Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Modrá Smrt - černá obrazovka a restart
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Re: Modrá Smrt - černá obrazovka a restart
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by R at 2014-04-05 23:26:50 Run:1
Running from C:\Users\R\Desktop\FRST
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
S1 tgabgvnb; No ImagePath
S1 twprlugc; No ImagePath
S1 tzmeppsq; No ImagePath
S1 ufktitac; No ImagePath
S1 scjuwzdg; No ImagePath
S1 nvagnqts; No ImagePath
S1 blmrinyk; No ImagePath
S1 crhazelt; No ImagePath
S1 ehjpujev; No ImagePath
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S1 kpcvdoxk; No ImagePath
C:\Program Files\Enigma Software Group\SpyHunter
CHR Extension: (Ads Removal) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-25]
CHR Extension: (No Name) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod [2014-01-03]
CHR Extension: (Skype Click to Call) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-03-22]
CHR Extension: (PenĂ„ĂË€şÄąÄľenka Google) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
SearchScopes: HKLM - {5F3F9639-E5E6-4C72-92D2-32A40E19016D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKCU - 9665500415544EE59F4093BA1D2C27F8 URL = http://search.yahoo.com/search?fr=chr-g ... =198484&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Run: [1a92553fc3706c469bd5c78793b2aa21] - "C:\Users\R\AppData\Local\Temp\FlashPlayerPlugin_11_9_900_117.exe"
C:\Users\R\AppData\Local\Temp\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\Tasks\ImCleanDisabled
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0C
C:\Program Files\LockHunter
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\R\AppData\Local\SCE
C:\ProgramData\wavav0bdtzbtb43b.bat
C:\ProgramData\wavav0bdtzbtb43b.reg
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
*****************
tgabgvnb => Service deleted successfully.
twprlugc => Service deleted successfully.
tzmeppsq => Service deleted successfully.
ufktitac => Service deleted successfully.
scjuwzdg => Service deleted successfully.
nvagnqts => Service deleted successfully.
blmrinyk => Service deleted successfully.
crhazelt => Service deleted successfully.
ehjpujev => Service deleted successfully.
esgiguard => Service deleted successfully.
kpcvdoxk => Service deleted successfully.
C:\Program Files\Enigma Software Group\SpyHunter => Moved successfully.
C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen => Moved successfully.
C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod => Moved successfully.
C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5F3F9639-E5E6-4C72-92D2-32A40E19016D} => Key deleted successfully.
HKCR\CLSID\{5F3F9639-E5E6-4C72-92D2-32A40E19016D} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\9665500415544EE59F4093BA1D2C27F8 => Key deleted successfully.
HKCR\CLSID\9665500415544EE59F4093BA1D2C27F8 => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-93735815-1299707322-140628041-1000\Software\Microsoft\Windows\CurrentVersion\Run\\1a92553fc3706c469bd5c78793b2aa21 => Value deleted successfully.
"C:\Users\R\AppData\Local\Temp\FlashPlayerPlugin_11_9_900_117.exe" => File/Directory not found.
C:\Windows\Tasks\ImCleanDisabled => Moved successfully.
"C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0C" => File/Directory not found.
C:\Program Files\LockHunter => Moved successfully.
C:\ProgramData\IObit => Moved successfully.
C:\ProgramData\ProductData => Moved successfully.
C:\Users\R\AppData\Local\SCE => Moved successfully.
C:\ProgramData\wavav0bdtzbtb43b.bat => Moved successfully.
C:\ProgramData\wavav0bdtzbtb43b.reg => Moved successfully.
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 => Moved successfully.
==== End of Fixlog ====
Ran by R at 2014-04-05 23:26:50 Run:1
Running from C:\Users\R\Desktop\FRST
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
S1 tgabgvnb; No ImagePath
S1 twprlugc; No ImagePath
S1 tzmeppsq; No ImagePath
S1 ufktitac; No ImagePath
S1 scjuwzdg; No ImagePath
S1 nvagnqts; No ImagePath
S1 blmrinyk; No ImagePath
S1 crhazelt; No ImagePath
S1 ehjpujev; No ImagePath
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S1 kpcvdoxk; No ImagePath
C:\Program Files\Enigma Software Group\SpyHunter
CHR Extension: (Ads Removal) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-25]
CHR Extension: (No Name) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod [2014-01-03]
CHR Extension: (Skype Click to Call) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-03-22]
CHR Extension: (PenĂ„ĂË€şÄąÄľenka Google) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
SearchScopes: HKLM - {5F3F9639-E5E6-4C72-92D2-32A40E19016D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKCU - 9665500415544EE59F4093BA1D2C27F8 URL = http://search.yahoo.com/search?fr=chr-g ... =198484&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Run: [1a92553fc3706c469bd5c78793b2aa21] - "C:\Users\R\AppData\Local\Temp\FlashPlayerPlugin_11_9_900_117.exe"
C:\Users\R\AppData\Local\Temp\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\Tasks\ImCleanDisabled
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0C
C:\Program Files\LockHunter
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\R\AppData\Local\SCE
C:\ProgramData\wavav0bdtzbtb43b.bat
C:\ProgramData\wavav0bdtzbtb43b.reg
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
*****************
tgabgvnb => Service deleted successfully.
twprlugc => Service deleted successfully.
tzmeppsq => Service deleted successfully.
ufktitac => Service deleted successfully.
scjuwzdg => Service deleted successfully.
nvagnqts => Service deleted successfully.
blmrinyk => Service deleted successfully.
crhazelt => Service deleted successfully.
ehjpujev => Service deleted successfully.
esgiguard => Service deleted successfully.
kpcvdoxk => Service deleted successfully.
C:\Program Files\Enigma Software Group\SpyHunter => Moved successfully.
C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen => Moved successfully.
C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod => Moved successfully.
C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5F3F9639-E5E6-4C72-92D2-32A40E19016D} => Key deleted successfully.
HKCR\CLSID\{5F3F9639-E5E6-4C72-92D2-32A40E19016D} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\9665500415544EE59F4093BA1D2C27F8 => Key deleted successfully.
HKCR\CLSID\9665500415544EE59F4093BA1D2C27F8 => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-93735815-1299707322-140628041-1000\Software\Microsoft\Windows\CurrentVersion\Run\\1a92553fc3706c469bd5c78793b2aa21 => Value deleted successfully.
"C:\Users\R\AppData\Local\Temp\FlashPlayerPlugin_11_9_900_117.exe" => File/Directory not found.
C:\Windows\Tasks\ImCleanDisabled => Moved successfully.
"C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0C" => File/Directory not found.
C:\Program Files\LockHunter => Moved successfully.
C:\ProgramData\IObit => Moved successfully.
C:\ProgramData\ProductData => Moved successfully.
C:\Users\R\AppData\Local\SCE => Moved successfully.
C:\ProgramData\wavav0bdtzbtb43b.bat => Moved successfully.
C:\ProgramData\wavav0bdtzbtb43b.reg => Moved successfully.
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 => Moved successfully.
==== End of Fixlog ====
Re: Modrá Smrt - černá obrazovka a restart
Vyčištěte přes ccleaner registry, tempy, restart pc a nový log z Frst.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Modrá Smrt - černá obrazovka a restart
Stále scannuje, mezitím chtěl bych se vás zeptat jestli můžete doporučit antivir Avast free, začal jsem ho nyní používat a zdá se mi lepší než AVGčko free, které jsem měl do teď, je to pouze mé zdání nebo je opravdu lepší a není to takové "Sejto" na Freečkový antivir ?
A ještě bych se zeptal, jestli by jste mi neporadila jak co nejlépe vyčistit počítač od přebytečných složek a souborů - Například Cčko má 900GB hdd z toho je tak 200 Gb věcí o kterých vím = Hry, filmy atd. Ale kam se strácí těch dalších 600 GB je mi záhadou... Jestli třeba není nějaký "čistič", který by mi ukázal kde jaká složka zabírá tolik a tolik místa abych měl to čištění usnadněné, mám teď pár dní volno tak se do toho pustím a dám si ho do pořádku
A ještě bych se zeptal, jestli by jste mi neporadila jak co nejlépe vyčistit počítač od přebytečných složek a souborů - Například Cčko má 900GB hdd z toho je tak 200 Gb věcí o kterých vím = Hry, filmy atd. Ale kam se strácí těch dalších 600 GB je mi záhadou... Jestli třeba není nějaký "čistič", který by mi ukázal kde jaká složka zabírá tolik a tolik místa abych měl to čištění usnadněné, mám teď pár dní volno tak se do toho pustím a dám si ho do pořádku
Re: Modrá Smrt - černá obrazovka a restart
Avast free sama používám, jako free antivir tu doporučujeme . Avg tu nemáme rádi .
Teď po našem čištění se velikost disku nezmenšila? Přiznám se, že žádný program, který by Vám ukázav velikosti složek neznám, snad jen nějaký total comander . Ale na vyčištění tempů by měl stačit ccleaner, a pokud jste zkušenější uživatel, můžete si zapnout skryté soubory a složky a smazat složky od programů, které už máte odinstalované.
Potom, až skončíme s čištěním, vypněte obnovu systému, restart pc, a zase zapnout. Tím se smažou staré body obnovy, mohou Vám také zabírat spoustu místa.
Teď po našem čištění se velikost disku nezmenšila? Přiznám se, že žádný program, který by Vám ukázav velikosti složek neznám, snad jen nějaký total comander . Ale na vyčištění tempů by měl stačit ccleaner, a pokud jste zkušenější uživatel, můžete si zapnout skryté soubory a složky a smazat složky od programů, které už máte odinstalované.
Potom, až skončíme s čištěním, vypněte obnovu systému, restart pc, a zase zapnout. Tím se smažou staré body obnovy, mohou Vám také zabírat spoustu místa.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Modrá Smrt - černá obrazovka a restart
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by R (administrator) on R-HP on 05-04-2014 23:37:05
Running from C:\Users\R\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [NeroFilterCheck] - C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-25] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Run: [CreativeTaskScheduler] - C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd)
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: J - J:\LaunchU3.exe -a
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: K - K:\LaunchU3.exe -a
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: L - L:\LaunchU3.exe -a
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: {73eafd82-3873-11e1-afaa-e06995d0fdb8} - J:\launcher.exe
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: {be5fc397-3096-11e1-987d-e06995d0fdb8} - M:\ZTE_Handset_USB_Driver.exe
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: {dcf14671-d57b-11e0-874d-e06995d0fdb8} - K:\LaunchU3.exe -a
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: {ff09786f-eb4b-11e0-80f3-e06995d0fdb8} - J:\INSTALL.EXE
==================== Internet (Whitelisted) ====================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-08-16] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A4748267-3642-46B9-BBD0-D6D8B7A0A1FE}: [NameServer]8.8.8.8,8.8.4.4
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-22]
CHR Extension: (Google Drive) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-22]
CHR Extension: (YouTube) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-22]
CHR Extension: (Google Search) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-22]
CHR Extension: (Gmail) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-22]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\R\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2013-05-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
==================== Services (Whitelisted) =================
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4390376 2011-07-17] (INCA Internet Co., Ltd.)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-09-01] ()
S2 pr2agqwb; C:\Windows\system32\pr2agqwb.exe [777576 2007-11-14] (Cyanide)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; winhttp.dll [X]
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-01-07] (DT Soft Ltd)
S3 dump_wmimmc; No ImagePath
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2014-02-26] (Intel Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2004-12-31] (INCA Internet Co., Ltd.)
R0 pe3agqwb; C:\Windows\System32\drivers\pe3agqwb.sys [72296 2007-11-14] (Cyanide)
R0 ps7agqwb; C:\Windows\System32\drivers\ps7agqwb.sys [102000 2007-11-14] (Cyanide)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () <===== ATTENTION Necurs Rootkit?
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 cpuz136; \??\C:\Users\R\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-05 23:35 - 2014-04-05 23:35 - 05003552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-05 23:35 - 2014-04-05 23:35 - 00000056 _____ () C:\Windows\setupact.log
2014-04-05 23:35 - 2014-04-05 23:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-05 23:30 - 2014-04-05 23:35 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-05 23:25 - 2014-04-05 23:36 - 00000000 ____D () C:\Users\R\Desktop\FRST
2014-04-05 22:56 - 2014-04-05 22:56 - 00044273 _____ () C:\Users\R\Desktop\Addition.txt
2014-04-05 22:46 - 2014-04-05 23:37 - 00011520 _____ () C:\Users\R\Desktop\FRST.txt
2014-04-05 22:45 - 2014-04-05 23:37 - 00000000 ____D () C:\FRST
2014-04-05 22:45 - 2014-04-05 22:45 - 02157056 _____ (Farbar) C:\Users\R\Desktop\FRST64.exe
2014-04-05 22:23 - 2014-04-05 22:23 - 00000000 ____D () C:\_OTL
2014-04-05 22:00 - 2014-04-05 22:00 - 00000000 ____D () C:\Qoobox
2014-04-05 21:59 - 2014-04-05 21:59 - 05193579 ____R (Swearware) C:\Users\R\Desktop\ComboFix.exe
2014-04-05 21:59 - 2014-04-05 21:59 - 00000000 ____D () C:\Windows\erdnt
2014-04-05 21:57 - 2014-04-05 21:58 - 00003172 _____ () C:\Users\R\Desktop\Rkill.txt
2014-04-05 21:57 - 2014-04-05 21:57 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\R\Desktop\rkill.exe
2014-04-05 21:55 - 2014-04-05 21:55 - 00000512 _____ () C:\PhysicalMBR.bin
2014-04-05 21:53 - 2014-04-05 21:53 - 00602112 _____ (OldTimer Tools) C:\Users\R\Desktop\OTL.exe
2014-04-05 21:08 - 2014-04-05 21:08 - 00014465 _____ () C:\Users\R\Desktop\AdwCleaner[R0].txt
2014-04-05 21:04 - 2014-04-05 21:09 - 00000000 ____D () C:\AdwCleaner
2014-04-05 20:54 - 2014-04-05 20:54 - 01426178 _____ () C:\Users\R\Desktop\AdwCleaner.exe
2014-04-05 20:54 - 2014-04-05 20:54 - 01038974 _____ (Thisisu) C:\Users\R\Desktop\JRT.exe
2014-04-05 15:50 - 2014-04-05 16:31 - 736506338 _____ () C:\Users\R\Desktop\Vrána=1994-Akční-DVD-CZ.avi
2014-04-05 01:05 - 2014-04-05 01:05 - 00165888 _____ () C:\Users\R\Documents\T-Cleaner.exe
2014-04-04 22:28 - 2014-04-04 22:41 - 123185915 _____ () C:\Users\R\Desktop\Duch-=1990-Romantický-DVD-CZ.avi
2014-04-04 22:24 - 2014-04-04 22:28 - 21942207 _____ () C:\Users\R\Desktop\Carrie-(2013)-Novinka-CZ-dabing-Drama-Horor-Mysteriozní-výborná-BDRip-kvalita-.MEMRC123..avi
2014-04-04 21:49 - 2014-04-04 22:08 - 351481856 _____ () C:\Users\R\Desktop\Hannah-Montana-1x01---Lilly,-chces-znat-tajemstvi-.avi
2014-04-03 23:43 - 2014-04-03 23:58 - 286788548 _____ () C:\Users\R\Desktop\Lord-Ryolith-HC-3.4.2014.mp4
2014-04-03 21:12 - 2014-04-03 21:53 - 731565116 _____ () C:\Users\R\Desktop\Deník-princezny.CZ-dab.Mikky.avi
2014-04-03 16:21 - 2014-04-03 16:21 - 00000000 _____ () C:\Users\R\Desktop\fl hc.txt
2014-04-02 17:07 - 2014-04-02 17:08 - 00000000 ____D () C:\Users\R\Desktop\Nová složka (3)
2014-04-01 19:07 - 2014-04-01 19:53 - 828302680 _____ () C:\Users\R\Desktop\Farma-smrti-cz-[natu3].avi
2014-04-01 10:37 - 2014-04-01 10:37 - 00009216 _____ () C:\Users\R\Documents\cc_20140401_103749.reg
2014-04-01 10:08 - 2014-04-05 01:07 - 00000000 _____ () C:\SRStatus2.txt
2014-03-31 23:43 - 2014-03-31 23:43 - 00008585 _____ () C:\Users\R\Desktop\mbam.txt
2014-03-31 23:13 - 2014-04-01 10:44 - 00000115 _____ () C:\Users\R\Desktop\Nový textový dokument.txt
2014-03-31 21:35 - 2014-03-31 21:35 - 00001100 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-31 21:35 - 2014-03-31 21:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-31 21:35 - 2014-03-05 09:32 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-31 21:35 - 2014-03-05 09:32 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-31 21:35 - 2014-03-05 09:32 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 21:34 - 2014-03-31 21:34 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\R\Desktop\mbam-setup-1.75.0.1300.exe
2014-03-31 21:32 - 2014-04-05 23:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-31 21:31 - 2014-03-31 21:31 - 17523520 _____ (Malwarebytes Corporation ) C:\Users\R\Desktop\mbam-setup.exe
2014-03-31 18:35 - 2014-03-31 19:44 - 1248584811 _____ () C:\Users\R\Desktop\NOVÁ-DCERA-CZ-dabing-Thriller-Horor-(2009)-s-KCostnerom.wmv
2014-03-31 16:59 - 2014-03-31 16:59 - 00000000 _____ () C:\Users\R\Desktop\OSType.txt
2014-03-31 12:27 - 2014-04-05 22:04 - 00000000 ___SD () C:\32788R22FWJFW
2014-03-31 03:22 - 2014-03-31 03:24 - 00000000 ____D () C:\Users\R\Desktop\flashka
2014-03-31 03:19 - 2014-03-31 03:27 - 00000000 ____D () C:\Users\R\Desktop\nova
2014-03-30 21:44 - 2014-03-30 21:44 - 00004450 _____ () C:\Users\test\Desktop\RKreport[0]_D_03302014_214412.txt
2014-03-30 21:43 - 2014-03-30 21:43 - 00004360 _____ () C:\Users\test\Desktop\RKreport[0]_S_03302014_214326.txt
2014-03-30 21:33 - 2014-03-30 21:55 - 00000000 ____D () C:\Users\test\Desktop\RK_Quarantine
2014-03-30 21:30 - 2014-03-30 21:31 - 03972608 _____ () C:\Users\test\Downloads\RogueKiller.exe
2014-03-30 20:19 - 2014-03-30 20:20 - 00000000 ____D () C:\Users\R\Desktop\plocha
2014-03-30 20:17 - 2014-03-30 20:17 - 00004466 _____ () C:\Users\test\Documents\cc_20140330_201736.reg
2014-03-30 17:56 - 2014-03-30 17:56 - 00000000 ____D () C:\Users\test\AppData\Roaming\Malwarebytes
2014-03-30 17:55 - 2014-03-30 17:55 - 00000000 ____D () C:\Users\test\AppData\Roaming\AVAST Software
2014-03-30 17:41 - 2014-03-30 17:58 - 3201380352 _____ () C:\Users\R\AppData\Roaming\tmp.tmp
2014-03-30 17:38 - 2014-03-30 17:38 - 00012999 _____ () C:\Users\R\Documents\hijackthis.log
2014-03-30 16:38 - 2014-03-31 21:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-30 16:38 - 2014-03-30 19:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-30 16:38 - 2014-03-30 16:38 - 00000000 ____D () C:\Users\R\AppData\Roaming\Malwarebytes
2014-03-30 01:40 - 2014-03-30 01:40 - 00000000 ____D () C:\Users\R\AppData\Roaming\AVAST Software
2014-03-30 01:38 - 2014-03-30 01:38 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-29 17:29 - 2014-03-29 19:07 - 833394688 _____ () C:\Users\R\Documents\PAN-DOMU---CZ-dvdrip.avi
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\Users\R\AppData\Local\VS Revo Group
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-29 05:36 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-03-29 05:33 - 2014-03-29 05:33 - 00000000 ____D () C:\Users\R\AppData\Roaming\Flashmedia
2014-03-29 02:03 - 2014-03-29 02:03 - 00002525 _____ () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk
2014-03-27 17:05 - 2014-04-03 17:09 - 00000000 ____D () C:\Users\R\Desktop\Nová složka (2)
2014-03-19 22:21 - 2014-03-19 22:21 - 02815713 _____ () C:\Users\R\Documents\Bez názvu.wma
2014-03-19 16:30 - 2014-03-19 16:30 - 00000000 ____D () C:\ProgramData\Steam
2014-03-19 16:07 - 2014-03-19 16:07 - 00000000 ____D () C:\Program Files (x86)\Total War Rome II CZ
2014-03-17 05:46 - 2014-03-17 05:46 - 00000000 ____D () C:\Users\R\Documents\LucasArts
2014-03-17 05:46 - 2014-03-17 05:46 - 00000000 ____D () C:\Users\R\AppData\Local\LucasArts
2014-03-17 01:27 - 2014-03-17 01:27 - 00000000 ____D () C:\Program Files (x86)\LucasArts
2014-03-17 00:44 - 2014-04-04 21:39 - 00000000 ____D () C:\Users\R\Desktop\afsafs
2014-03-16 20:16 - 2014-03-16 20:17 - 00000000 ____D () C:\Users\R\Desktop\Maturitní ples 2POA
2014-03-16 18:29 - 2014-03-16 18:35 - 736757760 _____ () C:\Users\R\Documents\KOPACKY-2008-KOMEDIE-CZ-DABING.avi
2014-03-16 15:32 - 2014-03-16 15:37 - 774180380 _____ () C:\Users\R\Documents\Silent-Hill-2006.CZ-dab.avi
2014-03-13 06:01 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 06:01 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 06:01 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 06:01 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 06:01 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 06:01 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 06:01 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 06:01 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 06:01 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 06:01 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 06:01 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 06:01 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 06:01 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 06:01 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 06:01 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 06:01 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 06:01 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 06:01 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 06:01 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 06:01 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 06:01 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 06:01 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 06:01 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 06:01 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 06:01 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 06:01 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 06:01 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 06:01 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 06:01 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 06:01 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 06:01 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 06:01 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 06:01 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 06:01 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 06:01 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 06:01 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 06:01 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 06:01 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 06:01 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 06:01 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 06:01 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 06:01 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 06:01 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 06:01 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 06:00 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 06:00 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 06:00 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 06:00 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-09 23:04 - 2014-03-09 23:04 - 00044752 _____ () C:\Users\R\Downloads\stažený soubor (4).htm
2014-03-09 22:48 - 2014-03-09 22:48 - 00044518 _____ () C:\Users\R\Downloads\stažený soubor (3).htm
2014-03-09 22:48 - 2014-03-09 22:48 - 00044518 _____ () C:\Users\R\Downloads\stažený soubor (2).htm
2014-03-09 22:43 - 2014-03-09 22:43 - 00058450 _____ () C:\Users\R\Downloads\viewforum (4).htm
2014-03-09 22:34 - 2014-03-09 22:34 - 00031929 _____ () C:\Users\R\Downloads\stažený soubor (1).htm
2014-03-09 22:34 - 2014-03-09 22:34 - 00013767 _____ () C:\Users\R\Downloads\forum (1).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00031070 _____ () C:\Users\R\Downloads\viewforum.htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (3).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (2).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (1).htm
2014-03-09 16:06 - 2014-03-09 16:06 - 00042188 _____ () C:\Users\R\Downloads\stažený soubor.htm
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (6).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (5).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (4).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (3).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (2).php
2014-03-09 14:03 - 2014-03-09 14:03 - 00041975 _____ () C:\Users\R\Downloads\index.php
2014-03-09 14:03 - 2014-03-09 14:03 - 00041975 _____ () C:\Users\R\Downloads\index (1).php
2014-03-09 01:16 - 2014-03-09 01:16 - 00956137 _____ () C:\Users\R\Downloads\pc_budik_2012.zip
2014-03-09 01:16 - 2014-03-09 01:16 - 00956137 _____ () C:\Users\R\Downloads\pc_budik_2012 (1).zip
2014-03-07 12:38 - 2014-03-07 12:38 - 00048406 _____ () C:\Users\R\Downloads\viewtopic (1).htm
2014-03-06 20:43 - 2014-03-06 20:43 - 00042627 _____ () C:\Users\R\Downloads\viewtopic.htm
2014-03-06 19:26 - 2014-03-06 19:26 - 00013767 _____ () C:\Users\R\Downloads\forum.htm
==================== One Month Modified Files and Folders =======
2014-04-05 23:37 - 2014-04-05 22:46 - 00011520 _____ () C:\Users\R\Desktop\FRST.txt
2014-04-05 23:37 - 2014-04-05 22:45 - 00000000 ____D () C:\FRST
2014-04-05 23:36 - 2014-04-05 23:25 - 00000000 ____D () C:\Users\R\Desktop\FRST
2014-04-05 23:36 - 2014-03-31 21:32 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 23:36 - 2011-09-19 02:00 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-05 23:36 - 2011-08-16 13:32 - 00000000 ____D () C:\ProgramData\PDFC
2014-04-05 23:35 - 2014-04-05 23:35 - 05003552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-05 23:35 - 2014-04-05 23:35 - 00000056 _____ () C:\Windows\setupact.log
2014-04-05 23:35 - 2014-04-05 23:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-05 23:35 - 2014-04-05 23:30 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-05 23:35 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-05 23:35 - 2009-07-14 06:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-05 23:32 - 2011-08-16 13:04 - 00737120 _____ () C:\Windows\system32\perfh005.dat
2014-04-05 23:32 - 2011-08-16 13:04 - 00166810 _____ () C:\Windows\system32\perfc005.dat
2014-04-05 23:32 - 2009-07-14 07:13 - 01775876 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-05 23:26 - 2013-06-03 22:15 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-05 23:26 - 2011-09-19 02:00 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-05 23:24 - 2012-04-16 19:11 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-05 23:24 - 2012-04-16 19:11 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-04-05 22:56 - 2014-04-05 22:56 - 00044273 _____ () C:\Users\R\Desktop\Addition.txt
2014-04-05 22:45 - 2014-04-05 22:45 - 02157056 _____ (Farbar) C:\Users\R\Desktop\FRST64.exe
2014-04-05 22:39 - 2012-06-25 10:10 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-05 22:26 - 2011-09-02 18:09 - 00000000 ____D () C:\Users\R\AppData\Roaming\Skype
2014-04-05 22:23 - 2014-04-05 22:23 - 00000000 ____D () C:\_OTL
2014-04-05 22:23 - 2013-05-30 12:23 - 00000000 ___RD () C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-05 22:23 - 2011-09-02 18:03 - 00000000 ___RD () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-05 22:04 - 2014-03-31 12:27 - 00000000 ___SD () C:\32788R22FWJFW
2014-04-05 22:00 - 2014-04-05 22:00 - 00000000 ____D () C:\Qoobox
2014-04-05 21:59 - 2014-04-05 21:59 - 05193579 ____R (Swearware) C:\Users\R\Desktop\ComboFix.exe
2014-04-05 21:59 - 2014-04-05 21:59 - 00000000 ____D () C:\Windows\erdnt
2014-04-05 21:58 - 2014-04-05 21:57 - 00003172 _____ () C:\Users\R\Desktop\Rkill.txt
2014-04-05 21:57 - 2014-04-05 21:57 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\R\Desktop\rkill.exe
2014-04-05 21:55 - 2014-04-05 21:55 - 00000512 _____ () C:\PhysicalMBR.bin
2014-04-05 21:53 - 2014-04-05 21:53 - 00602112 _____ (OldTimer Tools) C:\Users\R\Desktop\OTL.exe
2014-04-05 21:09 - 2014-04-05 21:04 - 00000000 ____D () C:\AdwCleaner
2014-04-05 21:09 - 2012-08-15 23:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-05 21:09 - 2011-11-17 17:52 - 00000000 ____D () C:\ProgramData\ICQ
2014-04-05 21:08 - 2014-04-05 21:08 - 00014465 _____ () C:\Users\R\Desktop\AdwCleaner[R0].txt
2014-04-05 20:54 - 2014-04-05 20:54 - 01426178 _____ () C:\Users\R\Desktop\AdwCleaner.exe
2014-04-05 20:54 - 2014-04-05 20:54 - 01038974 _____ (Thisisu) C:\Users\R\Desktop\JRT.exe
2014-04-05 18:27 - 2011-09-09 23:44 - 00000000 ____D () C:\Users\R\AppData\Roaming\TS3Client
2014-04-05 16:31 - 2014-04-05 15:50 - 736506338 _____ () C:\Users\R\Desktop\Vrána=1994-Akční-DVD-CZ.avi
2014-04-05 01:16 - 2014-03-01 19:11 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-04-05 01:09 - 2011-09-21 00:53 - 00000000 ____D () C:\Users\R\AppData\Roaming\Media Player Classic
2014-04-05 01:07 - 2014-04-01 10:08 - 00000000 _____ () C:\SRStatus2.txt
2014-04-05 01:07 - 2011-09-02 17:55 - 00000000 ____D () C:\Users\R
2014-04-05 01:05 - 2014-04-05 01:05 - 00165888 _____ () C:\Users\R\Documents\T-Cleaner.exe
2014-04-05 01:05 - 2012-12-30 17:36 - 00000000 ____D () C:\Users\R\Documents\The KMPlayer
2014-04-04 22:41 - 2014-04-04 22:28 - 123185915 _____ () C:\Users\R\Desktop\Duch-=1990-Romantický-DVD-CZ.avi
2014-04-04 22:28 - 2014-04-04 22:24 - 21942207 _____ () C:\Users\R\Desktop\Carrie-(2013)-Novinka-CZ-dabing-Drama-Horor-Mysteriozní-výborná-BDRip-kvalita-.MEMRC123..avi
2014-04-04 22:08 - 2014-04-04 21:49 - 351481856 _____ () C:\Users\R\Desktop\Hannah-Montana-1x01---Lilly,-chces-znat-tajemstvi-.avi
2014-04-04 21:39 - 2014-03-17 00:44 - 00000000 ____D () C:\Users\R\Desktop\afsafs
2014-04-04 18:32 - 2012-11-10 09:54 - 00000316 _____ () C:\Windows\Tasks\HPCeeScheduleForR.job
2014-04-04 02:45 - 2012-11-10 09:54 - 00003162 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForR
2014-04-04 02:45 - 2011-11-05 15:04 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-04-04 02:45 - 2011-09-10 09:40 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-04-04 02:44 - 2011-09-10 09:33 - 00000000 ____D () C:\Users\R\AppData\Roaming\HP Support Assistant
2014-04-04 02:44 - 2011-09-03 20:41 - 00000000 ____D () C:\Users\R\AppData\Roaming\HpUpdate
2014-04-03 23:58 - 2014-04-03 23:43 - 286788548 _____ () C:\Users\R\Desktop\Lord-Ryolith-HC-3.4.2014.mp4
2014-04-03 21:53 - 2014-04-03 21:12 - 731565116 _____ () C:\Users\R\Desktop\Deník-princezny.CZ-dab.Mikky.avi
2014-04-03 17:17 - 2013-09-22 23:39 - 00000000 ____D () C:\Users\R\AppData\Roaming\Spotify
2014-04-03 17:09 - 2014-03-27 17:05 - 00000000 ____D () C:\Users\R\Desktop\Nová složka (2)
2014-04-03 16:21 - 2014-04-03 16:21 - 00000000 _____ () C:\Users\R\Desktop\fl hc.txt
2014-04-02 17:08 - 2014-04-02 17:07 - 00000000 ____D () C:\Users\R\Desktop\Nová složka (3)
2014-04-02 01:29 - 2013-09-22 23:40 - 00000000 ____D () C:\Users\R\AppData\Local\Spotify
2014-04-01 19:53 - 2014-04-01 19:07 - 828302680 _____ () C:\Users\R\Desktop\Farma-smrti-cz-[natu3].avi
2014-04-01 10:44 - 2014-03-31 23:13 - 00000115 _____ () C:\Users\R\Desktop\Nový textový dokument.txt
2014-04-01 10:37 - 2014-04-01 10:37 - 00009216 _____ () C:\Users\R\Documents\cc_20140401_103749.reg
2014-03-31 23:43 - 2014-03-31 23:43 - 00008585 _____ () C:\Users\R\Desktop\mbam.txt
2014-03-31 21:35 - 2014-03-31 21:35 - 00001100 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-31 21:35 - 2014-03-31 21:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-31 21:34 - 2014-03-31 21:34 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\R\Desktop\mbam-setup-1.75.0.1300.exe
2014-03-31 21:32 - 2014-03-30 16:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-31 21:31 - 2014-03-31 21:31 - 17523520 _____ (Malwarebytes Corporation ) C:\Users\R\Desktop\mbam-setup.exe
2014-03-31 19:44 - 2014-03-31 18:35 - 1248584811 _____ () C:\Users\R\Desktop\NOVÁ-DCERA-CZ-dabing-Thriller-Horor-(2009)-s-KCostnerom.wmv
2014-03-31 16:59 - 2014-03-31 16:59 - 00000000 _____ () C:\Users\R\Desktop\OSType.txt
2014-03-31 03:27 - 2014-03-31 03:19 - 00000000 ____D () C:\Users\R\Desktop\nova
2014-03-31 03:24 - 2014-03-31 03:22 - 00000000 ____D () C:\Users\R\Desktop\flashka
2014-03-31 03:18 - 2011-09-03 22:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-30 22:19 - 2013-04-04 19:22 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-03-30 21:58 - 2014-02-28 22:05 - 00000000 ____D () C:\Users\test\AppData\Roaming\TS3Client
2014-03-30 21:55 - 2014-03-30 21:33 - 00000000 ____D () C:\Users\test\Desktop\RK_Quarantine
2014-03-30 21:44 - 2014-03-30 21:44 - 00004450 _____ () C:\Users\test\Desktop\RKreport[0]_D_03302014_214412.txt
2014-03-30 21:43 - 2014-03-30 21:43 - 00004360 _____ () C:\Users\test\Desktop\RKreport[0]_S_03302014_214326.txt
2014-03-30 21:31 - 2014-03-30 21:30 - 03972608 _____ () C:\Users\test\Downloads\RogueKiller.exe
2014-03-30 21:00 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-30 20:20 - 2014-03-30 20:19 - 00000000 ____D () C:\Users\R\Desktop\plocha
2014-03-30 20:17 - 2014-03-30 20:17 - 00004466 _____ () C:\Users\test\Documents\cc_20140330_201736.reg
2014-03-30 19:38 - 2013-06-04 09:01 - 00000000 ____D () C:\Users\Guest
2014-03-30 19:38 - 2013-05-30 12:23 - 00000000 ____D () C:\Users\test
2014-03-30 19:37 - 2014-02-28 19:49 - 00000000 ____D () C:\Users\test\AppData\Local\Google
2014-03-30 19:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-03-30 19:12 - 2014-03-30 16:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-30 18:34 - 2013-05-30 12:23 - 00000000 ____D () C:\Users\test\AppData\Local\VirtualStore
2014-03-30 17:58 - 2014-03-30 17:41 - 3201380352 _____ () C:\Users\R\AppData\Roaming\tmp.tmp
2014-03-30 17:56 - 2014-03-30 17:56 - 00000000 ____D () C:\Users\test\AppData\Roaming\Malwarebytes
2014-03-30 17:55 - 2014-03-30 17:55 - 00000000 ____D () C:\Users\test\AppData\Roaming\AVAST Software
2014-03-30 17:38 - 2014-03-30 17:38 - 00012999 _____ () C:\Users\R\Documents\hijackthis.log
2014-03-30 16:38 - 2014-03-30 16:38 - 00000000 ____D () C:\Users\R\AppData\Roaming\Malwarebytes
2014-03-30 01:40 - 2014-03-30 01:40 - 00000000 ____D () C:\Users\R\AppData\Roaming\AVAST Software
2014-03-30 01:38 - 2014-03-30 01:38 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-30 01:36 - 2014-01-03 04:10 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-29 19:07 - 2014-03-29 17:29 - 833394688 _____ () C:\Users\R\Documents\PAN-DOMU---CZ-dvdrip.avi
2014-03-29 12:21 - 2011-09-19 02:00 - 00003938 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-29 12:21 - 2011-09-19 02:00 - 00003686 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-29 06:26 - 2012-09-20 21:31 - 00000000 ____D () C:\Program Files (x86)\DesetiPrsty
2014-03-29 06:21 - 2011-09-30 17:55 - 00000000 ____D () C:\Users\R\AppData\Roaming\DAEMON Tools Lite
2014-03-29 06:15 - 2011-11-14 01:48 - 00000000 ____D () C:\Program Files\DivX
2014-03-29 06:15 - 2011-11-14 01:47 - 00000000 ____D () C:\ProgramData\DivX
2014-03-29 06:15 - 2011-11-14 01:47 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-03-29 06:11 - 2012-03-23 21:37 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-29 06:05 - 2012-05-12 20:40 - 00000000 ____D () C:\Users\R\AppData\Roaming\Groovedown
2014-03-29 06:04 - 2012-06-07 12:54 - 00000000 ____D () C:\Users\R\AppData\Roaming\Xilisoft
2014-03-29 06:03 - 2012-06-17 12:28 - 00000000 ____D () C:\Program Files (x86)\URUSoft
2014-03-29 05:59 - 2012-12-22 21:02 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-03-29 05:57 - 2011-09-02 21:31 - 00000000 ____D () C:\Users\R\AppData\Roaming\Ubisoft
2014-03-29 05:57 - 2011-08-16 13:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-29 05:38 - 2012-10-02 00:15 - 00007589 _____ () C:\Users\R\AppData\Local\resmon.resmoncfg
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\Users\R\AppData\Local\VS Revo Group
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-29 05:33 - 2014-03-29 05:33 - 00000000 ____D () C:\Users\R\AppData\Roaming\Flashmedia
2014-03-29 05:12 - 2013-02-24 15:32 - 00000000 ____D () C:\Users\R\AppData\Roaming\BitTorrent
2014-03-29 05:11 - 2013-03-10 19:53 - 00000000 ____D () C:\Program Files (x86)\JAM Software
2014-03-29 04:50 - 2013-03-21 22:30 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-29 03:34 - 2011-09-26 15:50 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-03-29 02:03 - 2014-03-29 02:03 - 00002525 _____ () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk
2014-03-29 02:03 - 2011-11-27 21:59 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-03-23 04:04 - 2013-12-20 16:34 - 00000000 ____D () C:\Users\R\AppData\Local\Battle.net
2014-03-23 02:51 - 2013-12-20 16:36 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-23 02:48 - 2013-12-20 16:34 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-19 22:21 - 2014-03-19 22:21 - 02815713 _____ () C:\Users\R\Documents\Bez názvu.wma
2014-03-19 16:30 - 2014-03-19 16:30 - 00000000 ____D () C:\ProgramData\Steam
2014-03-19 16:07 - 2014-03-19 16:07 - 00000000 ____D () C:\Program Files (x86)\Total War Rome II CZ
2014-03-19 03:04 - 2013-07-12 06:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 03:00 - 2011-09-04 18:58 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-17 20:05 - 2014-03-01 02:39 - 00000000 ____D () C:\Users\test\AppData\Local\CrashDumps
2014-03-17 05:46 - 2014-03-17 05:46 - 00000000 ____D () C:\Users\R\Documents\LucasArts
2014-03-17 05:46 - 2014-03-17 05:46 - 00000000 ____D () C:\Users\R\AppData\Local\LucasArts
2014-03-17 01:27 - 2014-03-17 01:27 - 00000000 ____D () C:\Program Files (x86)\LucasArts
2014-03-16 20:17 - 2014-03-16 20:16 - 00000000 ____D () C:\Users\R\Desktop\Maturitní ples 2POA
2014-03-16 19:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-16 18:35 - 2014-03-16 18:29 - 736757760 _____ () C:\Users\R\Documents\KOPACKY-2008-KOMEDIE-CZ-DABING.avi
2014-03-16 15:37 - 2014-03-16 15:32 - 774180380 _____ () C:\Users\R\Documents\Silent-Hill-2006.CZ-dab.avi
2014-03-15 16:47 - 2013-03-10 17:43 - 00000000 ____D () C:\Windows\Minidump
2014-03-15 10:47 - 2009-07-14 07:08 - 00032586 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-14 23:06 - 2011-09-05 22:42 - 00000000 ____D () C:\Users\R\AppData\Local\CrashDumps
2014-03-13 19:16 - 2011-09-02 18:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-12 05:41 - 2011-08-16 13:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-12 05:39 - 2011-11-02 01:44 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-12 05:39 - 2010-11-21 09:16 - 00000000 ____D () C:\Windows\ShellNew
2014-03-12 05:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-03-11 22:39 - 2012-06-25 10:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 22:39 - 2012-06-25 10:10 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 22:39 - 2011-12-18 13:57 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-09 23:04 - 2014-03-09 23:04 - 00044752 _____ () C:\Users\R\Downloads\stažený soubor (4).htm
2014-03-09 22:48 - 2014-03-09 22:48 - 00044518 _____ () C:\Users\R\Downloads\stažený soubor (3).htm
2014-03-09 22:48 - 2014-03-09 22:48 - 00044518 _____ () C:\Users\R\Downloads\stažený soubor (2).htm
2014-03-09 22:43 - 2014-03-09 22:43 - 00058450 _____ () C:\Users\R\Downloads\viewforum (4).htm
2014-03-09 22:34 - 2014-03-09 22:34 - 00031929 _____ () C:\Users\R\Downloads\stažený soubor (1).htm
2014-03-09 22:34 - 2014-03-09 22:34 - 00013767 _____ () C:\Users\R\Downloads\forum (1).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00031070 _____ () C:\Users\R\Downloads\viewforum.htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (3).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (2).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (1).htm
2014-03-09 16:06 - 2014-03-09 16:06 - 00042188 _____ () C:\Users\R\Downloads\stažený soubor.htm
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (6).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (5).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (4).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (3).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (2).php
2014-03-09 14:03 - 2014-03-09 14:03 - 00041975 _____ () C:\Users\R\Downloads\index.php
2014-03-09 14:03 - 2014-03-09 14:03 - 00041975 _____ () C:\Users\R\Downloads\index (1).php
2014-03-09 01:16 - 2014-03-09 01:16 - 00956137 _____ () C:\Users\R\Downloads\pc_budik_2012.zip
2014-03-09 01:16 - 2014-03-09 01:16 - 00956137 _____ () C:\Users\R\Downloads\pc_budik_2012 (1).zip
2014-03-07 12:38 - 2014-03-07 12:38 - 00048406 _____ () C:\Users\R\Downloads\viewtopic (1).htm
2014-03-06 20:43 - 2014-03-06 20:43 - 00042627 _____ () C:\Users\R\Downloads\viewtopic.htm
2014-03-06 19:26 - 2014-03-06 19:26 - 00013767 _____ () C:\Users\R\Downloads\forum.htm
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-30 05:46
==================== End Of Log ============================
Ran by R (administrator) on R-HP on 05-04-2014 23:37:05
Running from C:\Users\R\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [NeroFilterCheck] - C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-25] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Run: [CreativeTaskScheduler] - C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd)
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: J - J:\LaunchU3.exe -a
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: K - K:\LaunchU3.exe -a
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: L - L:\LaunchU3.exe -a
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: {73eafd82-3873-11e1-afaa-e06995d0fdb8} - J:\launcher.exe
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: {be5fc397-3096-11e1-987d-e06995d0fdb8} - M:\ZTE_Handset_USB_Driver.exe
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: {dcf14671-d57b-11e0-874d-e06995d0fdb8} - K:\LaunchU3.exe -a
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: {ff09786f-eb4b-11e0-80f3-e06995d0fdb8} - J:\INSTALL.EXE
==================== Internet (Whitelisted) ====================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-08-16] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A4748267-3642-46B9-BBD0-D6D8B7A0A1FE}: [NameServer]8.8.8.8,8.8.4.4
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-22]
CHR Extension: (Google Drive) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-22]
CHR Extension: (YouTube) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-22]
CHR Extension: (Google Search) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-22]
CHR Extension: (Gmail) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-22]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\R\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2013-05-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
==================== Services (Whitelisted) =================
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4390376 2011-07-17] (INCA Internet Co., Ltd.)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-09-01] ()
S2 pr2agqwb; C:\Windows\system32\pr2agqwb.exe [777576 2007-11-14] (Cyanide)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; winhttp.dll [X]
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-01-07] (DT Soft Ltd)
S3 dump_wmimmc; No ImagePath
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2014-02-26] (Intel Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2004-12-31] (INCA Internet Co., Ltd.)
R0 pe3agqwb; C:\Windows\System32\drivers\pe3agqwb.sys [72296 2007-11-14] (Cyanide)
R0 ps7agqwb; C:\Windows\System32\drivers\ps7agqwb.sys [102000 2007-11-14] (Cyanide)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () <===== ATTENTION Necurs Rootkit?
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 cpuz136; \??\C:\Users\R\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-05 23:35 - 2014-04-05 23:35 - 05003552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-05 23:35 - 2014-04-05 23:35 - 00000056 _____ () C:\Windows\setupact.log
2014-04-05 23:35 - 2014-04-05 23:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-05 23:30 - 2014-04-05 23:35 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-05 23:25 - 2014-04-05 23:36 - 00000000 ____D () C:\Users\R\Desktop\FRST
2014-04-05 22:56 - 2014-04-05 22:56 - 00044273 _____ () C:\Users\R\Desktop\Addition.txt
2014-04-05 22:46 - 2014-04-05 23:37 - 00011520 _____ () C:\Users\R\Desktop\FRST.txt
2014-04-05 22:45 - 2014-04-05 23:37 - 00000000 ____D () C:\FRST
2014-04-05 22:45 - 2014-04-05 22:45 - 02157056 _____ (Farbar) C:\Users\R\Desktop\FRST64.exe
2014-04-05 22:23 - 2014-04-05 22:23 - 00000000 ____D () C:\_OTL
2014-04-05 22:00 - 2014-04-05 22:00 - 00000000 ____D () C:\Qoobox
2014-04-05 21:59 - 2014-04-05 21:59 - 05193579 ____R (Swearware) C:\Users\R\Desktop\ComboFix.exe
2014-04-05 21:59 - 2014-04-05 21:59 - 00000000 ____D () C:\Windows\erdnt
2014-04-05 21:57 - 2014-04-05 21:58 - 00003172 _____ () C:\Users\R\Desktop\Rkill.txt
2014-04-05 21:57 - 2014-04-05 21:57 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\R\Desktop\rkill.exe
2014-04-05 21:55 - 2014-04-05 21:55 - 00000512 _____ () C:\PhysicalMBR.bin
2014-04-05 21:53 - 2014-04-05 21:53 - 00602112 _____ (OldTimer Tools) C:\Users\R\Desktop\OTL.exe
2014-04-05 21:08 - 2014-04-05 21:08 - 00014465 _____ () C:\Users\R\Desktop\AdwCleaner[R0].txt
2014-04-05 21:04 - 2014-04-05 21:09 - 00000000 ____D () C:\AdwCleaner
2014-04-05 20:54 - 2014-04-05 20:54 - 01426178 _____ () C:\Users\R\Desktop\AdwCleaner.exe
2014-04-05 20:54 - 2014-04-05 20:54 - 01038974 _____ (Thisisu) C:\Users\R\Desktop\JRT.exe
2014-04-05 15:50 - 2014-04-05 16:31 - 736506338 _____ () C:\Users\R\Desktop\Vrána=1994-Akční-DVD-CZ.avi
2014-04-05 01:05 - 2014-04-05 01:05 - 00165888 _____ () C:\Users\R\Documents\T-Cleaner.exe
2014-04-04 22:28 - 2014-04-04 22:41 - 123185915 _____ () C:\Users\R\Desktop\Duch-=1990-Romantický-DVD-CZ.avi
2014-04-04 22:24 - 2014-04-04 22:28 - 21942207 _____ () C:\Users\R\Desktop\Carrie-(2013)-Novinka-CZ-dabing-Drama-Horor-Mysteriozní-výborná-BDRip-kvalita-.MEMRC123..avi
2014-04-04 21:49 - 2014-04-04 22:08 - 351481856 _____ () C:\Users\R\Desktop\Hannah-Montana-1x01---Lilly,-chces-znat-tajemstvi-.avi
2014-04-03 23:43 - 2014-04-03 23:58 - 286788548 _____ () C:\Users\R\Desktop\Lord-Ryolith-HC-3.4.2014.mp4
2014-04-03 21:12 - 2014-04-03 21:53 - 731565116 _____ () C:\Users\R\Desktop\Deník-princezny.CZ-dab.Mikky.avi
2014-04-03 16:21 - 2014-04-03 16:21 - 00000000 _____ () C:\Users\R\Desktop\fl hc.txt
2014-04-02 17:07 - 2014-04-02 17:08 - 00000000 ____D () C:\Users\R\Desktop\Nová složka (3)
2014-04-01 19:07 - 2014-04-01 19:53 - 828302680 _____ () C:\Users\R\Desktop\Farma-smrti-cz-[natu3].avi
2014-04-01 10:37 - 2014-04-01 10:37 - 00009216 _____ () C:\Users\R\Documents\cc_20140401_103749.reg
2014-04-01 10:08 - 2014-04-05 01:07 - 00000000 _____ () C:\SRStatus2.txt
2014-03-31 23:43 - 2014-03-31 23:43 - 00008585 _____ () C:\Users\R\Desktop\mbam.txt
2014-03-31 23:13 - 2014-04-01 10:44 - 00000115 _____ () C:\Users\R\Desktop\Nový textový dokument.txt
2014-03-31 21:35 - 2014-03-31 21:35 - 00001100 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-31 21:35 - 2014-03-31 21:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-31 21:35 - 2014-03-05 09:32 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-31 21:35 - 2014-03-05 09:32 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-31 21:35 - 2014-03-05 09:32 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 21:34 - 2014-03-31 21:34 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\R\Desktop\mbam-setup-1.75.0.1300.exe
2014-03-31 21:32 - 2014-04-05 23:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-31 21:31 - 2014-03-31 21:31 - 17523520 _____ (Malwarebytes Corporation ) C:\Users\R\Desktop\mbam-setup.exe
2014-03-31 18:35 - 2014-03-31 19:44 - 1248584811 _____ () C:\Users\R\Desktop\NOVÁ-DCERA-CZ-dabing-Thriller-Horor-(2009)-s-KCostnerom.wmv
2014-03-31 16:59 - 2014-03-31 16:59 - 00000000 _____ () C:\Users\R\Desktop\OSType.txt
2014-03-31 12:27 - 2014-04-05 22:04 - 00000000 ___SD () C:\32788R22FWJFW
2014-03-31 03:22 - 2014-03-31 03:24 - 00000000 ____D () C:\Users\R\Desktop\flashka
2014-03-31 03:19 - 2014-03-31 03:27 - 00000000 ____D () C:\Users\R\Desktop\nova
2014-03-30 21:44 - 2014-03-30 21:44 - 00004450 _____ () C:\Users\test\Desktop\RKreport[0]_D_03302014_214412.txt
2014-03-30 21:43 - 2014-03-30 21:43 - 00004360 _____ () C:\Users\test\Desktop\RKreport[0]_S_03302014_214326.txt
2014-03-30 21:33 - 2014-03-30 21:55 - 00000000 ____D () C:\Users\test\Desktop\RK_Quarantine
2014-03-30 21:30 - 2014-03-30 21:31 - 03972608 _____ () C:\Users\test\Downloads\RogueKiller.exe
2014-03-30 20:19 - 2014-03-30 20:20 - 00000000 ____D () C:\Users\R\Desktop\plocha
2014-03-30 20:17 - 2014-03-30 20:17 - 00004466 _____ () C:\Users\test\Documents\cc_20140330_201736.reg
2014-03-30 17:56 - 2014-03-30 17:56 - 00000000 ____D () C:\Users\test\AppData\Roaming\Malwarebytes
2014-03-30 17:55 - 2014-03-30 17:55 - 00000000 ____D () C:\Users\test\AppData\Roaming\AVAST Software
2014-03-30 17:41 - 2014-03-30 17:58 - 3201380352 _____ () C:\Users\R\AppData\Roaming\tmp.tmp
2014-03-30 17:38 - 2014-03-30 17:38 - 00012999 _____ () C:\Users\R\Documents\hijackthis.log
2014-03-30 16:38 - 2014-03-31 21:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-30 16:38 - 2014-03-30 19:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-30 16:38 - 2014-03-30 16:38 - 00000000 ____D () C:\Users\R\AppData\Roaming\Malwarebytes
2014-03-30 01:40 - 2014-03-30 01:40 - 00000000 ____D () C:\Users\R\AppData\Roaming\AVAST Software
2014-03-30 01:38 - 2014-03-30 01:38 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-29 17:29 - 2014-03-29 19:07 - 833394688 _____ () C:\Users\R\Documents\PAN-DOMU---CZ-dvdrip.avi
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\Users\R\AppData\Local\VS Revo Group
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-29 05:36 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-03-29 05:33 - 2014-03-29 05:33 - 00000000 ____D () C:\Users\R\AppData\Roaming\Flashmedia
2014-03-29 02:03 - 2014-03-29 02:03 - 00002525 _____ () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk
2014-03-27 17:05 - 2014-04-03 17:09 - 00000000 ____D () C:\Users\R\Desktop\Nová složka (2)
2014-03-19 22:21 - 2014-03-19 22:21 - 02815713 _____ () C:\Users\R\Documents\Bez názvu.wma
2014-03-19 16:30 - 2014-03-19 16:30 - 00000000 ____D () C:\ProgramData\Steam
2014-03-19 16:07 - 2014-03-19 16:07 - 00000000 ____D () C:\Program Files (x86)\Total War Rome II CZ
2014-03-17 05:46 - 2014-03-17 05:46 - 00000000 ____D () C:\Users\R\Documents\LucasArts
2014-03-17 05:46 - 2014-03-17 05:46 - 00000000 ____D () C:\Users\R\AppData\Local\LucasArts
2014-03-17 01:27 - 2014-03-17 01:27 - 00000000 ____D () C:\Program Files (x86)\LucasArts
2014-03-17 00:44 - 2014-04-04 21:39 - 00000000 ____D () C:\Users\R\Desktop\afsafs
2014-03-16 20:16 - 2014-03-16 20:17 - 00000000 ____D () C:\Users\R\Desktop\Maturitní ples 2POA
2014-03-16 18:29 - 2014-03-16 18:35 - 736757760 _____ () C:\Users\R\Documents\KOPACKY-2008-KOMEDIE-CZ-DABING.avi
2014-03-16 15:32 - 2014-03-16 15:37 - 774180380 _____ () C:\Users\R\Documents\Silent-Hill-2006.CZ-dab.avi
2014-03-13 06:01 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 06:01 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 06:01 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 06:01 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 06:01 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 06:01 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 06:01 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 06:01 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 06:01 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 06:01 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 06:01 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 06:01 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 06:01 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 06:01 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 06:01 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 06:01 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 06:01 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 06:01 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 06:01 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 06:01 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 06:01 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 06:01 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 06:01 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 06:01 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 06:01 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 06:01 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 06:01 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 06:01 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 06:01 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 06:01 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 06:01 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 06:01 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 06:01 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 06:01 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 06:01 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 06:01 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 06:01 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 06:01 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 06:01 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 06:01 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 06:01 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 06:01 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 06:01 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 06:01 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 06:00 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 06:00 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 06:00 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 06:00 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-09 23:04 - 2014-03-09 23:04 - 00044752 _____ () C:\Users\R\Downloads\stažený soubor (4).htm
2014-03-09 22:48 - 2014-03-09 22:48 - 00044518 _____ () C:\Users\R\Downloads\stažený soubor (3).htm
2014-03-09 22:48 - 2014-03-09 22:48 - 00044518 _____ () C:\Users\R\Downloads\stažený soubor (2).htm
2014-03-09 22:43 - 2014-03-09 22:43 - 00058450 _____ () C:\Users\R\Downloads\viewforum (4).htm
2014-03-09 22:34 - 2014-03-09 22:34 - 00031929 _____ () C:\Users\R\Downloads\stažený soubor (1).htm
2014-03-09 22:34 - 2014-03-09 22:34 - 00013767 _____ () C:\Users\R\Downloads\forum (1).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00031070 _____ () C:\Users\R\Downloads\viewforum.htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (3).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (2).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (1).htm
2014-03-09 16:06 - 2014-03-09 16:06 - 00042188 _____ () C:\Users\R\Downloads\stažený soubor.htm
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (6).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (5).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (4).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (3).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (2).php
2014-03-09 14:03 - 2014-03-09 14:03 - 00041975 _____ () C:\Users\R\Downloads\index.php
2014-03-09 14:03 - 2014-03-09 14:03 - 00041975 _____ () C:\Users\R\Downloads\index (1).php
2014-03-09 01:16 - 2014-03-09 01:16 - 00956137 _____ () C:\Users\R\Downloads\pc_budik_2012.zip
2014-03-09 01:16 - 2014-03-09 01:16 - 00956137 _____ () C:\Users\R\Downloads\pc_budik_2012 (1).zip
2014-03-07 12:38 - 2014-03-07 12:38 - 00048406 _____ () C:\Users\R\Downloads\viewtopic (1).htm
2014-03-06 20:43 - 2014-03-06 20:43 - 00042627 _____ () C:\Users\R\Downloads\viewtopic.htm
2014-03-06 19:26 - 2014-03-06 19:26 - 00013767 _____ () C:\Users\R\Downloads\forum.htm
==================== One Month Modified Files and Folders =======
2014-04-05 23:37 - 2014-04-05 22:46 - 00011520 _____ () C:\Users\R\Desktop\FRST.txt
2014-04-05 23:37 - 2014-04-05 22:45 - 00000000 ____D () C:\FRST
2014-04-05 23:36 - 2014-04-05 23:25 - 00000000 ____D () C:\Users\R\Desktop\FRST
2014-04-05 23:36 - 2014-03-31 21:32 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 23:36 - 2011-09-19 02:00 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-05 23:36 - 2011-08-16 13:32 - 00000000 ____D () C:\ProgramData\PDFC
2014-04-05 23:35 - 2014-04-05 23:35 - 05003552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-05 23:35 - 2014-04-05 23:35 - 00000056 _____ () C:\Windows\setupact.log
2014-04-05 23:35 - 2014-04-05 23:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-05 23:35 - 2014-04-05 23:30 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-05 23:35 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-05 23:35 - 2009-07-14 06:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-05 23:32 - 2011-08-16 13:04 - 00737120 _____ () C:\Windows\system32\perfh005.dat
2014-04-05 23:32 - 2011-08-16 13:04 - 00166810 _____ () C:\Windows\system32\perfc005.dat
2014-04-05 23:32 - 2009-07-14 07:13 - 01775876 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-05 23:26 - 2013-06-03 22:15 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-05 23:26 - 2011-09-19 02:00 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-05 23:24 - 2012-04-16 19:11 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-05 23:24 - 2012-04-16 19:11 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-04-05 22:56 - 2014-04-05 22:56 - 00044273 _____ () C:\Users\R\Desktop\Addition.txt
2014-04-05 22:45 - 2014-04-05 22:45 - 02157056 _____ (Farbar) C:\Users\R\Desktop\FRST64.exe
2014-04-05 22:39 - 2012-06-25 10:10 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-05 22:26 - 2011-09-02 18:09 - 00000000 ____D () C:\Users\R\AppData\Roaming\Skype
2014-04-05 22:23 - 2014-04-05 22:23 - 00000000 ____D () C:\_OTL
2014-04-05 22:23 - 2013-05-30 12:23 - 00000000 ___RD () C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-05 22:23 - 2011-09-02 18:03 - 00000000 ___RD () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-05 22:04 - 2014-03-31 12:27 - 00000000 ___SD () C:\32788R22FWJFW
2014-04-05 22:00 - 2014-04-05 22:00 - 00000000 ____D () C:\Qoobox
2014-04-05 21:59 - 2014-04-05 21:59 - 05193579 ____R (Swearware) C:\Users\R\Desktop\ComboFix.exe
2014-04-05 21:59 - 2014-04-05 21:59 - 00000000 ____D () C:\Windows\erdnt
2014-04-05 21:58 - 2014-04-05 21:57 - 00003172 _____ () C:\Users\R\Desktop\Rkill.txt
2014-04-05 21:57 - 2014-04-05 21:57 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\R\Desktop\rkill.exe
2014-04-05 21:55 - 2014-04-05 21:55 - 00000512 _____ () C:\PhysicalMBR.bin
2014-04-05 21:53 - 2014-04-05 21:53 - 00602112 _____ (OldTimer Tools) C:\Users\R\Desktop\OTL.exe
2014-04-05 21:09 - 2014-04-05 21:04 - 00000000 ____D () C:\AdwCleaner
2014-04-05 21:09 - 2012-08-15 23:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-05 21:09 - 2011-11-17 17:52 - 00000000 ____D () C:\ProgramData\ICQ
2014-04-05 21:08 - 2014-04-05 21:08 - 00014465 _____ () C:\Users\R\Desktop\AdwCleaner[R0].txt
2014-04-05 20:54 - 2014-04-05 20:54 - 01426178 _____ () C:\Users\R\Desktop\AdwCleaner.exe
2014-04-05 20:54 - 2014-04-05 20:54 - 01038974 _____ (Thisisu) C:\Users\R\Desktop\JRT.exe
2014-04-05 18:27 - 2011-09-09 23:44 - 00000000 ____D () C:\Users\R\AppData\Roaming\TS3Client
2014-04-05 16:31 - 2014-04-05 15:50 - 736506338 _____ () C:\Users\R\Desktop\Vrána=1994-Akční-DVD-CZ.avi
2014-04-05 01:16 - 2014-03-01 19:11 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-04-05 01:09 - 2011-09-21 00:53 - 00000000 ____D () C:\Users\R\AppData\Roaming\Media Player Classic
2014-04-05 01:07 - 2014-04-01 10:08 - 00000000 _____ () C:\SRStatus2.txt
2014-04-05 01:07 - 2011-09-02 17:55 - 00000000 ____D () C:\Users\R
2014-04-05 01:05 - 2014-04-05 01:05 - 00165888 _____ () C:\Users\R\Documents\T-Cleaner.exe
2014-04-05 01:05 - 2012-12-30 17:36 - 00000000 ____D () C:\Users\R\Documents\The KMPlayer
2014-04-04 22:41 - 2014-04-04 22:28 - 123185915 _____ () C:\Users\R\Desktop\Duch-=1990-Romantický-DVD-CZ.avi
2014-04-04 22:28 - 2014-04-04 22:24 - 21942207 _____ () C:\Users\R\Desktop\Carrie-(2013)-Novinka-CZ-dabing-Drama-Horor-Mysteriozní-výborná-BDRip-kvalita-.MEMRC123..avi
2014-04-04 22:08 - 2014-04-04 21:49 - 351481856 _____ () C:\Users\R\Desktop\Hannah-Montana-1x01---Lilly,-chces-znat-tajemstvi-.avi
2014-04-04 21:39 - 2014-03-17 00:44 - 00000000 ____D () C:\Users\R\Desktop\afsafs
2014-04-04 18:32 - 2012-11-10 09:54 - 00000316 _____ () C:\Windows\Tasks\HPCeeScheduleForR.job
2014-04-04 02:45 - 2012-11-10 09:54 - 00003162 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForR
2014-04-04 02:45 - 2011-11-05 15:04 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-04-04 02:45 - 2011-09-10 09:40 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-04-04 02:44 - 2011-09-10 09:33 - 00000000 ____D () C:\Users\R\AppData\Roaming\HP Support Assistant
2014-04-04 02:44 - 2011-09-03 20:41 - 00000000 ____D () C:\Users\R\AppData\Roaming\HpUpdate
2014-04-03 23:58 - 2014-04-03 23:43 - 286788548 _____ () C:\Users\R\Desktop\Lord-Ryolith-HC-3.4.2014.mp4
2014-04-03 21:53 - 2014-04-03 21:12 - 731565116 _____ () C:\Users\R\Desktop\Deník-princezny.CZ-dab.Mikky.avi
2014-04-03 17:17 - 2013-09-22 23:39 - 00000000 ____D () C:\Users\R\AppData\Roaming\Spotify
2014-04-03 17:09 - 2014-03-27 17:05 - 00000000 ____D () C:\Users\R\Desktop\Nová složka (2)
2014-04-03 16:21 - 2014-04-03 16:21 - 00000000 _____ () C:\Users\R\Desktop\fl hc.txt
2014-04-02 17:08 - 2014-04-02 17:07 - 00000000 ____D () C:\Users\R\Desktop\Nová složka (3)
2014-04-02 01:29 - 2013-09-22 23:40 - 00000000 ____D () C:\Users\R\AppData\Local\Spotify
2014-04-01 19:53 - 2014-04-01 19:07 - 828302680 _____ () C:\Users\R\Desktop\Farma-smrti-cz-[natu3].avi
2014-04-01 10:44 - 2014-03-31 23:13 - 00000115 _____ () C:\Users\R\Desktop\Nový textový dokument.txt
2014-04-01 10:37 - 2014-04-01 10:37 - 00009216 _____ () C:\Users\R\Documents\cc_20140401_103749.reg
2014-03-31 23:43 - 2014-03-31 23:43 - 00008585 _____ () C:\Users\R\Desktop\mbam.txt
2014-03-31 21:35 - 2014-03-31 21:35 - 00001100 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-31 21:35 - 2014-03-31 21:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-31 21:34 - 2014-03-31 21:34 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\R\Desktop\mbam-setup-1.75.0.1300.exe
2014-03-31 21:32 - 2014-03-30 16:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-31 21:31 - 2014-03-31 21:31 - 17523520 _____ (Malwarebytes Corporation ) C:\Users\R\Desktop\mbam-setup.exe
2014-03-31 19:44 - 2014-03-31 18:35 - 1248584811 _____ () C:\Users\R\Desktop\NOVÁ-DCERA-CZ-dabing-Thriller-Horor-(2009)-s-KCostnerom.wmv
2014-03-31 16:59 - 2014-03-31 16:59 - 00000000 _____ () C:\Users\R\Desktop\OSType.txt
2014-03-31 03:27 - 2014-03-31 03:19 - 00000000 ____D () C:\Users\R\Desktop\nova
2014-03-31 03:24 - 2014-03-31 03:22 - 00000000 ____D () C:\Users\R\Desktop\flashka
2014-03-31 03:18 - 2011-09-03 22:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-30 22:19 - 2013-04-04 19:22 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-03-30 21:58 - 2014-02-28 22:05 - 00000000 ____D () C:\Users\test\AppData\Roaming\TS3Client
2014-03-30 21:55 - 2014-03-30 21:33 - 00000000 ____D () C:\Users\test\Desktop\RK_Quarantine
2014-03-30 21:44 - 2014-03-30 21:44 - 00004450 _____ () C:\Users\test\Desktop\RKreport[0]_D_03302014_214412.txt
2014-03-30 21:43 - 2014-03-30 21:43 - 00004360 _____ () C:\Users\test\Desktop\RKreport[0]_S_03302014_214326.txt
2014-03-30 21:31 - 2014-03-30 21:30 - 03972608 _____ () C:\Users\test\Downloads\RogueKiller.exe
2014-03-30 21:00 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-30 20:20 - 2014-03-30 20:19 - 00000000 ____D () C:\Users\R\Desktop\plocha
2014-03-30 20:17 - 2014-03-30 20:17 - 00004466 _____ () C:\Users\test\Documents\cc_20140330_201736.reg
2014-03-30 19:38 - 2013-06-04 09:01 - 00000000 ____D () C:\Users\Guest
2014-03-30 19:38 - 2013-05-30 12:23 - 00000000 ____D () C:\Users\test
2014-03-30 19:37 - 2014-02-28 19:49 - 00000000 ____D () C:\Users\test\AppData\Local\Google
2014-03-30 19:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-03-30 19:12 - 2014-03-30 16:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-30 18:34 - 2013-05-30 12:23 - 00000000 ____D () C:\Users\test\AppData\Local\VirtualStore
2014-03-30 17:58 - 2014-03-30 17:41 - 3201380352 _____ () C:\Users\R\AppData\Roaming\tmp.tmp
2014-03-30 17:56 - 2014-03-30 17:56 - 00000000 ____D () C:\Users\test\AppData\Roaming\Malwarebytes
2014-03-30 17:55 - 2014-03-30 17:55 - 00000000 ____D () C:\Users\test\AppData\Roaming\AVAST Software
2014-03-30 17:38 - 2014-03-30 17:38 - 00012999 _____ () C:\Users\R\Documents\hijackthis.log
2014-03-30 16:38 - 2014-03-30 16:38 - 00000000 ____D () C:\Users\R\AppData\Roaming\Malwarebytes
2014-03-30 01:40 - 2014-03-30 01:40 - 00000000 ____D () C:\Users\R\AppData\Roaming\AVAST Software
2014-03-30 01:38 - 2014-03-30 01:38 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-30 01:36 - 2014-01-03 04:10 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-29 19:07 - 2014-03-29 17:29 - 833394688 _____ () C:\Users\R\Documents\PAN-DOMU---CZ-dvdrip.avi
2014-03-29 12:21 - 2011-09-19 02:00 - 00003938 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-29 12:21 - 2011-09-19 02:00 - 00003686 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-29 06:26 - 2012-09-20 21:31 - 00000000 ____D () C:\Program Files (x86)\DesetiPrsty
2014-03-29 06:21 - 2011-09-30 17:55 - 00000000 ____D () C:\Users\R\AppData\Roaming\DAEMON Tools Lite
2014-03-29 06:15 - 2011-11-14 01:48 - 00000000 ____D () C:\Program Files\DivX
2014-03-29 06:15 - 2011-11-14 01:47 - 00000000 ____D () C:\ProgramData\DivX
2014-03-29 06:15 - 2011-11-14 01:47 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-03-29 06:11 - 2012-03-23 21:37 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-29 06:05 - 2012-05-12 20:40 - 00000000 ____D () C:\Users\R\AppData\Roaming\Groovedown
2014-03-29 06:04 - 2012-06-07 12:54 - 00000000 ____D () C:\Users\R\AppData\Roaming\Xilisoft
2014-03-29 06:03 - 2012-06-17 12:28 - 00000000 ____D () C:\Program Files (x86)\URUSoft
2014-03-29 05:59 - 2012-12-22 21:02 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-03-29 05:57 - 2011-09-02 21:31 - 00000000 ____D () C:\Users\R\AppData\Roaming\Ubisoft
2014-03-29 05:57 - 2011-08-16 13:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-29 05:38 - 2012-10-02 00:15 - 00007589 _____ () C:\Users\R\AppData\Local\resmon.resmoncfg
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\Users\R\AppData\Local\VS Revo Group
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-29 05:33 - 2014-03-29 05:33 - 00000000 ____D () C:\Users\R\AppData\Roaming\Flashmedia
2014-03-29 05:12 - 2013-02-24 15:32 - 00000000 ____D () C:\Users\R\AppData\Roaming\BitTorrent
2014-03-29 05:11 - 2013-03-10 19:53 - 00000000 ____D () C:\Program Files (x86)\JAM Software
2014-03-29 04:50 - 2013-03-21 22:30 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-29 03:34 - 2011-09-26 15:50 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-03-29 02:03 - 2014-03-29 02:03 - 00002525 _____ () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk
2014-03-29 02:03 - 2011-11-27 21:59 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-03-23 04:04 - 2013-12-20 16:34 - 00000000 ____D () C:\Users\R\AppData\Local\Battle.net
2014-03-23 02:51 - 2013-12-20 16:36 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-23 02:48 - 2013-12-20 16:34 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-19 22:21 - 2014-03-19 22:21 - 02815713 _____ () C:\Users\R\Documents\Bez názvu.wma
2014-03-19 16:30 - 2014-03-19 16:30 - 00000000 ____D () C:\ProgramData\Steam
2014-03-19 16:07 - 2014-03-19 16:07 - 00000000 ____D () C:\Program Files (x86)\Total War Rome II CZ
2014-03-19 03:04 - 2013-07-12 06:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 03:00 - 2011-09-04 18:58 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-17 20:05 - 2014-03-01 02:39 - 00000000 ____D () C:\Users\test\AppData\Local\CrashDumps
2014-03-17 05:46 - 2014-03-17 05:46 - 00000000 ____D () C:\Users\R\Documents\LucasArts
2014-03-17 05:46 - 2014-03-17 05:46 - 00000000 ____D () C:\Users\R\AppData\Local\LucasArts
2014-03-17 01:27 - 2014-03-17 01:27 - 00000000 ____D () C:\Program Files (x86)\LucasArts
2014-03-16 20:17 - 2014-03-16 20:16 - 00000000 ____D () C:\Users\R\Desktop\Maturitní ples 2POA
2014-03-16 19:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-16 18:35 - 2014-03-16 18:29 - 736757760 _____ () C:\Users\R\Documents\KOPACKY-2008-KOMEDIE-CZ-DABING.avi
2014-03-16 15:37 - 2014-03-16 15:32 - 774180380 _____ () C:\Users\R\Documents\Silent-Hill-2006.CZ-dab.avi
2014-03-15 16:47 - 2013-03-10 17:43 - 00000000 ____D () C:\Windows\Minidump
2014-03-15 10:47 - 2009-07-14 07:08 - 00032586 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-14 23:06 - 2011-09-05 22:42 - 00000000 ____D () C:\Users\R\AppData\Local\CrashDumps
2014-03-13 19:16 - 2011-09-02 18:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-12 05:41 - 2011-08-16 13:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-12 05:39 - 2011-11-02 01:44 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-12 05:39 - 2010-11-21 09:16 - 00000000 ____D () C:\Windows\ShellNew
2014-03-12 05:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-03-11 22:39 - 2012-06-25 10:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 22:39 - 2012-06-25 10:10 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 22:39 - 2011-12-18 13:57 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-09 23:04 - 2014-03-09 23:04 - 00044752 _____ () C:\Users\R\Downloads\stažený soubor (4).htm
2014-03-09 22:48 - 2014-03-09 22:48 - 00044518 _____ () C:\Users\R\Downloads\stažený soubor (3).htm
2014-03-09 22:48 - 2014-03-09 22:48 - 00044518 _____ () C:\Users\R\Downloads\stažený soubor (2).htm
2014-03-09 22:43 - 2014-03-09 22:43 - 00058450 _____ () C:\Users\R\Downloads\viewforum (4).htm
2014-03-09 22:34 - 2014-03-09 22:34 - 00031929 _____ () C:\Users\R\Downloads\stažený soubor (1).htm
2014-03-09 22:34 - 2014-03-09 22:34 - 00013767 _____ () C:\Users\R\Downloads\forum (1).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00031070 _____ () C:\Users\R\Downloads\viewforum.htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (3).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (2).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (1).htm
2014-03-09 16:06 - 2014-03-09 16:06 - 00042188 _____ () C:\Users\R\Downloads\stažený soubor.htm
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (6).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (5).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (4).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (3).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (2).php
2014-03-09 14:03 - 2014-03-09 14:03 - 00041975 _____ () C:\Users\R\Downloads\index.php
2014-03-09 14:03 - 2014-03-09 14:03 - 00041975 _____ () C:\Users\R\Downloads\index (1).php
2014-03-09 01:16 - 2014-03-09 01:16 - 00956137 _____ () C:\Users\R\Downloads\pc_budik_2012.zip
2014-03-09 01:16 - 2014-03-09 01:16 - 00956137 _____ () C:\Users\R\Downloads\pc_budik_2012 (1).zip
2014-03-07 12:38 - 2014-03-07 12:38 - 00048406 _____ () C:\Users\R\Downloads\viewtopic (1).htm
2014-03-06 20:43 - 2014-03-06 20:43 - 00042627 _____ () C:\Users\R\Downloads\viewtopic.htm
2014-03-06 19:26 - 2014-03-06 19:26 - 00013767 _____ () C:\Users\R\Downloads\forum.htm
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-30 05:46
==================== End Of Log ============================
Re: Modrá Smrt - černá obrazovka a restart
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by R at 2014-04-06 00:01:53
Running from C:\Users\R\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Adobe Story (x32 Version: 1.0.571 - Adobe Systems Incorporated) Hidden
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Aktualizace NVIDIA 1.7.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.12 - NVIDIA Corporation)
Assassin's Creed (R) III (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.01 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.3 - EA Digital Illusions CE AB)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)
Call of Duty(R) 2 (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) 2 Patch 1.3 (x32 Version: 1.3 - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.10 - Piriform)
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.1.0.0 - Electronic Arts)
CZShare Manager (HKCU\...\7f4182272b52fd8f) (Version: 0.0.1.35 - CZShare)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Darksiders II (HKLM-x32\...\Darksiders II_is1) (Version: - )
DC Universe Online (HKCU\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)
Dead Space™ 2 (HKLM-x32\...\{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}) (Version: 1.0.941.0 - Electronic Arts)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Fable III (x32 Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
Far Cry 3 v1.01 (HKLM-x32\...\Far Cry 3_is1) (Version: 1.01 - Ubisoft)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Flame Painter 1.2 (HKLM-x32\...\Flame Painter_is1) (Version: 1.1 - Peter Blaskovic)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GamePark (HKLM-x32\...\GameParkClient_is1) (Version: - GamePark)
GamePark klient 2.0.9.0 (HKLM\...\{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1) (Version: 2.0.9.0 - GamePark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Graffiti Studio 2.0 (HKLM-x32\...\Graffiti Studio 2.0_is1) (Version: - Less Rain)
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0002.135 - Rockstar Games Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HeavyLoad V3.2 (HKLM-x32\...\HeavyLoad_is1) (Version: 3.2 - JAM Software)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hitman Absolution (HKLM-x32\...\Hitman Absolution_is1) (Version: - )
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
Hunting Unlimited 2008 (HKLM-x32\...\{C5B6BA27-AAFB-4699-8014-8ACBA8A79679}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ICQ 5.1 (HKLM-x32\...\ICQLite) (Version: - )
ICQ Toolbar (HKLM-x32\...\XTTB00001.XTTB00001Toolbar) (Version: - )
ICQ6 (HKLM-x32\...\{60DE4033-9503-48D1-A483-7846BD217CA9}) (Version: 6.00.0000 - ICQ)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java Auto Updater (x32 Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Java(TM) 7 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Loki (HKLM-x32\...\{A10622B1-95F6-469E-8836-50E27B7398C9}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.7.6.7 - www.leaguereplays.com)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware verze 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)
Max Payne 3 version 1.02 (HKLM-x32\...\{75D84EF7-0D8C-4e70-MAXP3-7B42A5D4E0EB}_is1) (Version: 1.02 - Black_Box)
Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Media Player Classic - Home Cinema v1.5.2.3456 x64 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.5.2.3456 - MPC-HC Team)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Management Objects (HKLM-x32\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files (English) (HKLM-x32\...\{9D6D76A6-4328-49E8-97A7-531A74841DA5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English (HKLM-x32\...\{0C19D563-5F25-4621-BF10-01F741BD283F}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MorphVOX Pro (HKLM-x32\...\{DE289787-7ECA-4BED-9D8C-99FAC407E3D6}) (Version: 4.3.13 - Screaming Bee)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero 6 Demo (HKLM-x32\...\Nero - Burning Rom!UninstallKey) (Version: - )
NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden
NVIDIA Install Application (Version: 2.1002.145.1024 - NVIDIA Corporation) Hidden
NVIDIA Ovladač řídící jednotky 3D Vision 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 285.62 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 296.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.28 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.11.0621 - NVIDIA Corporation) Hidden
NVIDIA Systémový software PhysX 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.7.12 - NVIDIA Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 296.28 (Version: 296.28 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PAYDAY 2 (HKLM-x32\...\PAYDAY 2_is1) (Version: - 505 Games)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoFiltre 7 (HKCU\...\PhotoFiltre 7) (Version: - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
REACTOR (HKLM-x32\...\{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}) (Version: 1.00.0000 - ijji)
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.9.5 - Rockstar Games)
ShiftWindow 1.02 (HKLM-x32\...\ShiftWindow_is1) (Version: - Grismar)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
Smite Closed Beta (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.944.1 - Hi-Rez Studios)
Sniper Elite V2 (HKLM-x32\...\Sniper Elite V2_is1) (Version: - )
Sound Blaster Tactic(3D) Sigma (HKLM-x32\...\{93CFCA51-4484-4211-89EB-39ED3CBDBEB1}) (Version: 1.0 - Creative Technology Limited)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Sql Server Customer Experience Improvement Program (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
SQL Server System CLR Types (HKLM-x32\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
Star Wars: The Force Unleashed 2 (HKLM-x32\...\Star Wars: The Force Unleashed 2_is1) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
The Battle for Middle-earth (tm) (HKLM-x32\...\{3F290582-3F4E-4B96-009C-E0BABAA40C42}) (Version: - )
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.4.0.59 - KMP Media co., Ltd)
Tombraider (HKLM-x32\...\Tombraider_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Total War Rome II CZ version 1.0.0. (HKLM-x32\...\{C2872E18-8799-44A3-B6BD-AC535F1982A6}_is1) (Version: 1.0.0. - )
Trine 2 (HKLM-x32\...\Trine 2_is1) (Version: - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unlocker 1.9.1 (HKLM-x32\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 9.0 (HKLM-x32\...\{6E5AB107-172B-4F17-8ABB-357C59EF1B08}) (Version: 9.0.704 - Sony)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
WebM Media Foundation Components (HKLM-x32\...\webmmf) (Version: 1.0.1.0 - WebM Project)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version: - )
XSplit (HKLM-x32\...\{15C49338-59E5-472E-94F7-D5AE15EE23C9}) (Version: 1.0.1206.0203 - SplitMediaLabs)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Restore Points =========================
30-03-2014 16:02:52 Operace obnovení
30-03-2014 18:33:00 Windows Update
04-04-2014 13:10:59 Windows Update
05-04-2014 20:24:59 OTL Restore Point - 4/5/2014 10:24:59 PM
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-04-05 22:24 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {08296921-43E2-490E-AE30-EC0E81798F6F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {084AB0E2-5163-4A6F-AF19-357B91DF0EE4} - System32\Tasks\TunnelBear => C:\Program Files (x86)\TunnelBear\TunnelBear.exe
Task: {0B516FDF-8939-4C7A-8EA6-480066F565D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-19] (Google Inc.)
Task: {447451A6-CB18-49B8-A0DA-C74F1EB093D0} - System32\Tasks\HP online update program => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08] (Hewlett-Packard)
Task: {5C782F4F-66B4-4806-890B-CD2B31903241} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-12-22] (CyberLink)
Task: {6C210A35-C72B-45B3-9B8E-00936CB6C37E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-19] (Google Inc.)
Task: {716A17C0-7060-4127-A36F-DBE2104B7BA1} - System32\Tasks\HPCeeScheduleForR => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {8E1D4C54-8962-4A82-A649-AFD7068EF0FE} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17] (Sun Microsystems, Inc.)
Task: {9E87C9B5-9A7C-4DA4-A93B-A30AE055B7D5} - System32\Tasks\{3C3FE096-1E8C-45C7-8902-766E635B9F2A} => Chrome.exe http://ui.skype.com/ui/0/5.10.0.116/cs/ ... Error=1603
Task: {A6EFE18D-F22A-460C-8F6C-336FACFC60BC} - System32\Tasks\AdobeAAMUpdater-1.0-R-HP-R => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {D99AD689-4090-4E45-BE12-E33F92CD4F0A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {DE7C07D8-8D0D-4DE8-8B3C-9F81DAE9A532} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {F4083131-E534-4776-933E-BF8F8A6B6BB6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
Task: {F8E8D530-7B3A-4664-9AD3-14FA3BEC1DC6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\NetworkCheck => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_NetworkCheck.exe [2014-03-25] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForR.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2011-09-10 12:17 - 2013-09-01 12:33 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-09-03 11:57 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdvancedSystemCareService7 => 2
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: IMFservice => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: PanService => 2
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk => C:\Windows\pss\GamePark klient 2.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^R^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^R^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk => C:\Windows\pss\Xfire.lnk.Startup
MSCONFIG\startupreg: 1a92553fc3706c469bd5c78793b2aa21 => "C:\Users\R\AppData\Local\Temp\FlashPlayerPlugin_11_9_900_117.exe" ..
MSCONFIG\startupreg: 6ee4f606bfbd1a4c62361754fecafaa2 => "C:\Users\R\AppData\Local\Temp\interrupts.exe" ..
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Advanced SystemCare 7 => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ6\ICQ.exe" silent
MSCONFIG\startupreg: ICQ Lite => "L:\Icq\ICQLite\ICQLite.exe" -minimize
MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: PCSpeedUp => C:\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: SDP => C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\R\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\R\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/05/2014 11:37:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/05/2014 11:30:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/05/2014 11:03:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/05/2014 10:27:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/05/2014 09:12:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/05/2014 09:05:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/05/2014 00:19:03 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 6.1.7601.17514, časové razítko: 0x4ce7abf9
Název chybujícího modulu: AESTAC64.dll, verze: 2.0.64.14, časové razítko: 0x4bb50c00
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000019b3d
ID chybujícího procesu: 0xf5c
Čas spuštění chybující aplikace: 0xAUDIODG.EXE0
Cesta k chybující aplikaci: AUDIODG.EXE1
Cesta k chybujícímu modulu: AUDIODG.EXE2
ID zprávy: AUDIODG.EXE3
Error: (04/05/2014 10:16:05 AM) (Source: ESENT) (User: )
Description: taskhost (2296) WebCacheLocal: Při otevírání souboru protokolu C:\Users\R\AppData\Local\Microsoft\Windows\WebCache\V0100055.log došlo k chybě -1811.
Error: (04/05/2014 10:09:30 AM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota * atributu language v prvku assemblyIdentity je neplatná.
Error: (04/05/2014 10:05:20 AM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"1 se nezdařilo.
Závislé sestavení Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
System errors:
=============
Error: (04/05/2014 11:38:13 PM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069
Error: (04/05/2014 11:38:13 PM) (Source: Service Control Manager) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (04/05/2014 11:30:38 PM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069
Error: (04/05/2014 11:30:38 PM) (Source: Service Control Manager) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (04/05/2014 11:03:58 PM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069
Error: (04/05/2014 11:03:58 PM) (Source: Service Control Manager) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (04/05/2014 10:28:35 PM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069
Error: (04/05/2014 10:28:35 PM) (Source: Service Control Manager) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (04/05/2014 10:23:54 PM) (Source: Service Control Manager) (User: )
Description: Služba Creative Audio Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (04/05/2014 09:57:43 PM) (Source: Service Control Manager) (User: )
Description: Služba Easybits Services for Windows byla neočekávaně ukončena. Tento stav nastal již 1krát.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 41%
Total physical RAM: 4076.32 MB
Available physical RAM: 2385.43 MB
Total Pagefile: 8150.83 MB
Available Pagefile: 6590.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:918.56 GB) (Free:258.74 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.85 GB) (Free:1.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: D989473B)
Partition: GPT Partition Type.
==================== End Of Log ============================
Ran by R at 2014-04-06 00:01:53
Running from C:\Users\R\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Adobe Story (x32 Version: 1.0.571 - Adobe Systems Incorporated) Hidden
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Aktualizace NVIDIA 1.7.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.12 - NVIDIA Corporation)
Assassin's Creed (R) III (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.01 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.3 - EA Digital Illusions CE AB)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)
Call of Duty(R) 2 (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) 2 Patch 1.3 (x32 Version: 1.3 - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.10 - Piriform)
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.1.0.0 - Electronic Arts)
CZShare Manager (HKCU\...\7f4182272b52fd8f) (Version: 0.0.1.35 - CZShare)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Darksiders II (HKLM-x32\...\Darksiders II_is1) (Version: - )
DC Universe Online (HKCU\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)
Dead Space™ 2 (HKLM-x32\...\{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}) (Version: 1.0.941.0 - Electronic Arts)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Fable III (x32 Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
Far Cry 3 v1.01 (HKLM-x32\...\Far Cry 3_is1) (Version: 1.01 - Ubisoft)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Flame Painter 1.2 (HKLM-x32\...\Flame Painter_is1) (Version: 1.1 - Peter Blaskovic)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GamePark (HKLM-x32\...\GameParkClient_is1) (Version: - GamePark)
GamePark klient 2.0.9.0 (HKLM\...\{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1) (Version: 2.0.9.0 - GamePark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Graffiti Studio 2.0 (HKLM-x32\...\Graffiti Studio 2.0_is1) (Version: - Less Rain)
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0002.135 - Rockstar Games Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HeavyLoad V3.2 (HKLM-x32\...\HeavyLoad_is1) (Version: 3.2 - JAM Software)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hitman Absolution (HKLM-x32\...\Hitman Absolution_is1) (Version: - )
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
Hunting Unlimited 2008 (HKLM-x32\...\{C5B6BA27-AAFB-4699-8014-8ACBA8A79679}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ICQ 5.1 (HKLM-x32\...\ICQLite) (Version: - )
ICQ Toolbar (HKLM-x32\...\XTTB00001.XTTB00001Toolbar) (Version: - )
ICQ6 (HKLM-x32\...\{60DE4033-9503-48D1-A483-7846BD217CA9}) (Version: 6.00.0000 - ICQ)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java Auto Updater (x32 Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Java(TM) 7 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Loki (HKLM-x32\...\{A10622B1-95F6-469E-8836-50E27B7398C9}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.7.6.7 - www.leaguereplays.com)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware verze 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)
Max Payne 3 version 1.02 (HKLM-x32\...\{75D84EF7-0D8C-4e70-MAXP3-7B42A5D4E0EB}_is1) (Version: 1.02 - Black_Box)
Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Media Player Classic - Home Cinema v1.5.2.3456 x64 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.5.2.3456 - MPC-HC Team)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Management Objects (HKLM-x32\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files (English) (HKLM-x32\...\{9D6D76A6-4328-49E8-97A7-531A74841DA5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English (HKLM-x32\...\{0C19D563-5F25-4621-BF10-01F741BD283F}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MorphVOX Pro (HKLM-x32\...\{DE289787-7ECA-4BED-9D8C-99FAC407E3D6}) (Version: 4.3.13 - Screaming Bee)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero 6 Demo (HKLM-x32\...\Nero - Burning Rom!UninstallKey) (Version: - )
NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden
NVIDIA Install Application (Version: 2.1002.145.1024 - NVIDIA Corporation) Hidden
NVIDIA Ovladač řídící jednotky 3D Vision 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 285.62 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 296.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.28 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.11.0621 - NVIDIA Corporation) Hidden
NVIDIA Systémový software PhysX 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.7.12 - NVIDIA Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 296.28 (Version: 296.28 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PAYDAY 2 (HKLM-x32\...\PAYDAY 2_is1) (Version: - 505 Games)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoFiltre 7 (HKCU\...\PhotoFiltre 7) (Version: - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
REACTOR (HKLM-x32\...\{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}) (Version: 1.00.0000 - ijji)
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.9.5 - Rockstar Games)
ShiftWindow 1.02 (HKLM-x32\...\ShiftWindow_is1) (Version: - Grismar)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
Smite Closed Beta (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.944.1 - Hi-Rez Studios)
Sniper Elite V2 (HKLM-x32\...\Sniper Elite V2_is1) (Version: - )
Sound Blaster Tactic(3D) Sigma (HKLM-x32\...\{93CFCA51-4484-4211-89EB-39ED3CBDBEB1}) (Version: 1.0 - Creative Technology Limited)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Sql Server Customer Experience Improvement Program (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
SQL Server System CLR Types (HKLM-x32\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
Star Wars: The Force Unleashed 2 (HKLM-x32\...\Star Wars: The Force Unleashed 2_is1) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
The Battle for Middle-earth (tm) (HKLM-x32\...\{3F290582-3F4E-4B96-009C-E0BABAA40C42}) (Version: - )
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.4.0.59 - KMP Media co., Ltd)
Tombraider (HKLM-x32\...\Tombraider_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Total War Rome II CZ version 1.0.0. (HKLM-x32\...\{C2872E18-8799-44A3-B6BD-AC535F1982A6}_is1) (Version: 1.0.0. - )
Trine 2 (HKLM-x32\...\Trine 2_is1) (Version: - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unlocker 1.9.1 (HKLM-x32\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 9.0 (HKLM-x32\...\{6E5AB107-172B-4F17-8ABB-357C59EF1B08}) (Version: 9.0.704 - Sony)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
WebM Media Foundation Components (HKLM-x32\...\webmmf) (Version: 1.0.1.0 - WebM Project)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version: - )
XSplit (HKLM-x32\...\{15C49338-59E5-472E-94F7-D5AE15EE23C9}) (Version: 1.0.1206.0203 - SplitMediaLabs)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Restore Points =========================
30-03-2014 16:02:52 Operace obnovení
30-03-2014 18:33:00 Windows Update
04-04-2014 13:10:59 Windows Update
05-04-2014 20:24:59 OTL Restore Point - 4/5/2014 10:24:59 PM
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-04-05 22:24 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {08296921-43E2-490E-AE30-EC0E81798F6F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {084AB0E2-5163-4A6F-AF19-357B91DF0EE4} - System32\Tasks\TunnelBear => C:\Program Files (x86)\TunnelBear\TunnelBear.exe
Task: {0B516FDF-8939-4C7A-8EA6-480066F565D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-19] (Google Inc.)
Task: {447451A6-CB18-49B8-A0DA-C74F1EB093D0} - System32\Tasks\HP online update program => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08] (Hewlett-Packard)
Task: {5C782F4F-66B4-4806-890B-CD2B31903241} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-12-22] (CyberLink)
Task: {6C210A35-C72B-45B3-9B8E-00936CB6C37E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-19] (Google Inc.)
Task: {716A17C0-7060-4127-A36F-DBE2104B7BA1} - System32\Tasks\HPCeeScheduleForR => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {8E1D4C54-8962-4A82-A649-AFD7068EF0FE} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17] (Sun Microsystems, Inc.)
Task: {9E87C9B5-9A7C-4DA4-A93B-A30AE055B7D5} - System32\Tasks\{3C3FE096-1E8C-45C7-8902-766E635B9F2A} => Chrome.exe http://ui.skype.com/ui/0/5.10.0.116/cs/ ... Error=1603
Task: {A6EFE18D-F22A-460C-8F6C-336FACFC60BC} - System32\Tasks\AdobeAAMUpdater-1.0-R-HP-R => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {D99AD689-4090-4E45-BE12-E33F92CD4F0A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {DE7C07D8-8D0D-4DE8-8B3C-9F81DAE9A532} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {F4083131-E534-4776-933E-BF8F8A6B6BB6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
Task: {F8E8D530-7B3A-4664-9AD3-14FA3BEC1DC6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\NetworkCheck => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_NetworkCheck.exe [2014-03-25] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForR.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2011-09-10 12:17 - 2013-09-01 12:33 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-09-03 11:57 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdvancedSystemCareService7 => 2
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: IMFservice => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: PanService => 2
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk => C:\Windows\pss\GamePark klient 2.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^R^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^R^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk => C:\Windows\pss\Xfire.lnk.Startup
MSCONFIG\startupreg: 1a92553fc3706c469bd5c78793b2aa21 => "C:\Users\R\AppData\Local\Temp\FlashPlayerPlugin_11_9_900_117.exe" ..
MSCONFIG\startupreg: 6ee4f606bfbd1a4c62361754fecafaa2 => "C:\Users\R\AppData\Local\Temp\interrupts.exe" ..
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Advanced SystemCare 7 => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ6\ICQ.exe" silent
MSCONFIG\startupreg: ICQ Lite => "L:\Icq\ICQLite\ICQLite.exe" -minimize
MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: PCSpeedUp => C:\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: SDP => C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\R\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\R\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/05/2014 11:37:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/05/2014 11:30:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/05/2014 11:03:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/05/2014 10:27:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/05/2014 09:12:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/05/2014 09:05:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/05/2014 00:19:03 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 6.1.7601.17514, časové razítko: 0x4ce7abf9
Název chybujícího modulu: AESTAC64.dll, verze: 2.0.64.14, časové razítko: 0x4bb50c00
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000019b3d
ID chybujícího procesu: 0xf5c
Čas spuštění chybující aplikace: 0xAUDIODG.EXE0
Cesta k chybující aplikaci: AUDIODG.EXE1
Cesta k chybujícímu modulu: AUDIODG.EXE2
ID zprávy: AUDIODG.EXE3
Error: (04/05/2014 10:16:05 AM) (Source: ESENT) (User: )
Description: taskhost (2296) WebCacheLocal: Při otevírání souboru protokolu C:\Users\R\AppData\Local\Microsoft\Windows\WebCache\V0100055.log došlo k chybě -1811.
Error: (04/05/2014 10:09:30 AM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota * atributu language v prvku assemblyIdentity je neplatná.
Error: (04/05/2014 10:05:20 AM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"1 se nezdařilo.
Závislé sestavení Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
System errors:
=============
Error: (04/05/2014 11:38:13 PM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069
Error: (04/05/2014 11:38:13 PM) (Source: Service Control Manager) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (04/05/2014 11:30:38 PM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069
Error: (04/05/2014 11:30:38 PM) (Source: Service Control Manager) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (04/05/2014 11:03:58 PM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069
Error: (04/05/2014 11:03:58 PM) (Source: Service Control Manager) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (04/05/2014 10:28:35 PM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069
Error: (04/05/2014 10:28:35 PM) (Source: Service Control Manager) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (04/05/2014 10:23:54 PM) (Source: Service Control Manager) (User: )
Description: Služba Creative Audio Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (04/05/2014 09:57:43 PM) (Source: Service Control Manager) (User: )
Description: Služba Easybits Services for Windows byla neočekávaně ukončena. Tento stav nastal již 1krát.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 41%
Total physical RAM: 4076.32 MB
Available physical RAM: 2385.43 MB
Total Pagefile: 8150.83 MB
Available Pagefile: 6590.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:918.56 GB) (Free:258.74 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.85 GB) (Free:1.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: D989473B)
Partition: GPT Partition Type.
==================== End Of Log ============================
Re: Modrá Smrt - černá obrazovka a restart
Ještě si prosím zobrazte skryté a systémové soubory a mrkněte co je v této složce
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
Na to si počkám, pak uklidíme a zítra večer mi ukážete nový log z FRSTu a řeknete, co pc.
Je možné, že jsem smazala složky od nějakých her, omlouvám se, pokud se tak stalo.
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
Na to si počkám, pak uklidíme a zítra večer mi ukážete nový log z FRSTu a řeknete, co pc.
Je možné, že jsem smazala složky od nějakých her, omlouvám se, pokud se tak stalo.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Modrá Smrt - černá obrazovka a restart
Netváří se mi to jako složka
Re: Modrá Smrt - černá obrazovka a restart
Dejte to do raru nebo zipu, uložte někde bokem a originál smažte. Kdyby to někde chybělo, vrátíme to zpět .
Tak uklidíme
Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
A zítra večer poprosím o nový log a popis, jak se pc tváří
/ a kdyby se Vám chtělo, můžete ze srandy zkusit znovu stahnout a spustit combofix? Pokud by nešel, opět úklid po něm jako teď /
A já jdu spát, dobrou noc
Tak uklidíme
Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
A zítra večer poprosím o nový log a popis, jak se pc tváří
/ a kdyby se Vám chtělo, můžete ze srandy zkusit znovu stahnout a spustit combofix? Pokud by nešel, opět úklid po něm jako teď /
A já jdu spát, dobrou noc
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Modrá Smrt - černá obrazovka a restart
Dobrou noc, zkusím ještě ten Combofix Zítra sem dám ty nové logy .
Re: Modrá Smrt - černá obrazovka a restart
Po restartu na mne vybaflo tohle :
a v pravém dolním rohu :
Nevím co má můj pc zase za náladu ale jsem si jistý že má "Kopie" windowsů 7 ještě před půl hoďkou pravá byla
a v pravém dolním rohu :
Nevím co má můj pc zase za náladu ale jsem si jistý že má "Kopie" windowsů 7 ještě před půl hoďkou pravá byla
Re: Modrá Smrt - černá obrazovka a restart
Nemohu se dostat do exploreru, píše mi to stále po zapnutí profilu že moje Windows kopie není pravá - Je možné že je to těma dvouma soubory ?Dejte to do raru nebo zipu, uložte někde bokem a originál smažte. Kdyby to někde chybělo, vrátíme to zpět .
Tak uklidíme
Teď jsem se nějak prokousal na plochu -- vybalil jsem ty 2 soubory z raru a chtěl je tam vrátit ale píše mi to že jsou něčím používány a místo nich se tam vytvořili jiné dva
Re: Modrá Smrt - černá obrazovka a restart
Rád bych se sváma o něco podělil na pobavení.
za 1. Poté co jsem zjistil že mám údajně nelegální windowsi, jsem byl nucen jít na kolena a hledat na svém počítači štítek s kodem. Štítek jsem po 2 a půl hodinách našel a tímto applauduju technikovi z HP, který nalepil štítek na zadní stranu zdroje - Byl to opravdu oříšek jej najít a kdybych se nerozhodl si vyčistit ve 2 ráno počítač od prachu, asi bych ten štítek hledal do teď .
za 2. Zadal jsem znovu product key od windowsů a začlo se něco načítat - 30 minut se mi ověřoval ten key, jestli je opravdu pravý a nakonec jsem vyhrál loterii a opravdu jsem si ty čísla a písmena nevymyslel a můj windows je Pravý. Po zadání kodu, se mi sami spustili aktualizace a počítač se restartoval - že je potřeba nahrát nějaký codec, tak oka řekl jsem si a šel jsem na cigaretu.
za 3. Přišel jsem z Cigarety a čučim jak blázen na monitor , že co tam není ? VŮBEC NIC Monitor byl černý, tak jsem si šel udělat kafe a když jsem přišel z kafe koukal jsem na monitor už fakt jak blbec stím že si ze mě někdo dělá srandu, na monitoru se objevil soubor combofix.txt ( WTF ? )
za 4. Rád bych upozornil že jsem combofix smazal přesně jak jste řekla a v PC mi po něm nezbyla ani zmínka. Ovšem můj PC si řekl NE! Já mu ho tam vrátím ! Zatím co jsem byl pryč, se mi na plochu nahrál nový combofix ( a Přísahám že když jsem odcházel tak tam nebyl ) a poté zde proběhl celý process skenerru combofixu bez mého zásahu ( Viz ten návod že se tam muselo něco potvrzovat atd = nic - všechno za mě udělal počítač! )
Takže přikládám Log z combofixu a ve 4 ráno si jdu vítězně lehnout, neboť člověk vyhrál nad strojem ( Který si ze mě ovšem dělá pouze srandu, uplně slyšim jak mu smíchy rachtaj šroubky ! )
ComboFix 14-04-05.01 - R 06.04.2014 3:28.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4076.1206 [GMT 2:00]
Spuštěný z: c:\users\R\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\data
c:\users\R\AppData\Local\assembly\tmp
c:\users\R\AppData\Roaming\SQLite3.dll
c:\users\R\AppData\Roaming\system32
c:\users\R\AppData\Roaming\tmp.tmp
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-06 do 2014-04-06 )))))))))))))))))))))))))))))))
.
.
2014-04-06 01:35 . 2014-04-06 01:35 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-04-06 01:35 . 2014-04-06 01:35 -------- d-----w- c:\users\test\AppData\Local\temp
2014-04-05 23:43 . 2014-04-05 23:43 -------- d-----w- c:\programdata\PDFC
2014-04-04 13:11 . 2014-03-17 08:16 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D474AB1-E106-4D6F-97A2-1C17DB723C99}\mpengine.dll
2014-03-31 19:32 . 2014-04-05 23:05 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-03-30 15:56 . 2014-03-30 15:56 -------- d-----w- c:\users\test\AppData\Roaming\Malwarebytes
2014-03-30 15:55 . 2014-03-30 15:55 -------- d-----w- c:\users\test\AppData\Roaming\AVAST Software
2014-03-30 14:38 . 2014-03-30 14:38 -------- d-----w- c:\users\R\AppData\Roaming\Malwarebytes
2014-03-30 14:38 . 2014-03-31 19:32 -------- d-----w- c:\programdata\Malwarebytes
2014-03-30 14:38 . 2014-03-30 17:12 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-03-29 23:40 . 2014-03-29 23:40 -------- d-----w- c:\users\R\AppData\Roaming\AVAST Software
2014-03-29 23:38 . 2014-03-29 23:38 -------- d-----w- c:\program files\AVAST Software
2014-03-29 03:36 . 2014-03-29 03:36 -------- d-----w- c:\users\R\AppData\Local\VS Revo Group
2014-03-29 03:36 . 2014-03-29 03:36 -------- d-----w- c:\programdata\VS Revo Group
2014-03-29 03:33 . 2014-03-29 03:33 -------- d-----w- c:\users\R\AppData\Roaming\Flashmedia
2014-03-19 14:30 . 2014-03-19 14:30 -------- d-----w- c:\users\R\AppData\Roaming\The Creative Assembly
2014-03-19 14:30 . 2014-03-19 14:30 -------- d-----w- c:\programdata\Steam
2014-03-19 14:07 . 2014-03-19 14:07 -------- d-----w- c:\program files (x86)\Total War Rome II CZ
2014-03-17 03:46 . 2014-03-17 03:46 -------- d-----w- c:\users\R\AppData\Local\LucasArts
2014-03-16 23:27 . 2014-03-16 23:27 -------- d-----w- c:\program files (x86)\LucasArts
2014-03-13 04:00 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-13 04:00 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-13 04:00 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-03-13 04:00 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-19 01:00 . 2011-09-04 16:58 90015360 ----a-w- c:\windows\system32\MRT.exe
2014-03-11 20:39 . 2012-06-25 08:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-11 20:39 . 2011-12-18 11:57 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-26 17:06 . 2014-02-26 17:06 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2014-02-26 17:06 . 2014-02-26 17:06 197408 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2014-02-26 17:06 . 2014-02-26 17:06 1515296 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2014-02-26 17:03 . 2014-02-26 17:03 11589272 ----a-w- c:\windows\system32\nvopencl.dll
2014-02-26 17:03 . 2014-02-26 17:03 9690424 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-02-26 17:03 . 2014-02-26 17:03 353504 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-02-26 17:03 . 2014-02-26 17:03 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-02-26 17:03 . 2014-02-26 17:03 892192 ----a-w- c:\windows\system32\NvIFR64.dll
2014-02-26 17:03 . 2014-02-26 17:03 875296 ----a-w- c:\windows\system32\NvFBC64.dll
2014-02-26 17:03 . 2014-02-26 17:03 863520 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-02-26 17:03 . 2014-02-26 17:03 844576 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-02-26 17:03 . 2014-02-26 17:03 1885472 ----a-w- c:\windows\system32\nvdispco6433489.dll
2014-02-26 17:03 . 2014-02-26 17:03 1515296 ----a-w- c:\windows\system32\nvdispgenco6433489.dll
2014-02-26 17:03 . 2014-02-26 17:03 409408 ----a-w- c:\windows\system32\drivers\tixhci.sys
2014-02-26 17:03 . 2014-02-26 17:03 136000 ----a-w- c:\windows\system32\drivers\tihub3.sys
2014-02-26 17:02 . 2014-02-26 17:02 1510176 ----a-w- c:\windows\system32\nvhdagenco64.dll
2014-02-26 17:02 . 2014-02-26 17:02 99800 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2014-02-26 17:02 . 2014-02-26 17:02 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2014-02-26 17:01 . 2014-02-26 17:01 888536 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-02-26 17:01 . 2014-02-26 17:01 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-02-26 17:01 . 2011-08-16 11:11 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-02-13 18:01 . 2014-02-14 01:15 128320 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CreativeTaskScheduler"="c:\program files (x86)\Creative\Shared Files\CTSched.exe" [2006-11-17 53341]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz136;cpuz136;c:\users\R\AppData\Local\Temp\cpuz136\cpuz136_x64.sys;c:\users\R\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 dump_wmimmc;dump_wmimmc; [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys;c:\windows\SYSNATIVE\drivers\XENfiltv.sys [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
R4 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
R4 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys;c:\windows\SYSNATIVE\DRIVERS\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\DRIVERS\tixhci.sys;c:\windows\SYSNATIVE\DRIVERS\tixhci.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-25 20:39]
.
2014-04-04 c:\windows\Tasks\HPCeeScheduleForR.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2010-10-21 37888]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-24 1425408]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
mSearchAssistant =
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{A4748267-3642-46B9-BBD0-D6D8B7A0A1FE}: NameServer = 8.8.8.8,8.8.4.4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-93735815-1299707322-140628041-1000\Software\SecuROM\License information*]
"datasecu"=hex:78,43,3b,60,85,fd,80,bd,fa,e7,31,a7,6a,0a,71,1f,99,94,04,54,9b,
d7,12,ee,6c,09,2c,e6,a8,27,c2,1e,06,2a,3c,98,aa,b0,02,ad,a1,0c,59,e3,26,f3,\
"rkeysecu"=hex:ef,f6,8e,30,bf,9e,88,a8,5d,f0,52,4b,b1,80,3e,f3
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-04-06 03:41:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-04-06 01:41
.
Před spuštěním: Volných bajtů: 490 373 713 920
Po spuštění: Volných bajtů: 489 685 995 520
.
- - End Of File - - ADB9EE8C780C190BC8CCA2933033C07C
za 1. Poté co jsem zjistil že mám údajně nelegální windowsi, jsem byl nucen jít na kolena a hledat na svém počítači štítek s kodem. Štítek jsem po 2 a půl hodinách našel a tímto applauduju technikovi z HP, který nalepil štítek na zadní stranu zdroje - Byl to opravdu oříšek jej najít a kdybych se nerozhodl si vyčistit ve 2 ráno počítač od prachu, asi bych ten štítek hledal do teď .
za 2. Zadal jsem znovu product key od windowsů a začlo se něco načítat - 30 minut se mi ověřoval ten key, jestli je opravdu pravý a nakonec jsem vyhrál loterii a opravdu jsem si ty čísla a písmena nevymyslel a můj windows je Pravý. Po zadání kodu, se mi sami spustili aktualizace a počítač se restartoval - že je potřeba nahrát nějaký codec, tak oka řekl jsem si a šel jsem na cigaretu.
za 3. Přišel jsem z Cigarety a čučim jak blázen na monitor , že co tam není ? VŮBEC NIC Monitor byl černý, tak jsem si šel udělat kafe a když jsem přišel z kafe koukal jsem na monitor už fakt jak blbec stím že si ze mě někdo dělá srandu, na monitoru se objevil soubor combofix.txt ( WTF ? )
za 4. Rád bych upozornil že jsem combofix smazal přesně jak jste řekla a v PC mi po něm nezbyla ani zmínka. Ovšem můj PC si řekl NE! Já mu ho tam vrátím ! Zatím co jsem byl pryč, se mi na plochu nahrál nový combofix ( a Přísahám že když jsem odcházel tak tam nebyl ) a poté zde proběhl celý process skenerru combofixu bez mého zásahu ( Viz ten návod že se tam muselo něco potvrzovat atd = nic - všechno za mě udělal počítač! )
Takže přikládám Log z combofixu a ve 4 ráno si jdu vítězně lehnout, neboť člověk vyhrál nad strojem ( Který si ze mě ovšem dělá pouze srandu, uplně slyšim jak mu smíchy rachtaj šroubky ! )
ComboFix 14-04-05.01 - R 06.04.2014 3:28.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4076.1206 [GMT 2:00]
Spuštěný z: c:\users\R\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\data
c:\users\R\AppData\Local\assembly\tmp
c:\users\R\AppData\Roaming\SQLite3.dll
c:\users\R\AppData\Roaming\system32
c:\users\R\AppData\Roaming\tmp.tmp
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-06 do 2014-04-06 )))))))))))))))))))))))))))))))
.
.
2014-04-06 01:35 . 2014-04-06 01:35 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-04-06 01:35 . 2014-04-06 01:35 -------- d-----w- c:\users\test\AppData\Local\temp
2014-04-05 23:43 . 2014-04-05 23:43 -------- d-----w- c:\programdata\PDFC
2014-04-04 13:11 . 2014-03-17 08:16 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D474AB1-E106-4D6F-97A2-1C17DB723C99}\mpengine.dll
2014-03-31 19:32 . 2014-04-05 23:05 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-03-30 15:56 . 2014-03-30 15:56 -------- d-----w- c:\users\test\AppData\Roaming\Malwarebytes
2014-03-30 15:55 . 2014-03-30 15:55 -------- d-----w- c:\users\test\AppData\Roaming\AVAST Software
2014-03-30 14:38 . 2014-03-30 14:38 -------- d-----w- c:\users\R\AppData\Roaming\Malwarebytes
2014-03-30 14:38 . 2014-03-31 19:32 -------- d-----w- c:\programdata\Malwarebytes
2014-03-30 14:38 . 2014-03-30 17:12 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-03-29 23:40 . 2014-03-29 23:40 -------- d-----w- c:\users\R\AppData\Roaming\AVAST Software
2014-03-29 23:38 . 2014-03-29 23:38 -------- d-----w- c:\program files\AVAST Software
2014-03-29 03:36 . 2014-03-29 03:36 -------- d-----w- c:\users\R\AppData\Local\VS Revo Group
2014-03-29 03:36 . 2014-03-29 03:36 -------- d-----w- c:\programdata\VS Revo Group
2014-03-29 03:33 . 2014-03-29 03:33 -------- d-----w- c:\users\R\AppData\Roaming\Flashmedia
2014-03-19 14:30 . 2014-03-19 14:30 -------- d-----w- c:\users\R\AppData\Roaming\The Creative Assembly
2014-03-19 14:30 . 2014-03-19 14:30 -------- d-----w- c:\programdata\Steam
2014-03-19 14:07 . 2014-03-19 14:07 -------- d-----w- c:\program files (x86)\Total War Rome II CZ
2014-03-17 03:46 . 2014-03-17 03:46 -------- d-----w- c:\users\R\AppData\Local\LucasArts
2014-03-16 23:27 . 2014-03-16 23:27 -------- d-----w- c:\program files (x86)\LucasArts
2014-03-13 04:00 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-13 04:00 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-13 04:00 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-03-13 04:00 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-19 01:00 . 2011-09-04 16:58 90015360 ----a-w- c:\windows\system32\MRT.exe
2014-03-11 20:39 . 2012-06-25 08:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-11 20:39 . 2011-12-18 11:57 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-26 17:06 . 2014-02-26 17:06 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2014-02-26 17:06 . 2014-02-26 17:06 197408 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2014-02-26 17:06 . 2014-02-26 17:06 1515296 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2014-02-26 17:03 . 2014-02-26 17:03 11589272 ----a-w- c:\windows\system32\nvopencl.dll
2014-02-26 17:03 . 2014-02-26 17:03 9690424 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-02-26 17:03 . 2014-02-26 17:03 353504 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-02-26 17:03 . 2014-02-26 17:03 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-02-26 17:03 . 2014-02-26 17:03 892192 ----a-w- c:\windows\system32\NvIFR64.dll
2014-02-26 17:03 . 2014-02-26 17:03 875296 ----a-w- c:\windows\system32\NvFBC64.dll
2014-02-26 17:03 . 2014-02-26 17:03 863520 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-02-26 17:03 . 2014-02-26 17:03 844576 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-02-26 17:03 . 2014-02-26 17:03 1885472 ----a-w- c:\windows\system32\nvdispco6433489.dll
2014-02-26 17:03 . 2014-02-26 17:03 1515296 ----a-w- c:\windows\system32\nvdispgenco6433489.dll
2014-02-26 17:03 . 2014-02-26 17:03 409408 ----a-w- c:\windows\system32\drivers\tixhci.sys
2014-02-26 17:03 . 2014-02-26 17:03 136000 ----a-w- c:\windows\system32\drivers\tihub3.sys
2014-02-26 17:02 . 2014-02-26 17:02 1510176 ----a-w- c:\windows\system32\nvhdagenco64.dll
2014-02-26 17:02 . 2014-02-26 17:02 99800 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2014-02-26 17:02 . 2014-02-26 17:02 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2014-02-26 17:01 . 2014-02-26 17:01 888536 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-02-26 17:01 . 2014-02-26 17:01 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-02-26 17:01 . 2011-08-16 11:11 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-02-13 18:01 . 2014-02-14 01:15 128320 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CreativeTaskScheduler"="c:\program files (x86)\Creative\Shared Files\CTSched.exe" [2006-11-17 53341]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz136;cpuz136;c:\users\R\AppData\Local\Temp\cpuz136\cpuz136_x64.sys;c:\users\R\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 dump_wmimmc;dump_wmimmc; [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys;c:\windows\SYSNATIVE\drivers\XENfiltv.sys [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
R4 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
R4 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys;c:\windows\SYSNATIVE\DRIVERS\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\DRIVERS\tixhci.sys;c:\windows\SYSNATIVE\DRIVERS\tixhci.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-25 20:39]
.
2014-04-04 c:\windows\Tasks\HPCeeScheduleForR.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2010-10-21 37888]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-24 1425408]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
mSearchAssistant =
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{A4748267-3642-46B9-BBD0-D6D8B7A0A1FE}: NameServer = 8.8.8.8,8.8.4.4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-93735815-1299707322-140628041-1000\Software\SecuROM\License information*]
"datasecu"=hex:78,43,3b,60,85,fd,80,bd,fa,e7,31,a7,6a,0a,71,1f,99,94,04,54,9b,
d7,12,ee,6c,09,2c,e6,a8,27,c2,1e,06,2a,3c,98,aa,b0,02,ad,a1,0c,59,e3,26,f3,\
"rkeysecu"=hex:ef,f6,8e,30,bf,9e,88,a8,5d,f0,52,4b,b1,80,3e,f3
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-04-06 03:41:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-04-06 01:41
.
Před spuštěním: Volných bajtů: 490 373 713 920
Po spuštění: Volných bajtů: 489 685 995 520
.
- - End Of File - - ADB9EE8C780C190BC8CCA2933033C07C
Re: Modrá Smrt - černá obrazovka a restart
Koukám že Vy jste měl opravdu rušnou noc
A jste si jistý, že jste combofix nespouštěl ani v 1.31hod?, vidím tam totiž ten texťák, co jste asi našel na ploše , a ten druhý čas Vám také věřím
ComboFix 14-04-05.01 - R 06.04.2014 3:28.1.4 - x64
Tak bud si z nás pc dělá blázny, nebo tam máte někoho kdo pc ovládá, nebo nemohl tam třeba brácha spustit combofix?
Každopádně Vás uklidním, už tam nic nevidím , pc máte čisťoučký .
Jen mi prozraďte, zda znáte tuto složku
c:\programdata\PDFC
Dále normálně mažeme ještě gamemon, ale ten asi potřebujete ke hrám, tak ho tam nechám.
Znovu combofix odinstalujte, pc pořádně prozkoušejte, a večer mi vložte nový log z Frstu, ať vidím, zda se tam něco neobnovilo.
A máte ode mě bod za trpělivost
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Modrá Smrt - černá obrazovka a restart
Dobrý večer, teprve teď jsem přišel po celém dnu domů a jsem vyšťaven, takže si jdu lehnout -- Počítač se mi zdá být v pohodě ( Ť Ď ), zítra dopoledne sem hodím log z Frst