Prosím o kontrolu logu

Zpráva

cudla11 · #1 Příspěvek od **cudla11** » 28 čer 2014 07:46

Jednou za čas se pc zasekne, jinak s ním žádný problém není.
Díky

Log RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2014-06-28 08:41:54
Microsoft Windows 8
System drive C: has 238 GB (52%) free of 459 GB
Total RAM: 3986 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:42:00, on 28. 6. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16921)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files\trend micro\Lenka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://ib24.csob.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{9487416B-D753-400D-9DF6-A0E14B6E0F5B}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\SysWow64\skype4com.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Registration Service (HPRegistrationSvc) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HPRegistrationService.exe
O23 - Service: @oem29.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11397 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=6be67114-2e82-4a60-8682-0810614c1b72 /coreSdkOptions=4382 /logConfFile="C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg2014\temp\da138159-b276-4578-b6ce-d1485a8c3a4c-1e4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg2014\log\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\AVG\AVG2014\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE"
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
MSOIDSvcm.exe 2372
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=8b141869-2f96-4c48-8227-1377c979c41d /coreSdkOptions=4114 /logConfFile="C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg2014\temp\a9f1e47a-9f81-4d23-9cb0-e622c4c86d1a-954-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2888
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
atieclxx
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" /byrunkey
ctfmon.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv

"C:\Users\Lenka\Downloads\RSITx64.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe25_ Global\UsGthrCtrlFltPipeMssGthrPipe25 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForLenka.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForLenka (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-06-17 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-06-17 2335960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-06-17 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-06-17 1730264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-24 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-24 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-24 441152]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-01-23 1664000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-06-10 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2012-07-26 405504]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-06-17 5179408]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-01-10 379904]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-09-07 581024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2012-08-24 441856]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe]
"Debugger=""C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hpsf.exe]
"Debugger=""C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skype.exe]
"Debugger=""C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-06-28 08:41:54 ----D---- C:\rsit
2014-06-28 08:41:54 ----D---- C:\Program Files\trend micro
2014-06-27 16:46:11 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-06-27 16:46:00 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2014-06-27 16:46:00 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-06-27 16:46:00 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-06-27 16:45:59 ----D---- C:\ProgramData\Malwarebytes
2014-06-27 16:45:59 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-17 16:21:34 ----A---- C:\WINDOWS\system32\drivers\avgldx64.sys
2014-06-17 16:07:12 ----A---- C:\WINDOWS\system32\drivers\avgloga.sys
2014-06-17 16:06:24 ----A---- C:\WINDOWS\system32\drivers\avgidsha.sys
2014-06-17 16:06:22 ----A---- C:\WINDOWS\system32\drivers\avgidsdrivera.sys
2014-06-17 16:06:22 ----A---- C:\WINDOWS\system32\drivers\avgdiska.sys
2014-06-17 16:06:20 ----A---- C:\WINDOWS\system32\drivers\avgmfx64.sys
2014-06-17 16:06:06 ----A---- C:\WINDOWS\system32\drivers\avgrkx64.sys
2014-06-12 21:26:59 ----A---- C:\WINDOWS\system32\rdpudd.dll
2014-06-12 21:26:59 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-06-12 21:26:49 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-06-12 21:26:49 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-06-12 21:26:48 ----A---- C:\WINDOWS\SYSWOW64\wusa.exe
2014-06-12 21:26:48 ----A---- C:\WINDOWS\system32\wusa.exe
2014-06-12 21:26:42 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2014-06-12 21:26:42 ----A---- C:\WINDOWS\system32\gdi32.dll
2014-06-12 21:26:36 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-06-12 21:26:36 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-06-12 21:26:36 ----A---- C:\WINDOWS\SYSWOW64\iesysprep.dll
2014-06-12 21:26:36 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-06-12 21:26:36 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-06-12 21:26:36 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-06-12 21:26:35 ----A---- C:\WINDOWS\SYSWOW64\UXInit.dll
2014-06-12 21:26:35 ----A---- C:\WINDOWS\system32\msrating.dll
2014-06-12 21:26:34 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-06-12 21:26:34 ----A---- C:\WINDOWS\system32\iesysprep.dll
2014-06-12 21:26:34 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-06-12 21:26:33 ----A---- C:\WINDOWS\SYSWOW64\uxtheme.dll
2014-06-12 21:26:33 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-06-12 21:26:33 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-06-12 21:26:33 ----A---- C:\WINDOWS\system32\UXInit.dll
2014-06-12 21:26:31 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-06-12 21:26:31 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-06-12 21:26:31 ----A---- C:\WINDOWS\system32\uxtheme.dll
2014-06-12 21:26:31 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-06-12 21:26:30 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-06-12 21:26:29 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-06-12 21:26:29 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-06-12 21:26:29 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-06-12 21:26:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-06-12 21:26:29 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-06-12 21:26:27 ----A---- C:\WINDOWS\system32\wininet.dll
2014-06-12 21:26:27 ----A---- C:\WINDOWS\system32\jscript.dll
2014-06-12 21:26:27 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-06-12 21:26:25 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-06-12 21:26:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-06-12 21:26:14 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-06-12 21:26:13 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-06-12 21:26:13 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-06-12 21:26:12 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2014-06-12 21:26:11 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-06-12 21:26:07 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-06-12 21:26:06 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-06-12 21:25:30 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-06-12 21:25:28 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2014-06-12 21:25:28 ----A---- C:\WINDOWS\system32\msxml3.dll

======List of files/folders modified in the last 1 month======

2014-06-28 08:41:54 ----RD---- C:\Program Files
2014-06-28 08:39:02 ----D---- C:\WINDOWS\Temp
2014-06-28 08:37:49 ----D---- C:\WINDOWS\Prefetch
2014-06-28 08:24:07 ----D---- C:\ProgramData\MFAData
2014-06-28 08:21:12 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2014-06-28 08:20:09 ----D---- C:\WINDOWS\system32\sru
2014-06-28 08:18:43 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2014-06-28 08:18:09 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2014-06-28 00:12:11 ----A---- C:\WINDOWS\SYSWOW64\REMOTEDEVICE.INI
2014-06-27 16:46:11 ----D---- C:\WINDOWS\system32\Drivers
2014-06-27 16:45:59 ----RD---- C:\Program Files (x86)
2014-06-27 16:45:59 ----HD---- C:\ProgramData
2014-06-27 07:32:51 ----SHD---- C:\System Volume Information
2014-06-27 07:20:21 ----D---- C:\WINDOWS\Microsoft.NET
2014-06-26 15:08:15 ----RD---- C:\WINDOWS\System32
2014-06-26 15:08:15 ----D---- C:\WINDOWS\Inf
2014-06-26 15:08:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-24 18:41:48 ----SHD---- C:\WINDOWS\Installer
2014-06-24 18:41:42 ----D---- C:\WINDOWS\SysWOW64
2014-06-23 21:59:09 ----D---- C:\WINDOWS\system32\config
2014-06-23 17:31:56 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-06-21 09:27:47 ----RSD---- C:\WINDOWS\assembly
2014-06-21 08:56:08 ----SD---- C:\Users\Lenka\AppData\Roaming\Microsoft
2014-06-19 21:06:08 ----D---- C:\WINDOWS\AUInstallAgent
2014-06-19 21:05:22 ----HD---- C:\Program Files\WindowsApps
2014-06-19 07:28:26 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2014-06-19 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\uxtuneup.dll
2014-06-19 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\authuitu.dll
2014-06-19 07:28:18 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2014-06-19 07:28:18 ----A---- C:\WINDOWS\system32\authuitu.dll
2014-06-17 22:20:00 ----D---- C:\WINDOWS\WinSxS
2014-06-17 22:10:54 ----D---- C:\WINDOWS\Tasks
2014-06-17 22:05:46 ----D---- C:\WINDOWS\system32\catroot2
2014-06-17 22:04:29 ----D---- C:\WINDOWS\system32\DriverStore
2014-06-17 12:12:59 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-06-17 12:10:46 ----D---- C:\Program Files\Microsoft Office 15
2014-06-14 18:31:56 ----D---- C:\WINDOWS\rescache
2014-06-12 23:21:48 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-06-12 23:21:48 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-06-12 23:21:48 ----D---- C:\WINDOWS\system32\cs-CZ
2014-06-12 23:21:47 ----D---- C:\WINDOWS\system32\en-US
2014-06-12 23:21:42 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-12 23:21:34 ----D---- C:\Program Files\Internet Explorer
2014-06-12 22:40:24 ----D---- C:\WINDOWS\CbsTemp
2014-06-12 22:39:56 ----D---- C:\WINDOWS\system32\MRT
2014-06-12 22:37:02 ----A---- C:\WINDOWS\system32\MRT.exe
2014-06-08 22:19:12 ----A---- C:\WINDOWS\SYSWOW64\SHORTCUT.INI
2014-06-08 16:37:23 ----D---- C:\WINDOWS\system32\NDF
2014-06-03 20:41:35 ----A---- C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-31 07:16:07 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem4.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2012-07-10 35496]
R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2014-06-17 190744]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2014-06-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2014-06-17 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512]
R0 hpdskflt;@oem29.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-31 645952]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2014-06-17 153368]
R1 Avgfwfd;@oem25.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2014-06-17 242968]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2014-06-17 235800]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2014-05-14 274712]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 Accelerometer;@oem29.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2012-08-02 10280960]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2012-08-02 368640]
R3 BtAudioBusSrv;@oem18.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-01-09 51712]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2013-03-25 49584]
R3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 intelkmd;intelkmd; C:\WINDOWS\system32\DRIVERS\igdpmd64.sys [2012-08-24 9000256]
R3 MEIx64;@oem9.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 netr28x;@oem32.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-12-04 2505904]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2013-03-01 156672]
R3 rtbth;@oem31.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@oem12.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2012-07-31 690832]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2014-01-23 33008]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2014-01-23 542208]
R3 SynTP;@oem28.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2014-01-23 495856]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2013-12-16 14112]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-06 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2012-08-24 9000256]
S3 RSP2STOR;@oem10.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2012-07-04 269968]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-08-14 41272]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2012-08-02 239616]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2012-09-20 29696]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2014-06-17 1417160]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-06-17 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-06-17 289328]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-03-26 1619704]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-05-21 2279608]
R2 hpsrv;@oem29.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-09-24 31040]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-09-07 35232]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-07-14 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-18 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 msoidsvc;Microsoft Online Services Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2012-05-17 2079520]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-01-23 323072]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-06-19 2252600]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\WINDOWS\System32\svchost.exe [2012-09-20 29696]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-01-10 138752]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-27 43616]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22 116648]
S2 HPRegistrationSvc;HP Registration Service; C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HPRegistrationService.exe [2012-07-19 205216]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-12 51648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2012-08-24 276288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22 116648]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-03-02 150600]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\WINDOWS\system32\svchost.exe [2012-09-20 29696]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-06-01 37632]
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2012-07-26 51200]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2012-11-27 29952]
S4 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 28 čer 2014 07:54

Zdravim

Pozor na pouzivani TuneUp. Dokaze to v pc nadelat peknou paseku

AVG je koupene, nebo free verze?

Vidim tam MBAM, nasel neco?

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

cudla11 · #3 Příspěvek od **cudla11** » 28 čer 2014 08:06

AVG je placená verze, stejně tak TuneUP.
MBAM nic nenašel, ani ESET online Scanner

AWD Cleaner vložím po kontrole.

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8 [6.2 Build 9200] (x64)
Date : 2014/06/28 9:01:28

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- Hitachi HTS545050A7E380
- hp DVD A DS8A8SH
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS545050A7E380 : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) Hitachi HTS545050A7E380
----------------------------------------------------------------------------
Model : Hitachi HTS545050A7E380
Firmware : GG2OA7A0
Serial Number : TEJ51139CYG7RP
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300
Power On Hours : 1389 hod.
Power On Count : 607 krát
Temparature : 34 C (93 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 198 100 _40 000000000076 Průchodnost disku
03 214 100 _33 000E00000001 Čas na roztočení ploten
04 100 100 __0 000000000264 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 _97 _97 _40 00000000002C Čas potřebný na vyhledání
09 _97 _97 __0 00000000056D Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 00000000025F Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _97 000000000000 Ukončovacích chyb
BB 100 100 __0 0000001B0000 Ohlášeno neopravitelných chyb
BC 100 100 __0 002F004D0004 Časový limit příkazu
BE _66 _51 _45 000014240022 Teplota toku vzduchu
BF _99 _99 __0 00000000014C Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 0000000B000B Počet vypnutí disku
C1 _97 _97 __0 0000000089AB Počet cyklů načítání/vymazání
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 5445 4A35 3339 3339 4359 4737 5250
020: 0003 4000 0004 4747 324F 4130 4130 4869 7461 6368
030: 6920 4854 5335 3435 3035 3745 3745 3338 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0D06 0D06 0000 004C 0048
080: 01FC 0028 706B 7C09 6123 BC09 BC09 6123 203F 0035
090: 0036 4080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 6003 6003 826C 5000 CCA7
110: 20CD 6440 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 000B
130: 0000 0000 2182 1CF1 3A00 4000 4000 0400 0003 0000
140: 0000 0603 0902 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 3248 4237 0000 0000 0000 5DBD 2518 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 FCA5

#4 Příspěvek od **Márty84** » 28 čer 2014 08:12

cudla11 píše:AVG je placená verze, stejně tak TuneUP.

Skoda

Mimochodem, doufam, ze to tentokrat dokoncite. Ne jak minule s Rudym, kde uz 6 dnu ceka na odpoved a vy uz tu jste s dalsim pocitacem

cudla11 · #5 Příspěvek od **cudla11** » 28 čer 2014 08:16

Aha, tak to se omlouvám ... to byla chyba v komunikaci a napravím to.

# AdwCleaner v3.213 - Report created 28/06/2014 at 09:07:50
# Updated 23/06/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Lenka - LENKA
# Running from : C:\Users\Lenka\Downloads\adwcleaner_3.213.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Lenka\AppData\Roaming\pdfforge

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Myfree Codec

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16921

-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1530 octets] - [28/06/2014 09:04:46]
AdwCleaner[R1].txt - [1590 octets] - [28/06/2014 09:07:05]
AdwCleaner[S0].txt - [1325 octets] - [28/06/2014 09:07:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1385 octets] ##########

#6 Příspěvek od **Márty84** » 28 čer 2014 08:18

OK

Dejte novy log z RSIT

a k tomu

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

cudla11 · #7 Příspěvek od **cudla11** » 28 čer 2014 09:21

log RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2014-06-28 09:24:17
Microsoft Windows 8
System drive C: has 238 GB (52%) free of 459 GB
Total RAM: 3986 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:24:19, on 28. 6. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16921)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Lenka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://ib24.csob.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{9487416B-D753-400D-9DF6-A0E14B6E0F5B}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\SysWow64\skype4com.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Registration Service (HPRegistrationSvc) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HPRegistrationService.exe
O23 - Service: @oem29.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11763 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=db40f24f-3397-415b-991a-a015d4a2a468 /coreSdkOptions=4382 /logConfFile="C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg2014\temp\67e93023-1e51-4d78-b4c0-a44590eb1c01-1e8-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg2014\log\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\atiesrxx.exe
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
atieclxx
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\AVG\AVG2014\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
"C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
MSOIDSvcm.exe 2364
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=55a2de70-a04e-4d46-807b-f779c270b031 /coreSdkOptions=4114 /logConfFile="C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg2014\temp\d600bd56-22bb-4860-8e41-d66b92806b04-928-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2600
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
ctfmon.exe
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" /byrunkey
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4272.0.1269014916\1524161085" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.982.6.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Control/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="4272.2.1052652254\1410018389" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Control/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="4272.3.766507604\2011854033" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A2_Stable_R1/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Control/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_20/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-pinch --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --enable-software-compositing --channel="4272.9.986973886\952598697" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4272.10.536182615\325665198" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Lenka\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\HPCeeScheduleForLenka.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForLenka (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-06-17 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-06-17 2335960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-06-17 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-06-17 1730264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-24 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-24 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-24 441152]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-01-23 1664000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-06-10 21720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2012-07-26 405504]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-06-17 5179408]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-01-10 379904]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-09-07 581024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2012-08-24 441856]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe]
"Debugger=""C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hpsf.exe]
"Debugger=""C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skype.exe]
"Debugger=""C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-06-28 09:05:05 ----A---- C:\WINDOWS\SYSWOW64\sqlite3.dll
2014-06-28 09:04:44 ----D---- C:\AdwCleaner
2014-06-28 08:41:54 ----D---- C:\rsit
2014-06-28 08:41:54 ----D---- C:\Program Files\trend micro
2014-06-27 16:46:11 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-06-27 16:46:00 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2014-06-27 16:46:00 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-06-27 16:46:00 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-06-27 16:45:59 ----D---- C:\ProgramData\Malwarebytes
2014-06-27 16:45:59 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-17 16:21:34 ----A---- C:\WINDOWS\system32\drivers\avgldx64.sys
2014-06-17 16:07:12 ----A---- C:\WINDOWS\system32\drivers\avgloga.sys
2014-06-17 16:06:24 ----A---- C:\WINDOWS\system32\drivers\avgidsha.sys
2014-06-17 16:06:22 ----A---- C:\WINDOWS\system32\drivers\avgidsdrivera.sys
2014-06-17 16:06:22 ----A---- C:\WINDOWS\system32\drivers\avgdiska.sys
2014-06-17 16:06:20 ----A---- C:\WINDOWS\system32\drivers\avgmfx64.sys
2014-06-17 16:06:06 ----A---- C:\WINDOWS\system32\drivers\avgrkx64.sys
2014-06-12 21:26:59 ----A---- C:\WINDOWS\system32\rdpudd.dll
2014-06-12 21:26:59 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2014-06-12 21:26:49 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2014-06-12 21:26:49 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2014-06-12 21:26:48 ----A---- C:\WINDOWS\SYSWOW64\wusa.exe
2014-06-12 21:26:48 ----A---- C:\WINDOWS\system32\wusa.exe
2014-06-12 21:26:42 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2014-06-12 21:26:42 ----A---- C:\WINDOWS\system32\gdi32.dll
2014-06-12 21:26:36 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-06-12 21:26:36 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2014-06-12 21:26:36 ----A---- C:\WINDOWS\SYSWOW64\iesysprep.dll
2014-06-12 21:26:36 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2014-06-12 21:26:36 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2014-06-12 21:26:36 ----A---- C:\WINDOWS\system32\iernonce.dll
2014-06-12 21:26:35 ----A---- C:\WINDOWS\SYSWOW64\UXInit.dll
2014-06-12 21:26:35 ----A---- C:\WINDOWS\system32\msrating.dll
2014-06-12 21:26:34 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-06-12 21:26:34 ----A---- C:\WINDOWS\system32\iesysprep.dll
2014-06-12 21:26:34 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-06-12 21:26:33 ----A---- C:\WINDOWS\SYSWOW64\uxtheme.dll
2014-06-12 21:26:33 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-06-12 21:26:33 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-06-12 21:26:33 ----A---- C:\WINDOWS\system32\UXInit.dll
2014-06-12 21:26:31 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2014-06-12 21:26:31 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-06-12 21:26:31 ----A---- C:\WINDOWS\system32\uxtheme.dll
2014-06-12 21:26:31 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-06-12 21:26:30 ----A---- C:\WINDOWS\system32\iesetup.dll
2014-06-12 21:26:29 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-06-12 21:26:29 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-06-12 21:26:29 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-06-12 21:26:29 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-06-12 21:26:29 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-06-12 21:26:27 ----A---- C:\WINDOWS\system32\wininet.dll
2014-06-12 21:26:27 ----A---- C:\WINDOWS\system32\jscript.dll
2014-06-12 21:26:27 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-06-12 21:26:25 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-06-12 21:26:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-06-12 21:26:14 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-06-12 21:26:13 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-06-12 21:26:13 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-06-12 21:26:12 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2014-06-12 21:26:11 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-06-12 21:26:07 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-06-12 21:26:06 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-06-12 21:25:30 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-06-12 21:25:28 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2014-06-12 21:25:28 ----A---- C:\WINDOWS\system32\msxml3.dll

======List of files/folders modified in the last 1 month======

2014-06-28 09:24:08 ----D---- C:\WINDOWS\Temp
2014-06-28 09:16:31 ----RD---- C:\WINDOWS\System32
2014-06-28 09:16:31 ----D---- C:\WINDOWS\Inf
2014-06-28 09:16:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-28 09:15:18 ----D---- C:\WINDOWS\Prefetch
2014-06-28 09:15:17 ----D---- C:\ProgramData\MFAData
2014-06-28 09:13:25 ----A---- C:\WINDOWS\SYSWOW64\bscs.ini
2014-06-28 09:12:28 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-06-28 09:11:35 ----A---- C:\WINDOWS\SYSWOW64\LOCALSERVICE.INI
2014-06-28 09:10:32 ----D---- C:\WINDOWS\system32\catroot2
2014-06-28 09:10:22 ----A---- C:\WINDOWS\SYSWOW64\LOCALDEVICE.INI
2014-06-28 09:05:05 ----D---- C:\WINDOWS\SysWOW64
2014-06-28 09:00:02 ----D---- C:\WINDOWS\system32\sru
2014-06-28 08:41:54 ----RD---- C:\Program Files
2014-06-28 00:12:11 ----A---- C:\WINDOWS\SYSWOW64\REMOTEDEVICE.INI
2014-06-27 16:46:11 ----D---- C:\WINDOWS\system32\Drivers
2014-06-27 16:45:59 ----RD---- C:\Program Files (x86)
2014-06-27 16:45:59 ----HD---- C:\ProgramData
2014-06-27 07:32:51 ----SHD---- C:\System Volume Information
2014-06-27 07:20:21 ----D---- C:\WINDOWS\Microsoft.NET
2014-06-24 18:41:48 ----SHD---- C:\WINDOWS\Installer
2014-06-23 21:59:09 ----D---- C:\WINDOWS\system32\config
2014-06-21 09:27:47 ----RSD---- C:\WINDOWS\assembly
2014-06-21 08:56:08 ----SD---- C:\Users\Lenka\AppData\Roaming\Microsoft
2014-06-19 21:06:08 ----D---- C:\WINDOWS\AUInstallAgent
2014-06-19 21:05:22 ----HD---- C:\Program Files\WindowsApps
2014-06-19 07:28:26 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2014-06-19 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\uxtuneup.dll
2014-06-19 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\authuitu.dll
2014-06-19 07:28:18 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2014-06-19 07:28:18 ----A---- C:\WINDOWS\system32\authuitu.dll
2014-06-17 22:20:00 ----D---- C:\WINDOWS\WinSxS
2014-06-17 22:10:54 ----D---- C:\WINDOWS\Tasks
2014-06-17 22:04:29 ----D---- C:\WINDOWS\system32\DriverStore
2014-06-17 12:12:59 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-06-17 12:10:46 ----D---- C:\Program Files\Microsoft Office 15
2014-06-14 18:31:56 ----D---- C:\WINDOWS\rescache
2014-06-12 23:21:48 ----D---- C:\WINDOWS\SYSWOW64\en-US
2014-06-12 23:21:48 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-06-12 23:21:48 ----D---- C:\WINDOWS\system32\cs-CZ
2014-06-12 23:21:47 ----D---- C:\WINDOWS\system32\en-US
2014-06-12 23:21:42 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-12 23:21:34 ----D---- C:\Program Files\Internet Explorer
2014-06-12 22:40:24 ----D---- C:\WINDOWS\CbsTemp
2014-06-12 22:39:56 ----D---- C:\WINDOWS\system32\MRT
2014-06-12 22:37:02 ----A---- C:\WINDOWS\system32\MRT.exe
2014-06-08 22:19:12 ----A---- C:\WINDOWS\SYSWOW64\SHORTCUT.INI
2014-06-08 16:37:23 ----D---- C:\WINDOWS\system32\NDF
2014-06-03 20:41:35 ----A---- C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-31 07:16:07 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem4.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2012-07-10 35496]
R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2014-06-17 190744]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2014-06-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2014-06-17 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512]
R0 hpdskflt;@oem29.inf,%service_desc%;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-31 645952]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2014-06-17 153368]
R1 Avgfwfd;@oem25.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2014-06-17 242968]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2014-06-17 235800]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2014-05-14 274712]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 Accelerometer;@oem29.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2012-08-02 10280960]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2012-08-02 368640]
R3 BtAudioBusSrv;@oem18.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-01-09 51712]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [2013-03-25 49584]
R3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 intelkmd;intelkmd; C:\WINDOWS\system32\DRIVERS\igdpmd64.sys [2012-08-24 9000256]
R3 MEIx64;@oem9.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 netr28x;@oem32.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2013-12-04 2505904]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2013-03-01 156672]
R3 rtbth;@oem31.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@oem12.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2012-07-31 690832]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2014-01-23 33008]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [2014-01-23 542208]
R3 SynTP;@oem28.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2014-01-23 495856]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2013-12-16 14112]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-06 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2012-08-24 9000256]
S3 RSP2STOR;@oem10.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2012-07-04 269968]
S3 SmbDrv;SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-08-14 41272]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2012-08-02 239616]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2012-09-20 29696]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2014-06-17 1417160]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-06-17 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-06-17 289328]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-03-26 1619704]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-05-21 2279608]
R2 hpsrv;@oem29.inf,%hpservice_desc%;HP Service; C:\WINDOWS\system32\Hpservice.exe [2012-09-24 31040]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-09-07 35232]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-07-14 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-18 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 msoidsvc;Microsoft Online Services Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2012-05-17 2079520]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2014-01-23 323072]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-06-19 2252600]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\WINDOWS\System32\svchost.exe [2012-09-20 29696]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-01-10 138752]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22 116648]
S2 HPRegistrationSvc;HP Registration Service; C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HPRegistrationService.exe [2012-07-19 205216]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-12 51648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2012-08-24 276288]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-27 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-22 116648]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-03-02 150600]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\WINDOWS\system32\svchost.exe [2012-09-20 29696]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\WINDOWS\System32\drivers\BthAvrcpTg.sys [2013-06-01 37632]
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\WINDOWS\System32\drivers\bthhfenum.sys [2012-07-26 51200]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\WINDOWS\System32\drivers\BthHFHid.sys [2012-11-27 29952]
S4 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]

-----------------EOF-----------------

cudla11 · #8 Příspěvek od **cudla11** » 28 čer 2014 09:24

log OTL.txt:

OTL logfile created on: 28. 6. 2014 9:26:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lenka\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16921)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

3,89 Gb Total Physical Memory | 2,24 Gb Available Physical Memory | 57,46% Memory free
4,64 Gb Paging File | 2,81 Gb Available in Paging File | 60,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,41 Gb Total Space | 232,16 Gb Free Space | 51,77% Space Free | Partition Type: NTFS
Drive D: | 16,24 Gb Total Space | 2,04 Gb Free Space | 12,56% Space Free | Partition Type: NTFS

Computer Name: LENKA | User Name: Lenka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/06/28 09:25:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lenka\Desktop\OTL.exe
PRC - [2014/06/23 21:02:57 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014/06/17 16:20:38 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014/06/17 16:18:02 | 005,179,408 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2014/06/17 16:17:36 | 001,417,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
PRC - [2014/06/17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2014/06/05 15:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/08/19 18:07:36 | 001,344,312 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
PRC - [2013/03/26 12:50:24 | 001,619,704 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
PRC - [2013/01/10 14:23:30 | 000,379,904 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
PRC - [2012/09/07 18:33:08 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2012/07/27 18:21:26 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012/07/18 03:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/18 03:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/18 03:10:24 | 000,128,896 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/07/18 03:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/08 05:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

========== Modules (No Company Name) ==========

MOD - [2014/06/05 15:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014/06/05 15:58:37 | 014,612,296 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
MOD - [2014/06/05 15:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014/06/05 15:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014/06/05 15:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014/06/05 15:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2013/01/31 18:04:00 | 000,070,904 | ---- | M] () -- C:\Windows\SysWOW64\BsProfileFunc.dll
MOD - [2013/01/10 13:59:24 | 000,019,456 | ---- | M] () -- C:\Windows\SysWOW64\BsTrace.dll
MOD - [2013/01/10 12:25:58 | 000,353,280 | ---- | M] () -- C:\Windows\SysWOW64\BsExtendFunc.dll
MOD - [2013/01/10 12:25:56 | 000,011,264 | ---- | M] () -- C:\Windows\SysWOW64\SCChangeMonitor.dll
MOD - [2012/06/08 12:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/06/08 05:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/06/19 07:28:18 | 000,042,808 | ---- | M] (AVG) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2014/05/21 03:28:26 | 002,279,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/04/12 11:08:17 | 000,439,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/29 10:05:59 | 000,016,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/01/23 00:43:14 | 000,323,072 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2013/08/16 07:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/06/25 00:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/06/01 11:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/01/10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2012/09/24 14:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2012/09/20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/08/02 11:06:02 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/07/26 05:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/07/26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2014/06/19 07:28:22 | 002,252,600 | ---- | M] (AVG) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2014/06/19 07:28:18 | 000,035,640 | ---- | M] (AVG) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2014/06/17 16:20:38 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/06/17 16:17:36 | 001,417,160 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe -- (avgfws)
SRV - [2014/06/17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/12/21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/04 19:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/03/26 12:50:24 | 001,619,704 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2013/01/10 14:35:28 | 000,138,752 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe -- (BsHelpCS)
SRV - [2012/09/07 18:33:08 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012/08/24 02:08:06 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/07/26 05:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/26 05:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2012/07/26 05:17:52 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2012/07/19 15:19:16 | 000,205,216 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HPRegistrationService.exe -- (HPRegistrationSvc)
SRV - [2012/07/18 03:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/18 03:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/18 03:10:24 | 000,128,896 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012/07/18 03:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/14 18:02:16 | 002,451,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014/05/14 21:09:08 | 000,274,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgwfpa.sys -- (Avgwfpa)
DRV:64bit: - [2014/03/28 21:19:38 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/24 00:11:52 | 000,269,592 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/01/23 11:15:38 | 000,495,856 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2014/01/23 11:15:33 | 000,033,008 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2014/01/23 00:43:15 | 000,542,208 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2013/12/04 12:02:30 | 002,505,904 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2013/12/02 10:42:14 | 001,204,424 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rtbth.sys -- (rtbth)
DRV:64bit: - [2013/10/10 13:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/05 08:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/02 04:50:07 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/26 10:44:54 | 000,057,144 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2013/09/04 16:35:06 | 000,020,496 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\avgboota.sys -- (Avgboota)
DRV:64bit: - [2013/08/16 07:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/10 08:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/07/09 10:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/02 03:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/02 03:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/06/29 08:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/06/27 11:33:20 | 000,020,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:64bit: - [2013/06/01 05:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Unknown (0) | Disabled | Unknown] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/03/25 12:03:44 | 000,049,584 | ---- | M] (Ralink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IvtUrbBtFlt.sys -- (btUrbFilterDrv)
DRV:64bit: - [2013/03/02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/01/10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/11/27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Unknown (0) | Disabled | Unknown] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/09/24 14:40:56 | 000,043,840 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012/09/24 14:40:56 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012/09/20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/08/24 02:07:42 | 009,000,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2012/08/24 02:07:42 | 009,000,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/08/14 10:46:06 | 000,041,272 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2012/08/02 12:54:18 | 010,280,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/08/02 10:09:30 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/07/31 21:22:00 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/07/31 10:04:12 | 000,690,832 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/07/26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Unknown (0) | Disabled | Unknown] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/19 18:47:40 | 000,056,904 | ---- | M] (Ralink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BtL2caScoIf.sys -- (BthL2caScoIfSrv)
DRV:64bit: - [2012/07/10 06:19:26 | 000,035,496 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2012/07/04 15:09:08 | 000,269,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2012/07/03 01:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/25 11:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/19 17:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/15 12:22:02 | 000,023,136 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BtAudioBus.sys -- (BtAudioBusSrv)
DRV - [2013/12/16 15:34:30 | 000,014,112 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... c=HPNTDFJS
IE:64bit: - HKLM\..\SearchScopes\{693FA693-C64F-4BDD-8C29-2A3395CC502E}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{693FA693-C64F-4BDD-8C29-2A3395CC502E}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-314678418-636638870-3796162450-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
IE - HKU\S-1-5-21-314678418-636638870-3796162450-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://ib24.csob.cz/
IE - HKU\S-1-5-21-314678418-636638870-3796162450-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-314678418-636638870-3796162450-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... c=HPNTDFJS
IE - HKU\S-1-5-21-314678418-636638870-3796162450-1001\..\SearchScopes\{693FA693-C64F-4BDD-8C29-2A3395CC502E}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE - HKU\S-1-5-21-314678418-636638870-3796162450-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: VyhledĂˇvĂˇnĂ Google = C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.34_0\
CHR - Extension: AdBlock = C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.35_0\
CHR - Extension: AdBlock = C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.37_0\
CHR - Extension: AdBlock = C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.1_0\
CHR - Extension: AdBlock = C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.3_0\
CHR - Extension: Star Se7en = C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kembffdaaophkgdjpheebhhlaihpagjp\1.0.1_0\
CHR - Extension: PenÄ›Ĺľenka Google = C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/07/26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BtTray] C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (IVT Corporation)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-314678418-636638870-3796162450-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25D673D2-29D4-4832-B172-08A400DB7223}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9487416B-D753-400D-9DF6-A0E14B6E0F5B}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9487416B-D753-400D-9DF6-A0E14B6E0F5B}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\hpsf.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\hpsf.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O30:64bit: - LSA: Security Packages - (msoidssp) - C:\WINDOWS\SysNative\msoidssp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (livessp) - File not found
O30 - LSA: Security Packages - (msoidssp) - C:\WINDOWS\SysWow64\msoidssp.dll (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (AVG)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/06/28 09:25:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lenka\Desktop\OTL.exe
[2014/06/28 09:05:05 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\SysWow64\sqlite3.dll
[2014/06/28 09:04:44 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/28 08:41:54 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/06/28 08:41:54 | 000,000,000 | ---D | C] -- C:\rsit
[2014/06/27 16:46:11 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/27 16:46:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/06/27 16:46:00 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014/06/27 16:46:00 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2014/06/27 16:46:00 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/06/27 16:45:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/06/27 16:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/06/21 10:12:58 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Local\{9AC75147-0076-4387-B457-4D76B0DAFCB1}
[2014/06/17 16:21:34 | 000,235,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgldx64.sys
[2014/06/17 16:07:12 | 000,328,984 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgloga.sys
[2014/06/17 16:06:24 | 000,190,744 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgidsha.sys
[2014/06/17 16:06:22 | 000,242,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgidsdrivera.sys
[2014/06/17 16:06:22 | 000,153,368 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgdiska.sys
[2014/06/17 16:06:20 | 000,123,672 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgmfx64.sys
[2014/06/17 16:06:06 | 000,031,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgrkx64.sys
[2014/06/14 17:29:19 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Local\{7ABF35C6-749C-492F-A339-84B9EFD87A61}
[2014/06/12 21:26:59 | 003,246,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2014/06/12 21:26:59 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2014/06/12 21:26:49 | 000,328,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2014/06/12 21:26:48 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wusa.exe
[2014/06/12 21:26:48 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wusa.exe
[2014/06/12 21:26:42 | 001,301,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2014/06/12 21:26:36 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/06/12 21:26:36 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll
[2014/06/12 21:26:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/06/12 21:26:36 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/06/12 21:26:36 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/06/12 21:26:35 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/06/12 21:26:35 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2014/06/12 21:26:34 | 001,440,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/06/12 21:26:34 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll
[2014/06/12 21:26:34 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/06/12 21:26:33 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2014/06/12 21:26:32 | 001,508,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/06/12 21:26:31 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2014/06/12 21:26:31 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/06/12 21:26:30 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/06/12 21:26:29 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/06/12 21:26:27 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2014/06/12 21:26:27 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/06/12 21:26:25 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/06/12 21:26:13 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/06/12 21:26:13 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/06/12 21:26:12 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2014/06/08 16:21:21 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Local\Diagnostics
[2014/05/31 16:12:18 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Local\{C1A0441D-6A9A-4006-A219-F5F97B5FCC9C}
[2014/05/29 23:50:32 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Local\{75365255-2F4C-45F1-AE2F-739894329666}
[2014/05/29 23:50:31 | 000,000,000 | ---D | C] -- C:\Users\Lenka\AppData\Local\{74C9D6D5-396E-40F0-93EB-2D5DDA0BC5F6}

========== Files - Modified Within 30 Days ==========

[2014/06/28 09:28:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/06/28 09:25:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lenka\Desktop\OTL.exe
[2014/06/28 09:16:31 | 001,851,486 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/06/28 09:16:31 | 000,774,720 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/06/28 09:16:31 | 000,755,956 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2014/06/28 09:16:31 | 000,162,886 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2014/06/28 09:16:31 | 000,158,234 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/06/28 09:13:25 | 000,000,983 | ---- | M] () -- C:\WINDOWS\SysWow64\bscs.ini
[2014/06/28 09:12:04 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/06/28 09:11:35 | 000,003,620 | ---- | M] () -- C:\WINDOWS\SysWow64\LOCALSERVICE.INI
[2014/06/28 09:11:18 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/28 09:10:22 | 000,000,043 | ---- | M] () -- C:\WINDOWS\SysWow64\LOCALDEVICE.INI
[2014/06/28 09:10:09 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/28 09:09:59 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/06/28 09:09:58 | 3343,925,248 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/28 00:12:11 | 000,000,127 | ---- | M] () -- C:\WINDOWS\SysWow64\REMOTEDEVICE.INI
[2014/06/27 16:49:31 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/19 07:28:26 | 000,040,248 | ---- | M] (AVG) -- C:\WINDOWS\SysNative\TURegOpt.exe
[2014/06/19 07:28:18 | 000,042,808 | ---- | M] (AVG) -- C:\WINDOWS\SysNative\uxtuneup.dll
[2014/06/19 07:28:18 | 000,035,640 | ---- | M] (AVG) -- C:\WINDOWS\SysWow64\uxtuneup.dll
[2014/06/19 07:28:18 | 000,029,496 | ---- | M] (AVG) -- C:\WINDOWS\SysNative\authuitu.dll
[2014/06/19 07:28:18 | 000,025,400 | ---- | M] (AVG) -- C:\WINDOWS\SysWow64\authuitu.dll
[2014/06/17 22:10:54 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForLenka.job
[2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgldx64.sys
[2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgloga.sys
[2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgidsha.sys
[2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgidsdrivera.sys
[2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgdiska.sys
[2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgmfx64.sys
[2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SysNative\drivers\avgrkx64.sys
[2014/06/08 22:19:12 | 000,001,214 | ---- | M] () -- C:\WINDOWS\SysWow64\SHORTCUT.INI
[2014/05/31 07:16:07 | 000,703,992 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/05/31 07:16:07 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2014/06/28 09:28:15 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/06/12 21:26:47 | 000,387,268 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/04/05 15:20:51 | 000,000,330 | ---- | C] () -- C:\Users\Lenka\rgut
[2014/04/04 19:43:10 | 000,538,126 | --S- | C] () -- C:\WINDOWS\SysWow64\libcurl-4.dll
[2014/04/04 19:43:10 | 000,192,512 | --S- | C] () -- C:\WINDOWS\SysWow64\libidn-11.dll
[2014/04/04 19:43:10 | 000,133,632 | --S- | C] () -- C:\WINDOWS\SysWow64\librtmp.dll
[2014/04/04 19:43:10 | 000,100,864 | --S- | C] () -- C:\WINDOWS\SysWow64\zlib1.dll
[2014/01/23 19:31:08 | 000,974,848 | ---- | C] () -- C:\WINDOWS\SysWow64\cis-2.4.dll
[2014/01/23 19:31:08 | 000,081,920 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_bs-2.3.dll
[2014/01/23 19:31:08 | 000,065,536 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_pe-2.3.dll
[2014/01/23 19:31:08 | 000,057,344 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_se-2.3.dll
[2014/01/23 13:56:39 | 000,001,214 | ---- | C] () -- C:\WINDOWS\SysWow64\SHORTCUT.INI
[2014/01/23 13:55:31 | 000,000,127 | ---- | C] () -- C:\WINDOWS\SysWow64\REMOTEDEVICE.INI
[2014/01/23 13:39:06 | 000,000,161 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2014/01/23 10:47:21 | 000,368,428 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\FW7650.bin
[2014/01/23 10:47:21 | 000,000,313 | ---- | C] () -- C:\WINDOWS\SysWow64\RaCheckBTDev.ini
[2014/01/23 10:41:04 | 000,003,620 | ---- | C] () -- C:\WINDOWS\SysWow64\LOCALSERVICE.INI
[2014/01/23 10:41:04 | 000,000,043 | ---- | C] () -- C:\WINDOWS\SysWow64\LOCALDEVICE.INI
[2014/01/23 01:07:08 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/03/22 11:00:08 | 000,000,983 | ---- | C] () -- C:\WINDOWS\SysWow64\bscs.ini
[2013/01/31 18:04:00 | 000,070,904 | ---- | C] () -- C:\WINDOWS\SysWow64\BsProfileFunc.dll
[2013/01/10 13:59:24 | 000,019,456 | ---- | C] () -- C:\WINDOWS\SysWow64\BsTrace.dll
[2013/01/10 12:25:58 | 000,353,280 | ---- | C] () -- C:\WINDOWS\SysWow64\BsExtendFunc.dll
[2013/01/10 12:25:58 | 000,049,248 | ---- | C] () -- C:\WINDOWS\SysWow64\BSSkypeAgent.dll
[2013/01/10 12:25:56 | 000,081,920 | ---- | C] () -- C:\WINDOWS\SysWow64\BsVistaCommon.dll
[2013/01/10 12:25:56 | 000,073,820 | ---- | C] () -- C:\WINDOWS\SysWow64\BSVoIPComm.dll
[2013/01/10 12:25:56 | 000,049,664 | ---- | C] () -- C:\WINDOWS\SysWow64\BSWMPPlugin.dll
[2013/01/10 12:25:56 | 000,011,264 | ---- | C] () -- C:\WINDOWS\SysWow64\SCChangeMonitor.dll
[2012/09/26 16:27:56 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblup.dat
[2012/09/26 16:27:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/08/24 02:08:06 | 000,272,928 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012/08/24 02:07:32 | 000,064,512 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2012/08/24 02:07:26 | 000,963,388 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2012/08/04 00:40:09 | 000,916,510 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012/08/02 10:53:50 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2012/08/02 10:53:50 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2012/07/26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012/07/26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012/07/26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/07/26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012/07/25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012/07/25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012/07/25 22:22:56 | 000,733,840 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin
[2012/07/25 22:22:56 | 000,492,340 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin
[2012/07/25 22:22:54 | 000,982,240 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng500.bin
[2012/07/25 22:22:54 | 000,439,308 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng500.bin
[2012/07/25 22:22:54 | 000,092,356 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg500m.bin

========== ZeroAccess Check ==========

[2012/09/02 17:17:22 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/28 10:23:06 | 019,759,104 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/28 08:18:26 | 017,562,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/02/13 16:48:46 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2014/02/13 16:48:46 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2014/01/23 17:04:58 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\AVG
[2014/01/22 23:05:22 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\AVG2014
[2014/01/28 22:38:41 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\BSplayer
[2014/01/23 00:21:37 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\BSplayer Pro
[2014/01/26 10:23:19 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\PDF Architect
[2014/03/15 01:30:56 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Samsung
[2014/01/22 22:31:17 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Synaptics
[2014/01/22 23:04:49 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\TuneUp Software

========== Purity Check ==========

========== Custom Scans ==========

< >
[2012/07/26 09:22:10 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2014/01/22 22:36:27 | 000,000,958 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2014/01/22 22:36:28 | 000,000,962 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2014/02/18 23:49:35 | 000,000,344 | ---- | C] () -- C:\WINDOWS\Tasks\HPCeeScheduleForLenka.job

< >

< MD5 for: AGP440.SYS >
[2012/07/26 07:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\WINDOWS\SysNative\drivers\AGP440.sys
[2012/07/26 07:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_81a4c6c9cc9d86a0\AGP440.sys
[2012/07/26 07:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.2.9200.16384_none_12dc94a048750f71\AGP440.sys

< MD5 for: ATAPI.SYS >
[2012/07/26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2012/07/26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_69660e2be041f47b\atapi.sys
[2012/07/26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_b733d17ea1e7f604\atapi.sys
[2012/07/26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16384_none_3601cf7eab4e0493\atapi.sys
[2012/07/26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16548_none_36311422ab29f479\atapi.sys
[2012/07/26 07:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.20652_none_36a9df45c455182a\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2014/02/10 21:41:42 | 000,040,790 | ---- | M] () MD5=0820FF2DF07694127C18619A7704864B -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_3abd94ae4b8558e6\autochk.exe
[2013/05/15 04:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\SysWOW64\autochk.exe
[2013/05/15 04:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_dee8adbc92f0e8e0\autochk.exe
[2014/04/03 22:22:10 | 000,034,714 | ---- | M] () MD5=67B466FE1B3E1A7C078B131DBB2D7BF0 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_de9ef92a9327e7b0\autochk.exe
[2014/02/10 21:41:43 | 000,000,596 | ---- | M] () MD5=ACC6638E879BE785BB57C85EFDB9A4E2 -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_3b95e77d64677893\autochk.exe
[2014/04/03 22:22:12 | 000,000,619 | ---- | M] () MD5=AEA3F37C2F31B7361F691421CF1CA051 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_df774bf9ac0a075d\autochk.exe
[2013/05/15 04:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\WINDOWS\SysNative\autochk.exe
[2013/05/15 04:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_3b0749404b4e5a16\autochk.exe

< MD5 for: CDROM.SYS >
[2012/07/26 04:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2012/07/26 04:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_cf04adb457be1724\cdrom.sys
[2012/07/26 04:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.2.9200.16384_none_b87303472d8ba041\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2013/07/13 08:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=5CE2742F063731EC10C1B2EE386A2C08 -- C:\WINDOWS\SysNative\cryptsvc.dll
[2013/07/13 08:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=5CE2742F063731EC10C1B2EE386A2C08 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16666_none_cee0e6e724817621\cryptsvc.dll
[2014/02/10 21:45:32 | 000,010,405 | ---- | M] () MD5=8389E4A7DB9160AB90FE04913921A050 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.20774_none_cf5db3323da8ff2e\cryptsvc.dll
[2014/02/10 21:45:31 | 000,010,706 | ---- | M] () MD5=B11F99292AF808F787DF6A7DFCA49696 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16384_none_cec940c9249383e0\cryptsvc.dll
[2014/02/10 21:45:31 | 000,001,071 | ---- | M] () MD5=B1AF8E0DE194187E80FE717793B50F05 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16595_none_cebf74f3249ab376\cryptsvc.dll
[2014/02/10 21:45:32 | 000,010,481 | ---- | M] () MD5=D03B554CC788C658B1769E6BAC9B2329 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.20699_none_cf4d12e63db4b89c\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2012/01/31 12:22:06 | 000,006,952 | ---- | M] () MD5=D9A27F35D231BAC3AD58E922C7644E8B -- C:\Program Files (x86)\CyberLink\PowerDirector10\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2013/06/01 13:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\explorer.exe
[2013/06/01 13:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_aac334d9034c59e1\explorer.exe
[2014/03/12 23:31:34 | 000,190,101 | ---- | M] () MD5=1376DD50E24847C4CC7E785CDDF1ECAC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_b591aa9850d758e4\explorer.exe
[2014/03/12 23:31:21 | 000,193,351 | ---- | M] () MD5=2C606E1A405B6AB30651CAA4D1A43915 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe
[2014/02/12 10:19:04 | 000,217,360 | ---- | M] () MD5=5DFCC1493FED3FD5282997506D6AC9BD -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_ab3d00461c7696e9\explorer.exe
[2014/03/12 23:31:26 | 000,191,911 | ---- | M] () MD5=6C22EFE97773B02BB42B5B701593D912 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_b5080a0137b9becc\explorer.exe
[2014/02/12 10:18:54 | 000,221,955 | ---- | M] () MD5=783DD92BE8B1DCEF16B8BE0569BBABA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe
[2014/02/12 10:19:01 | 000,220,321 | ---- | M] () MD5=789C3F55AEC1A1DC46274452A2E01CE7 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_ab3dfcc41c75b5f2\explorer.exe
[2014/03/12 23:31:30 | 000,191,929 | ---- | M] () MD5=99492BB41883477975A76EAC338EC9E6 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_b592a71650d677ed\explorer.exe
[2013/06/01 12:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\SysWOW64\explorer.exe
[2013/06/01 12:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_b517df2b37ad1bdc\explorer.exe
[2014/02/12 10:18:58 | 000,220,310 | ---- | M] () MD5=FF35C434F15CB2B81A8854E5443A3966 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_aab35faf0358fcd1\explorer.exe

< MD5 for: HAL.DLL >
[2014/02/12 10:20:17 | 000,001,310 | ---- | M] () MD5=096C572F9B5D3AC7DA0CEB36B84DDBD9 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.20521_none_04ba1763fc5e1692\hal.dll
[2014/02/12 10:20:18 | 000,002,020 | ---- | M] () MD5=608DF2DF052E5F35D1D87869B140C582 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.20544_none_04a77869fc6b9a79\hal.dll
[2014/02/12 10:20:17 | 000,001,298 | ---- | M] () MD5=88EA5D852CC1B10E2AB3424F0C9F6C4B -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16420_none_042f7a4ee3415d71\hal.dll
[2014/02/12 10:20:16 | 000,011,988 | ---- | M] () MD5=8E380A25BCE81AF0D3F498660534D4B8 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16384_none_03f29a08e36e6d4c\hal.dll
[2012/10/24 06:54:04 | 000,396,008 | ---- | M] (Microsoft Corporation) MD5=F021625F422966AD31F95CC494F7D188 -- C:\WINDOWS\SysNative\hal.dll
[2012/10/24 06:54:04 | 000,396,008 | ---- | M] (Microsoft Corporation) MD5=F021625F422966AD31F95CC494F7D188 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.2.9200.16442_none_041bdb0ae34fc801\hal.dll

< MD5 for: IASTORV.SYS >
[2012/07/26 07:00:52 | 000,411,888 | ---- | M] (Intel Corporation) MD5=5E394EBD26FD68AA9300332C46BEDD62 -- C:\WINDOWS\SysNative\drivers\iaStorV.sys
[2012/07/26 07:00:52 | 000,411,888 | ---- | M] (Intel Corporation) MD5=5E394EBD26FD68AA9300332C46BEDD62 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_819876bbe5c3b25f\iaStorV.sys
[2012/07/26 07:00:52 | 000,411,888 | ---- | M] (Intel Corporation) MD5=5E394EBD26FD68AA9300332C46BEDD62 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.2.9200.16384_none_07daf9dd118c3086\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2012/07/26 07:00:52 | 000,022,256 | ---- | M] (Microsoft Corporation) MD5=D940C5BB9DC92E588533C19ABCC3D2C2 -- C:\WINDOWS\SysNative\drivers\isapnp.sys
[2012/07/26 07:00:52 | 000,022,256 | ---- | M] (Microsoft Corporation) MD5=D940C5BB9DC92E588533C19ABCC3D2C2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\machine.inf_amd64_81a4c6c9cc9d86a0\isapnp.sys
[2012/07/26 07:00:52 | 000,022,256 | ---- | M] (Microsoft Corporation) MD5=D940C5BB9DC92E588533C19ABCC3D2C2 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.2.9200.16384_none_12dc94a048750f71\isapnp.sys

< MD5 for: LSASS.EXE >
[2014/02/12 19:35:02 | 000,000,552 | ---- | M] () MD5=2ADAC1E553801D1ADCF2EFB040B945A1 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.20521_none_96fcc65d3502465c\lsass.exe
[2014/05/18 19:11:44 | 000,004,224 | ---- | M] () MD5=2CD05F63D8B571BB3F426FDADDDDDA7B -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.16420_none_967229481be58d3b\lsass.exe
[2014/02/12 19:35:00 | 000,002,767 | ---- | M] () MD5=634B3CAAEC21D2168F634BC1FC46788D -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.16384_none_963549021c129d16\lsass.exe
[2014/05/18 19:12:28 | 000,004,225 | ---- | M] () MD5=6F9E0B89B3510BC9B2B813A540BCB093 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.20985_none_96bfef95352f47fa\lsass.exe
[2014/03/11 02:39:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=F1DA34D64F2BA200D28A7451804E2FEE -- C:\WINDOWS\SysNative\lsass.exe
[2014/03/11 02:39:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=F1DA34D64F2BA200D28A7451804E2FEE -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.16865_none_964bf2a21c01704e\lsass.exe

< MD5 for: NDIS.SYS >
[2014/02/28 20:48:45 | 000,126,382 | ---- | M] () MD5=215C21DDA019EF4263220CE5CA58C80E -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20623_none_b2e8a56ecabe1acf\ndis.sys
[2014/02/28 20:48:33 | 000,132,490 | ---- | M] () MD5=2CFB744C8B66F3B50E36E4AE29DC29DB -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16384_none_b21f2599b1d041b4\ndis.sys
[2014/02/28 20:48:48 | 000,123,394 | ---- | M] () MD5=3EA27F7644ADB439E5626693FFB20070 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20750_none_b2c536b2cad91fc4\ndis.sys
[2014/02/28 20:48:39 | 000,126,379 | ---- | M] () MD5=565FFE4A3E7D0D775676588BEC8EB0F1 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16518_none_b26eda01b193ddc7\ndis.sys
[2014/02/28 20:48:41 | 000,051,156 | ---- | M] () MD5=72C21AFFC7415F7500393A81AC744824 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16628_none_b2640bfbb19bf6df\ndis.sys
[2013/06/17 00:41:31 | 000,997,632 | ---- | M] (Microsoft Corporation) MD5=A10E176F3B2BF83EDE7B5C4658C93B66 -- C:\WINDOWS\SysNative\drivers\ndis.sys
[2013/06/17 00:41:31 | 000,997,632 | ---- | M] (Microsoft Corporation) MD5=A10E176F3B2BF83EDE7B5C4658C93B66 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16643_none_b2496ab1b1b0b00e\ndis.sys
[2014/02/28 20:48:47 | 000,123,250 | ---- | M] () MD5=AB6F201167000411D428C94AEBC1E1A8 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20733_none_b2ddd768cac633e7\ndis.sys
[2014/02/28 20:48:37 | 000,132,458 | ---- | M] () MD5=BE36CB63F189D5600E385AAD81250ABE -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16433_none_b25436d1b1a899cf\ndis.sys
[2014/02/28 20:48:35 | 000,132,457 | ---- | M] () MD5=D071CCC547FC28800FD9E0315C86D137 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16420_none_b25c05dfb1a331d9\ndis.sys
[2014/02/28 20:48:42 | 000,132,461 | ---- | M] () MD5=F77D85ABEDC17AF2045B8E9BF7C3B22D -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20521_none_b2e6a2f4cabfeafa\ndis.sys
[2014/02/28 20:48:44 | 000,132,461 | ---- | M] () MD5=FE4EF9AE1172C4D114E8D10EB2EBC399 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20534_none_b2ded3e6cac552f0\ndis.sys

< MD5 for: NETLOGON.DLL >
[2012/07/26 05:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\SysWOW64\netlogon.dll
[2012/07/26 05:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_60d608f9f61ee049\netlogon.dll
[2012/07/26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) MD5=FDC70965F0FC9DFEBC919627DED5DDFF -- C:\WINDOWS\SysNative\netlogon.dll
[2012/07/26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) MD5=FDC70965F0FC9DFEBC919627DED5DDFF -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_56815ea7c1be1e4e\netlogon.dll

< MD5 for: NVRAID.SYS >
[2012/07/26 07:00:55 | 000,150,256 | ---- | M] (NVIDIA Corporation) MD5=D6D34118263412D3AAA8348A9572B7F2 -- C:\WINDOWS\SysNative\drivers\nvraid.sys
[2012/07/26 07:00:55 | 000,150,256 | ---- | M] (NVIDIA Corporation) MD5=D6D34118263412D3AAA8348A9572B7F2 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2012/07/26 07:00:55 | 000,150,256 | ---- | M] (NVIDIA Corporation) MD5=D6D34118263412D3AAA8348A9572B7F2 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.2.9200.16384_none_92a46a8c48c2da5e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2012/07/26 07:00:55 | 000,168,176 | ---- | M] (NVIDIA Corporation) MD5=27AFC428D1D32ABD04A86763A4EDDEA9 -- C:\WINDOWS\SysNative\drivers\nvstor.sys
[2012/07/26 07:00:55 | 000,168,176 | ---- | M] (NVIDIA Corporation) MD5=27AFC428D1D32ABD04A86763A4EDDEA9 -- C:\WINDOWS\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2012/07/26 07:00:55 | 000,168,176 | ---- | M] (NVIDIA Corporation) MD5=27AFC428D1D32ABD04A86763A4EDDEA9 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.2.9200.16384_none_92a46a8c48c2da5e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2012/07/26 05:07:07 | 000,224,768 | ---- | M] (Microsoft Corporation) MD5=4F6E1CA672370A9BCAC049CE3AB7F666 -- C:\WINDOWS\SysNative\scecli.dll
[2012/07/26 05:07:07 | 000,224,768 | ---- | M] (Microsoft Corporation) MD5=4F6E1CA672370A9BCAC049CE3AB7F666 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_90d789c062dfa509\scecli.dll
[2012/07/26 05:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\SysWOW64\scecli.dll
[2012/07/26 05:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_9b2c341297406704\scecli.dll

< MD5 for: SMSS.EXE >
[2012/07/26 07:26:45 | 000,132,096 | ---- | M] (Microsoft Corporation) MD5=08F850FEBDBDE7C89017B6B0CA0D1CD2 -- C:\WINDOWS\SysNative\smss.exe
[2012/07/26 07:26:45 | 000,132,096 | ---- | M] (Microsoft Corporation) MD5=08F850FEBDBDE7C89017B6B0CA0D1CD2 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.2.9200.16384_none_d72a7da7728fa356\smss.exe

< MD5 for: SVCHOST.EXE >
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2014/03/02 20:28:45 | 000,002,873 | ---- | M] () MD5=137AD22CA869542CC06BDC7B32FE4D44 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_0e8501058f11f3dc\svchost.exe
[2014/04/06 17:55:34 | 000,000,583 | ---- | M] () MD5=2E383D22C52F863749C071B9D3FACADA -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_b32de2dcefa42bec\svchost.exe
[2014/03/02 20:28:46 | 000,000,609 | ---- | M] () MD5=73A6BE2D1051931DE0F04E1C6C612B32 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_0f4c7e60a8019d22\svchost.exe
[2012/09/20 07:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\SysWOW64\svchost.exe
[2012/09/20 07:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_b2a345c7d68772cb\svchost.exe
[2014/04/06 17:55:33 | 000,003,208 | ---- | M] () MD5=C276BBEF1CDBC24E324214A79369795A -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe
[2012/09/20 08:33:52 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\WINDOWS\SysNative\svchost.exe
[2012/09/20 08:33:52 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_0ec1e14b8ee4e401\svchost.exe

< MD5 for: TCPIP.SYS >
[2014/04/03 13:22:14 | 002,233,176 | ---- | M] (Microsoft Corporation) MD5=0E0C16EE82E2F4EBC2FBCA24C8F00D9E -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2014/04/03 13:22:14 | 002,233,176 | ---- | M] (Microsoft Corporation) MD5=0E0C16EE82E2F4EBC2FBCA24C8F00D9E -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16886_none_0be9c3c8f0289b5e\tcpip.sys
[2014/06/23 06:56:50 | 000,263,503 | ---- | M] () MD5=1619E04881CDFAECC2985CD6DA728A8D -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16548_none_0c16fe5af00666d3\tcpip.sys
[2014/06/23 06:57:22 | 000,376,775 | ---- | M] () MD5=38FB0D55A6FFD013A713816837B423F0 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20521_none_0caf3712091a2033\tcpip.sys
[2014/06/23 06:58:09 | 000,361,762 | ---- | M] () MD5=4D9AAA8F431F0884D716A402DE0C377F -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20787_none_0c745d1209455a31\tcpip.sys
[2014/06/23 06:57:49 | 000,375,826 | ---- | M] () MD5=50B0B7EF5A27DCD83949D521F076B4DA -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20652_none_0c8fc97e09318a84\tcpip.sys
[2014/06/23 06:57:59 | 000,369,968 | ---- | M] () MD5=572F0AF8A466907EC3C246624FA7595F -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20733_none_0ca66b8609206920\tcpip.sys
[2014/06/23 06:56:20 | 000,376,408 | ---- | M] () MD5=58EB16A94B0C13A3C103EFB9EFB72EE3 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16384_none_0be7b9b6f02a76ed\tcpip.sys
[2014/06/23 06:57:08 | 000,227,708 | ---- | M] () MD5=77B7BCBD50250C7CEDC4AB6ED214BC8A -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16679_none_0bf790c6f01dd124\tcpip.sys
[2014/06/23 06:57:34 | 000,372,321 | ---- | M] () MD5=7E3C502AC21A186A68C5206A6B31F768 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20623_none_0cb1398c09185008\tcpip.sys
[2014/06/23 06:58:22 | 000,359,782 | ---- | M] () MD5=8DCE4DBDF6394B72A5796CCB1E1D85DB -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.21005_none_0cc8b7cc0906758b\tcpip.sys
[2014/06/23 06:56:41 | 000,372,339 | ---- | M] () MD5=9DA8F6D3A0AF215549BE17D87B54E226 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16518_none_0c376e1eefee1300\tcpip.sys
[2014/06/23 06:56:32 | 000,376,780 | ---- | M] () MD5=A7EE3B6E064CCB59A977FF47852B5784 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16420_none_0c2499fceffd6712\tcpip.sys
[2014/06/23 06:57:14 | 000,221,542 | ---- | M] () MD5=C3FF9B008D96F2B8F15E37F1296494DB -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16808_none_0c4243bcefe5ee84\tcpip.sys
[2014/06/23 06:56:57 | 000,243,061 | ---- | M] () MD5=C8D21ED3E03700820670E813C356EC43 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.16628_none_0c2ca018eff62c18\tcpip.sys
[2014/05/18 20:51:49 | 000,363,232 | ---- | M] () MD5=DA8C8E44FFC74A4F439FFC654CA070A6 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.2.9200.20927_none_0cb540660914acd9\tcpip.sys

< MD5 for: USERINIT.EXE >
[2012/07/26 05:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\WINDOWS\SysNative\userinit.exe
[2012/07/26 05:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2617a5b742e02\userinit.exe
[2012/07/26 05:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\SysWOW64\userinit.exe
[2012/07/26 05:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe

cudla11 · #9 Příspěvek od **cudla11** » 28 čer 2014 09:25

pokračování OTL.txt:

< MD5 for: WINLOGON.EXE >
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2014/03/12 23:15:58 | 000,053,876 | ---- | M] () MD5=5F010E699A67E36DC1DE46E6B3F90F63 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_c8c988c15e88a211\winlogon.exe
[2014/05/18 20:54:04 | 000,082,423 | ---- | M] () MD5=70A8607604BFE86210A59EE072DD5B1C -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07\winlogon.exe
[2014/04/12 11:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\WINDOWS\SysNative\winlogon.exe
[2014/04/12 11:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16891_none_c87ee12f5ec0739b\winlogon.exe
[2014/05/18 20:54:05 | 000,072,808 | ---- | M] () MD5=92FB3DDBA07607840EDD03B260844246 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21012_none_c95fd5c6779c8076\winlogon.exe
[2014/03/12 23:16:01 | 000,001,620 | ---- | M] () MD5=B25E1282BE1B9C0FEC1ADDA920ED7D3A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_c94c56c877aac328\winlogon.exe
[2014/03/12 23:15:57 | 000,053,889 | ---- | M] () MD5=D43088B4BFEE33FAFB352CD3E6306E00 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe
[2014/03/12 23:16:00 | 000,053,884 | ---- | M] () MD5=E29BCD806AB847947EEBF1BF3BA98FDE -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_c95425d677a55b32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2012/07/26 07:26:48 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=2E5B349ACDA36C20612795754DB93312 -- C:\WINDOWS\SysNative\ws2_32.dll
[2012/07/26 07:26:48 | 000,345,088 | ---- | M] (Microsoft Corporation) MD5=2E5B349ACDA36C20612795754DB93312 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.2.9200.16384_none_4b815827581a3bbb\ws2_32.dll
[2012/07/26 05:20:38 | 000,310,784 | ---- | M] (Microsoft Corporation) MD5=B3CC9EDFD97F7087013A9A47089DF571 -- C:\Windows\SysWOW64\ws2_32.dll
[2012/07/26 05:20:38 | 000,310,784 | ---- | M] (Microsoft Corporation) MD5=B3CC9EDFD97F7087013A9A47089DF571 -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.2.9200.16384_none_ef62bca39fbcca85\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[5 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\WINDOWS\Panther\*.tmp files -> C:\WINDOWS\Panther\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\53ee28e1fefd7fd15bbba580a0b1acd1\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\53ee28e1fefd7fd15bbba580a0b1acd1\*.tmp -> ]
[1 C:\WINDOWS\WinSxS\*.tmp files -> C:\WINDOWS\WinSxS\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/02/05 00:29:40 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Adobe
[2014/01/22 22:32:20 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\ATI
[2014/01/23 17:04:58 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\AVG
[2014/01/22 23:05:22 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\AVG2014
[2014/01/28 22:38:41 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\BSplayer
[2014/01/23 00:21:37 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\BSplayer Pro
[2014/01/23 11:56:06 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\CyberLink
[2014/01/22 22:36:59 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Hewlett-Packard
[2014/03/15 01:43:12 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\hpqlog
[2014/01/23 10:47:11 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\InstallShield
[2014/02/05 00:24:26 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Macromedia
[2014/06/21 08:56:08 | 000,000,000 | --SD | M] -- C:\Users\Lenka\AppData\Roaming\Microsoft
[2014/01/26 10:23:19 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\PDF Architect
[2014/03/15 01:30:56 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Samsung
[2014/04/01 21:32:36 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Skype
[2014/01/22 22:31:17 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\Synaptics
[2014/01/22 23:04:49 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\TuneUp Software
[2014/01/30 22:59:55 | 000,000,000 | ---D | M] -- C:\Users\Lenka\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009/08/11 22:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009/08/11 22:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010/03/22 15:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012/10/11 10:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010/08/14 11:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010/08/14 11:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010/08/14 11:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010/09/30 16:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Lenka\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2014/05/24 03:25:49 | 013,731,328 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2014/05/24 03:25:49 | 013,731,328 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014/06/28 09:13:25 | 000,000,983 | ---- | M] () -- C:\WINDOWS\system32\bscs.ini
[2014/06/28 09:10:22 | 000,000,043 | ---- | M] () -- C:\WINDOWS\system32\LOCALDEVICE.INI
[2014/06/28 09:11:35 | 000,003,620 | ---- | M] () -- C:\WINDOWS\system32\LOCALSERVICE.INI
[2014/06/28 09:12:28 | 000,000,018 | ---- | M] () -- C:\WINDOWS\system32\log.txt
[2014/06/28 00:12:11 | 000,000,127 | ---- | M] () -- C:\WINDOWS\system32\REMOTEDEVICE.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/06/28 09:28:15 | 000,000,512 | ---- | M] () MD5=7D9253B8D998CD76AD4B4491D9FCDFAC -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011/05/12 22:18:12 | 003,866,752 | ---- | M] () -- \Users\Lenka\Music\songs\Shocore - Bonecracker (1).mp3
[2012/09/11 15:17:02 | 006,207,980 | ---- | M] () -- \Users\Lenka\Music\The Best\Cracker - Teen Angst.mp3

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2014/03/02 17:48:08 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2014/03/02 17:48:08 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013/05/28 08:31:41 | 000,126,728 | ---- | M] () -- \Program Files (x86)\CyberLink\Media Suite\koan\pyloader.dll
[2012/07/19 10:28:00 | 002,475,832 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Kernel\CES\CES_3DLoaderFBX.dll
[2012/07/19 11:46:30 | 000,127,504 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Koan\pyloader.dll
[2012/07/19 10:28:16 | 000,006,629 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\Presentation\UI\Import\ThumbnailLoader.kc
[2012/07/19 10:28:20 | 000,012,172 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\PyUploader.kc
[2012/07/19 11:45:56 | 000,161,296 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\_PyUploader.pyd
[2012/07/19 10:28:22 | 000,007,658 | ---- | M] () -- \Program Files (x86)\CyberLink\PhotoDirector\System\Model\SlideShowProduction\ProfileLoader.kc
[2010/12/24 08:00:58 | 000,167,720 | ---- | M] () -- \Program Files (x86)\CyberLink\Power2Go8\runtime\CES\PlugIn\CES_3DLoaderC3S.dll
[2010/12/24 08:00:58 | 002,525,480 | ---- | M] () -- \Program Files (x86)\CyberLink\Power2Go8\runtime\CES\PlugIn\CES_3DLoaderFBX.dll
[2012/07/03 12:02:42 | 000,127,504 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\3DPhotoPlayer\Koan\pyloader.dll
[2012/07/19 12:05:52 | 000,126,064 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PK\Koan\pyloader.dll
[2012/07/19 12:05:54 | 000,028,238 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PK\subsys\PyImpLoader\PyImpLoader.kc
[2012/07/19 12:05:54 | 000,121,968 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PK\subsys\PyImpLoader\_PyImpLoader.pyd
[2011/05/05 15:35:06 | 000,010,775 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2011/05/05 15:35:08 | 000,003,567 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\langloader.kc
[2011/05/05 15:35:08 | 000,013,369 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\layoutloader.kc
[2012/04/09 20:20:34 | 002,533,160 | ---- | M] () -- \Program Files (x86)\CyberLink\Shared files\Plugin\8.0\CES_3DLoaderFBX.dll
[2012/07/30 11:09:28 | 000,127,504 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\Koan\pyloader.dll
[2012/07/27 18:21:24 | 000,021,001 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\Uploader\PyUploader.kc
[2012/07/27 18:21:24 | 000,224,368 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\Uploader\_PyUploader.pyd
[2012/07/24 10:28:46 | 000,167,720 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\YouCam\CES_3DLoaderC3S.dll
[2012/07/24 10:28:46 | 002,525,480 | ---- | M] () -- \Program Files (x86)\CyberLink\YouCam\subsys\YouCam\CES_3DLoaderFBX.dll
[2014/05/14 18:51:55 | 000,017,128 | ---- | M] () -- \Program Files\Microsoft Office 15\root\vfs\Windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\15.0.0.0__71E9BCE111E9429C\Microsoft.Office.Infopath.CLRLoader.dll
[2012/07/26 09:54:36 | 000,039,485 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Bing_1.2.0.137_x64__8wekyb3d8bbwe\shell\js\backgroundImageLoader.js
[2012/07/26 09:53:30 | 000,002,809 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\DependencyLoader\DependencyLoader.js
[2012/07/26 09:53:31 | 000,001,583 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellComposeDependencyLoader.js
[2012/07/26 09:53:31 | 000,001,711 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellReadDependencyLoader.js
[2012/07/26 09:53:31 | 000,002,509 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellShareAnythingControlDependencyLoader.js
[2012/07/26 09:53:32 | 000,002,394 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernPeople\appframe\BackgroundLoader.js
[2012/07/26 09:53:32 | 000,005,028 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShareAnything\ShareDataLoader.js
[2014/01/23 17:24:07 | 000,002,089 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\DependencyLoader\DependencyLoader.js
[2014/01/23 17:24:11 | 000,001,326 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellComposeDependencyLoader.js
[2014/01/23 17:24:11 | 000,001,208 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellReadDependencyLoader.js
[2014/01/23 17:24:11 | 000,002,552 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernAttachmentWell\AttachmentWellShareAnythingControlDependencyLoader.js
[2014/01/23 17:24:13 | 000,001,915 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernPeople\appframe\BackgroundLoader.js
[2014/01/23 17:24:14 | 000,005,019 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShareAnything\ShareDataLoader.js
[2012/07/26 09:54:33 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.0.927.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2014/01/23 17:23:47 | 000,046,874 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.3.10.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2012/07/26 09:54:09 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneMusic_1.0.927.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2012/07/26 09:54:17 | 000,049,108 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.0.927.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2014/04/01 19:13:01 | 000,056,273 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.5.802.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2014/04/30 21:37:04 | 000,100,722 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.5.849.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2014/05/14 23:18:50 | 000,101,046 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.5.886.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2014/05/14 23:18:50 | 000,101,046 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.ZuneVideo_1.5.902.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2013/08/22 20:01:28 | 000,061,528 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012/04/09 20:20:34 | 002,533,160 | ---- | M] () -- \SWSetup\CPwrDD\ShareFiles\Share_x86\Plugin\8.0\CES_3DLoaderFBX.dll
[2014/06/06 09:18:28 | 000,009,418 | ---- | M] () -- \Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.1_0\img\gifloader.gif
[2014/06/06 09:18:28 | 000,009,418 | ---- | M] () -- \Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.3_0\img\gifloader.gif
[2013/11/11 15:39:40 | 000,072,638 | ---- | M] () -- \Users\Lenka\AppData\Local\Skype\Apps\login\images\loader.gif
[2013/11/11 15:39:40 | 000,003,032 | ---- | M] () -- \Users\Lenka\AppData\Local\Skype\Apps\login\images\loader.png
[2013/11/11 15:39:40 | 000,006,012 | ---- | M] () -- \Users\Lenka\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2013/11/11 15:39:40 | 000,021,956 | ---- | M] () -- \Users\Lenka\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2013/11/11 15:39:40 | 000,009,772 | ---- | M] () -- \Users\Lenka\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2011/06/29 16:24:10 | 005,225,383 | ---- | M] () -- \Users\Lenka\Music\songs\Dance. Freeloaders feat. The Real Thing - So Much Love.mp3
[2006/08/14 14:45:58 | 005,225,383 | ---- | M] () -- \Users\Lenka\Music\Tanecni jakoze\Dance. Freeloaders feat. The Real Thing - So Much Love.mp3
[2014/05/14 19:06:02 | 000,105,984 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.O29577370#\62c14de0160d890730783c716c76f30a\Microsoft.Office.InfoPath.CLRLoader.ni.dll
[2014/05/14 19:06:02 | 000,000,796 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.O29577370#\62c14de0160d890730783c716c76f30a\Microsoft.Office.InfoPath.CLRLoader.ni.dll.aux
[2014/05/14 19:05:50 | 000,017,128 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\v4.0_15.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.CLRLoader.dll
[2012/07/26 04:46:24 | 000,003,072 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 04:46:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 04:46:36 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2012/07/26 05:18:20 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012/04/26 14:26:34 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012/07/26 04:46:24 | 000,003,072 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 04:46:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 04:46:36 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2012/07/26 05:18:20 | 000,036,352 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2012/04/26 14:26:34 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[1 \Windows\WinSxS\*.tmp files -> \Windows\WinSxS\*.tmp -> ]
[2012/07/26 06:53:16 | 001,084,144 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16384_none_891afac5ef497dae\hvloader.efi
[2012/07/26 06:53:16 | 000,998,128 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16384_none_891afac5ef497dae\hvloader.exe
[2012/10/11 10:42:55 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16433_none_89500bfdef21d5c9\hvloader.efi
[2012/10/11 10:42:55 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16433_none_89500bfdef21d5c9\hvloader.exe
[2013/03/02 12:39:39 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16548_none_894a3f69ef256d94\hvloader.efi
[2013/03/02 12:39:39 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16548_none_894a3f69ef256d94\hvloader.exe
[2013/03/02 12:39:39 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16579_none_892acfefef3cdabe\hvloader.efi
[2013/04/09 07:24:49 | 000,998,152 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16579_none_892acfefef3cdabe\hvloader.exe
[2013/06/01 14:02:14 | 001,084,160 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16628_none_895fe127ef1532d9\hvloader.efi
[2013/06/01 14:02:14 | 000,998,144 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.16628_none_895fe127ef1532d9\hvloader.exe
[2012/10/11 09:29:20 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20534_none_89daa913083e8eea\hvloader.efi
[2012/10/11 09:29:20 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20534_none_89daa913083e8eea\hvloader.exe
[2013/03/02 12:22:17 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20652_none_89c30a8d08509145\hvloader.efi
[2013/03/02 12:22:17 | 000,998,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20652_none_89c30a8d08509145\hvloader.exe
[2013/03/02 12:22:17 | 001,084,136 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20683_none_89a39b130867fe6f\hvloader.efi
[2013/04/09 02:24:11 | 000,998,152 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20683_none_89a39b130867fe6f\hvloader.exe
[2013/06/01 14:49:37 | 001,084,160 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20733_none_89d9ac95083f6fe1\hvloader.efi
[2013/06/01 14:49:37 | 000,998,144 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.2.9200.20733_none_89d9ac95083f6fe1\hvloader.exe
[2012/07/26 05:05:30 | 000,047,616 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.2.9200.16384_none_9ebdc35619670551\dmloader.dll
[2012/07/26 04:35:54 | 000,003,072 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 04:35:54 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 04:35:58 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_637b975b05942933\api-ms-win-core-stringloader-l1-1-0.dll
[2012/09/03 02:43:45 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c.manifest
[2012/09/03 02:43:45 | 000,030,448 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c_winload.efi.mui_35ee487d
[2012/09/03 02:43:45 | 000,030,448 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c_winload.exe.mui_3bc5b827
[2012/09/03 02:43:45 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c_winresume.efi.mui_f412814e
[2012/09/03 02:43:45 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c_winresume.exe.mui_ff8b5358
[2012/07/26 09:50:59 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a.manifest
[2012/07/26 09:50:59 | 000,029,936 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a_winload.efi.mui_35ee487d
[2012/07/26 09:50:59 | 000,029,936 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a_winload.exe.mui_3bc5b827
[2012/07/26 09:50:59 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a_winresume.efi.mui_f412814e
[2012/07/26 09:50:59 | 000,020,208 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a_winresume.exe.mui_ff8b5358
[2014/01/24 02:08:11 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a.manifest
[2014/01/24 02:08:11 | 001,403,296 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winload.efi_75834aa0
[2014/01/24 02:08:11 | 001,271,584 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winload.exe_75835076
[2014/01/24 02:08:11 | 001,217,352 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winresume.efi_85cd069f
[2014/01/24 02:08:11 | 001,093,904 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a_winresume.exe_85cd1215
[2012/07/26 10:11:35 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2012/09/03 02:41:09 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_8c0c160e86cdb00c.manifest
[2012/07/26 09:49:33 | 000,004,656 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.2.9200.16384_en-us_cf62616a6dc80c6a.manifest
[2012/07/26 07:00:58 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16384_none_b3f06196f66b163f.manifest
[2012/09/20 10:33:02 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16420_none_b42d41dcf63e0664.manifest
[2012/10/11 09:33:59 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16433_none_b42572cef6436e5a.manifest
[2013/04/09 08:04:17 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16579_none_b40036c0f65e734f.manifest
[2013/06/01 13:31:54 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.16628_none_b43547f8f636cb6a.manifest
[2012/09/20 11:24:25 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20521_none_b4b7def20f5abf85.manifest
[2012/10/11 09:26:48 | 000,005,810 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20534_none_b4b00fe40f60277b.manifest
[2013/04/09 02:53:04 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20683_none_b47901e40f899700.manifest
[2013/06/01 14:10:50 | 000,005,808 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.2.9200.20733_none_b4af13660f610872.manifest
[2012/07/26 05:18:20 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.2.9200.16384_none_429f27d26109941b\dmloader.dll
[2012/07/26 04:46:24 | 000,003,072 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/07/26 04:46:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-libraryloader-l1-1-1.dll
[2012/07/26 04:46:36 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.2.9200.16384_none_075cfbd74d36b7fd\api-ms-win-core-stringloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[2014/01/23 13:39:06 | 000,000,161 | ---- | M] () -- \Windows\AutoKMS.ini

< *activator* /s >
[2014/06/19 07:25:52 | 000,356,152 | ---- | M] () -- \Program Files (x86)\AVG\AVG PC TuneUp\ProgramDeactivator.exe
[2014/06/19 07:28:24 | 000,129,336 | ---- | M] () -- \Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe
[2009/09/25 14:00:00 | 000,003,006 | ---- | M] () -- \Program Files (x86)\AVG\AVG PC TuneUp\data\deinstallation_programDeactivator_40x40.png
[2009/09/25 14:00:00 | 000,001,534 | ---- | M] () -- \Program Files (x86)\AVG\AVG PC TuneUp\data\icon_ProgramDeactivator_16.png
[2009/09/25 14:00:00 | 000,004,191 | ---- | M] () -- \Program Files (x86)\AVG\AVG PC TuneUp\data\icon_ProgramDeactivator_24x24.png
[2009/09/25 14:00:00 | 000,003,100 | ---- | M] () -- \Program Files (x86)\AVG\AVG PC TuneUp\data\icon_ProgramDeactivator_32.png
[2009/09/25 14:00:00 | 000,006,373 | ---- | M] () -- \Program Files (x86)\AVG\AVG PC TuneUp\data\icon_ProgramDeactivator_64.png
[2014/06/08 22:23:27 | 000,001,307 | ---- | M] () -- \Users\Lenka\AppData\Local\AVG\AWL2014\Log\ProgramDeactivator.log
[2013/12/18 10:36:42 | 000,354,616 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\9CF4DB1068F260746AE277B47B9E3D80\14.0.1001\ProgramDeactivator.exe
[2014/06/08 22:22:43 | 000,185,386 | ---- | M] () -- \Windows\Prefetch\PROGRAMDEACTIVATOR.EXE-C0C8AB55.pf

< *serial* /s >
[2012/10/10 03:35:25 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/05/14 18:49:07 | 000,167,616 | ---- | M] () -- \Program Files\Microsoft Office 15\root\office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.BackEnd.XmlSerializers.dll
[2014/05/14 18:47:49 | 000,210,112 | ---- | M] () -- \Program Files\Microsoft Office 15\root\office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.Common.FrontEnd.XmlSerializers.dll
[2012/10/10 03:36:13 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012/09/03 02:43:27 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014/04/10 21:53:32 | 000,022,528 | ---- | M] () -- \Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage
[2014/04/10 21:53:32 | 000,003,608 | ---- | M] () -- \Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage-journal
[2006/01/24 01:38:56 | 183,568,384 | ---- | M] () -- \Users\Lenka\Videos\Seriály\Přátelé\9.série\09x20 Serialovy vecirek.avi
[2012/09/03 02:43:27 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/07/27 01:08:38 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/09/03 02:43:27 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012/10/10 03:35:25 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/02/14 17:43:37 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1d9a6ab847f1bcfd10b85410b7a63f90\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/02/13 19:24:44 | 002,822,656 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\deba9405e920eefee41a8efe93e93cc6\System.Runtime.Serialization.ni.dll
[2014/02/13 19:24:43 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\deba9405e920eefee41a8efe93e93cc6\System.Runtime.Serialization.ni.dll.aux
[2014/02/13 18:49:15 | 003,637,248 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\3549a37d36038a93844b48253ac02488\System.Runtime.Serialization.ni.dll
[2014/02/13 18:49:15 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\3549a37d36038a93844b48253ac02488\System.Runtime.Serialization.ni.dll.aux
[2012/07/26 10:09:26 | 000,001,032 | ---- | M] () -- \Windows\Inf\c_multiportserial.inf
[2012/07/26 09:21:08 | 000,004,224 | ---- | M] () -- \Windows\Inf\c_multiportserial.PNF
[2012/08/31 02:51:52 | 000,027,808 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/07/12 04:02:06 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/12 04:02:06 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2012/07/12 04:02:06 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2012/08/31 02:51:46 | 000,113,752 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012/07/12 04:02:06 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013/07/11 00:08:35 | 001,050,768 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012/07/12 04:02:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2012/07/12 04:02:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2012/07/27 01:08:38 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/09/03 02:43:26 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/10/10 03:35:25 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/07/11 00:08:35 | 001,050,768 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2012/07/12 04:02:06 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/12 04:02:06 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012/07/12 04:02:06 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012/07/12 04:02:06 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012/07/12 04:02:08 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2012/07/12 04:02:08 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2012/08/31 02:51:52 | 000,027,808 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 02:51:52 | 000,113,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2012/07/27 01:08:38 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/09/03 02:43:26 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012/10/10 03:36:14 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/07/11 00:09:10 | 001,050,768 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2012/07/12 04:01:17 | 000,132,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/12 04:01:17 | 000,022,024 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2012/07/12 04:01:17 | 000,022,048 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2012/07/12 04:01:17 | 000,022,016 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2012/07/12 04:01:20 | 000,036,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2012/07/12 04:01:20 | 000,022,496 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2012/08/31 02:51:45 | 000,027,808 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 02:51:46 | 000,113,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2012/07/26 05:19:54 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2012/09/03 02:43:15 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2012/07/26 09:50:12 | 000,000,232 | ---- | M] () -- \Windows\System32\DriverStore\en-US\c_multiportserial.inf_loc
[2012/07/25 22:35:47 | 000,001,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_45188a76c7257c7d\c_multiportserial.inf
[2012/07/26 04:30:01 | 000,076,800 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_b9497ff7bf3c4b05\serial.sys
[2012/09/03 02:50:32 | 000,005,120 | ---- | M] () -- \Windows\System32\en-GB\serialui.dll.mui
[2012/07/26 05:19:54 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2012/09/03 02:43:15 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2012/09/03 02:50:32 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\en-GB\serialui.dll.mui
[1 \Windows\WinSxS\*.tmp files -> \Windows\WinSxS\*.tmp -> ]
[2012/07/26 09:50:12 | 000,000,232 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.2.9200.16384_en-us_9df633403910846e\c_multiportserial.inf_loc
[2012/07/25 22:35:47 | 000,001,032 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf_31bf3856ad364e35_6.2.9200.16384_none_f9bc515a3410ee82\c_multiportserial.inf
[2014/02/28 20:48:08 | 000,000,181 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_18f61258351a4915\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012/09/03 02:43:26 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_192822b234f5552b\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014/02/28 20:48:20 | 000,000,181 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_19b2bfc74e120e4c\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012/09/03 02:43:15 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_a73488f66d6efa73\serialui.dll.mui
[2012/09/03 02:50:32 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.2.9200.16384_en-gb_e30219345940a30c\serialui.dll.mui
[2012/07/26 05:07:10 | 000,017,920 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.2.9200.16384_none_4dcb48f2a86ef2b0\serialui.dll
[2014/03/12 23:11:46 | 000,000,184 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_b63db9f5dc430f52\System.RunTime.Serialization.Resources.dll
[2012/09/03 02:43:27 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_b66fca4fdc1e1b68\System.RunTime.Serialization.Resources.dll
[2014/03/12 23:11:50 | 000,000,184 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_b6fa6764f53ad489\System.RunTime.Serialization.Resources.dll
[2012/09/03 02:43:10 | 000,009,728 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_1d7fc9ead6009a1c\serial.sys.mui
[2012/07/26 09:50:12 | 000,010,240 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.2.9200.16384_en-us_60d61546bcfaf67a\serial.sys.mui
[2012/07/26 04:30:01 | 000,076,800 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf_31bf3856ad364e35_6.2.9200.16384_none_5161581642227a2a\serial.sys
[2014/03/12 23:19:49 | 000,004,892 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_6b79c54ad2b7ba05\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/03/12 23:19:38 | 000,004,906 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_6b79c54ad2b7ba05\System.RunTime.Serialization.resources.dll
[2012/08/31 02:51:45 | 000,027,808 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_6babd5a4d292c61b\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 02:51:46 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_6babd5a4d292c61b\System.RunTime.Serialization.resources.dll
[2014/03/12 23:20:39 | 000,002,683 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_6c3672b9ebaf7f3c\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/03/12 23:20:32 | 000,003,257 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_6c3672b9ebaf7f3c\System.RunTime.Serialization.resources.dll
[2012/07/12 04:01:17 | 000,132,656 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9200.16384_none_d68148ce3ff07e02\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/12 04:01:17 | 000,022,048 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..lization.primitives_b03f5f7f11d50a3a_4.0.9200.16384_none_43a8275875494b8e\System.Runtime.Serialization.Primitives.dll
[2012/07/12 04:01:17 | 000,022,024 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9200.16384_none_e25d0cd734f43e04\System.Runtime.Serialization.Json.dll
[2012/07/12 04:01:17 | 000,022,016 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9200.16384_none_c974e4aa59db7371\System.Runtime.Serialization.Xml.dll
[2012/07/12 04:01:17 | 001,050,096 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16384_none_8f14a7bb8fcb8036\System.Runtime.Serialization.dll
[2013/02/23 01:09:26 | 001,050,728 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16543_none_8f10bd138fcf01db\System.Runtime.Serialization.dll
[2013/07/11 00:09:10 | 001,050,768 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16664_none_8f12a6bb8fcd4e7b\System.Runtime.Serialization.dll
[2013/02/23 01:13:33 | 001,051,768 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.20647_none_7842bb33a976c865\System.Runtime.Serialization.dll
[2013/07/11 00:12:22 | 001,051,272 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.20772_none_78462dd5a9739496\System.Runtime.Serialization.dll
[2012/07/12 04:01:20 | 000,036,320 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9200.16384_none_fed799684e8c8f15\System.Xml.Serialization.dll
[2012/07/12 04:01:20 | 000,022,496 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9200.16384_none_ea6130aafff18bc8\System.Xml.XmlSerializer.dll
[2012/07/27 01:08:38 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.2.9200.16384_none_e04b053008b35686\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/06 04:02:29 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.16384_none_8fbcf8a56818c79c\System.Runtime.Serialization.dll
[2012/10/10 03:36:14 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.16432_none_8fb8249f681d15f8\System.Runtime.Serialization.dll
[2012/10/10 03:36:23 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.20533_none_78ea671781c48f9f\System.Runtime.Serialization.dll
[2012/07/06 04:02:29 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_ca94056fbc10c235\System.Runtime.Serialization.dll
[2012/10/10 03:36:13 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16432_none_ca8f3169bc151091\System.Runtime.Serialization.dll
[2012/10/10 03:36:22 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.20533_none_b3c173e1d5bc8a38\System.Runtime.Serialization.dll
[2012/09/03 02:40:20 | 000,001,131 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.2.9200.16384_cs-cz_2b0eb54f379ff467.manifest
[2012/09/03 02:48:39 | 000,001,131 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.2.9200.16384_en-gb_66dc458d23719d00.manifest
[2012/07/26 09:49:19 | 000,001,852 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.2.9200.16384_en-us_9df633403910846e.manifest
[2012/07/26 07:09:43 | 000,001,513 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf_31bf3856ad364e35_6.2.9200.16384_none_f9bc515a3410ee82.manifest
[2012/07/26 07:26:40 | 000,002,626 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.2.9200.16384_none_6a7f3483366f250c.manifest
[2012/07/26 07:07:04 | 000,009,894 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-serial-classextension_31bf3856ad364e35_6.2.9200.16384_none_8ede5994e2f7c2e3.manifest
[2012/07/26 07:06:54 | 000,000,452 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.2.9200.16384_none_85867a4c903a2d8f.manifest
[2012/07/26 06:48:21 | 000,002,226 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9200.16384_none_e25d0cd734f43e04.manifest
[2012/07/26 06:48:33 | 000,002,222 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9200.16384_none_c974e4aa59db7371.manifest
[2012/07/26 06:48:19 | 000,002,206 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16384_none_8f14a7bb8fcb8036.manifest
[2013/02/25 03:50:28 | 000,002,206 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16543_none_8f10bd138fcf01db.manifest
[2013/07/11 07:33:51 | 000,002,206 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.16664_none_8f12a6bb8fcd4e7b.manifest
[2013/02/25 03:20:05 | 000,002,206 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.20647_none_7842bb33a976c865.manifest
[2013/07/11 09:26:42 | 000,002,206 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9200.20772_none_78462dd5a9739496.manifest
[2012/07/26 06:48:28 | 000,002,190 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9200.16384_none_fed799684e8c8f15.manifest
[2012/07/26 06:48:22 | 000,002,190 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9200.16384_none_ea6130aafff18bc8.manifest
[2012/07/26 06:48:30 | 000,002,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.16384_none_8fbcf8a56818c79c.manifest
[2012/10/10 11:35:16 | 000,002,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.16432_none_8fb8249f681d15f8.manifest
[2012/10/10 10:57:11 | 000,002,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.2.9200.20533_none_78ea671781c48f9f.manifest
[2012/07/26 06:48:13 | 000,002,301 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_ca94056fbc10c235.manifest
[2012/10/10 11:35:02 | 000,002,301 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16432_none_ca8f3169bc151091.manifest
[2012/10/10 10:56:39 | 000,002,301 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.20533_none_b3c173e1d5bc8a38.manifest
[2012/07/26 05:40:05 | 000,002,301 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9200.16384_none_4133a81e70d69dc1.manifest
[2012/07/26 05:45:32 | 000,002,325 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9200.16384_none_bd2cf9cf998cc8b9.manifest
[2012/07/26 05:43:53 | 000,002,265 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.16384_none_dd235adf680f4fc6.manifest
[2012/10/10 09:14:13 | 000,002,265 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.16432_none_dd1e86d968139e22.manifest
[2012/10/10 09:29:05 | 000,002,265 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.20533_none_c650c95181bb17c9.manifest
[2012/09/03 02:42:17 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16384_cs-cz_04bd693af2668cc0.manifest
[2012/07/26 09:49:48 | 000,000,508 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16384_en-us_5fd9e3512e11d7d2.manifest
[2012/10/06 09:45:01 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16430_cs-cz_04b8c2c4f26aa7da.manifest
[2012/10/06 06:58:00 | 000,000,508 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16430_en-us_5fd53cdb2e15f2ec.manifest
[2013/02/25 06:17:13 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16543_cs-cz_04b97e92f26a0e65.manifest
[2013/02/25 03:57:18 | 000,000,508 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16543_en-us_5fd5f8a92e155977.manifest
[2013/07/11 10:20:01 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16664_cs-cz_04bb683af2685b05.manifest
[2013/07/11 08:07:49 | 000,000,508 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16664_en-us_5fd7e2512e13a617.manifest
[2012/10/06 09:49:51 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20531_cs-cz_edeb053d0c122181.manifest
[2012/10/06 07:44:06 | 000,000,508 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20531_en-us_49077f5347bd6c93.manifest
[2013/02/25 08:16:34 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20647_cs-cz_edeb7cb30c11d4ef.manifest
[2013/02/25 03:24:45 | 000,000,508 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20647_en-us_4907f6c947bd2001.manifest
[2013/07/11 12:04:59 | 000,001,569 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20772_cs-cz_edeeef550c0ea120.manifest
[2013/07/11 08:59:51 | 000,000,508 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20772_en-us_490b696b47b9ec32.manifest
[2012/09/03 02:42:11 | 000,001,643 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16384_cs-cz_6acea198775b6fe0.manifest
[2012/07/26 09:49:47 | 000,000,548 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16384_en-us_c5eb1baeb306baf2.manifest
[2012/10/10 17:41:47 | 000,001,643 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16432_cs-cz_6ac9cd92775fbe3c.manifest
[2012/10/10 11:04:57 | 000,000,548 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16432_en-us_c5e647a8b30b094e.manifest
[2012/10/10 17:40:30 | 000,001,643 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.20533_cs-cz_53fc100a910737e3.manifest
[2012/10/10 10:54:38 | 000,000,548 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.20533_en-us_af188a20ccb282f5.manifest
[2012/07/26 05:40:13 | 000,002,297 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9200.16384_none_ec5267dfb07eac70.manifest
[2012/07/26 05:40:38 | 000,002,730 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16384_none_a755581c0ac16dd9.manifest
[2013/02/25 02:20:49 | 000,002,730 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16543_none_a7516d740ac4ef7e.manifest
[2013/07/11 04:23:17 | 000,002,730 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16664_none_a753571c0ac33c1e.manifest
[2013/02/25 01:54:09 | 000,002,730 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.20647_none_90836b94246cb608.manifest
[2013/07/11 06:09:43 | 000,002,730 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.20772_none_9086de3624698239.manifest
[2012/07/26 05:45:31 | 000,002,018 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.16384_none_0d6690798fb650f9.manifest
[2012/10/10 09:14:19 | 000,002,018 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.16432_none_0d61bc738fba9f55.manifest
[2012/10/10 09:29:12 | 000,002,018 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.20533_none_f693feeba96218fc.manifest
[2012/07/26 05:46:59 | 000,002,382 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.serialization_b77a5c561934e089_4.0.9200.16384_none_39f3d82244d5cd7e.manifest
[2012/07/26 05:44:37 | 000,002,265 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9200.16384_none_1c0994e6b8e022d1.manifest
[2012/07/26 05:40:08 | 000,002,299 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_12413c46d08ceb3b.manifest
[2012/10/10 09:14:00 | 000,002,299 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16432_none_123c6840d0913997.manifest
[2012/10/10 09:28:50 | 000,002,299 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.20533_none_fb6eaab8ea38b33e.manifest
[2012/07/12 04:02:06 | 000,132,656 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9200.16384_none_ed024caf4eb39c5b\System.Runtime.Serialization.Formatters.Soap.dll
[2012/07/27 01:08:38 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.2.9200.16384_none_5313850cd3a87f7b\System.Runtime.Serialization.Formatters.Soap.dll
[2012/09/03 02:43:28 | 000,027,736 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9200.16384_cs-cz_a62b631b484ba554\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 02:51:52 | 000,027,808 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9200.16430_cs-cz_a626bca5484fc06e\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 02:52:17 | 000,027,808 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9200.20531_cs-cz_8f58ff1d61f73a15\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/09/03 02:43:27 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.2.9200.16384_cs-cz_0c3c9b78cd408874\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/07/12 04:02:06 | 000,022,024 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9200.16384_none_4133a81e70d69dc1\System.Runtime.Serialization.Json.dll
[2012/07/12 04:02:06 | 000,022,048 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9200.16384_none_bd2cf9cf998cc8b9\System.Runtime.Serialization.Primitives.dll
[2012/07/06 04:02:29 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.16384_none_dd235adf680f4fc6\System.Runtime.Serialization.dll
[2012/10/10 03:35:25 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.16432_none_dd1e86d968139e22\System.Runtime.Serialization.dll
[2012/10/10 03:36:08 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.2.9200.20533_none_c650c95181bb17c9\System.Runtime.Serialization.dll
[2012/09/03 02:43:31 | 000,113,704 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16384_cs-cz_04bd693af2668cc0\System.RunTime.Serialization.resources.dll
[2012/08/31 02:51:52 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16430_cs-cz_04b8c2c4f26aa7da\System.RunTime.Serialization.resources.dll
[2012/08/31 02:51:46 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16543_cs-cz_04b97e92f26a0e65\System.RunTime.Serialization.resources.dll
[2012/08/31 02:51:46 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.16664_cs-cz_04bb683af2685b05\System.RunTime.Serialization.resources.dll
[2012/08/31 02:52:18 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20531_cs-cz_edeb053d0c122181\System.RunTime.Serialization.resources.dll
[2012/08/31 02:52:07 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20647_cs-cz_edeb7cb30c11d4ef\System.RunTime.Serialization.resources.dll
[2012/08/31 02:52:07 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9200.20772_cs-cz_edeeef550c0ea120\System.RunTime.Serialization.resources.dll
[2012/09/03 02:43:27 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16384_cs-cz_6acea198775b6fe0\System.RunTime.Serialization.Resources.dll
[2012/09/03 02:43:27 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.16432_cs-cz_6ac9cd92775fbe3c\System.RunTime.Serialization.Resources.dll
[2012/09/03 02:43:27 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.2.9200.20533_cs-cz_53fc100a910737e3\System.RunTime.Serialization.Resources.dll
[2012/07/12 04:02:06 | 000,022,016 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9200.16384_none_ec5267dfb07eac70\System.Runtime.Serialization.Xml.dll
[2012/07/12 04:02:06 | 001,050,096 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16384_none_a755581c0ac16dd9\System.Runtime.Serialization.dll
[2013/02/23 01:11:46 | 001,050,728 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16543_none_a7516d740ac4ef7e\System.Runtime.Serialization.dll
[2013/07/11 00:08:35 | 001,050,768 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.16664_none_a753571c0ac33c1e\System.Runtime.Serialization.dll
[2013/02/23 01:13:32 | 001,051,768 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.20647_none_90836b94246cb608\System.Runtime.Serialization.dll
[2013/07/11 00:12:02 | 001,051,272 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9200.20772_none_9086de3624698239\System.Runtime.Serialization.dll
[2012/07/06 04:02:28 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.16384_none_0d6690798fb650f9\System.Runtime.Serialization.dll
[2012/10/10 03:35:25 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.16432_none_0d61bc738fba9f55\System.Runtime.Serialization.dll
[2012/10/10 03:36:07 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.2.9200.20533_none_f693feeba96218fc\System.Runtime.Serialization.dll
[2012/07/12 04:02:08 | 000,036,320 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.serialization_b77a5c561934e089_4.0.9200.16384_none_39f3d82244d5cd7e\System.Xml.Serialization.dll
[2012/07/12 04:02:08 | 000,022,496 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9200.16384_none_1c0994e6b8e022d1\System.Xml.XmlSerializer.dll
[2014/04/02 18:47:59 | 000,004,893 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_75ce6f9d07187c00\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/04/02 18:47:46 | 000,004,266 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_75ce6f9d07187c00\System.RunTime.Serialization.resources.dll
[2012/08/31 02:51:52 | 000,027,808 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_76007ff706f38816\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/08/31 02:51:52 | 000,113,752 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_76007ff706f38816\System.RunTime.Serialization.resources.dll
[2014/04/02 18:48:50 | 000,002,754 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_768b1d0c20104137\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/04/02 18:48:42 | 000,002,384 | ---- | M] () -- \Windows\WinSxS\wow64_netfx4clientcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_768b1d0c20104137\System.RunTime.Serialization.resources.dll
[2014/04/06 17:53:02 | 000,000,181 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_bcd776d47cbcd7df\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/09/03 02:43:26 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.16430_cs-cz_bd09872e7c97e3f5\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/04/06 17:53:17 | 000,000,181 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.2.9200.20531_cs-cz_bd94244395b49d16\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012/09/03 02:43:15 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.2.9200.16384_cs-cz_4b15ed72b511893d\serialui.dll.mui
[2012/09/03 02:50:32 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.2.9200.16384_en-gb_86e37db0a0e331d6\serialui.dll.mui
[2012/07/26 05:19:54 | 000,015,360 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.2.9200.16384_none_f1acad6ef011817a\serialui.dll
[2012/07/27 01:08:38 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16384_none_12413c46d08ceb3b\System.Runtime.Serialization.dll
[2012/10/10 03:35:25 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.16432_none_123c6840d0913997\System.Runtime.Serialization.dll
[2012/10/10 03:36:07 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.2.9200.20533_none_fb6eaab8ea38b33e\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

cudla11 · #10 Příspěvek od **cudla11** » 28 čer 2014 09:26

log Extras.txt:

OTL Extras logfile created on: 28. 6. 2014 9:26:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lenka\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16921)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

3,89 Gb Total Physical Memory | 2,24 Gb Available Physical Memory | 57,46% Memory free
4,64 Gb Paging File | 2,81 Gb Available in Paging File | 60,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,41 Gb Total Space | 232,16 Gb Free Space | 51,77% Space Free | Partition Type: NTFS
Drive D: | 16,24 Gb Total Space | 2,04 Gb Free Space | 12,56% Space Free | Partition Type: NTFS

Computer Name: LENKA | User Name: Lenka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-314678418-636638870-3796162450-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08CF1C2C-7648-4901-B687-071A4557F048}" = lport=137 | protocol=17 | dir=in | app=system |
"{0BBF139A-8266-4DFE-9AE1-939270C4F21C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{14FF8BFA-5533-41FF-BCAF-D53B462BEBAE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1564D4EC-C11C-42AD-99D8-3667E863DE0C}" = rport=138 | protocol=17 | dir=out | app=system |
"{224E940F-1346-471A-BA50-DA401261B8B0}" = lport=445 | protocol=6 | dir=in | app=system |
"{385AF007-15FB-4513-95F2-44C421F20DEC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{3AD102A2-7A37-4C78-9260-C2DB299C51C0}" = rport=445 | protocol=6 | dir=out | app=system |
"{3D92F7C0-888C-4515-91A9-5A32EA6BDAAD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{420BF223-B9B2-43C5-9ADA-BEF5757E954C}" = rport=139 | protocol=6 | dir=out | app=system |
"{4A73335B-E849-47B3-87CC-295BE4964E5A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6795E092-7C0C-4EF9-9E7F-BF1497748EAD}" = rport=137 | protocol=17 | dir=out | app=system |
"{7EFE22D3-156A-43C7-BF91-F37DAF375CDE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A760641D-3BF5-459B-B40C-B75AB9641F8A}" = lport=138 | protocol=17 | dir=in | app=system |
"{A8853C52-D232-4A08-9129-9A987A7164B3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{ABCDF50D-B4AF-4028-A7D6-BE1C3050737F}" = lport=139 | protocol=6 | dir=in | app=system |
"{ADC2B46C-771D-4FEE-92E2-26773BEFD8D4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B084B90E-7403-4982-AA51-E37FD1C6FAE1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B5D7C72A-F351-46BF-8EB4-D76379ABA072}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{B64615E6-5653-4E9F-A9F9-A104424CF7AB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9096E53-7D99-46B7-81DA-FC725A25CC6A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BB8D09D0-72E0-4A95-80FA-7A30A954C2E3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CDD2A6AD-070E-40AD-BF46-A9D54D660FDC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D68F0B93-7DE9-41C9-8AFA-33ED315259FA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{DA5C57E9-FA9A-49F1-B998-B7BDC88CA6C6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0238A13C-5D72-434B-AF00-CE25A57E2274}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{026B2B79-9043-491B-BC15-C332DC352E64}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{0711697B-A0C9-4F96-A11B-DB5230567DAD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{0A712F7A-1AFF-4450-AC99-177FE60282D9}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{13F5B4F3-B2A1-4747-BAF7-B5D91ECC63D0}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{18002E54-3CE3-4DA2-897E-EBCE632DB896}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{191487FE-D290-4C6D-BE29-896BB8402A76}" = dir=out | name=windows_ie_ac_001 |
"{1AB4220C-8FE6-4C73-BF8C-4B2874EFF286}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1E1CF0DC-B63F-40C8-B8A5-C15CF0BBF710}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{1EDBB849-186F-4DD6-8861-58B1DEB98B78}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{2F467F07-6E5F-4450-9894-D3DA501EE7E2}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{30728A15-42B2-4C33-929B-97A28351216E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{30BF5993-4366-49DA-BDDC-D92D0A68580B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{32B8636D-9CC3-43D8-8AFF-61E05889332F}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{337EADBD-F606-45DE-9D65-E8C7D97AB3C7}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{3923544D-7811-4C3B-90D0-BA9CDD8558FA}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{3E544AEF-E8BE-4197-9FA7-19FDF19ED048}" = protocol=6 | dir=out | app=system |
"{4543E716-606E-4637-ACEC-A74F1B70A149}" = dir=out | name=kindle |
"{45600CA4-6390-40C9-90CC-E1FB4C64763A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{487AA10E-665D-49FC-9020-2D48F1B9FFEC}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{4BFFDEB4-6C46-494F-9F22-1BD48074B485}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{4CAC487F-FAD3-46B9-B1B8-0FCB1EBE3F57}" = dir=out | name=norton studio |
"{57091C61-19DA-481A-B9E5-E0CEED067964}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{57DC7B49-0760-4976-B854-B9FA68DA71A3}" = dir=out | name=solitaire hd |
"{5C5234E0-2F09-4DD4-8EDC-E3E178601480}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{5DB78524-0CA9-45D7-881C-2576EAFC83B5}" = dir=out | name=hp registration |
"{643D78FB-921F-4FE0-93C1-B96917BBD21D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6575A7F2-91EC-4EE1-80E7-2C38EC17DE1F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{663617B7-84CF-48E7-958A-BBC1656C16DD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{70E1FB69-694E-4D1E-A9C2-7FB8158F528C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{721B20A5-65F5-4E61-84AB-A85F8973DA3F}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{74F0B481-8ECF-459F-9A44-C7040457327E}" = dir=out | name=skype |
"{75054815-CA78-4674-B4E6-3FFE73731BF7}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{75B6259D-6DE5-4014-80B1-7AB051AB17C6}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{76F8A1E1-5B50-43DF-9C24-FF2A5655FC53}" = protocol=17 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{7B138DB6-120F-463F-87A8-98770FDBA695}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{7BA4DFE3-6757-4A2E-88BD-14BE7C5BDC8D}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{7C225E04-8B0C-4296-964E-B7F38306203C}" = protocol=6 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{7F4843F4-5D22-4B97-B0F7-CDF02C4F2821}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{822E9190-5B5D-4FD9-BB9D-5C794A017801}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{88E778DF-F791-490C-BE68-DC1CE35024F5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8A7FAA3A-3E76-4CED-87C2-CCDD18672CFA}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{8C379CFF-332B-47E9-BDE3-2FE0FE05C7BD}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{94B53C19-7CFC-425C-8DC6-FE4DF0A2C845}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{955CDA27-A20E-4C53-B625-096E7A63210F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9ABB733F-B679-4AFE-AB74-4C311B175706}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{9CF2DB11-C489-4EBC-B6EB-2C50EE9820E0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9D2DF2C8-C8E4-4EE3-A67B-B4020819BC67}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9E637D87-8A26-4C8A-A065-59C5BE4103C5}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{AB5310B4-DA9C-4A80-8006-89C92F796B02}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{B13C3323-5FE3-4201-B86B-F813317FDD50}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B9F399F8-3C3A-4467-B3E3-1F66131809B6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BF5D1F2F-52BF-4DC5-B1C0-719587CD4EB3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{C5D6DC85-42AD-4F56-9AFD-96104BAEFEFD}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C70BE830-7F02-4FE8-9A56-569850093A10}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{D17A680B-53FB-41CD-815F-5795B3645054}" = dir=in | name=skype |
"{D41D8D10-B776-4B43-A0EC-BEA414796C21}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D7EC4768-1AEB-45A7-AC79-63FCBD23B499}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{D933821A-DE29-4D96-B029-FEF71C35FD75}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{E08A18A2-3557-4155-9958-CAE8E07CBA8D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{E5766F62-D777-413A-B50F-2980B1A6218C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E7D668E9-851B-4195-9661-E69CF64CA61D}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{E8605692-1C4E-4098-B991-808BFB1E68E8}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{EBF16D50-A50F-4659-B97F-DD07893A36BF}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{ED82E7F5-D25F-4AE3-8F55-9AC49613817E}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{ED872F2B-F422-4876-A621-437CE5958357}" = dir=out | name=getting started with windows 8 |
"{EFBA6177-2060-4228-BCE5-F9BE2E2C1EFE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F2FFDE6F-3EC9-4758-9164-2039D08BDA5E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F31E720A-C9C6-4BCF-8C6D-414A8498ACAA}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{F595D6D2-C035-4EB9-8FD8-CFC83883BF42}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{04927A60-31CD-4614-A25C-055B1AD3A8CE}" = HP 3D DriveGuard
"{0B89CE7B-4DDF-4B1B-BC38-24E02B7B50C6}" = AVG 2014
"{0FA995CC-C849-4755-B14B-5404CC75DC24}" = Energy Star
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{227407DB-A136-8643-0547-CB864E28C446}" = ccc-utility64
"{307AA214-8490-9119-DA81-C8E875AD1C94}" = Ralink Bluetooth Stack64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{46E637E2-AC34-4B45-B5DF-D20903A3DB61}" = Microsoft Online Services Logonassistent
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6CB0C0FC-4F27-43F5-84CC-ABC231F045C4}" = AVG 2014
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{D429FC94-0D7A-783E-498C-BCDF526A8739}" = AMD Catalyst Install Manager
"{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}" = HP Registration Service
"{E9F0BCD8-6BD5-1ED7-EDA3-9FCF2A478AA1}" = Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64)
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"AVG" = AVG 2014
"O365ProPlusRetail - cs-cz" = Microsoft Office 365 ProPlus - cs-cz
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 5.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01BD4FC9-2F86-4706-A62E-774BB7E9D308}" = AVG PC TuneUp 2014
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03619AEC-00EE-43CB-9F4F-25BE4C8C90D2}" = HP Software Framework
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C57987A-A03A-4B95-A309-D23F78F406CA}" = HP Utility Center
"{0C5FF478-0DA9-119B-E8D8-FB6F5F0663B2}" = CCC Help Italian
"{0DCC2076-A4D0-3F31-B60B-74DDFDDB312A}" = Catalyst Control Center Localization All
"{0E580631-B138-5007-1D64-FB89BD9B3C57}" = CCC Help Spanish
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}" = HP Documentation
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{30B2D1D8-0A07-4B71-9553-0710C5D31E35}" = HP Wireless Button Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{386605DB-A614-860A-E583-7F9B879D8189}" = CCC Help Russian
"{394B14EA-B072-4440-9510-87797CB12371}" = HP CoolSense
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1" = Connected Music powered by Universal Music Group version 1.0
"{471C37FB-FAA1-E249-A19A-B3A8FF3B82B5}" = CCC Help Finnish
"{473F37CB-5229-AC12-FE2E-A865B47BC285}" = CCC Help Norwegian
"{47792DE8-3652-1884-DF38-A50DF9D4F400}" = CCC Help Dutch
"{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"{49D60DBA-F74B-573E-8CFC-7C751D6BD7B2}" = PX Profile Update
"{52753E71-00A0-EB1F-31D3-1F36DF950D3C}" = CCC Help Swedish
"{528AB81B-D65A-4AB0-A2B6-82B51A087D01}" = HP Recovery Manager
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6464AD06-14F4-1D2E-356A-125ADF44E419}" = CCC Help Korean
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68D2C420-C4FE-05B7-4D50-C7AAE79D60BC}" = Catalyst Control Center Profiles Mobile
"{6DF914C7-E424-3DE9-45BB-E1D300677873}" = CCC Help Czech
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{77C627BB-ED60-6C77-804D-656EAF082ABE}" = Catalyst Control Center Graphics Previews Common
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.13
"{7A8B5F7D-6736-4DC4-A7A5-223BE131EB34}" = AVG PC TuneUp 2014 (cs-CZ)
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT3290 802.11bgn Wi-Fi Adapter
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0405-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{91359A4C-929B-252F-A418-4FED4FF1FC37}" = Catalyst Control Center
"{925652DC-D377-41CC-B97E-B0979B4F534D}" = Catalyst Control Center - Branding
"{92A828CE-5FD0-CD37-F4E0-911CCB995020}" = CCC Help Portuguese
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2B9A36-7285-EE1F-168D-E6013ADEF8A0}" = CCC Help Japanese
"{9D109E87-370C-C092-2D3C-BB4BFA309A44}" = CCC Help Turkish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Czech
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B65D1747-8DF6-BE25-3732-036FF1FD98A6}" = CCC Help Chinese Standard
"{BD286478-9449-B340-94A8-36AEB0239CE2}" = CCC Help Hungarian
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C181894C-7FD3-5216-A150-DD2D9F41D445}" = CCC Help French
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CB507C00-B9DA-0C59-ECD7-F50E28FC5053}" = CCC Help English
"{CE5C885F-22A8-29B7-87A0-CF9DEE3D65CC}" = Catalyst Control Center InstallProxy
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DC64DBCA-DDC5-C4C2-C5E8-111951B79DE0}" = CCC Help Greek
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{DEFA8C1E-9181-ABC6-6343-B8F26368C1CC}" = CCC Help Chinese Traditional
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E349B733-B071-C074-33DD-CE8D586B6D8E}" = CCC Help German
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4B29FE7-3877-95BE-82BC-40E95DDE958F}" = CCC Help Polish
"{E5823036-6F09-4D0A-B05C-E2BAA129288A}" = HP Quick Launch
"{E5FCB712-AD30-C154-D47C-FC05E1D0DEC2}" = CCC Help Thai
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F3D34BA3-1222-9696-E43C-EDE0CE02F55A}" = CCC Help Danish
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AVG PC TuneUp" = AVG PC TuneUp 2014
"BSPlayerf" = BS.Player FREE
"ESET Online Scanner" = ESET Online Scanner v3
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.2.1012
"StartHPConnectedMusic" = HP Connected Music (Meridian - installer)
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-314678418-636638870-3796162450-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 14. 6. 2014 10:17:50 | Computer Name = Lenka | Source = SideBySide | ID = 16842830
Description = Generování kontextu aktivace pro C:\Program Files (x86)\ESET\ESET
Online Scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo
zásad na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí
součásti, která je již aktivní. Konfliktní součásti: Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Součást
2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error - 14. 6. 2014 10:19:04 | Computer Name = Lenka | Source = SideBySide | ID = 16842830
Description = Generování kontextu aktivace pro c:\program files (x86)\ralink corporation\ralink
bluetooth stack\BsSMSEditor.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Součást
2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.

Error - 14. 6. 2014 10:20:05 | Computer Name = Lenka | Source = SideBySide | ID = 16842830
Description = Generování kontextu aktivace pro C:\Program Files (x86)\ESET\ESET
Online Scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo
zásad na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí
součásti, která je již aktivní. Konfliktní součásti: Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Součást
2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error - 14. 6. 2014 10:20:47 | Computer Name = Lenka | Source = SideBySide | ID = 16842830
Description = Generování kontextu aktivace pro c:\program files (x86)\ralink corporation\ralink
bluetooth stack\BsSMSEditor.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Součást
2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.

Error - 14. 6. 2014 12:44:26 | Computer Name = Lenka | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 14. 6. 2014 12:44:26 | Computer Name = Lenka | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1250

Error - 14. 6. 2014 12:44:26 | Computer Name = Lenka | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1250

Error - 14. 6. 2014 16:21:49 | Computer Name = Lenka | Source = Application Error | ID = 1000
Description = Název chybující aplikace: HPPU.exe, verze: 1.0.0.0, časové razítko:
0x50079e34 Název chybujícího modulu: d2d1.dll, verze: 6.2.9200.16765, časové razítko:
0x528bf8d9 Kód výjimky: 0xc0000005 Posun chyby: 0x0015948b ID chybujícího procesu:
0xeac Čas spuštění chybující aplikace: 0x01cf880e3fbc90dc Cesta k chybující aplikaci:
C:\Program Files (x86)\Hewlett-Packard\HP Utility Center\HPPU.exe Cesta k chybujícímu
modulu: C:\WINDOWS\SYSTEM32\d2d1.dll ID zprávy: 830d3dc8-f401-11e3-be95-68942392f6ee
Úplný
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:

Error - 14. 6. 2014 16:21:58 | Computer Name = Lenka | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Aplikace windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel
se nespustila ve stanovenou dobu.

Error - 14. 6. 2014 16:49:41 | Computer Name = Lenka | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error

[ System Events ]
Error - 17. 6. 2014 15:36:01 | Computer Name = Lenka | Source = DCOM | ID = 10016
Description =

Error - 17. 6. 2014 15:36:01 | Computer Name = Lenka | Source = DCOM | ID = 10016
Description =

Error - 17. 6. 2014 15:36:01 | Computer Name = Lenka | Source = DCOM | ID = 10016
Description =

Error - 17. 6. 2014 15:36:01 | Computer Name = Lenka | Source = DCOM | ID = 10016
Description =

Error - 17. 6. 2014 15:36:01 | Computer Name = Lenka | Source = DCOM | ID = 10016
Description =

Error - 17. 6. 2014 15:36:01 | Computer Name = Lenka | Source = DCOM | ID = 10016
Description =

Error - 17. 6. 2014 15:36:01 | Computer Name = Lenka | Source = DCOM | ID = 10016
Description =

Error - 17. 6. 2014 15:36:01 | Computer Name = Lenka | Source = DCOM | ID = 10016
Description =

Error - 17. 6. 2014 15:36:01 | Computer Name = Lenka | Source = DCOM | ID = 10016
Description =

Error - 17. 6. 2014 15:36:01 | Computer Name = Lenka | Source = DCOM | ID = 10016
Description =

< End of report >

#11 Příspěvek od **Márty84** » 28 čer 2014 10:07

Vypnete antivir, at nebrani programu v praci.

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
gupdate
gupdatem
SkypeUpdate

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\HPCeeScheduleForLenka.job

:otl
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
IE:64bit: - HKLM\..\SearchScopes\{693FA693-C64F-4BDD-8C29-2A3395CC502E}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{693FA693-C64F-4BDD-8C29-2A3395CC502E}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE - HKU\S-1-5-21-314678418-636638870-3796162450-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
IE - HKU\S-1-5-21-314678418-636638870-3796162450-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
IE - HKU\S-1-5-21-314678418-636638870-3796162450-1001\..\SearchScopes\{693FA693-C64F-4BDD-8C29-2A3395CC502E}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
O4 - HKU\S-1-5-21-314678418-636638870-3796162450-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[5 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\WINDOWS\Panther\*.tmp files -> C:\WINDOWS\Panther\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\53ee28e1fefd7fd15bbba580a0b1acd1\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\53ee28e1fefd7fd15bbba580a0b1acd1\*.tmp -> ]
[1 C:\WINDOWS\WinSxS\*.tmp files -> C:\WINDOWS\WinSxS\*.tmp -> ]

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=-
"Adobe ARM"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

cudla11 · #12 Příspěvek od **cudla11** » 28 čer 2014 10:25

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Lenka
->Temp folder emptied: 13221413 bytes
->Temporary Internet Files folder emptied: 2221422 bytes
->Google Chrome cache emptied: 447602819 bytes
->Flash cache emptied: 783 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1842223 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 443,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Lenka
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\HPCeeScheduleForLenka.job moved successfully.
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{693FA693-C64F-4BDD-8C29-2A3395CC502E}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{693FA693-C64F-4BDD-8C29-2A3395CC502E}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{693FA693-C64F-4BDD-8C29-2A3395CC502E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{693FA693-C64F-4BDD-8C29-2A3395CC502E}\ not found.
HKU\S-1-5-21-314678418-636638870-3796162450-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-314678418-636638870-3796162450-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-314678418-636638870-3796162450-1001\Software\Microsoft\Internet Explorer\SearchScopes\{693FA693-C64F-4BDD-8C29-2A3395CC502E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{693FA693-C64F-4BDD-8C29-2A3395CC502E}\ not found.
Registry value HKEY_USERS\S-1-5-21-314678418-636638870-3796162450-1001\Software\Microsoft\Windows\CurrentVersion\Run\\RESTART_STICKY_NOTES deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4BE3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA463.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB3B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCA89.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCCC9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1E4E.tmp folder deleted successfully.
C:\WINDOWS\Panther\_s_D337.tmp deleted successfully.
C:\WINDOWS\Panther\_s_D809.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\53ee28e1fefd7fd15bbba580a0b1acd1\$dpx$.tmp\job.xml deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\53ee28e1fefd7fd15bbba580a0b1acd1\$dpx$.tmp folder deleted successfully.
C:\WINDOWS\WinSxS\Reserve.tmp deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 06282014_112108

Files\Folders moved on Reboot...
C:\Users\Lenka\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\WINDOWS\temp\LENKA-20140628-0910.log moved successfully.
File\Folder C:\WINDOWS\temp\officeclicktorun.exe_c2ruidll(201406280910136FC).log not found!
File\Folder C:\WINDOWS\temp\officeclicktorun.exe_streamserver(201406280910136FC).log not found!
File move failed. C:\WINDOWS\temp\ood_stream.x86.cs-cz.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\ood_stream.x86.x-none.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

#13 Příspěvek od **Márty84** » 28 čer 2014 10:33

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

cudla11 · #14 Příspěvek od **cudla11** » 29 čer 2014 17:02

Všechno vypadá v pořádku.

Děkuji za pomoc.

#15 Příspěvek od **Márty84** » 29 čer 2014 18:08

To jsem rad

Nemate zac!

Mejte se a treba zase nekdy

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu