05.25 09:33:10 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2012.03.21 11:07:44 | 000,972,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2012.02.12 16:15:00 | 000,215,264 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\System.ComponentModel.Composition.dll
MOD - [2012.02.12 16:14:56 | 000,051,424 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\Interop.TaskScheduler.dll
MOD - [2012.02.10 10:29:44 | 001,047,040 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
MOD - [2011.10.14 19:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2011.09.19 19:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011.07.21 08:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011.07.12 18:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2010.11.13 03:00:59 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 02:54:43 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2010.10.05 07:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010.10.05 07:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
MOD - [2010.10.05 07:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2010.08.23 03:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2010.01.05 13:01:38 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\IR\shutTask.exe
MOD - [2010.01.05 12:48:46 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\IR\KeyBoard.dll
MOD - [2009.08.12 19:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
MOD - [2009.07.26 19:39:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009.07.14 02:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2007.04.19 08:39:08 | 000,436,992 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\FPXLIB.DLL
MOD - [2007.04.19 08:33:00 | 000,035,584 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uPiApi.dll
MOD - [2007.04.19 08:29:42 | 000,273,216 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\magengin.dll
MOD - [2007.04.19 08:29:38 | 000,187,136 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\kgl.dll
MOD - [2006.10.27 14:35:18 | 000,436,512 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
MOD - [2006.10.27 14:16:40 | 000,138,512 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLCTL.DLL
MOD - [2006.10.26 20:30:42 | 000,065,312 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
MOD - [2006.10.26 12:56:46 | 000,757,008 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL


========== Services (SafeList) ==========

SRV:64bit: - [2013.05.22 09:16:37 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2012.11.08 19:32:34 | 000,126,856 | R--- | M] (HP) [Auto | Running] -- C:\Windows\SysNative\HPSIsvc.exe -- (HPSIService)
SRV:64bit: - [2012.06.19 18:10:34 | 000,634,632 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.10.30 20:25:56 | 000,566,696 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.10.26 02:53:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.10.20 07:04:24 | 000,214,512 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe -- (AVP)
SRV - [2013.10.09 07:17:34 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.06.21 04:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.05.22 09:16:35 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013.05.16 15:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.01.31 09:35:50 | 002,402,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.07.19 19:00:54 | 000,365,376 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.19 19:00:52 | 000,277,824 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.07.19 19:00:28 | 000,166,720 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.06.01 10:42:18 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012.06.01 10:42:18 | 000,920,736 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
SRV - [2012.05.02 11:23:30 | 001,475,200 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012.02.17 07:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2012.02.12 16:13:42 | 000,049,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe -- (Intel(R)
SRV - [2012.02.01 15:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.10.15 10:13:50 | 000,136,192 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.11.07 18:21:27 | 000,623,200 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2013.11.07 18:21:27 | 000,458,336 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2013.10.20 07:04:20 | 000,029,792 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2013.10.20 07:04:20 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2013.10.20 07:04:20 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2013.09.06 08:14:23 | 000,113,280 | ---- | M] (ITE ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV:64bit: - [2013.06.08 20:18:38 | 000,112,224 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\klflt.sys -- (klflt)
DRV:64bit: - [2013.06.06 17:38:20 | 000,178,784 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2013.05.14 17:34:44 | 000,055,904 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2013.04.12 15:34:48 | 000,015,456 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klpd.sys -- (klpd)
DRV:64bit: - [2013.02.25 06:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.01.17 20:15:12 | 000,066,800 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2012.12.24 05:53:24 | 000,020,480 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mvusbews.sys -- (mvusbews)
DRV:64bit: - [2012.12.09 10:51:20 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012.07.03 00:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.06.13 07:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.05.31 04:06:14 | 000,032,400 | R--- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2012.05.21 09:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.05.21 09:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.05.21 09:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.01 15:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.09.17 16:12:58 | 000,032,360 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan620.sys -- (RTVLANPT)
DRV:64bit: - [2011.08.31 12:55:52 | 002,736,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.06.16 22:11:20 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2011.06.16 22:11:20 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2011.06.16 22:11:20 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009.11.24 01:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 01:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.17 08:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009.06.17 08:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.06.27 06:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV - [2012.11.16 15:51:26 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2659259988-1664157760-1627859876-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2659259988-1664157760-1627859876-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2659259988-1664157760-1627859876-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2659259988-1664157760-1627859876-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-2659259988-1664157760-1627859876-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2659259988-1664157760-1627859876-1001\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.cz"
FF - prefs.js..extensions.enabledAddons: %7B64161300-e22b-11db-8314-0800200c9a66%7D:0.9.6.16
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011.01.26 14:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2013.11.05 09:38:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013.11.07 18:21:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2013.11.05 09:38:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2013.11.05 09:38:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2013.11.05 09:38:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.11.05 21:34:20 | 000,000,000 | ---D | M]

[2013.11.08 16:55:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blecha\AppData\Roaming\Mozilla\Extensions
[2013.11.08 16:56:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blecha\AppData\Roaming\Mozilla\Firefox\Profiles\m33wj9op.default\Extensions
[2013.11.08 16:56:21 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Blecha\AppData\Roaming\Mozilla\Firefox\Profiles\m33wj9op.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2013.11.08 16:56:21 | 000,000,000 | ---D | M] (Default) -- C:\Users\Blecha\AppData\Roaming\Mozilla\Firefox\Profiles\m33wj9op.default\Extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.10.21 19:13:48 | 002,209,433 | ---- | M] () (No name found) -- C:\Users\Blecha\AppData\Roaming\Mozilla\Firefox\Profiles\m33wj9op.default\Extensions\firebug@software.joehewitt.com.xpi
[2013.09.17 07:00:14 | 000,281,800 | ---- | M] () (No name found) -- C:\Users\Blecha\AppData\Roaming\Mozilla\Firefox\Profiles\m33wj9op.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
[2013.11.05 21:34:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\Extensions
[2013.11.08 16:55:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.11.08 16:55:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - Extension: Dokumenty Google = C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Dokumenty Google = C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Disk Google = C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Kaspersky URL poradce = C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\14.0.0.4651_0\
CHR - Extension: Ochrana financ\u00ED = C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\14.0.0.4651_0\
CHR - Extension: Blokov\u00E1n\u00ED nebezpe\u010Dn\u00FDch web\u016F = C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\14.0.0.4651_0\
CHR - Extension: Virtu\u00E1ln\u00ED kl\u00E1vesnice = C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\14.0.0.4651_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gmail = C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Anti-Banner = C:\Users\Blecha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\14.0.0.4651_0\

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKU\S-1-5-21-2659259988-1664157760-1627859876-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.139.290\AsusWSPanel.exe (ASUS Cloud Corporation)
O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe (Intel Corporation)
O4 - HKLM..\Run: [msnqodhSrv] C:\Windows\inf\msnqodh.vbe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [shutTask] C:\Program Files (x86)\IR\shutTask.exe ()
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2659259988-1664157760-1627859876-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2659259988-1664157760-1627859876-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2659259988-1664157760-1627859876-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-2659259988-1664157760-1627859876-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O9:64bit: - Extra Button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{482DFD43-39D4-4F42-ADCA-9D1A1E3AA67A}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4EB10A3B-9E68-41E9-A98D-A2F43B9CE623}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{54c4540e-c26e-11e2-87ba-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{54c4540e-c26e-11e2-87ba-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Bin\ASSETUP.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\_AUTORUN\AUTORUN.EXE
O33 - MountPoints2\E\Shell\instDX\command - "" = E:\directX\dxsetup.exe
O33 - MountPoints2\E\Shell\readme\command - "" = notepad readme.txt
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\SISetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\lagarith.dll ( )
Drivers32: VIDC.X264 - C:\Windows\SysWow64\x264vfw.dll (x264vfw project)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.11.08 20:18:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Blecha\Desktop\OTL.exe
[2013.11.08 18:35:44 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.11.08 17:02:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.11.08 16:55:23 | 000,000,000 | ---D | C] -- C:\Users\Blecha\AppData\Roaming\Mozilla
[2013.11.08 16:55:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.11.08 16:48:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2013.11.08 16:48:53 | 000,000,000 | ---D | C] -- C:\rsit
[2013.11.08 16:00:20 | 034,548,576 | ---- | C] (Google Inc.) -- C:\Users\Blecha\Desktop\chrome_installer.exe
[2013.11.08 15:58:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2013.11.08 11:07:17 | 000,000,000 | ---D | C] -- C:\Users\Blecha\AppData\Roaming\TeamViewer
[2013.11.08 10:58:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013.11.06 20:01:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.11.06 20:01:54 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.11.06 19:59:54 | 000,000,000 | ---D | C] -- C:\Users\Blecha\AppData\Local\Google
[2013.11.06 19:59:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.11.06 14:26:49 | 000,000,000 | ---D | C] -- C:\Users\Blecha\AppData\Roaming\FileZilla
[2013.11.06 14:26:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2013.11.06 14:26:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2013.11.05 21:34:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.11.05 09:38:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
[2013.11.05 09:38:40 | 000,110,176 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\klfphc.dll
[2013.11.05 09:38:10 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2013.11.05 09:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.11.05 09:38:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2013.11.05 09:38:03 | 000,623,200 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2013.11.05 09:38:03 | 000,112,224 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2013.11.03 16:51:09 | 000,000,000 | ---D | C] -- C:\Users\Blecha\Desktop\novy sklad
[2013.10.24 10:22:26 | 000,000,000 | ---D | C] -- C:\Users\Blecha\Documents\Naskenováno
[2013.10.21 14:33:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2013.10.21 14:33:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2013.10.21 14:32:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2013.10.21 14:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\HPSSUPPLY
[2013.10.21 14:32:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2013.10.21 14:32:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2013.10.21 14:26:05 | 000,089,600 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\m1130wia2.dll
[2013.10.21 14:24:55 | 000,126,856 | R--- | C] (HP) -- C:\Windows\SysNative\HPSIsvc.exe
[2013.10.21 14:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2013.10.20 07:04:20 | 000,029,792 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klim6.sys
[2013.10.20 07:04:20 | 000,029,280 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klmouflt.sys
[2013.10.20 07:04:20 | 000,029,280 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klkbdflt.sys
[2013.10.20 07:04:18 | 000,458,336 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl1.sys
[2013.10.15 10:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2013.10.15 10:36:05 | 002,736,640 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2013.10.15 10:36:05 | 002,736,640 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys
[2013.10.15 10:36:05 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2013.10.15 10:35:50 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK

========== Files - Modified Within 30 Days ==========

[2013.11.08 20:22:53 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.11.08 20:18:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Blecha\Desktop\OTL.exe
[2013.11.08 20:16:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.11.08 18:46:04 | 001,577,410 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.11.08 18:46:04 | 000,666,406 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.11.08 18:46:04 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.11.08 18:46:04 | 000,140,102 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.11.08 18:46:04 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.11.08 18:37:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.11.08 18:37:02 | 2097,352,703 | -HS- | M] () -- C:\hiberfil.sys
[2013.11.08 18:35:27 | 001,073,262 | ---- | M] () -- C:\Users\Blecha\Desktop\adwcleaner.exe
[2013.11.08 17:02:39 | 000,935,175 | ---- | M] () -- C:\Users\Blecha\Desktop\RSITx64.exe
[2013.11.08 17:01:43 | 000,007,603 | ---- | M] () -- C:\Users\Blecha\AppData\Local\Resmon.ResmonCfg
[2013.11.08 16:02:34 | 023,075,489 | ---- | M] () -- C:\Users\Blecha\Desktop\Firefox 25.0 (cs) - 2013-11-08.pcv
[2013.11.08 16:00:51 | 034,548,576 | ---- | M] (Google Inc.) -- C:\Users\Blecha\Desktop\chrome_installer.exe
[2013.11.08 15:58:18 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2013.11.08 15:42:38 | 003,028,168 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.11.07 18:21:27 | 000,623,200 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2013.11.07 18:21:27 | 000,458,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl1.sys
[2013.11.07 10:23:20 | 000,027,976 | ---- | M] () -- C:\Users\Blecha\AppData\Roaming\phpdesigner.xml
[2013.11.02 21:00:35 | 716,306,580 | ---- | M] () -- C:\Users\Blecha\Desktop\Šrámy---Pregi-(2004)---CZ-titulky---Dr.,Psych.,-Polsko--2004,-91-min.rar
[2013.11.02 20:52:27 | 748,781,568 | ---- | M] () -- C:\Users\Blecha\Desktop\The-Cove---Zátoka---2009---Dokument-+-cz-tit.avi
[2013.10.29 11:11:24 | 000,014,172 | ---- | M] () -- C:\ProgramData\P1210OS.HTM
[2013.10.26 09:43:21 | 000,081,984 | ---- | M] () -- C:\Windows\SysNative\bdod.bin
[2013.10.21 14:31:58 | 001,555,696 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.10.21 14:28:46 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_mvusbews_01009.Wdf
[2013.10.20 17:06:07 | 000,010,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.10.20 17:06:07 | 000,010,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.10.20 07:04:20 | 000,029,792 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klim6.sys
[2013.10.20 07:04:20 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klmouflt.sys
[2013.10.20 07:04:20 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klkbdflt.sys

========== Files Created - No Company Name ==========

[2013.11.08 20:22:53 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.11.08 18:35:20 | 001,073,262 | ---- | C] () -- C:\Users\Blecha\Desktop\adwcleaner.exe
[2013.11.08 17:02:26 | 000,935,175 | ---- | C] () -- C:\Users\Blecha\Desktop\RSITx64.exe
[2013.11.08 16:55:18 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.11.08 16:02:24 | 023,075,489 | ---- | C] () -- C:\Users\Blecha\Desktop\Firefox 25.0 (cs) - 2013-11-08.pcv
[2013.11.08 15:58:18 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2013.11.08 10:58:26 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.11.08 09:28:12 | 000,007,603 | ---- | C] () -- C:\Users\Blecha\AppData\Local\Resmon.ResmonCfg
[2013.11.02 20:55:35 | 716,306,580 | ---- | C] () -- C:\Users\Blecha\Desktop\Šrámy---Pregi-(2004)---CZ-titulky---Dr.,Psych.,-Polsko--2004,-91-min.rar
[2013.11.02 20:46:46 | 748,781,568 | ---- | C] () -- C:\Users\Blecha\Desktop\The-Cove---Zátoka---2009---Dokument-+-cz-tit.avi
[2013.10.29 11:11:24 | 000,024,772 | ---- | C] () -- C:\ProgramData\P1210DEF.css
[2013.10.29 11:11:24 | 000,014,172 | ---- | C] () -- C:\ProgramData\P1210OS.HTM
[2013.10.29 11:11:24 | 000,002,944 | ---- | C] () -- C:\ProgramData\P1210SIG.GIF
[2013.10.21 14:28:49 | 000,081,920 | R--- | C] () -- C:\Windows\SysWow64\mvusbews.dll
[2013.10.21 14:28:46 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_mvusbews_01009.Wdf
[2013.10.21 14:26:51 | 000,050,688 | ---- | C] () -- C:\Windows\SysNative\HPM1210SMs.dll
[2013.10.21 14:26:48 | 001,366,528 | ---- | C] () -- C:\Windows\SysNative\HPM1210SM.exe
[2013.10.21 14:26:48 | 000,409,088 | ---- | C] () -- C:\Windows\SysNative\HPM1210LM.DLL
[2013.10.21 14:26:05 | 000,038,912 | ---- | C] () -- C:\Windows\SysNative\HPImgFlt.dll
[2013.10.15 10:36:05 | 000,068,879 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf
[2013.10.15 10:36:05 | 000,007,944 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat
[2013.10.03 21:41:21 | 000,000,000 | ---- | C] () -- C:\Users\Blecha\regbcm
[2013.07.26 11:51:29 | 000,097,974 | ---- | C] () -- C:\Users\Blecha\Documentstrunecek.pdf
[2013.07.02 20:26:34 | 001,555,696 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.05.22 07:57:19 | 000,027,976 | ---- | C] () -- C:\Users\Blecha\AppData\Roaming\phpdesigner.xml
[2013.05.22 07:25:26 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.05.22 07:25:26 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.05.22 07:25:26 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2013.05.22 07:25:26 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013.05.22 07:25:25 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.05.21 19:02:55 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013.05.21 19:02:47 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2013.05.21 19:01:04 | 000,056,358 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2013.05.21 18:47:52 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013.05.21 18:47:46 | 000,042,184 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012.06.19 17:52:42 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 06:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 05:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.05.21 19:09:52 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\ASUS WebStorage
[2013.06.19 17:37:47 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\BitDefender
[2013.05.23 17:31:00 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\DVDVideoSoft
[2013.11.08 16:35:24 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\FileZilla
[2013.05.22 14:44:07 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Genie-Soft
[2013.05.22 14:01:52 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\GHISLER
[2013.06.29 10:45:53 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Image-Line
[2013.05.30 16:59:17 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Leadertech
[2013.05.22 13:56:20 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\phpDesigner
[2013.05.30 06:38:09 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\SanDisk
[2013.05.22 07:15:00 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Softland
[2013.11.08 15:44:47 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\TeamViewer
[2013.05.22 07:21:11 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\TuneUp Software

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,618 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.05.22 07:35:24 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2013.01.03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[8 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.08.12 07:55:11 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Adobe
[2013.09.06 08:18:36 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\ArcSoft
[2013.05.21 19:09:52 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\ASUS WebStorage
[2013.06.19 17:37:47 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\BitDefender
[2013.05.23 17:31:00 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\DVDVideoSoft
[2013.11.08 16:35:24 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\FileZilla
[2013.05.22 14:44:07 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Genie-Soft
[2013.05.22 14:01:52 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\GHISLER
[2013.05.22 18:37:40 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Identities
[2013.06.29 10:45:53 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Image-Line
[2013.05.21 18:52:10 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\InstallShield
[2013.05.21 19:14:53 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Intel Corporation
[2013.05.30 16:59:17 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Leadertech
[2013.05.30 18:58:45 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Logishrd
[2013.05.30 18:58:45 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Logitech
[2013.05.22 07:09:17 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Macromedia
[2013.06.19 17:23:50 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Malwarebytes
[2009.07.14 08:45:14 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Media Center Programs
[2013.11.07 17:59:05 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Media Player Classic
[2013.10.24 10:44:49 | 000,000,000 | --SD | M] -- C:\Users\Blecha\AppData\Roaming\Microsoft
[2013.11.08 16:55:36 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Mozilla
[2013.05.22 08:05:16 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\NVIDIA
[2013.05.22 13:56:20 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\phpDesigner
[2013.05.30 06:38:09 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\SanDisk
[2013.05.22 07:15:00 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\Softland
[2013.11.08 15:44:47 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\TeamViewer
[2013.05.22 07:21:11 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\TuneUp Software
[2013.11.08 18:35:09 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\vlc
[2013.05.27 15:25:36 | 000,000,000 | ---D | M] -- C:\Users\Blecha\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2013.05.30 06:38:21 | 000,613,888 | ---- | M] (SanDisk Corporation) -- C:\Users\Blecha\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
[2013.05.30 06:38:21 | 001,376,048 | ---- | M] (SanDisk Corporation) -- C:\Users\Blecha\AppData\Roaming\SanDisk\Sansa Updater\SansaUpdater.exe
[2013.05.30 06:38:22 | 000,855,856 | ---- | M] (SanDisk Corporation) -- C:\Users\Blecha\AppData\Roaming\SanDisk\Sansa Updater\SansaUpdaterInstall.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.11.08 20:16:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.11.08 18:38:39 | 000,000,044 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.10.26 02:53:20 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=EF01D104449CC654FDCF423C92BD8846 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.05.24 07:18:16 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=AAD90795E84E710543C6C7C2F7048E30 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.11.08 20:22:53 | 000,000,512 | ---- | M] () MD5=43FF4875A25DAE94E13A6E616225F6BD -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.05.21 13:15:00 | 009,962,246 | ---- | M] () -- \Moje VECI\RUZNE\FL Studio (BLECHA)\FL Studio 10\FL Studio\FL Studio CRACK.exe
[2009.06.23 21:03:08 | 009,104,042 | ---- | M] () -- \Moje VECI\RUZNE\PHOTOSHOP navrhy a jine (BLECHA)\PHOTOSHOP\BRUSHES\crackedDeskSet_15-29.abr
[2008.09.08 21:55:14 | 000,000,204 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Effects\Hardcore\Presets\I cracked my Tube!.hdprg
[2010.01.15 21:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2010.01.15 21:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\DrumPad\Drum Patches\Sound FX\Crack.dmpatch

< *keygen* /s >
[2009.10.07 13:54:34 | 000,255,427 | ---- | M] () -- \Moje VECI\RUZNE\cna1095a\Keygen.zip
[2012.12.17 12:17:00 | 000,274,432 | ---- | M] () -- \Program Files (x86)\PowerISO\keygen.exe

< *loader* /s >
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Moje VECI\RUZNE\obchody (BLECHA)\DEXTRO\HD REAL 720 hodinky CD\player\KMPlayer Multi-language\ImLoader.dll
[2006.01.15 07:21:26 | 000,856,064 | ---- | M] () -- \Moje VECI\RUZNE\obchody (BLECHA)\DEXTRO\HD REAL 720 hodinky CD\player\KMPlayer_Double-language\ImLoader.dll
[2010.12.10 08:44:16 | 000,001,963 | ---- | M] () -- \Moje VECI\RUZNE\obchody (BLECHA)\DEXTRO\OPENCART\exportimport\upload\system\PHPExcel\Classes\PHPExcel\Autoloader.php
[2010.05.18 23:31:30 | 000,001,731 | ---- | M] () -- \Moje VECI\RUZNE\obchody (BLECHA)\DEXTRO\OPENCART\system\engine\loader.php
[2010.05.18 23:31:30 | 000,001,731 | ---- | M] () -- \Moje VECI\RUZNE\obchody (BLECHA)\DEXTRO\OPENCART\upload\system\engine\loader.php
[2011.07.27 06:17:03 | 000,287,016 | ---- | M] () -- \Moje VECI\RUZNE\PROGRAMY\SoftonicDownloader_for_ulead-videostudio.exe
[2008.08.28 18:34:20 | 004,965,736 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\Photodownloader.exe
[2008.08.28 15:42:12 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\de_de\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\en_us\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\es_es\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\it_it\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\no_no\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2008.08.28 15:42:14 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2008.08.28 15:42:16 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2011.09.05 08:18:58 | 000,014,666 | ---- | M] () -- \Program Files (x86)\ASUS\ASUS WebStorage\3.0.139.290\panel\assets\images\uploader_photo.png
[2011.09.05 08:18:58 | 000,000,946 | ---- | M] () -- \Program Files (x86)\ASUS\ASUS WebStorage\3.0.139.290\panel\assets\images\uploader_title.png
[2013.04.30 17:55:36 | 001,027,744 | ---- | M] () -- \Program Files (x86)\Common Files\DVDVideoSoft\lib\DVSVideoDownloader.dll
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2013.04.30 17:53:28 | 000,041,112 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2013.06.17 12:35:16 | 001,447,616 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kasperskylab.kis.ui.loader.dll
[2013.05.14 10:59:38 | 000,221,376 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kas_loader.dll
[2013.06.14 17:30:48 | 000,340,672 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\prloader.dll
[2013.06.14 17:30:44 | 000,203,456 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\remote_eka_prague_loader.dll
[1 \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\*.tmp files -> \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\*.tmp -> ]
[2013.06.17 11:55:30 | 000,001,557 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\common\loader_16.gif
[2013.06.17 11:55:30 | 000,000,419 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\common\loader_16.png
[2013.06.17 11:55:30 | 000,006,377 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\common\loader_32.gif
[2013.06.17 11:55:30 | 000,001,276 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\common\loader_32.png
[2013.06.17 11:55:30 | 000,009,568 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\common\loader_48.gif
[2013.06.17 11:55:30 | 000,001,805 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\common\loader_48.png
[2013.06.17 11:55:30 | 000,020,462 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\common\loader_96.gif
[2013.06.17 11:55:30 | 000,004,009 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\common\loader_96.png
[2013.06.17 11:55:30 | 000,002,793 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\btn_loader.png
[2013.06.17 11:55:30 | 000,001,459 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0001.png
[2013.06.17 11:55:30 | 000,001,423 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_00010.png
[2013.06.17 11:55:30 | 000,001,453 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_00011.png
[2013.06.17 11:55:30 | 000,001,464 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_00012.png
[2013.06.17 11:55:30 | 000,001,487 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_00013.png
[2013.06.17 11:55:30 | 000,001,480 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_00014.png
[2013.06.17 11:55:30 | 000,001,455 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_00015.png
[2013.06.17 11:55:30 | 000,001,408 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_00016.png
[2013.06.17 11:55:30 | 000,001,472 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0002.png
[2013.06.17 11:55:30 | 000,001,480 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0003.png
[2013.06.17 11:55:30 | 000,001,471 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0004.png
[2013.06.17 11:55:30 | 000,001,439 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0005.png
[2013.06.17 11:55:30 | 000,001,413 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0006.png
[2013.06.17 11:55:30 | 000,001,367 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0007.png
[2013.06.17 11:55:30 | 000,001,274 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0008.png
[2013.06.17 11:55:30 | 000,001,390 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0009.png
[2013.06.17 11:55:32 | 000,006,957 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\skin\resources\neutral\templates\images\safe_banking\preloader.gif
[2013.06.14 17:30:52 | 000,473,792 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\prloader.dll
[2013.06.14 17:30:48 | 000,248,512 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\remote_eka_prague_loader.dll
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.06.04 09:57:24 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.06.04 09:57:24 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.06.04 09:57:24 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.06.04 09:57:24 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013.05.26 09:11:53 | 000,169,384 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Half-Life\cstrike\models\qloader.mdl
[2013.05.26 09:10:16 | 000,352,548 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Half-Life\valve\models\loader.mdl
[2013.05.26 09:10:09 | 000,012,764 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Half-Life\valve\sound\ambience\loader_hydra1.wav
[2013.05.26 09:10:25 | 000,012,164 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Half-Life\valve\sound\ambience\loader_step1.wav
[2013.05.23 09:12:00 | 000,064,832 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Metro Last Light\PhysXLoader.dll
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{CBB83477-1729-4F29-B57A-8AF005724D81}\ExtensionLoader.dll
[2013.08.04 09:54:34 | 000,069,080 | ---- | M] () -- \Users\Blecha\AppData\Roaming\DVDVideoSoft\logs\YTVDownloader_extra1.log
[2013.11.01 09:33:37 | 000,020,770 | ---- | M] () -- \Users\Blecha\AppData\Roaming\DVDVideoSoft\logs\YTVDownloader_extra2.log
[2013.08.04 09:54:34 | 000,069,080 | ---- | M] () -- \Users\Blecha\AppData\Roaming\DVDVideoSoft\logs\YTVDownloader_extra3.log
[2013.05.22 14:11:23 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:26:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 15:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.26 19:40:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.26 19:40:31 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.26 19:40:31 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.26 19:40:31 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.26 19:40:31 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 06:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 06:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009.07.14 06:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009.07.14 06:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009.07.14 06:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2013.05.24 06:10:20 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.05.24 06:10:20 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.05.24 06:10:20 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.05.24 06:10:20 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.05.24 06:10:20 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.26 19:38:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 05:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

Znovu spusťte OTL a do bílého okna "vlastní skenování/opravy" zkopírujte:

:OTL
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2659259988-1664157760-1627859876-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O3 - HKU\S-1-5-21-2659259988-1664157760-1627859876-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [msnqodhSrv] C:\Windows\inf\msnqodh.vbe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O33 - MountPoints2\{54c4540e-c26e-11e2-87ba-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{54c4540e-c26e-11e2-87ba-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Bin\ASSETUP.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\_AUTORUN\AUTORUN.EXE
O33 - MountPoints2\E\Shell\instDX\command - "" = E:\directX\dxsetup.exe
O33 - MountPoints2\E\Shell\readme\command - "" = notepad readme.txt
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\SISetup.exe

:files
C:\Windows\inf\msnqodh.vbe
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

a klikněte na >opravit<. OTL vykoná opravu, restartuje PC, po kterém vypíšelog. Log sem zkopírujte.

All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2659259988-1664157760-1627859876-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2659259988-1664157760-1627859876-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\msnqodhSrv deleted successfully.
C:\Windows\inf\msnqodh.vbe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{54c4540e-c26e-11e2-87ba-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54c4540e-c26e-11e2-87ba-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{54c4540e-c26e-11e2-87ba-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54c4540e-c26e-11e2-87ba-806e6f6e6963}\ not found.
File D:\Bin\ASSETUP.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File E:\_AUTORUN\AUTORUN.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File E:\directX\dxsetup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File notepad readme.txt not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File F:\SISetup.exe not found.
========== FILES ==========
File\Folder C:\Windows\inf\msnqodh.vbe not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Blecha
->Temp folder emptied: 37185054 bytes
->Temporary Internet Files folder emptied: 1039117 bytes
->FireFox cache emptied: 388557144 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1015 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1130102 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42286783 bytes
RecycleBin emptied: 307460 bytes

Total Files Cleaned = 449,00 mb


[EMPTYFLASH]

User: All Users

User: Blecha
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Blecha

User: Default

User: Default User

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11082013_212908

Files\Folders moved on Reboot...
C:\Users\Blecha\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Blecha\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\temp\FXSTIFFDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Nastala nějaká změna?

Obávám se, že ne