Notebook plný Rootkitu

[Empiik]

15:30:08.0398 3244 [ 59238CA23C6C7E881A2D403FC90A8C3B ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
15:30:08.0430 3244 Tcpip - ok
15:30:08.0492 3244 [ 59238CA23C6C7E881A2D403FC90A8C3B ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:30:08.0508 3244 TCPIP6 - ok
15:30:08.0523 3244 [ 33A7D83EEB15431773A6E186CFAABA21 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
15:30:08.0523 3244 tcpipreg - ok
15:30:08.0555 3244 [ FFF28F9F6823EB1756C60F1649560BBF ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
15:30:08.0555 3244 tdx - ok
15:30:08.0570 3244 [ 232D185D2337F141311D0CF1983E1431 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
15:30:08.0586 3244 terminpt - ok
15:30:08.0617 3244 [ 2C77831737491F4D684D315B95C62883 ] TermService C:\WINDOWS\System32\termsrv.dll
15:30:08.0633 3244 TermService - ok
15:30:08.0633 3244 [ 05FBE1F7C13E87AF7A414CDF288B1F62 ] Themes C:\WINDOWS\system32\themeservice.dll
15:30:08.0648 3244 Themes - ok
15:30:08.0664 3244 [ FD788C2D96EA91469A3C1D13E80D7473 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
15:30:08.0664 3244 THREADORDER - ok
15:30:08.0680 3244 [ 347A3E49CE18402305B8119A6EC7CFEB ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
15:30:08.0695 3244 TimeBroker - ok
15:30:08.0711 3244 [ 82F909359600D3603FE852DB7F135626 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
15:30:08.0727 3244 TPM - ok
15:30:08.0742 3244 [ C97E14BB6A196B0554D6EB67D8818175 ] TrkWks C:\WINDOWS\System32\trkwks.dll
15:30:08.0742 3244 TrkWks - ok
15:30:08.0789 3244 [ DA56FFA46030E6FEB215E3D5DAA65B11 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
15:30:08.0805 3244 TrustedInstaller - ok
15:30:08.0836 3244 [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
15:30:08.0836 3244 TsUsbFlt - ok
15:30:08.0867 3244 [ E0088068DCE2EE82897027DDB8E05254 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
15:30:08.0867 3244 TsUsbGD - ok
15:30:08.0883 3244 [ C8E0E78B5D284C2FF59BDFFDAF997242 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
15:30:08.0898 3244 tunnel - ok
15:30:08.0914 3244 [ F6EEAD052943B5A3104C1405BB856C54 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
15:30:08.0914 3244 uagp35 - ok
15:30:08.0930 3244 [ FE6067B1FD4E63650C667B33D080565B ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
15:30:08.0930 3244 UASPStor - ok
15:30:08.0945 3244 [ 5D1B430EA11064C56E7C8F84B90DEB6A ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
15:30:08.0961 3244 UCX01000 - ok
15:30:08.0992 3244 [ 1EC649F112896FAE33250F0B97AC5D0B ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
15:30:08.0992 3244 udfs - ok
15:30:09.0008 3244 [ 9578691F297E1B1F519970FE6D47CB21 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
15:30:09.0023 3244 UEFI - ok
15:30:09.0055 3244 [ 320878AFECDBBD61BBE98624A6CAAC08 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
15:30:09.0055 3244 UI0Detect - ok
15:30:09.0070 3244 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
15:30:09.0086 3244 uliagpkx - ok
15:30:09.0086 3244 [ DA34C39A18E60E7C3FA0630566408034 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
15:30:09.0102 3244 umbus - ok
15:30:09.0117 3244 [ AE8294875E5446E359B1E8035D40C05E ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
15:30:09.0117 3244 UmPass - ok
15:30:09.0148 3244 [ E3DDF7D43E05784FAA5E042605EEE528 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
15:30:09.0164 3244 UmRdpService - ok
15:30:09.0242 3244 [ DBE2E6388379D5CC78099650541E9566 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:30:09.0242 3244 UNS - ok
15:30:09.0258 3244 [ 4A2FFDAC45F317E17DF642C7160EB633 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:30:09.0273 3244 upnphost - ok
15:30:09.0289 3244 [ 3432E857B8EC1C1316AB098F2BCCDFB6 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
15:30:09.0305 3244 usbccgp - ok
15:30:09.0336 3244 [ B3D6457D841A0CAEF4C52D88621715F2 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
15:30:09.0352 3244 usbcir - ok
15:30:09.0367 3244 [ 5477D6E27C7D266EF8C152B9A25ADE5E ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
15:30:09.0367 3244 usbehci - ok
15:30:09.0398 3244 [ DF56C2C04EFA328D7A66B69007130266 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
15:30:09.0398 3244 usbhub - ok
15:30:09.0430 3244 [ C0E33820326199CE3CFD3B9F27F81D99 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
15:30:09.0445 3244 USBHUB3 - ok
15:30:09.0461 3244 [ 3019097FB6C985EF24C058090FF3BDBD ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
15:30:09.0477 3244 usbohci - ok
15:30:09.0492 3244 [ 4D655E3B684BE9B0F7FFD8A2935C348C ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
15:30:09.0492 3244 usbprint - ok
15:30:09.0523 3244 [ B1230E9813B5C7E762DF27756AA23917 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
15:30:09.0523 3244 USBSTOR - ok
15:30:09.0539 3244 [ BA4FA655E0FC577DB7436FC963932CE4 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
15:30:09.0539 3244 usbuhci - ok
15:30:09.0586 3244 [ 18F744E8CCEB2670040EBAF7AD77B8C6 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
15:30:09.0586 3244 usbvideo - ok
15:30:09.0602 3244 [ BCD8FC0A47AA31889C94168A4E56BB26 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
15:30:09.0617 3244 USBXHCI - ok
15:30:09.0633 3244 [ F6F209DDB94959BA104FC8FC87C53759 ] VaultSvc C:\WINDOWS\system32\lsass.exe
15:30:09.0633 3244 VaultSvc - ok
15:30:09.0648 3244 [ FEB26E3B8345A7E8D62F945C4AE86562 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
15:30:09.0664 3244 vdrvroot - ok
15:30:09.0711 3244 [ CFBAD6B48EDFAA0828A52646B7C4C08D ] vds C:\WINDOWS\System32\vds.exe
15:30:09.0758 3244 vds - ok
15:30:09.0773 3244 [ A026EDEAA5EECAE0B08E2748B616D4BD ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
15:30:09.0789 3244 VerifierExt - ok
15:30:09.0805 3244 [ 041D3EF364E624DBB2703A64A5AADF89 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
15:30:09.0820 3244 vhdmp - ok
15:30:09.0852 3244 [ 06D38968028E9AB19DE9B618C7B6D199 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
15:30:09.0852 3244 viaide - ok
15:30:09.0867 3244 [ C6305BDFC4F7CE51F72BB072C03D4ACE ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
15:30:09.0883 3244 vmbus - ok
15:30:09.0945 3244 [ DA40BEA0A863CE768C940CA9723BF81F ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
15:30:09.0992 3244 VMBusHID - ok
15:30:10.0102 3244 [ 87FC1DD880E8CAC4FAEBB84AF61A87C4 ] vmci C:\WINDOWS\system32\drivers\vmci.sys
15:30:10.0117 3244 vmci - ok
15:30:10.0149 3244 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
15:30:10.0164 3244 vmicguestinterface - ok
15:30:10.0180 3244 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
15:30:10.0195 3244 vmicheartbeat - ok
15:30:10.0195 3244 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
15:30:10.0211 3244 vmickvpexchange - ok
15:30:10.0211 3244 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
15:30:10.0227 3244 vmicrdv - ok
15:30:10.0227 3244 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
15:30:10.0242 3244 vmicshutdown - ok
15:30:10.0274 3244 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
15:30:10.0289 3244 vmictimesync - ok
15:30:10.0289 3244 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicvss C:\WINDOWS\System32\ICSvc.dll
15:30:10.0289 3244 vmicvss - ok
15:30:10.0336 3244 [ 55D7D963DE85162F1C49721E502F9744 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
15:30:10.0336 3244 volmgr - ok
15:30:10.0367 3244 [ CCB9E901F7254BF96D28EB1B0E5329B7 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
15:30:10.0383 3244 volmgrx - ok
15:30:10.0399 3244 [ 9F9CE33B50611A1C61A46B8911E0B30B ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
15:30:10.0414 3244 volsnap - ok
15:30:10.0445 3244 [ 01355C98B5C3ED1EC446743CDA848FCE ] vpci C:\WINDOWS\System32\drivers\vpci.sys
15:30:10.0445 3244 vpci - ok
15:30:10.0461 3244 [ 4539F45F9F4C9757A86A56C949421E07 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
15:30:10.0477 3244 vsmraid - ok
15:30:10.0524 3244 [ D51D7EF1EA5ED2BB01E9D07E6E0533BC ] VSS C:\WINDOWS\system32\vssvc.exe
15:30:10.0570 3244 VSS - ok
15:30:10.0570 3244 [ 0849B7260F26FE05EA56DED0672E2F4B ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
15:30:10.0586 3244 VSTXRAID - ok
15:30:10.0602 3244 [ BE970C369E43B509C1EDA2B8FA7CECB0 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
15:30:10.0602 3244 vwifibus - ok
15:30:10.0602 3244 [ 6B26AD573CCDD5209DF4397438B76354 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
15:30:10.0617 3244 vwififlt - ok
15:30:10.0633 3244 [ 0B48E0DFB44EE475F4FD8A8EE599AF30 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
15:30:10.0633 3244 vwifimp - ok
15:30:10.0649 3244 [ 7599E582CA3A6AAA95A18FFE1172D339 ] W32Time C:\WINDOWS\system32\w32time.dll
15:30:10.0664 3244 W32Time - ok
15:30:10.0680 3244 [ 0910AB9ED404C1434E2D0376C2AD5D8B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
15:30:10.0680 3244 WacomPen - ok
15:30:10.0695 3244 [ AFCD4054D61BD708B82991348ED1C763 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:30:10.0711 3244 Wanarp - ok
15:30:10.0711 3244 [ AFCD4054D61BD708B82991348ED1C763 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:30:10.0711 3244 Wanarpv6 - ok
15:30:10.0742 3244 [ 92BF4B3EBD6F163B94B7A20C65E7B698 ] wbengine C:\WINDOWS\system32\wbengine.exe
15:30:10.0789 3244 wbengine - ok
15:30:10.0820 3244 [ 58F28103889817C93E5B5AFABC87E709 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
15:30:10.0836 3244 WbioSrvc - ok
15:30:10.0852 3244 [ 772365894F14652D376B2E5030179DC9 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
15:30:10.0867 3244 Wcmsvc - ok
15:30:10.0867 3244 [ D2726823DF7E19F213F4805A9D6D145F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
15:30:10.0883 3244 wcncsvc - ok
15:30:10.0899 3244 [ 846C02A8B48CBD921A3D6AB521AA0DC4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
15:30:10.0914 3244 WcsPlugInService - ok
15:30:10.0945 3244 [ 694B28DE12AD47031FFB4B052662131A ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
15:30:10.0945 3244 WdBoot - ok
15:30:10.0977 3244 [ CB6C63FF8342B467E2EF76E98D5B934D ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
15:30:10.0992 3244 Wdf01000 - ok
15:30:11.0008 3244 [ 0B99529A3BECC3528D865DDECB62503B ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
15:30:11.0024 3244 WdFilter - ok
15:30:11.0039 3244 [ 40C67D1A4891120874767F6E6604D6C5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
15:30:11.0039 3244 WdiServiceHost - ok
15:30:11.0055 3244 [ 40C67D1A4891120874767F6E6604D6C5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
15:30:11.0055 3244 WdiSystemHost - ok
15:30:11.0070 3244 [ 282E7D46310338FF4A6B7680440EB0DA ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
15:30:11.0086 3244 WdNisDrv - ok
15:30:11.0102 3244 WdNisSvc - ok
15:30:11.0117 3244 [ 6588A957873326361AB1CAC4E76F8394 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:30:11.0133 3244 WebClient - ok
15:30:11.0149 3244 [ 3274312F263882B51B964329FAF49734 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
15:30:11.0149 3244 Wecsvc - ok
15:30:11.0180 3244 [ 7CDD84E0023A0C5C230B06A7965EC65E ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
15:30:11.0180 3244 WEPHOSTSVC - ok
15:30:11.0211 3244 [ AA1315B87D9B2E39584165318A59F15D ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
15:30:11.0211 3244 wercplsupport - ok
15:30:11.0242 3244 [ 22B4C24AB921BFF7827FFBCA1F4E1BB3 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
15:30:11.0242 3244 WerSvc - ok
15:30:11.0274 3244 [ CBD20360AAC0A071444CCCEFF3DCE3A2 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
15:30:11.0289 3244 WFPLWFS - ok
15:30:11.0305 3244 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
15:30:11.0305 3244 WiaRpc - ok
15:30:11.0336 3244 [ 867BCC69ED9C31C501465EB0E8BA9DFA ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
15:30:11.0352 3244 WIMMount - ok
15:30:11.0352 3244 WinDefend - ok
15:30:11.0399 3244 [ DD079EC8F44DCA3A176B345C6ADEFB66 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
15:30:11.0414 3244 WinHttpAutoProxySvc - ok
15:30:11.0445 3244 [ 9DB490F3E823C5C3C070644B96CB9D59 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:30:11.0461 3244 Winmgmt - ok
15:30:11.0524 3244 [ 690C3FC5C9DBD6B9AEDF8341EC720E41 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
15:30:11.0586 3244 WinRM - ok
15:30:11.0633 3244 [ 9378B4E7E4E3EAE2F05823CFFF2C6EF4 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
15:30:11.0680 3244 WlanSvc - ok
15:30:11.0695 3244 [ C2838466CCC44FAEF2C3D4C1E5971ECB ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
15:30:11.0727 3244 wlidsvc - ok
15:30:11.0742 3244 [ 2834D9D3B4F554A39C72F00EA3F0E128 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
15:30:11.0742 3244 WmiAcpi - ok
15:30:11.0774 3244 [ 7AFAC828F52D62F304A911EC32F42EEE ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
15:30:11.0774 3244 wmiApSrv - ok
15:30:11.0805 3244 WMPNetworkSvc - ok
15:30:11.0836 3244 [ 53A36BD7ABD1E56C9A0C923F09C717E3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
15:30:11.0883 3244 workfolderssvc - ok
15:30:11.0914 3244 [ E746BCDBA2E02CF6B8D6B26FB167FBE0 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
15:30:11.0977 3244 wpcfltr - ok
15:30:12.0008 3244 [ 4E6A0F60DA7EF050D3D26417CD4D24E9 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
15:30:12.0024 3244 WPCSvc - ok
15:30:12.0039 3244 [ D27491CFCE452C154CECFA155AD0EBC8 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
15:30:12.0055 3244 WPDBusEnum - ok
15:30:12.0055 3244 [ 9F2904B55F6CECCD1A8D986B5CE2609A ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
15:30:12.0070 3244 WpdUpFltr - ok
15:30:12.0102 3244 [ AE072B0339D0A18E455DC21666CAD572 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
15:30:12.0102 3244 ws2ifsl - ok
15:30:12.0117 3244 [ 5CFA46C4ACB2FD70572017052378DAE5 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
15:30:12.0133 3244 wscsvc - ok
15:30:12.0133 3244 WSearch - ok
15:30:12.0195 3244 [ DD988D37D33574D02642E528C8CD8808 ] WSService C:\WINDOWS\System32\WSService.dll
15:30:12.0289 3244 WSService - ok
15:30:12.0383 3244 [ A4158154BABB7A29BF5639CFAB3CEC2C ] wuauserv C:\WINDOWS\system32\wuaueng.dll
15:30:12.0461 3244 wuauserv - ok
15:30:12.0492 3244 [ 2FEAE33E9B2B56104596E1BA444405A9 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
15:30:12.0492 3244 WudfPf - ok
15:30:12.0524 3244 [ 19240C13F526125554B5370566F21A0A ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
15:30:12.0524 3244 WUDFRd - ok
15:30:12.0539 3244 [ 19240C13F526125554B5370566F21A0A ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:30:12.0539 3244 WUDFSensorLP - ok
15:30:12.0555 3244 [ BB73CBC65AABC4EA0A5C6A1474A0A743 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
15:30:12.0555 3244 wudfsvc - ok
15:30:12.0570 3244 [ 19240C13F526125554B5370566F21A0A ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:30:12.0570 3244 WUDFWpdFs - ok
15:30:12.0586 3244 [ 2FA9794CA36147756F3FDFD6CA29B46F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
15:30:12.0602 3244 WwanSvc - ok
15:30:12.0664 3244 X6va015 - ok
15:30:12.0696 3244 [ BB1842E3AA602B401F7692718B0D0F9A ] ZAtheros Wlan Agent C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
15:30:12.0711 3244 ZAtheros Wlan Agent - ok
15:30:12.0711 3244 ================ Scan global ===============================
15:30:12.0742 3244 [ C89780A6F58D113C28A96D85D1261DC5 ] C:\WINDOWS\system32\basesrv.dll
15:30:12.0774 3244 [ 599F1244C60E3D6C28A8DA7FBA7A2C13 ] C:\WINDOWS\system32\winsrv.dll
15:30:12.0805 3244 [ 9C1833ABD62876856836C5AE55C7CE86 ] C:\WINDOWS\system32\sxssrv.dll
15:30:12.0836 3244 [ B4B610BBCB002EC478C6FD80CF915697 ] C:\WINDOWS\system32\services.exe
15:30:12.0852 3244 [Global] - ok
15:30:12.0852 3244 ================ Scan MBR ==================================
15:30:12.0867 3244 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:30:12.0867 3244 \Device\Harddisk0\DR0 - ok
15:30:12.0867 3244 [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk1\DR1
15:30:16.0602 3244 \Device\Harddisk1\DR1 - ok
15:30:16.0602 3244 ================ Scan VBR ==================================
15:30:16.0602 3244 [ 3B0EE38BB6CB982EAC11ED3CBB8123D5 ] \Device\Harddisk0\DR0\Partition1
15:30:16.0618 3244 \Device\Harddisk0\DR0\Partition1 - ok
15:30:16.0618 3244 [ 00801BC484171220C4D09D096C1BB6C6 ] \Device\Harddisk0\DR0\Partition2
15:30:16.0618 3244 \Device\Harddisk0\DR0\Partition2 - ok
15:30:16.0633 3244 [ 0096AFD6D8D625CDE8A96866E06F34D3 ] \Device\Harddisk0\DR0\Partition3
15:30:16.0633 3244 \Device\Harddisk0\DR0\Partition3 - ok
15:30:16.0649 3244 [ 6B5D859FD8EC147C7E4FD73C0B0D782F ] \Device\Harddisk0\DR0\Partition4
15:30:16.0649 3244 \Device\Harddisk0\DR0\Partition4 - ok
15:30:16.0664 3244 [ 819B53CFE12666BD0E2C5CA082A384D7 ] \Device\Harddisk1\DR1\Partition1
15:30:16.0664 3244 \Device\Harddisk1\DR1\Partition1 - ok
15:30:16.0664 3244 ============================================================
15:30:16.0664 3244 Scan finished
15:30:16.0664 3244 ============================================================
15:30:16.0664 3528 Detected object count: 0
15:30:16.0664 3528 Actual detected object count: 0
15:30:20.0883 3712 Deinitialize success

[Reklama]

[Empiik]

# AdwCleaner v3.012 - Report created 13/11/2013 at 15:41:32
# Updated 11/11/2013 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Roman - EMPIIK
# Running from : C:\Users\Roman\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files (x86)\Conduit

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\Software\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384


-\\ Mozilla Firefox v25.0 (cs)

[ File : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\c5r8i9aw.default\prefs.js ]


-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1629 octets] - [11/11/2013 17:23:10]
AdwCleaner[R1].txt - [1437 octets] - [13/11/2013 15:40:45]
AdwCleaner[S0].txt - [1376 octets] - [13/11/2013 15:41:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1436 octets] ##########

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Empiik]

Při spuštění Combofixu vyskočí tato hláška ..

[jaro3]

Zkus ho spustit v nouz. režimu.

[Empiik]

v nouzovém režimu to napíše to samý .

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[Empiik]

OTL logfile created on: 14. 11. 2013 20:00:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Roman\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16384)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

1,82 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,15% Memory free
2,79 Gb Paging File | 1,83 Gb Available in Paging File | 65,60% Paging File free
Paging file location(s): c:\pagefile.sys 1000 1000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 464,95 Gb Total Space | 410,97 Gb Free Space | 88,39% Space Free | Partition Type: NTFS
Drive E: | 128,00 Mb Total Space | 108,48 Mb Free Space | 84,76% Space Free | Partition Type: NTFS
Drive G: | 399,00 Mb Total Space | 365,48 Mb Free Space | 91,60% Space Free | Partition Type: NTFS

Computer Name: EMPIIK | User Name: Roman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/14 19:59:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Roman\Desktop\OTL.exe
PRC - [2013/11/10 20:04:42 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/11/10 20:04:41 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/11/10 17:17:12 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
PRC - [2013/09/18 12:51:02 | 000,106,472 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
PRC - [2013/01/17 19:27:30 | 000,111,216 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\RadioController\RfBtnHelper.exe
PRC - [2012/12/10 09:39:12 | 000,475,984 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2012/12/10 09:39:09 | 000,350,544 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2012/12/10 09:39:08 | 001,192,784 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2012/11/09 10:28:38 | 000,081,536 | ---- | M] (Atheros) -- C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
PRC - [2012/07/18 01:10:34 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/18 01:10:32 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/18 01:10:18 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/04/24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
PRC - [2011/11/26 01:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/10 20:04:47 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/10 20:04:41 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/09/30 05:06:58 | 001,581,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/09/30 05:06:52 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/09/30 05:06:52 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/09/30 05:06:52 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/09/30 05:06:52 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/09/30 05:06:51 | 001,302,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013/09/30 05:06:51 | 000,261,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/08/22 13:39:24 | 003,395,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/08/22 13:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/08/22 13:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 12:03:23 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/08/22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 11:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 10:58:42 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/08/22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 10:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 10:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/11/16 23:07:20 | 000,469,648 | ---- | M] (Acer Incorporated) [On_Demand | Stopped] -- C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe -- (DeviceFastLaneService)
SRV:64bit: - [2012/10/23 20:26:26 | 000,658,064 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2012/08/21 01:36:22 | 000,176,640 | ---- | M] (Broadcom Corp.) [Auto | Running] -- C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe -- (BrcmCardReader)
SRV:64bit: - [2012/04/20 23:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013/10/26 02:53:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/12 13:15:28 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/30 05:06:51 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/09/18 12:51:02 | 000,106,472 | ---- | M] (Razer Inc.) [Auto | Running] -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe -- (RzKLService)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/09 16:26:10 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/01/17 19:27:30 | 000,096,880 | ---- | M] (Dritek System INC.) [Auto | Running] -- C:\Windows\RfBtnSvc64.exe -- (RfButtonDriverService)
SRV - [2012/12/10 09:39:09 | 000,350,544 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2012/11/09 10:28:38 | 000,081,536 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2012/07/18 01:10:34 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/18 01:10:32 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/18 01:10:18 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/04/24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2011/11/26 01:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/11 15:14:14 | 000,409,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2013/11/10 20:04:55 | 001,032,416 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/11/10 20:04:55 | 000,205,320 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/11/10 20:04:55 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/11/10 20:04:54 | 000,084,328 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/11/10 20:04:54 | 000,038,984 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/11/10 20:04:53 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/09/30 05:06:52 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/09/30 05:06:51 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/09/30 05:06:51 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/09/30 05:06:50 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/09/30 05:06:50 | 000,371,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/09/30 05:06:50 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/09/30 05:06:50 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/09/30 04:58:15 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/09/30 04:58:11 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 13:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 13:43:34 | 000,325,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/08/22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 13:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 13:43:31 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/08/22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 13:43:31 | 000,056,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/08/22 13:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 13:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 13:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/08/22 13:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/08/22 13:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/08/22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 12:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 12:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/03 17:12:32 | 000,046,136 | -H-- | M] (LogMeIn Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Hamdrv.sys -- (Hamachi)
DRV:64bit: - [2013/06/27 08:07:42 | 005,361,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/06/18 15:45:14 | 000,425,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2013/06/18 15:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2013/01/17 19:27:30 | 000,026,736 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aPs2Kb2Hid.sys -- (Ps2Kb2Hid)
DRV:64bit: - [2012/11/20 11:48:40 | 000,331,152 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012/08/16 22:33:42 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/08/14 20:15:36 | 000,070,744 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:64bit: - [2012/08/13 19:59:42 | 000,072,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:64bit: - [2012/08/13 19:59:42 | 000,021,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:64bit: - [2012/07/02 23:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/19 15:40:51 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/06/19 01:20:52 | 000,055,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:64bit: - [2012/05/26 01:56:14 | 000,168,608 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NARAx64\0401000.00E\ccSetx64.sys -- (ccSet_NARA)
DRV:64bit: - [2011/08/08 14:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {5ED96990-4810-4F04-9E5F-1B897391C0A0}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{5ED96990-4810-4F04-9E5F-1B897391C0A0}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{5ED96990-4810-4F04-9E5F-1B897391C0A0}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{FE24DC42-D4C7-4C6B-9229-6BB265F6D679}: "URL" = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:8.5.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/11/10 20:05:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/11/11 15:34:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman\AppData\Roaming\mozilla\Extensions
[2013/11/11 15:35:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions
[2013/11/11 15:35:30 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2013/11/11 15:28:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/11 15:28:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.seznam.cz/?clid=12454
CHR - Extension: Dokumenty Google = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1\
CHR - Extension: Disk Google = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: YouTube = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: avast! Online Security = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/08/22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)

[Empiik]

O4 - HKLM..\Run: [LManager] File not found
O4 - HKLM..\Run: [RadioController] C:\Program Files (x86)\RadioController\RfBtnHelper.exe (Dritek System Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3FB09A54-5C0C-49D2-9010-C2063241A82B}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F533E45A-CA22-4FD7-B6A2-D072C9F1C8B1}: DhcpNameServer = 150.200.3.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4b7445f5-60d1-11e2-be69-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4b7445f5-60d1-11e2-be69-806e6f6e6963}\Shell\AutoRun\command - "" = "D:\setup.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/14 19:59:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Roman\Desktop\OTL.exe
[2013/11/14 17:20:33 | 000,000,000 | ---D | C] -- C:\Users\Roman\Desktop\Untitled
[2013/11/13 18:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2013/11/12 21:16:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/11/11 17:23:08 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/11 16:51:16 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\CrashDumps
[2013/11/11 16:50:08 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\Malwarebytes
[2013/11/11 16:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/11/11 15:38:17 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_39.dll
[2013/11/11 15:38:17 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_2.dll
[2013/11/11 15:38:17 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_39.dll
[2013/11/11 15:38:17 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_1.dll
[2013/11/11 15:38:16 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_39.dll
[2013/11/11 15:37:58 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\PMB Files
[2013/11/11 15:37:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013/11/11 15:34:36 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\Mozilla
[2013/11/11 15:28:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/11/11 15:09:46 | 000,000,000 | -HSD | C] -- C:\found.003
[2013/11/10 23:28:49 | 000,000,000 | -HSD | C] -- C:\found.002
[2013/11/10 23:28:49 | 000,000,000 | -HSD | C] -- C:\found.001
[2013/11/10 20:06:39 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\AVAST Software
[2013/11/10 20:06:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2013/11/10 20:05:10 | 001,032,416 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2013/11/10 20:05:10 | 000,409,832 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys
[2013/11/10 20:05:09 | 000,084,328 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2013/11/10 20:05:08 | 000,092,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2013/11/10 20:05:08 | 000,038,984 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswFsBlk.sys
[2013/11/10 20:05:06 | 000,334,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2013/11/10 20:04:50 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/11/10 20:03:48 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/11/10 20:02:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/11/10 19:31:03 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\FLT
[2013/11/10 19:31:02 | 000,000,000 | ---D | C] -- C:\Users\Roman\Documents\Klei
[2013/11/10 19:29:21 | 000,000,000 | ---D | C] -- C:\Herní Folder
[2013/11/10 17:32:22 | 000,000,000 | ---D | C] -- C:\Users\Roman\Documents\Razer
[2013/11/10 17:13:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/11/10 17:11:59 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\Deployment
[2013/11/10 13:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/11/10 13:52:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/11/10 13:52:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/11/10 13:52:17 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2013/11/10 13:52:04 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2013/11/10 13:52:04 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2013/11/10 13:52:04 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2013/11/10 13:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/11/10 13:51:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/11/10 12:26:13 | 000,000,000 | -HSD | C] -- C:\found.000
[2013/11/09 19:07:08 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2013/11/09 18:50:42 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\xc341db93fc3c3195
[2013/11/09 18:48:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ISO Creator
[2013/11/09 18:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO Creator
[2013/11/08 21:14:16 | 000,000,000 | ---D | C] -- C:\Users\Roman\Documents\Unleashed
[2013/11/08 20:36:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LSoft Technologies
[2013/11/07 22:09:06 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\TuneUp Software
[2013/11/07 22:08:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2013/11/07 22:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013/11/07 22:08:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/11/07 22:03:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2013/11/07 22:03:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/11/07 20:44:39 | 000,000,000 | R--D | C] -- C:\Users\Roman\SkyDrive
[2013/11/05 19:28:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2013/11/05 19:27:35 | 000,039,024 | ---- | C] (VMware, Inc.) -- C:\WINDOWS\SysNative\drivers\hcmon.sys
[2013/11/05 19:26:12 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2013/11/05 19:25:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2013/11/05 14:58:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2013/11/05 14:54:56 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013/11/03 20:35:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs
[2013/11/03 20:17:52 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\SplitMediaLabs
[2013/11/03 20:17:18 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs
[2013/11/03 20:16:23 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\SplitMediaLabs
[2013/11/03 10:10:58 | 000,000,000 | ---D | C] -- C:\Users\Roman\openvr
[2013/11/03 10:05:40 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\TeknoGods
[2013/11/03 09:38:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seznam.cz
[2013/11/03 09:38:09 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\Seznam.cz
[2013/11/03 09:36:22 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\DAEMON Tools Lite
[2013/11/03 09:35:54 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013/11/02 22:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013/11/02 22:01:50 | 000,000,000 | ---D | C] -- C:\Users\Roman\Documents\iMacros
[2013/11/02 21:02:14 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\OBS
[2013/11/02 20:50:42 | 000,000,000 | ---D | C] -- C:\Users\Roman\Documents\Camtasia Studio
[2013/11/01 20:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2013/11/01 20:03:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
[2013/11/01 20:03:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013/11/01 20:03:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2013/10/31 19:59:20 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\Razer
[2013/10/31 19:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
[2013/10/31 19:58:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2013/10/31 16:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Source
[2013/10/30 20:33:58 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/10/30 11:53:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameforgeLive
[2013/10/29 01:41:03 | 000,872,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2013/10/29 01:41:02 | 000,698,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2013/10/28 15:01:51 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\Audacity
[2013/10/27 13:54:37 | 000,000,000 | ---D | C] -- C:\Games
[2013/10/27 11:44:02 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\morpheus
[2013/10/26 15:04:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\alaplaya
[2013/10/26 14:43:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Solid State Networks
[2013/10/25 21:38:58 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\Diagnostics
[2013/10/25 17:27:47 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\ftblauncher
[2013/10/25 07:02:01 | 000,000,000 | ---D | C] -- C:\Users\Roman\Documents\DUM 1 pdf
[2013/10/22 20:18:13 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_7.dll
[2013/10/22 20:18:13 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_7.dll
[2013/10/22 20:18:13 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_5.dll
[2013/10/22 20:18:13 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_5.dll
[2013/10/22 20:18:12 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_43.dll
[2013/10/22 20:18:12 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_7.dll
[2013/10/22 20:18:12 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_7.dll
[2013/10/22 20:18:10 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dcsx_43.dll
[2013/10/22 20:18:10 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx11_43.dll
[2013/10/22 20:18:09 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_43.dll
[2013/10/22 20:18:07 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_43.dll
[2013/10/22 20:18:05 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_6.dll
[2013/10/22 20:18:05 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_6.dll
[2013/10/22 20:18:05 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_4.dll
[2013/10/22 20:18:04 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_5.dll
[2013/10/22 20:18:04 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_5.dll
[2013/10/22 20:18:04 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_7.dll
[2013/10/22 20:18:03 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_42.dll
[2013/10/22 20:18:03 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_42.dll
[2013/10/22 20:18:03 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_5.dll
[2013/10/22 20:18:03 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_5.dll
[2013/10/22 20:18:02 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dcsx_42.dll
[2013/10/22 20:18:02 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dcsx_42.dll
[2013/10/22 20:18:01 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_42.dll
[2013/10/22 20:18:01 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_42.dll
[2013/10/22 20:18:01 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx11_42.dll
[2013/10/22 20:18:01 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx11_42.dll
[2013/10/22 20:18:00 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_42.dll
[2013/10/22 20:18:00 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_42.dll
[2013/10/22 20:17:59 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_41.dll
[2013/10/22 20:17:59 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_41.dll
[2013/10/22 20:17:59 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_41.dll
[2013/10/22 20:17:59 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_41.dll
[2013/10/22 20:17:58 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_41.dll
[2013/10/22 20:17:56 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_4.dll
[2013/10/22 20:17:56 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_4.dll
[2013/10/22 20:17:56 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_3.dll
[2013/10/22 20:17:56 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_3.dll
[2013/10/22 20:17:55 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_4.dll
[2013/10/22 20:17:55 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_4.dll
[2013/10/22 20:17:55 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_6.dll
[2013/10/22 20:17:55 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_6.dll
[2013/10/22 20:17:53 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_40.dll
[2013/10/22 20:17:53 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_40.dll
[2013/10/22 20:17:53 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_40.dll
[2013/10/22 20:17:53 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_40.dll
[2013/10/22 20:17:52 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_40.dll
[2013/10/22 20:17:52 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_40.dll
[2013/10/22 20:17:51 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_3.dll
[2013/10/22 20:17:51 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_3.dll
[2013/10/22 20:17:51 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_3.dll
[2013/10/22 20:17:51 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_3.dll
[2013/10/22 20:17:51 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_2.dll
[2013/10/22 20:17:51 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_2.dll
[2013/10/22 20:17:51 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_5.dll
[2013/10/22 20:17:51 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_5.dll
[2013/10/22 20:17:49 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_2.dll
[2013/10/22 20:17:49 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_2.dll
[2013/10/22 20:17:49 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_2.dll
[2013/10/22 20:17:49 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_1.dll
[2013/10/22 20:17:47 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_39.dll
[2013/10/22 20:17:47 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_39.dll
[2013/10/22 20:17:45 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_39.dll
[2013/10/22 20:17:44 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_1.dll
[2013/10/22 20:17:44 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_1.dll
[2013/10/22 20:17:44 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_1.dll
[2013/10/22 20:17:44 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_1.dll
[2013/10/22 20:17:44 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_0.dll
[2013/10/22 20:17:44 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_0.dll
[2013/10/22 20:17:43 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_4.dll
[2013/10/22 20:17:43 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_4.dll
[2013/10/22 20:17:42 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_38.dll
[2013/10/22 20:17:42 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_38.dll
[2013/10/22 20:17:42 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_38.dll
[2013/10/22 20:17:42 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_38.dll
[2013/10/22 20:17:42 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_38.dll
[2013/10/22 20:17:42 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_38.dll
[2013/10/22 20:17:40 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_0.dll
[2013/10/22 20:17:40 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_0.dll
[2013/10/22 20:17:39 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_0.dll
[2013/10/22 20:17:39 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_0.dll
[2013/10/22 20:17:39 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_3.dll
[2013/10/22 20:17:39 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_3.dll
[2013/10/22 20:17:38 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_37.dll
[2013/10/22 20:17:38 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_37.dll
[2013/10/22 20:17:38 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_37.dll
[2013/10/22 20:17:38 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_37.dll
[2013/10/22 20:17:37 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_37.dll
[2013/10/22 20:17:37 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_37.dll
[2013/10/22 20:17:33 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_10.dll
[2013/10/22 20:17:33 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_10.dll
[2013/10/22 20:17:30 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_36.dll
[2013/10/22 20:17:30 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_36.dll
[2013/10/22 20:17:30 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_36.dll
[2013/10/22 20:17:30 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_36.dll
[2013/10/22 20:17:27 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_36.dll
[2013/10/22 20:17:27 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_36.dll
[2013/10/22 20:17:24 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_35.dll
[2013/10/22 20:17:24 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_35.dll
[2013/10/22 20:17:24 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_35.dll
[2013/10/22 20:17:24 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_35.dll
[2013/10/22 20:17:24 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_9.dll
[2013/10/22 20:17:24 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_9.dll
[2013/10/22 20:17:23 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_35.dll
[2013/10/22 20:17:23 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_35.dll
[2013/10/22 20:17:22 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_8.dll
[2013/10/22 20:17:22 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_8.dll
[2013/10/22 20:17:22 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_2.dll
[2013/10/22 20:17:22 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_2.dll
[2013/10/22 20:17:21 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_34.dll
[2013/10/22 20:17:21 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_34.dll
[2013/10/22 20:17:21 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_34.dll
[2013/10/22 20:17:21 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_34.dll
[2013/10/22 20:17:21 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_34.dll
[2013/10/22 20:17:21 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_34.dll
[2013/10/22 20:17:20 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_3.dll
[2013/10/22 20:17:19 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_7.dll
[2013/10/22 20:17:19 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_7.dll
[2013/10/22 20:17:18 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_33.dll
[2013/10/22 20:17:18 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_33.dll
[2013/10/22 20:17:18 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_33.dll
[2013/10/22 20:17:18 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_33.dll
[2013/10/22 20:17:17 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_33.dll
[2013/10/22 20:17:16 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_6.dll
[2013/10/22 20:17:16 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_6.dll
[2013/10/22 20:17:14 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10.dll
[2013/10/22 20:17:14 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10.dll
[2013/10/22 20:17:14 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_5.dll
[2013/10/22 20:17:14 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_5.dll
[2013/10/22 20:17:13 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_32.dll
[2013/10/22 20:17:13 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_32.dll
[2013/10/22 20:17:12 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_4.dll
[2013/10/22 20:17:12 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_4.dll
[2013/10/22 20:17:12 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\x3daudio1_1.dll
[2013/10/22 20:17:12 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\x3daudio1_1.dll
[2013/10/22 20:17:11 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_31.dll
[2013/10/22 20:17:11 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_31.dll
[2013/10/22 20:17:11 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_3.dll
[2013/10/22 20:17:11 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_3.dll
[2013/10/22 20:17:10 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_2.dll
[2013/10/22 20:17:10 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_2.dll
[2013/10/22 20:17:10 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_2.dll
[2013/10/22 20:17:10 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_2.dll
[2013/10/22 20:17:09 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_1.dll
[2013/10/22 20:17:09 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_1.dll
[2013/10/22 20:17:05 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_1.dll
[2013/10/22 20:17:05 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_1.dll
[2013/10/22 20:16:58 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_30.dll
[2013/10/22 20:16:58 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_30.dll
[2013/10/22 20:16:57 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_0.dll
[2013/10/22 20:16:57 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_0.dll
[2013/10/22 20:16:57 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\x3daudio1_0.dll
[2013/10/22 20:16:57 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\x3daudio1_0.dll
[2013/10/22 20:16:56 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_29.dll
[2013/10/22 20:16:56 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_28.dll
[2013/10/22 20:16:56 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_29.dll
[2013/10/22 20:16:56 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_28.dll
[2013/10/22 20:16:55 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_27.dll
[2013/10/22 20:16:55 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_27.dll
[2013/10/22 20:16:54 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_26.dll
[2013/10/22 20:16:54 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_26.dll
[2013/10/22 20:16:53 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_25.dll
[2013/10/22 20:16:53 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_25.dll
[2013/10/22 20:16:51 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_24.dll
[2013/10/22 20:16:51 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_24.dll
[2013/10/22 20:16:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
[2013/10/22 20:02:57 | 000,000,000 | ---D | C] -- C:\Hry
[2013/10/22 19:24:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Symantec
[2013/10/22 18:29:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/10/22 18:26:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/10/22 18:25:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2013/10/22 18:21:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/10/22 18:20:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/10/22 18:20:16 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\Microsoft Help
[2013/10/22 18:19:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/10/22 18:19:28 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/10/20 19:14:26 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\.technic
[2013/10/20 14:55:47 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice
[2013/10/20 10:16:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
[2013/10/20 09:54:45 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\Programs
[2013/10/19 22:59:21 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\PackageStaging
[2013/10/19 16:07:46 | 000,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2013/10/18 20:07:28 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013/10/18 20:07:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2013/10/18 20:06:19 | 002,144,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013/10/18 20:06:19 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2013/10/18 20:06:19 | 001,765,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2013/10/18 20:06:19 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013/10/18 20:06:19 | 001,286,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2013/10/18 20:06:19 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2013/10/18 20:06:19 | 000,977,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2013/10/18 20:06:19 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2013/10/18 20:06:19 | 000,837,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013/10/18 20:06:19 | 000,698,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013/10/18 20:06:19 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2013/10/18 20:06:19 | 000,516,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2013/10/18 20:06:19 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2013/10/18 20:06:19 | 000,294,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2013/10/18 20:06:19 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/10/18 20:06:19 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2013/10/18 20:06:19 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/10/18 20:04:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2013/10/18 20:04:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2013/10/18 20:04:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer
[2013/10/18 20:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/10/18 20:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/10/18 20:03:22 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2013/10/18 20:03:22 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/10/18 20:03:22 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2013/10/18 20:03:21 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2013/10/18 20:03:20 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/10/18 20:03:19 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2013/10/18 19:40:45 | 000,000,000 | R--D | C] -- C:\Users\Roman\SkyDrive.old
[2013/10/18 19:33:22 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\Identities
[2013/10/18 19:28:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2013/10/18 19:28:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2013/10/18 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2013/10/18 19:28:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2013/10/18 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2013/10/18 19:28:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2013/10/18 19:28:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2013/10/18 19:28:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2013/10/18 19:14:51 | 000,000,000 | --SD | C] -- C:\Users\Roman\AppData\Roaming\Microsoft
[2013/10/18 19:14:51 | 000,000,000 | R--D | C] -- C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/10/18 19:14:51 | 000,000,000 | R--D | C] -- C:\Users\Roman\Favorites
[2013/10/18 19:14:51 | 000,000,000 | R--D | C] -- C:\Users\Roman\Documents
[2013/10/18 19:14:51 | 000,000,000 | R--D | C] -- C:\Users\Roman\Desktop
[2013/10/18 19:14:51 | 000,000,000 | R--D | C] -- C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/10/18 19:14:51 | 000,000,000 | R--D | C] -- C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/10/18 19:14:51 | 000,000,000 | -HSD | C] -- C:\Users\Roman\AppData\Local\Temporary Internet Files
[2013/10/18 19:14:51 | 000,000,000 | -HSD | C] -- C:\Users\Roman\Šablony
[2013/10/18 19:14:51 | 000,000,000 | -HSD | C] -- C:\Users\Roman\Soubory cookie
[2013/10/18 19:14:51 | 000,000,000 | -HSD | C] -- C:\Users\Roman\SendTo
[2013/10/18 19:14:51 | 000,000,000 | -HSD | C] -- C:\Users\Roman\Poslední
[2013/10/18 19:14:51 | 000,000,000 | -HSD | C] -- C:\Users\Roman\Okolní tiskárny
[2013/10/18 19:14:51 | 000,000,000 | -HSD | C] -- C:\Users\Roman\Okolní síť
[2013/10/18 19:14:51 | 000,000,000 | -HSD | C] -- C:\Users\Roman\Documents\Obrázky
[2013/10/18 19:14:51 | 000,000,000 | -HSD | C] -- C:\Users\Roman\Nabídka Start
[2013/10/18 19:14:51 | 000,000,000 | -HSD | C] -- C:\Users\Roman\Local Settings
[2013/10/18 19:14:51 | 000,000,000 | -HSD | C] -- C:\Users\Roman\Documents\Hudba
[2013/10/18 19:14:51 | 000,000,000 | -HSD | C] -- C:\Users\Roman\AppData\Local\History
[2013/10/18 19:14:51 | 000,000,000 | -HSD | C] -- C:\Users\Roman\Documents\Filmy
[2013/10/18 19:14:51 | 000,000,000 | -HSD | C] -- C:\Users\Roman\Dokumenty
[2013/10/18 19:14:51 | 000,000,000 | -HSD | C] -- C:\Users\Roman\Data aplikací
[2013/10/18 19:14:51 | 000,000,000 | -HSD | C] -- C:\Users\Roman\AppData\Local\Data aplikací
[2013/10/18 19:14:51 | 000,000,000 | -H-D | C] -- C:\Users\Roman\AppData
[2013/10/18 19:14:51 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\Temp
[2013/10/18 19:14:51 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\Microsoft
[2013/10/18 19:14:51 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/10/18 19:09:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2013/10/18 19:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/10/18 19:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2013/10/18 19:09:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013/10/18 19:08:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/10/18 14:09:50 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\SFBot
[2013/10/18 14:07:45 | 000,000,000 | ---D | C] -- C:\Users\Roman\SFBot_v2.1.0
[2013/10/16 22:51:00 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Local\LogMeIn
[2013/10/16 22:51:00 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2013/10/16 22:24:39 | 000,000,000 | ---D | C] -- C:\Users\Roman\Documents\My Games
[2013/10/16 22:20:10 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_6.dll
[2013/10/16 22:20:10 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_4.dll
[2013/10/16 22:20:07 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_41.dll
[2013/10/16 22:20:07 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_6.dll
[2013/10/16 22:20:07 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_3.dll
[2013/10/16 22:20:07 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_7.dll
[2013/10/16 22:20:06 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_33.dll
[2013/10/16 22:19:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2013/10/16 19:11:18 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

========== Files - Modified Within 30 Days ==========

[2013/11/14 19:59:54 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/11/14 19:59:22 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/14 19:59:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Roman\Desktop\OTL.exe
[2013/11/14 19:58:28 | 000,000,960 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/14 19:57:19 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/11/14 19:57:16 | 1561,346,048 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/14 19:22:02 | 000,000,964 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/14 19:10:01 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/11/13 21:58:35 | 000,000,894 | ---- | M] () -- C:\Users\Roman\Desktop\FTB.lnk
[2013/11/13 18:38:12 | 000,001,323 | ---- | M] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk
[2013/11/11 15:38:08 | 000,001,625 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2013/11/11 15:17:48 | 001,753,924 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013/11/11 15:17:48 | 000,742,608 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2013/11/11 15:17:48 | 000,725,160 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013/11/11 15:17:48 | 000,152,820 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2013/11/11 15:17:48 | 000,136,802 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013/11/11 15:14:14 | 000,409,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswsp.sys
[2013/11/10 23:07:20 | 002,769,938 | ---- | M] () -- C:\Users\Roman\Documents\AngryBirds.themepack
[2013/11/10 22:39:52 | 005,385,614 | ---- | M] () -- C:\Users\Roman\Desktop\Kopej.psd
[2013/11/10 20:48:59 | 000,001,269 | ---- | M] () -- C:\Users\Roman\Desktop\Photoshop.lnk
[2013/11/10 20:04:55 | 001,032,416 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2013/11/10 20:04:55 | 000,205,320 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2013/11/10 20:04:55 | 000,065,776 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2013/11/10 20:04:54 | 000,334,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2013/11/10 20:04:54 | 000,084,328 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2013/11/10 20:04:54 | 000,038,984 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswFsBlk.sys
[2013/11/10 20:04:53 | 000,092,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2013/11/10 20:04:50 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/11/10 13:51:48 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2013/11/10 13:51:48 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2013/11/10 13:51:48 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2013/11/10 13:51:47 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2013/11/05 19:54:37 | 000,016,260 | ---- | M] () -- C:\WINDOWS\SysNative\results.xml
[2013/11/05 19:47:53 | 000,046,986 | ---- | M] () -- C:\Users\Roman\Documents\cc_20131105_194746.reg
[2013/11/05 19:27:19 | 000,001,024 | ---- | M] () -- C:\.rnd
[2013/11/05 19:27:14 | 001,772,950 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/11/04 22:08:02 | 000,001,153 | ---- | M] () -- C:\Users\Roman\Desktop\FIFA 14.lnk
[2013/11/03 18:59:21 | 000,004,096 | -H-- | M] () -- C:\Users\Roman\Desktop\photothumb.db
[2013/11/03 18:57:59 | 000,006,144 | -H-- | M] () -- C:\Users\Roman\Documents\photothumb.db
[2013/11/03 15:09:38 | 000,002,562 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2013/11/03 15:09:38 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2013/11/02 20:53:39 | 000,004,608 | ---- | M] () -- C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/11/01 20:08:27 | 000,000,592 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk
[2013/11/01 20:03:26 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 8.lnk
[2013/10/31 17:36:08 | 000,002,592 | ---- | M] () -- C:\{5D6037DA-F62C-4E15-8B80-C48A1DF69DEE}
[2013/10/30 20:36:02 | 000,173,674 | ---- | M] () -- C:\Users\Roman\Documents\cc_20131030_203547.reg
[2013/10/23 12:01:19 | 000,872,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2013/10/23 09:59:16 | 000,698,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2013/10/22 19:13:52 | 000,481,432 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013/10/19 20:01:47 | 000,020,957 | ---- | M] () -- C:\Users\Roman\Documents\photo.jpg
[2013/10/19 15:44:03 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/10/18 20:06:19 | 002,144,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013/10/18 20:06:19 | 002,140,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2013/10/18 20:06:19 | 001,765,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2013/10/18 20:06:19 | 001,765,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013/10/18 20:06:19 | 001,286,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2013/10/18 20:06:19 | 001,217,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2013/10/18 20:06:19 | 000,977,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2013/10/18 20:06:19 | 000,909,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2013/10/18 20:06:19 | 000,837,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013/10/18 20:06:19 | 000,698,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013/10/18 20:06:19 | 000,621,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2013/10/18 20:06:19 | 000,516,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2013/10/18 20:06:19 | 000,382,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2013/10/18 20:06:19 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2013/10/18 20:06:19 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/10/18 20:06:19 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2013/10/18 20:06:19 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/10/18 19:40:32 | 000,001,744 | ---- | M] () -- C:\{6109A066-1628-40B1-AFF9-3BDCE99893AE}
[2013/10/18 19:27:23 | 000,022,924 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat

========== Files Created - No Company Name ==========

[2013/11/13 21:58:35 | 000,000,894 | ---- | C] () -- C:\Users\Roman\Desktop\FTB.lnk
[2013/11/13 18:38:12 | 000,001,323 | ---- | C] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk
[2013/11/11 15:38:08 | 000,001,625 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2013/11/11 15:28:51 | 000,001,147 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/11/10 23:07:19 | 002,769,938 | ---- | C] () -- C:\Users\Roman\Documents\AngryBirds.themepack
[2013/11/10 22:39:50 | 005,385,614 | ---- | C] () -- C:\Users\Roman\Desktop\Kopej.psd
[2013/11/10 20:48:59 | 000,001,269 | ---- | C] () -- C:\Users\Roman\Desktop\Photoshop.lnk
[2013/11/10 20:05:12 | 000,205,320 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2013/11/10 20:05:11 | 000,065,776 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2013/11/10 17:13:40 | 000,002,175 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/11/10 17:12:37 | 000,000,964 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/10 17:12:36 | 000,000,960 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/05 19:47:51 | 000,046,986 | ---- | C] () -- C:\Users\Roman\Documents\cc_20131105_194746.reg
[2013/11/05 19:27:19 | 000,001,024 | ---- | C] () -- C:\.rnd
[2013/11/05 19:27:14 | 001,772,950 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/11/04 22:08:02 | 000,001,153 | ---- | C] () -- C:\Users\Roman\Desktop\FIFA 14.lnk
[2013/11/03 18:57:59 | 000,006,144 | -H-- | C] () -- C:\Users\Roman\Documents\photothumb.db
[2013/11/01 20:08:27 | 000,000,592 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk
[2013/11/01 20:03:25 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 8.lnk
[2013/10/31 17:36:04 | 000,002,592 | ---- | C] () -- C:\{5D6037DA-F62C-4E15-8B80-C48A1DF69DEE}
[2013/10/30 20:35:51 | 000,173,674 | ---- | C] () -- C:\Users\Roman\Documents\cc_20131030_203547.reg
[2013/10/30 17:42:46 | 000,004,096 | -H-- | C] () -- C:\Users\Roman\Desktop\photothumb.db
[2013/10/29 19:23:18 | 000,001,003 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lamer.lnk
[2013/10/19 20:01:47 | 000,020,957 | ---- | C] () -- C:\Users\Roman\Documents\photo.jpg
[2013/10/19 15:44:03 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/10/18 19:40:32 | 000,001,744 | ---- | C] () -- C:\{6109A066-1628-40B1-AFF9-3BDCE99893AE}
[2013/10/18 19:33:52 | 000,001,438 | ---- | C] () -- C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/10/18 19:29:40 | 001,753,924 | ---- | C] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013/10/18 19:27:23 | 000,022,924 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013/10/18 19:18:13 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/10/18 19:15:06 | 000,002,562 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2013/10/18 19:15:06 | 000,001,908 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2013/10/12 22:45:40 | 000,004,608 | ---- | C] () -- C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 04:17:46 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/08/22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/06/27 08:07:38 | 000,077,312 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2012/12/14 01:42:30 | 000,963,452 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2012/12/14 01:42:28 | 000,272,928 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012/04/20 22:59:44 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2013/10/22 20:16:35 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/09/30 05:06:52 | 021,195,128 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/09/30 05:06:57 | 018,640,456 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/12 21:54:51 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\.minecraft
[2013/11/06 07:58:08 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\.technic
[2013/11/02 23:23:57 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Audacity
[2013/11/10 20:06:39 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\AVAST Software
[2013/11/10 13:49:09 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\BitTorrent
[2013/10/12 19:52:40 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\BitTorrent Sync
[2013/11/10 13:55:57 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DAEMON Tools Lite
[2013/10/25 17:34:57 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\ftblauncher
[2013/10/12 12:55:22 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\lm
[2013/10/12 15:03:36 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\LolClient
[2013/11/02 21:02:14 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\OBS
[2013/11/10 17:07:50 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Opera Software
[2013/11/04 19:55:12 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Origin
[2013/10/13 09:52:26 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\PhotoScape
[2013/11/11 15:37:26 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Riot Games
[2013/11/10 13:46:29 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Seznam.cz
[2013/10/18 14:21:07 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\SFBot
[2013/11/03 20:16:23 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\SplitMediaLabs
[2013/10/12 20:49:37 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\TechSmith
[2013/11/14 19:50:42 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\TS3Client
[2013/11/07 22:09:06 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\TuneUp Software

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 237 bytes -> C:\Users\Roman\SkyDrive.old:ms-properties
@Alternate Data Stream - 183 bytes -> C:\Users\Roman\SkyDrive:ms-properties
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:9638A27E

< End of report >

[Empiik]

OTL Extras logfile created on: 14. 11. 2013 20:00:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Roman\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16384)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

1,82 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,15% Memory free
2,79 Gb Paging File | 1,83 Gb Available in Paging File | 65,60% Paging File free
Paging file location(s): c:\pagefile.sys 1000 1000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 464,95 Gb Total Space | 410,97 Gb Free Space | 88,39% Space Free | Partition Type: NTFS
Drive E: | 128,00 Mb Total Space | 108,48 Mb Free Space | 84,76% Space Free | Partition Type: NTFS
Drive G: | 399,00 Mb Total Space | 365,48 Mb Free Space | 91,60% Space Free | Partition Type: NTFS

Computer Name: EMPIIK | User Name: Roman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1219F774-F1CE-44F3-ABF3-0828CE9A90BB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1A55B834-EEFE-47F0-AF48-CC4C28C0D1CE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{26ECE1CF-4C52-45FF-B9C5-78FC3385B458}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6CC075BD-F6B5-4174-9E27-68339005066C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6F70E34A-81D9-4369-BFCE-4437147A7EBD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD016072-2924-4599-A255-4477006FEF34}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C7171905-ABFC-457E-9325-009AD6BF4461}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CEAB877B-4A73-4C3D-8A69-7256DA540CEF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D4B689B3-C028-45DB-9193-A45F5DCB15EF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{E08471BF-B798-48A9-9D0C-A5A0D416E87A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DCDF8AB-2E79-4F0B-ABBB-119A0702CF2C}" = dir=out | name=sonicwall mobile connect |
"{140E25AD-3B1D-4B42-A1B7-DB6368A9DC2C}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{153C0A9B-3285-4D79-91A3-30000C7A4CC6}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{17BBF97E-3354-4751-912D-363CB4F870E4}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{1B683EFA-CF1A-423A-AE29-B24109E4CEC8}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{1BE35926-95C7-4D5A-AD29-5B3516F9EE39}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2A9A8CEC-EC3A-4AC6-B964-E69295521D27}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2E7DE9A1-D895-44DE-A076-4DE723DC35FC}" = dir=out | name=juniper networks junos pulse |
"{2F4A519C-ED32-4686-9A88-959858B6F1DA}" = dir=out | name=f5 vpn |
"{30B14B58-5EB2-4104-9400-BF8D9995AEA8}" = dir=out | name=windows_ie_ac_001 |
"{326FA5DC-AA13-4E5F-AB70-F8BE76693213}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{35338312-5030-412F-98C1-BAEAC92489FF}" = dir=out | name=check point vpn |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{4AEE60F0-55BE-4232-8FB8-2E275BC054E7}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{4E507C47-0D6D-45BD-9FD5-14EC74EDFAC4}" = protocol=6 | dir=out | app=system |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5BE787EA-56F8-4D0C-BDEB-C7C2F75769C8}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{65FEDCE3-337A-4E12-8838-DCCD176BBB78}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{66983F3E-6A5E-4616-8420-BEA49234BE57}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{674F2D31-110D-4A29-8B23-D7690764504A}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{6A8E4EF9-9CEA-4A01-8770-CA352BA03A0A}" = dir=out | name=windows_ie_ac_001 |
"{6BE45C68-BB99-45A9-91CC-77689879A30C}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{6D8ED801-33AF-45BC-A017-F44E4FD85D30}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{706BC8BF-1E93-4699-A419-9DB4EF113D7F}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{79F4EF1B-1393-40FB-8FD1-B6507C5D5CFB}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{7E2131C6-4AAE-4BC2-A25C-3BCE1C3AA4E4}" = dir=in | name=juniper networks junos pulse |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{82648ABE-E7FC-4C19-A2CB-B28D2B9C8970}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8BDFB5CB-F1B3-46DD-9C9A-750D2458061E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{91856C5A-2B84-4BFD-8442-BA42950A4D65}" = dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{937D3EEB-9C86-4DC3-B29B-0B98B864EC22}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{944CF0F6-499B-4434-AC56-4EAEA5958403}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{98819F71-5921-4CF5-91B4-773EAE416C7D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9F6911D7-863B-4EF2-81CB-3D4E21F1CF81}" = dir=in | name=sonicwall mobile connect |
"{A8A90415-43EE-4181-A57E-A5A8FB436510}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{ACC92292-75DD-49CE-B1E4-B804915C30FE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BB6E2B06-F20B-44B9-BD7C-979FFE9F30AD}" = dir=in | name=f5 vpn |
"{BFB6666A-69B1-4272-93F0-A8682379558A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{D4962ACF-BA99-4B0E-98E4-5F938C34A752}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{D52C0E5E-FFFE-4B39-9EA4-124DFF7460FB}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D6F573AE-B84E-4205-9EBD-635336F7EC8D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{E0CC4B5A-60B6-45A5-B640-E021DBB74B6D}" = dir=in | name=check point vpn |
"{E1703592-EBED-4CE5-820E-482EAD9FAB75}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E5D35252-68FF-41FB-BC2B-1ED1D4F3263E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EC494D50-B928-4DFE-BC8B-00970D9AE9F6}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{F5D2C006-65D4-4853-9CFB-B53C49146F5C}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FC983587-282E-4B18-8CB3-49A600655949}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{FEFAC799-B3EF-4A66-A996-D0096EAE6E08}" = dir=out | name=windows_ie_ac_001 |
"TCP Query User{19CF7877-8A6D-4DD7-A910-BD0C0FE24ECA}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{6503C387-7A8A-4E1B-9817-E387D14305A3}C:\games\fifa 14\game\fifa14.exe" = protocol=6 | dir=in | app=c:\games\fifa 14\game\fifa14.exe |
"UDP Query User{1A6DF472-ABBC-4BF7-842A-71E908FE93FF}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{EBBE81C1-7D15-4F7C-AD3E-AA36BD6F3AF3}C:\games\fifa 14\game\fifa14.exe" = protocol=17 | dir=in | app=c:\games\fifa 14\game\fifa14.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Packard Bell Recovery Management
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}" = Packard Bell Device Fast-lane
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8DF73A13-F54C-4CB3-B4AD-4375A2E8F4F8}" = VmciSockets
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Packard Bell Power Management
"{F0A7DF2F-0BE0-470F-B137-D7A19F977189}" = Broadcom Card Reader Driver Installer
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 11.6.16.003_WHQL
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WiFi Driver Installation
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.SingleImage_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.SingleImage_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0405-1000-0000000FF1CE}_Office14.SingleImage_{AB90513B-B892-41B5-8F8B-1D356A449652}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.SingleImage_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.SingleImage_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.SingleImage_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}" = Nero 12 Essentials OEM.a01
"{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}" = Nero RescueAgent
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}" = Nero BackItUp 12 Essentials OEM.a01
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E4754261-F0CD-4262-8372-1A92DDCC6103}" = Camtasia Studio 8
"{E70B2F2C-94D1-4287-B5B0-CBBE618E2652}" = Nero BackItUp
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avast" = avast! Free Antivirus
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"League of Legends 3.0.1" = League of Legends
"LManager" = Launch Manager
"Mozilla Firefox 25.0 (x86 cs)" = Mozilla Firefox 25.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NARA" = Norton Online Backup ARA
"Office14.SingleImage" = Microsoft Office Professional 2010
"RadioController" = Dritek Radio Controller
"Razer Game Booster_is1" = Razer Game Booster
"TeamSpeak 3 Client" = TeamSpeak 3 Client

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10. 11. 2013 12:55:01 | Computer Name = Empiik | Source = Application Error | ID = 1000
Description = Název chybující aplikace: updater.exe, verze: 2.0.3006.0, časové razítko:
0x5099e65d Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.16408, časové
razítko: 0x523d557d Kód výjimky: 0xe0434352 Posun chyby: 0x000000000000ab78 ID chybujícího
procesu: 0x2f8 Čas spuštění chybující aplikace: 0x01cede35732daded Cesta k chybující
aplikaci: C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe Cesta k chybujícímu
modulu: C:\WINDOWS\system32\KERNELBASE.dll ID zprávy: d600b7f3-4a28-11e3-beb5-b888e3b6ebd4
Úplný
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:

Error - 10. 11. 2013 17:22:13 | Computer Name = Empiik | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.3.9600.16408, časové
razítko: 0x523d251b Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 6.3.9600.16408,
časové razítko: 0x523d4b78 Kód výjimky: 0xc000027b Posun chyby: 0x0000000000a4f30a
ID
chybujícího procesu: 0x938 Čas spuštění chybující aplikace: 0x01cede5260728f5e Cesta
k chybující aplikaci: C:\WINDOWS\Explorer.EXE Cesta k chybujícímu modulu: C:\Windows\System32\Windows.UI.Xaml.dll
ID
zprávy: 2a5536b7-4a4e-11e3-beb6-b888e3b6ebd4 Úplný název chybujícího balíčku: ID
aplikace související s chybujícím balíčkem:

Error - 10. 11. 2013 17:59:20 | Computer Name = Empiik | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci winstore_cw5n1h2txyewy!Windows.Store se nepovedlo aktivovat,
protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 10. 11. 2013 17:59:38 | Computer Name = Empiik | Source = Application Hang | ID = 1002
Description = Program UNKNOWN verze 0.0.0.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: 118 Čas
spuštění: 01cede601b9aa0b4 Čas ukončení: 4294967295 Cesta k aplikaci: UNKNOWN ID hlášení:
62423ed7-4a53-11e3-beb7-b888e3b6ebd4 Úplný název chybujícího balíčku: winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy

ID
aplikace související s chybujícím balíčkem: Windows.Store

Error - 10. 11. 2013 17:59:40 | Computer Name = Empiik | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci winstore_cw5n1h2txyewy!Windows.Store se nepovedlo aktivovat,
protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 11. 11. 2013 9:55:52 | Computer Name = Empiik | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Aplikace winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy+Windows.Store
se nespustila ve stanovenou dobu.

Error - 11. 11. 2013 9:55:56 | Computer Name = Empiik | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci winstore_cw5n1h2txyewy!Windows.Store se nepovedlo aktivovat,
protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 11. 11. 2013 9:56:07 | Computer Name = Empiik | Source = Application Hang | ID = 1002
Description = Program WWAHost.exe verze 6.3.9600.16384 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 1010 Čas spuštění: 01cedee5b2ec5842 Čas ukončení: 4294967295 Cesta k aplikaci:
C:\Windows\System32\WWAHost.exe ID hlášení: fb265013-4ad8-11e3-beb7-b888e3b6ebd4

Úplný
název chybujícího balíčku: winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy ID aplikace
související s chybujícím balíčkem: Windows.Store

Error - 11. 11. 2013 10:13:08 | Computer Name = Empiik | Source = VSS | ID = 8193
Description =

Error - 11. 11. 2013 10:21:42 | Computer Name = Empiik | Source = Chrome | ID = 1
Description =

Error - 11. 11. 2013 11:50:44 | Computer Name = Empiik | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mbam.exe, verze: 1.75.0.1, časové razítko:
0x511f8eb2 Název chybujícího modulu: MSVBVM60.DLL, verze: 6.0.98.15, časové razítko:
0x49b01fc3 Kód výjimky: 0xc0000005 Posun chyby: 0x00009197 ID chybujícího procesu:
0x1488 Čas spuštění chybující aplikace: 0x01cedef5bc0b2e8a Cesta k chybující aplikaci:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe Cesta k chybujícímu modulu:
C:\WINDOWS\SYSTEM32\MSVBVM60.DLL ID zprávy: 05f7a1fc-4ae9-11e3-beb8-b888e3b6ebd4
Úplný
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:

[ System Events ]
Error - 10. 11. 2013 12:41:44 | Computer Name = Empiik | Source = DCOM | ID = 10016
Description =

Error - 10. 11. 2013 12:42:20 | Computer Name = Empiik | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x800f0841): Aktualizace systému Windows 8.1 pro systémy s procesorem
x64 (KB2901549).

Error - 10. 11. 2013 12:53:17 | Computer Name = Empiik | Source = Ntfs | ID = 55
Description = Ve struktuře systému souborů na svazku C: bylo zjištěno poškození.

Přesná
povaha poškození není známa. Je potřeba zkontrolovat a opravit struktury systému
souborů v online režimu.

Error - 10. 11. 2013 14:57:45 | Computer Name = Empiik | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby NIS bylo dosaženo časového limitu
(30000 ms).

Error - 10. 11. 2013 15:05:08 | Computer Name = Empiik | Source = Service Control Manager | ID = 7030
Description = Služba avast! Antivirus je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 10. 11. 2013 16:19:05 | Computer Name = Empiik | Source = DCOM | ID = 10010
Description =

Error - 10. 11. 2013 16:19:05 | Computer Name = Empiik | Source = DCOM | ID = 10010
Description =

Error - 10. 11. 2013 16:25:14 | Computer Name = Empiik | Source = Service Control Manager | ID = 7022
Description = Služba Windows Search přestala během spouštění reagovat.

Error - 10. 11. 2013 16:26:37 | Computer Name = Empiik | Source = Service Control Manager | ID = 7022
Description = Služba Windows Search přestala během spouštění reagovat.

Error - 10. 11. 2013 16:26:37 | Computer Name = Empiik | Source = Service Control Manager | ID = 7001
Description = Služba Služba Windows Media Player Network Sharing závisí na službě
Windows Search, která neuspěla při spuštění v důsledku následující chyby: %%1070


< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV:64bit: - [2012/05/26 01:56:14 | 000,168,608 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NARAx64\0401000.00E\ccSetx64.sys -- (ccSet_NARA)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {5ED96990-4810-4F04-9E5F-1B897391C0A0}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{5ED96990-4810-4F04-9E5F-1B897391C0A0}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{5ED96990-4810-4F04-9E5F-1B897391C0A0}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{FE24DC42-D4C7-4C6B-9229-6BB265F6D679}: "URL" = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
FF - prefs.js..extensions.enabledAddons: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:8.5.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll File not found
[2013/11/11 15:34:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman\AppData\Roaming\mozilla\Extensions
[2013/11/11 15:35:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman\AppData\Roaming\mozilla\Firefox\Profiles\c5r8i9aw.default\extensions
[2013/11/11 15:28:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
O4 - HKLM..\Run: [LManager] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O33 - MountPoints2\{4b7445f5-60d1-11e2-be69-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4b7445f5-60d1-11e2-be69-806e6f6e6963}\Shell\AutoRun\command - "" = "D:\setup.exe"
[2013/11/11 15:17:48 | 000,742,608 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2013/11/11 15:17:48 | 000,725,160 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013/11/11 15:17:48 | 000,152,820 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2013/11/11 15:17:48 | 000,136,802 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:9638A27E

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\found.003
C:\found.002
C:\found.001
C:\found.000
C:\Users\Roman\AppData\Local\xc341db93fc3c3195
C:\Program Files (x86)\Symantec
C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Windows\SysNative\drivers\NARAx64\0401000.00E\ccSetx64.sys

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[Empiik]

Dokončil jsem to resetnul se počítač a log nikde jen to vytvořilo 4 Soubory na ploše 2x Desktop.ini a photothumbs.bd a Thumbs.bd ale log nikde..