Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Jenom preventivně

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Uživatelský avatar
Flack007
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 93
Registrován: 14 črc 2010 13:10

Re: Jenom preventivně

#16 Příspěvek od Flack007 »

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ladivojna at 2013-12-12 20:49:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 258 GB (56%) free of 464 GB
Total RAM: 4094 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:49:45, on 12.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16736)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ladivojna.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.youtube.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10580 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 3401856
\??\C:\Windows\system32\conhost.exe "1073957494-1098896629-95938466836176646619233371219194130231812212063150836905
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k HsfXAudioService
"C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe" -runService:MsDepSvc
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2668
"C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="244.0.1086074250\1609568798" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --gpu-vendor-id=0x1002 --gpu-device-id=0x9553 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.872.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --channel="244.1.57101892\1511718156" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="244.2.1914335253\1599854469" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="244.3.340772336\1174795411" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="244.4.354838335\756596246" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="244.5.1035691958\1508548762" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="244.6.1581573847\904057842" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="244.8.1703552337\2033558501" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group7 pct:10f stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-1-Percent/group_28/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="244.10.1745877970\190431416" /prefetch:673131151
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\system32\wuauclt.exe" /RunHandlerComServer
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
C:\Windows\system32\vssvc.exe
"C:\Users\Ladivojna\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-02-01 349552]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-06 8060960]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-01-13 206208]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-09-30 823840]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\1157840481]
C:\Program Files (x86)\eGames\Heavyweight Thunder\Register\eGamesRegistration.exe /r C:\PROGRA~2\eGames\HEAVYW~1\Register\EGAMES~1.rpd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch]
C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
C:\Program Files\Apoint2K\Apoint.exe [2009-05-22 295936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2013-07-04 601928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Ladivojna\AppData\Roaming\Seznam.cz\szninstall.exe -c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry]
C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7M\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:7c41c8392e8ce54cb45a94e3db2339ba]
C:\Users\LADIVO~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe -c C:\Users\Ladivojna\AppData\Roaming\Seznam.cz []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-02-28 18642024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer]
C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2013-12-04 1823656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files (x86)\uTorrent\uTorrent.exe [2013-05-07 802136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ladivojna^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~2\MAGICD~1\MAGICD~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ladivojna^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-03-09 260608]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-02-01 337264]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1094736]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-25 343168]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Ladivojna\AppData\Roaming\plugin-container.exe"="c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-12-11 19:26:09 ----D---- C:\Users\Ladivojna\AppData\Roaming\Malwarebytes
2013-12-11 19:25:52 ----D---- C:\ProgramData\Malwarebytes
2013-12-11 18:50:30 ----D---- C:\AdwCleaner
2013-12-11 13:29:17 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-11 13:29:17 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-11 13:29:17 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-11 13:29:17 ----A---- C:\Windows\system32\wscript.exe
2013-12-11 13:29:17 ----A---- C:\Windows\system32\scrrun.dll
2013-12-11 13:29:17 ----A---- C:\Windows\system32\cscript.exe
2013-12-10 20:15:27 ----D---- C:\rsit
2013-12-09 22:51:52 ----D---- C:\Users\Ladivojna\AppData\Roaming\PhotoFiltre Studio X
2013-12-09 22:50:54 ----D---- C:\Program Files (x86)\PhotoFiltre Studio X
2013-12-09 15:59:45 ----D---- C:\Program Files (x86)\Seznam.cz
2013-12-09 15:59:17 ----D---- C:\Users\Ladivojna\AppData\Roaming\Seznam.cz
2013-12-03 16:19:28 ----D---- C:\ProgramData\dokumenty
2013-11-26 16:27:00 ----D---- C:\Program Files (x86)\bitComposer Games
2013-11-26 12:23:39 ----D---- C:\Program Files (x86)\THQ
2013-11-22 22:23:35 ----D---- C:\Program Files (x86)\Assassins Creed IV Black Flag
2013-11-13 16:27:56 ----D---- C:\ProgramData\ESET
2013-11-13 15:54:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-11-13 15:54:23 ----A---- C:\Windows\system32\ieui.dll
2013-11-13 15:54:21 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-13 15:54:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-11-13 15:54:21 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-11-13 15:54:21 ----A---- C:\Windows\system32\iesetup.dll
2013-11-13 15:54:21 ----A---- C:\Windows\system32\iernonce.dll
2013-11-13 15:54:20 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-11-13 15:54:20 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 15:54:20 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-13 15:54:20 ----A---- C:\Windows\system32\ie4uinit.exe
2013-11-13 15:54:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-11-13 15:54:18 ----A---- C:\Windows\system32\iertutil.dll
2013-11-13 15:54:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-11-13 15:54:16 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-13 15:54:16 ----A---- C:\Windows\system32\jscript.dll
2013-11-13 15:54:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-11-13 15:54:14 ----A---- C:\Windows\system32\jscript9.dll
2013-11-13 15:54:12 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-11-13 15:54:11 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-11-13 15:54:11 ----A---- C:\Windows\system32\urlmon.dll
2013-11-13 15:54:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-11-13 15:54:09 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-13 15:54:08 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-11-13 15:54:07 ----A---- C:\Windows\system32\wininet.dll
2013-11-13 15:54:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-11-13 15:54:00 ----A---- C:\Windows\system32\ieframe.dll
2013-11-13 15:53:58 ----A---- C:\Windows\system32\mshtml.dll
2013-11-13 15:53:51 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-11-13 12:36:44 ----A---- C:\Windows\system32\crypt32.dll
2013-11-13 12:36:43 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-11-13 12:36:33 ----A---- C:\Windows\system32\drivers\afd.sys
2013-11-13 12:36:21 ----A---- C:\Windows\system32\authui.dll
2013-11-13 12:36:20 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-13 12:36:20 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-11-13 12:36:20 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-11-13 12:36:20 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 12:36:20 ----A---- C:\Windows\system32\credui.dll
2013-11-13 12:36:07 ----A---- C:\Windows\system32\schannel.dll
2013-11-13 12:36:06 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-11-13 12:36:06 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-11-13 12:36:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-11-13 12:36:06 ----A---- C:\Windows\system32\drivers\cng.sys
2013-11-13 12:36:05 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-11-13 12:36:05 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-11-13 12:36:05 ----A---- C:\Windows\system32\sspicli.dll
2013-11-13 12:36:05 ----A---- C:\Windows\system32\secur32.dll
2013-11-13 12:36:05 ----A---- C:\Windows\system32\ncrypt.dll
2013-11-13 12:36:05 ----A---- C:\Windows\system32\lsass.exe
2013-11-13 12:36:05 ----A---- C:\Windows\system32\lsasrv.dll
2013-11-13 12:36:04 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-11-13 12:36:04 ----A---- C:\Windows\system32\sspisrv.dll
2013-11-13 12:35:57 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-11-13 12:35:57 ----A---- C:\Windows\system32\gdi32.dll
2013-11-13 12:35:55 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-13 12:35:54 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-11-13 12:35:54 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-11-13 12:35:54 ----A---- C:\Windows\system32\nshwfp.dll
2013-11-13 12:35:54 ----A---- C:\Windows\system32\FWPUCLNT.DLL

======List of files/folders modified in the last 1 month======

2013-12-12 20:49:44 ----D---- C:\Program Files\trend micro
2013-12-12 20:49:39 ----D---- C:\Windows\winsxs
2013-12-12 20:49:38 ----D---- C:\Windows\temp
2013-12-12 20:49:04 ----SHD---- C:\Windows\Installer
2013-12-12 20:48:50 ----D---- C:\ProgramData\Microsoft Help
2013-12-12 20:45:19 ----D---- C:\Windows\system32\MRT
2013-12-12 20:45:17 ----D---- C:\Windows\debug
2013-12-12 20:45:14 ----A---- C:\Windows\system32\MRT.exe
2013-12-12 20:43:38 ----D---- C:\Windows\SysWOW64
2013-12-12 20:43:36 ----D---- C:\Windows\System32
2013-12-12 20:43:16 ----SHD---- C:\System Volume Information
2013-12-12 20:42:14 ----D---- C:\Windows\system32\config
2013-12-12 15:46:19 ----D---- C:\Windows\system32\drivers
2013-12-12 15:41:07 ----D---- C:\Program Files (x86)
2013-12-11 21:12:59 ----D---- C:\Windows
2013-12-11 21:09:55 ----D---- C:\Program Files (x86)\Grand Theft Auto IV - Episodes From Liberty City
2013-12-11 19:25:52 ----HD---- C:\ProgramData
2013-12-11 19:23:18 ----D---- C:\Windows\Prefetch
2013-12-11 19:20:35 ----D---- C:\ProgramData\ICQ
2013-12-11 18:48:15 ----D---- C:\Program Files
2013-12-11 18:46:49 ----D---- C:\Program Files (x86)\Adobe
2013-12-11 18:45:19 ----RSD---- C:\Windows\assembly
2013-12-11 18:45:16 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2013-12-11 18:41:59 ----D---- C:\Program Files (x86)\Google
2013-12-11 18:40:31 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2
2013-12-11 18:39:51 ----D---- C:\Users\Ladivojna\AppData\Roaming\uTorrent
2013-12-11 18:39:51 ----D---- C:\Users\Ladivojna\AppData\Roaming\DAEMON Tools Pro
2013-12-11 18:39:51 ----D---- C:\Program Files (x86)\Steam
2013-12-11 18:39:36 ----D---- C:\Windows\ModemLogs
2013-12-11 18:39:36 ----D---- C:\Windows\Logs
2013-12-11 18:39:36 ----D---- C:\Windows\inf
2013-12-11 18:35:11 ----D---- C:\Program Files (x86)\EA Sports
2013-12-11 14:24:27 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-11 14:11:52 ----D---- C:\Users\Ladivojna\AppData\Roaming\ICQ
2013-12-11 13:29:04 ----D---- C:\Windows\system32\catroot
2013-12-11 13:29:01 ----D---- C:\Windows\system32\catroot2
2013-12-10 20:14:39 ----D---- C:\Program Files\CCleaner
2013-12-08 01:10:23 ----D---- C:\ProgramData\Electronic Arts
2013-12-08 01:09:02 ----D---- C:\Program Files (x86)\Origin
2013-12-07 22:46:03 ----D---- C:\Games
2013-12-04 17:31:08 ----D---- C:\Program Files (x86)\Electronic Arts
2013-11-30 14:56:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-26 14:57:36 ----D---- C:\Windows\rescache
2013-11-22 22:56:59 ----D---- C:\ProgramData\Package Cache
2013-11-22 22:54:35 ----D---- C:\Windows\SYSWOW64\directx
2013-11-22 22:54:11 ----HD---- C:\Windows\msdownld.tmp
2013-11-20 22:01:45 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-11-14 14:58:46 ----D---- C:\Users\Ladivojna\AppData\Roaming\Media Player Classic
2013-11-14 14:58:40 ----D---- C:\Windows\Panther
2013-11-13 17:27:20 ----D---- C:\ProgramData\Catalyst
2013-11-13 16:29:46 ----D---- C:\Windows\system32\DriverStore
2013-11-13 16:09:17 ----D---- C:\Program Files (x86)\Internet Explorer
2013-11-13 16:09:16 ----D---- C:\Program Files\Internet Explorer
2013-11-13 16:09:15 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-11-13 16:09:15 ----D---- C:\Windows\system32\cs-CZ
2013-11-13 13:47:54 ----D---- C:\Program Files (x86)\Real
2013-11-13 13:47:42 ----D---- C:\Program Files (x86)\Common Files
2013-11-13 13:47:41 ----D---- C:\ProgramData\Real
2013-11-13 13:47:39 ----D---- C:\Users\Ladivojna\AppData\Roaming\Real
2013-11-13 13:25:07 ----D---- C:\Users\Ladivojna\AppData\Roaming\2K Sports
2013-11-13 12:51:40 ----D---- C:\Program Files (x86)\2K Sports

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 40816]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 acedrv10;acedrv10; \??\C:\Windows\system32\drivers\acedrv10.sys [2013-07-31 276480]
R2 acehlp10;acehlp10; \??\C:\Windows\system32\drivers\acehlp10.sys [2013-07-31 246360]
R2 AODDriver4.01;AODDriver4.01; \??\c:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-07-04 70984]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2009-06-10 17024]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-08 9884672]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-07-08 307712]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-05-25 243760]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-11-19 2978296]
R3 CAXHWAZL;CAXHWAZL; C:\Windows\system32\DRIVERS\CAXHWAZL.sys [2009-02-13 292864]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-18 283200]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys [2009-02-13 1485824]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-06 1974944]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-20 317480]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\CAX_CNXT.sys [2009-02-13 740864]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2008-01-02 145024]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-08 9884672]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-12-15 53800]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-16 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-01-16 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-16 21288]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2010-02-03 113280]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2007-09-05 203328]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-02 225280]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-07-08 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-10-25 361984]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-07-04 384840]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-01-13 873248]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 MsDepSvc;Web Deployment Agent Service; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2011-04-01 67400]
R2 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-02-01 305520]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-09 250368]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-07-04 393032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-28 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-28 136176]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-09-24 419624]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-30 1255736]
S4 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]

-----------------EOF-----------------
Obrázek

Uživatelský avatar
Flack007
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 93
Registrován: 14 črc 2010 13:10

Re: Jenom preventivně

#17 Příspěvek od Flack007 »

Obrázek

Uživatelský avatar
Flack007
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 93
Registrován: 14 črc 2010 13:10

Re: Jenom preventivně

#18 Příspěvek od Flack007 »

OTL Extras logfile created on: 12/12/2013 8:55:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ladivojna\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4.00 Gb Total Physical Memory | 1.46 Gb Available Physical Memory | 36.63% Memory free
8.00 Gb Paging File | 5.35 Gb Available in Paging File | 66.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.97 Gb Total Space | 251.59 Gb Free Space | 55.54% Space Free | Partition Type: NTFS

Computer Name: LADIVOJNA-PC | User Name: Ladivojna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3501040063-1355053042-2835894162-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\Ladivojna\AppData\Roaming\plugin-container.exe" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager
"C:\Users\Ladivojna\AppData\Roaming\plugin-container.exe" = c:\windows\csrss.exe:*:Enabled:Windows System Devices Manager


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12ED1B0A-DE8B-40B7-B9BC-78CE63D7646C}" = lport=139 | protocol=6 | dir=in | app=system |
"{1E0772F1-6502-4789-91E6-3C1F57B713E7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{39095C66-E556-496C-A76B-D4F3E50E00A2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3A80CABE-B01B-46D9-BFE8-6F03B651D0D9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4342B699-8C5A-4A34-A3E5-9E004F2ECE43}" = lport=138 | protocol=17 | dir=in | app=system |
"{4691329C-C403-41C1-9766-9365904E4599}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{50F08C40-BA6E-4537-9092-1ED03950B796}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{53149406-8BFC-41CA-BFAE-17459CA1100F}" = rport=137 | protocol=17 | dir=out | app=system |
"{554C9FA7-CB0A-4DF0-820B-F4DA93B0CFE3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5AC48C04-8978-41A5-A24B-59D840DCF9B7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5AFA1B05-FC6E-45D0-B059-AA7466D18C0D}" = rport=445 | protocol=6 | dir=out | app=system |
"{5ED1B01B-C95B-4D08-90A5-0E410C4CE6A0}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6A58A5EB-AF36-45A0-A1C7-53769344D5C9}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{738DA592-88E6-4DC0-BB39-C261F9B68AC6}" = lport=137 | protocol=17 | dir=in | app=system |
"{7AB79C50-FC6E-44B4-9FA0-53C3F0884D0B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{83E2A54C-9199-41E7-9F7B-ACB08DA790A1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{85159BC9-B173-4AED-95A4-285E5D56419F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{90A66343-3BD6-4289-83E2-0394FA2A42D0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{90D3B61A-A04F-4B2E-BF20-C22929621652}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{94A65E99-1954-4F62-B8C2-E0749BA988B5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9F6CD78C-56C4-4AC9-A123-ECA42531FA46}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A36579D0-379E-407E-80C0-56313E2316FB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B607F33D-8B96-4543-B60D-BD9CC10D082C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B7B2DF7C-DF02-49A0-B56F-AA7C24C17EB6}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C1119C0F-98BD-45FF-B7B9-2B27B1886A3E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C5B07F44-1269-4E99-BD66-3110AA5AA62C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D2491659-87E7-4E86-89D1-36F1515AC150}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D4001844-520E-4007-808D-C80B736B4892}" = rport=138 | protocol=17 | dir=out | app=system |
"{E5046F87-0BDA-4D86-9E49-65CB2482EAE2}" = rport=139 | protocol=6 | dir=out | app=system |
"{E8098FC5-647E-4256-A268-79C6437AD0A6}" = lport=445 | protocol=6 | dir=in | app=system |
"{F28780A9-3044-4771-B17B-4E089A21FC2F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{F669B64C-52BB-4313-BD61-187AEFACAD43}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{051C4810-085F-4D9E-9DED-DBA4C6CCEAED}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0913CEB0-02F4-47A3-ADFA-74CCFEDA9593}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{12D0D72B-159B-4CBA-BB33-8A09017182EA}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe |
"{195BCAF0-A4E8-47BC-BF67-57F827EA397C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{21D1A02D-2367-4948-A91D-AA0933B24262}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe |
"{2597AB79-DA27-44A4-959D-E350C11BFB45}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{288A7003-EC00-4846-B115-94323B1AA3D4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2992B928-B13B-4853-A103-F419161CA8EC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2B9784F1-BE28-4C8E-8A15-067BC697B6FB}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{31258789-38E5-48F6-8CB9-F9345B18BB8D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{3278E44F-B8C5-425E-BC40-23F036733E56}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3ACE003E-4B1E-4966-A8CF-055B9D05E523}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{43870A7C-D14F-4BD2-B4DB-88035440BB76}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{4E1CD3BA-A007-42AA-93AA-A0F651608977}" = protocol=6 | dir=out | app=system |
"{4F06F209-AF92-4873-B5D5-C336C796FF7C}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{5278D9EC-0B9F-4F5A-B1D1-8111CB3186D6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{539042EA-2381-4217-9F60-F59426877D6B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{54D731DA-5213-4685-A9A1-3B55AD4A7171}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{5A8E4EBB-C537-43C8-A064-4827E5992B65}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{5B47A856-6C00-447A-84B4-29E254E1B1C0}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{6B53DD3C-17ED-4599-BFF0-D01EC2F608FB}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6E93C873-7BD0-42E5-BE60-71AECF9BA038}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{73B7B742-9F0B-4CD9-996E-6B5D95818BEC}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{7A2F674B-A180-4455-A385-DBC72D9A81FA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{7B2EF70F-8C22-42C0-999F-C29A294862BF}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{82326D85-0165-4DD1-8694-2F5147667D70}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{833F0B4F-C8D8-4D07-840B-FFF4891A7434}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{83BBBC94-EC0A-4D52-925A-690584325475}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85FBE40B-2ECA-4252-A802-831A5C6327FA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8664F67F-A731-4865-9705-92531FA7BE06}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{8B30F9B1-4A34-4AE0-888B-651CC8AA71AE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9E07A724-DDBE-4578-A950-58B17D95FDEA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9F2524FB-C204-48C0-A57B-A25048457EF3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A570387E-8F4F-4518-B95B-FC2EF218FFB2}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B0A95F74-F539-455D-A601-7F5CB997D6FA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B7B77315-1ED9-4A12-81DD-DD15CFB1A126}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B82F0F10-1499-40AF-B44F-769D92173780}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C1A282C7-C4F7-4F80-92E7-6C10D0578095}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C89756D5-15DA-4460-A207-1BD7F23F937F}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{CA30F661-585E-4DC3-8CC5-304932CD8E63}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CCB71E23-A379-4B8C-A44F-C3DB0556B0A8}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{CF8C40B7-149D-4940-9FD0-00A5438D857A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{D0555624-DC12-48BB-A09E-A079527B6429}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D06D736E-5D49-4822-ADB1-A0D191A67007}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D40499FB-CA15-49E1-8CD5-ACFB647CAE52}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{D55F8A0E-C4D4-4255-BFB8-76087CC302B8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D604774F-084E-4914-8A4F-CC5F71ED9918}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D8139A70-81A7-444A-A950-4D9611F348C1}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{DA199628-DB55-4DE8-B6F8-BD374CDF5B46}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DF2BE056-E66C-47D5-97AD-D49069BAE3F7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E55C876E-DF2A-4A26-9BE1-BC81710E22D5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E9A44C49-1D9D-44FB-A3E9-B9F6A053F994}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{FA00C9B4-F26A-4A33-8F14-9F103D8CE134}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{FB5C6102-7320-49F2-A5B0-945BE2B927CE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{FDF1B474-B47E-40A5-9D71-64096F3E5D33}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{FEC5CA39-9069-48C9-8ABC-84B0641E0055}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{360CC74C-B5A7-47E5-BE31-3A66917336C1}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{47F4D56B-EAFE-4C18-8541-5DA390137BEF}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0BD776F3-057D-4C11-020C-4FA9B13D04F9}" = AMD Catalyst Install Manager
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{463FB535-67FB-17C9-6FD6-164BC60462F6}" = ccc-utility64
"{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}" = Microsoft SQL Server 2008 R2 Native Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BE9F0B8-FF3D-5CAA-9BF2-CB6F3DF75D3B}" = ccc-utility64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5134B35A-B559-4762-94A4-FD4918977953}" = Microsoft Web Deploy 2.0
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67303AC9-A9BA-E413-0001-AAC1C812947C}" = AMD Fuel
"{69FDD045-DA24-CA41-8FD2-6B3A91F4EDEE}" = AMD Fuel
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B1920A83-25A3-4DBB-B1F5-2395BD05370E}" = ESET Smart Security
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C9F697B9-FAC8-4B76-9D3D-40FA3BFA4F9E}" = Microsoft SQL Server System CLR Types (x64)
"{E016AA48-A21B-4728-9BD0-E3AAE23BEE5F}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{F0D50B6D-925D-D70A-DB07-1FB44C611789}" = AMD Media Foundation Decoders
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"769F36EB73566E376559B9A2BD74718E72BD4735" = Balíček ovladače systému Windows - AnyDATA Corporation (adusbser) Ports (12/31/2007 2.0.4.0)
"CCleaner" = CCleaner
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"D46E6E09C9DFBE4319FE07FC4F249DA42CC26BF9" = Balíček ovladače systému Windows - AnyDATA Corporation (adusbser) Modem (12/31/2007 2.0.4.0)
"Defraggler" = Defraggler
"DFEA59689C004DFD0378309F3A583EA32D78A1B3" = Windows Driver Package - Broadcom Bluetooth (01/06/2010 6.2.0.9416)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"WinRAR archiver" = WinRAR 4.11 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0CB3C535-1171-4A20-B549-E2CB5DEB9723}" = MySQL Connector/ODBC 3.51
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1BF82343-8EE6-8B76-90CF-31059B9D1842}" = CCC Help English
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{2FDD487C-A777-4BB5-BD23-56BECE1FF099}" = Windows Live Movie Maker
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{347151C4-7F16-B275-8865-CC6B64056D3F}" = Catalyst Control Center Graphics Previews Common
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = The Sims™ 3 Showtime
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = The Sims™ 3 Roční období
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{40284D5A-EF61-4937-92CD-B7CB20C4C87B}" = Windows Live Fotogalerie
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po setmění
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62AEBBB6-8314-7902-B3DA-1690F97DFA74}" = CCC Help English
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{70C3CC75-9E14-D215-8FAD-5ABEAE3125D9}" = AMD VISION Engine Control Center
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{74C85607-9668-4F88-B1D5-244889192DFC}" = BlueStacks Notification Center
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0405-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Czech) 2007
"{90120000-0017-0405-0000-0000000FF1CE}_OMUI.cs-cz_{13E6D9FD-5FE8-43A6-9874-515A50909DEF}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}_OMUI.cs-cz_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.cs-cz_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.cs-cz_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}_OMUI.cs-cz_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_OMUI.cs-cz_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}_OMUI.cs-cz_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0405-0000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2007
"{90120000-0100-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0405-0000-0000000FF1CE}" = Microsoft Office X MUI (Czech) 2007
"{90120000-0101-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Povolání snů
"{95120000-00AF-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Czech)
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{99D7DE4C-2775-4B16-B155-7F09AE939E8E}" = Microsoft Works
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9AB97F52-512B-43EF-AAEC-4825C17B32ED}" = EA.com Update
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A90C03D6-08E1-4C59-B93B-6919A6C0AC19}" = TSP_CODEC
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1" = Acer GameZone Console
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = The Sims™ 3 Obludárium
"{C01AE05C-3C8C-75B3-C9F0-1B525DD3697C}" = Catalyst Control Center InstallProxy
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Domácí mazlíčci
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE6557BF-FA56-4C95-91E3-B8C641679DF0}" = Windows Live Messenger
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.9 Game
"{D4C3DAFC-2F7A-E7A9-89D1-70E53F44D231}" = Catalyst Control Center InstallProxy
"{D96B6543-A0C0-4351-AF96-73DEF1DD6820}" = NBA 2K13
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E9A1960E-7756-2299-C700-DC7CA6EDD6E4}" = Catalyst Control Center InstallProxy
"{E9D98510-A8B6-E39C-B8BA-BA9A511E040C}" = Catalyst Control Center Graphics Previews Common
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}" = The Sims™ 3 Studentský život
"{F2B5A2A7-2DF9-4361-8BD5-362714528B51}" = NHL® 09
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F865B0B5-0D43-2704-0B22-35C5F721374B}" = AMD VISION Engine Control Center
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Altap Salamander 2.54" = Altap Salamander 2.54
"Assassins Creed IV Black Flag_is1" = Assassins Creed IV Black Flag version 1.0.0.0
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BlueStacks App Player" = BlueStacks App Player
"DAEMON Tools Pro" = DAEMON Tools Pro
"EAX Unified" = EAX Unified
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FIFA 12 (c) EA_is1" = FIFA 12 (c) EA version 1
"Google Chrome" = Google Chrome
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.9.0
"LManager" = Launch Manager
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"OMUI.cs-cz" = Microsoft Office Language Pack 2007 - Czech/èeština
"OpenAL" = OpenAL
"Origin" = Origin
"Picasa 3" = Picasa 3
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"Ufonuv Internet" = Ufonuv Internet
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.11
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3501040063-1355053042-2835894162-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre Studio X" = PhotoFiltre Studio X
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/18/2013 8:09:44 AM | Computer Name = Ladivojna-PC | Source = Application Hang | ID = 1002
Description = Program NASCAR_Thunder_2004.exe verze 1.0.0.2 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: e4c Čas spuštění: 01cee4520c57973b Čas ukončení: 14 Cesta k aplikaci: C:\Program
Files (x86)\EA Sports\NASCAR Thunder TM 2004\NASCAR_Thunder_2004.exe ID hlášení:


Error - 11/18/2013 8:15:54 AM | Computer Name = Ladivojna-PC | Source = Application Hang | ID = 1002
Description = Program NASCAR_Thunder_2004.exe verze 1.0.0.2 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 1794 Čas spuštění: 01cee457146f4523 Čas ukončení: 30 Cesta k aplikaci: C:\Program
Files (x86)\EA Sports\NASCAR Thunder TM 2004\NASCAR_Thunder_2004.exe ID hlášení:


Error - 11/18/2013 8:56:24 AM | Computer Name = Ladivojna-PC | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error - 11/18/2013 2:30:00 PM | Computer Name = Ladivojna-PC | Source = Application Hang | ID = 1002
Description = Program NASCAR_Thunder_2004.exe verze 1.0.0.2 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 378 Čas spuštění: 01cee46c651bba83 Čas ukončení: 20 Cesta k aplikaci: C:\Program
Files (x86)\EA Sports\NASCAR Thunder TM 2004\NASCAR_Thunder_2004.exe ID hlášení:


Error - 11/18/2013 3:21:58 PM | Computer Name = Ladivojna-PC | Source = Application Hang | ID = 1002
Description = Program NASCAR_Thunder_2004.exe verze 1.0.0.2 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 1220 Čas spuštění: 01cee48d9d807257 Čas ukončení: 20 Cesta k aplikaci: C:\Program
Files (x86)\EA Sports\NASCAR Thunder TM 2004\NASCAR_Thunder_2004.exe ID hlášení:


Error - 11/19/2013 8:10:05 AM | Computer Name = Ladivojna-PC | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error - 11/25/2013 6:25:01 PM | Computer Name = Ladivojna-PC | Source = Application Hang | ID = 1002
Description = Program TS3W.exe verze 0.2.0.188 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
17a4 Čas spuštění: 01ceea24e56080e2 Čas ukončení: 193 Cesta k aplikaci: C:\Program
Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3W.exe ID hlášení:

Error - 11/27/2013 4:57:23 PM | Computer Name = Ladivojna-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: NASCAR_Thunder_2004.exe, verze: 1.0.0.2,
časové razítko: 0x3f46987d Název chybujícího modulu: NASCAR_Thunder_2004.exe, verze:
1.0.0.2, časové razítko: 0x3f46987d Kód výjimky: 0xc0000005 Posun chyby: 0x001a18de
ID
chybujícího procesu: 0xa4c Čas spuštění chybující aplikace: 0x01ceebb29a320df8 Cesta
k chybující aplikaci: C:\Program Files (x86)\EA Sports\NASCAR Thunder TM 2004\NASCAR_Thunder_2004.exe
Cesta
k chybujícímu modulu: C:\Program Files (x86)\EA Sports\NASCAR Thunder TM 2004\NASCAR_Thunder_2004.exe
ID
zprávy: 82f03351-57a6-11e3-b261-00262d98a80f

Error - 11/28/2013 4:21:29 PM | Computer Name = Ladivojna-PC | Source = RasClient | ID = 20227
Description =

Error - 12/7/2013 6:07:40 PM | Computer Name = Ladivojna-PC | Source = BstHdAndroidSvc | ID = 0
Description = Službu nelze spustit. System.ApplicationException: Cannot start service.
Service did not stop gracefully the last time it was run. v BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error - 12/7/2013 7:18:22 PM | Computer Name = Ladivojna-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: fifa14-3dm.exe, verze: 1.2.0.0, časové razítko:
0x03f40040 Název chybujícího modulu: fifa14-3dm.exe, verze: 1.2.0.0, časové razítko:
0x03f40040 Kód výjimky: 0xc0000005 Posun chyby: 0x03473fe6 ID chybujícího procesu:
0xea0 Čas spuštění chybující aplikace: 0x01cef3a26ae90815 Cesta k chybující aplikaci:
C:\Games\FIFA 14\Game\fifa14-3dm.exe Cesta k chybujícímu modulu: C:\Games\FIFA 14\Game\fifa14-3dm.exe
ID
zprávy: dd4d95db-5f95-11e3-9d96-00262d98a80f

[ System Events ]
Error - 12/11/2013 4:12:15 PM | Computer Name = Ladivojna-PC | Source = DCOM | ID = 10005
Description =

Error - 12/11/2013 4:12:15 PM | Computer Name = Ladivojna-PC | Source = Service Control Manager | ID = 7038
Description = Služba upnphost se nemohla přihlásit jako NT AUTHORITY\LocalService
s aktuálně konfigurovaným heslem z důvodu následující chyby: %%1352 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 12/11/2013 4:12:15 PM | Computer Name = Ladivojna-PC | Source = Service Control Manager | ID = 7000
Description = Služba Hostitel zařízení UPnP neuspěla při spuštění v důsledku následující
chyby: %%1069

Error - 12/11/2013 4:13:29 PM | Computer Name = Ladivojna-PC | Source = Service Control Manager | ID = 7023
Description = Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064

Error - 12/11/2013 4:14:06 PM | Computer Name = Ladivojna-PC | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.

Error - 12/12/2013 10:38:42 AM | Computer Name = Ladivojna-PC | Source = DCOM | ID = 10010
Description =

Error - 12/12/2013 10:40:03 AM | Computer Name = Ladivojna-PC | Source = Service Control Manager | ID = 7023
Description = Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064

Error - 12/12/2013 10:41:05 AM | Computer Name = Ladivojna-PC | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.

Error - 12/12/2013 3:52:27 PM | Computer Name = Ladivojna-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 12/12/2013 3:52:27 PM | Computer Name = Ladivojna-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053


< End of report >
Obrázek

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Jenom preventivně

#19 Příspěvek od Márty84 »

Tech cracku je tam nejak moc, ne? :arcisit:


:!: Vypnete antivir, at nebrani programu v praci!
:arrow: Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
gupdate
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem
gusvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:otl
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\.DEFAULT\..\URLSearchHook:  - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-3501040063-1355053042-2835894162-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://fr.msn.com/
IE - HKU\S-1-5-21-3501040063-1355053042-2835894162-1000\..\SearchScopes\${searchCLSID}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3501040063-1355053042-2835894162-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3501040063-1355053042-2835894162-1000\..\SearchScopes\{71843D5F-4FC0-41B2-AB44-21833D08C11B}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=382950&p={searchTerms}
IE - HKU\S-1-5-21-3501040063-1355053042-2835894162-1000\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
[2012/05/05 11:04:55 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Ladivojna\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[1 C:\Users\Ladivojna\Desktop\*.tmp files -> C:\Users\Ladivojna\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[52 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[89 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[11 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\03E28848D22A0CD38EB5C956AD74F164\*.tmp files -> C:\Windows\SoftwareDistribution\Download\03E28848D22A0CD38EB5C956AD74F164\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2CCC56291FF811A24583012465E65B3B\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2CCC56291FF811A24583012465E65B3B\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\6CFD6C69FABC14DC6659C83354800A5E\*.tmp files -> C:\Windows\SoftwareDistribution\Download\6CFD6C69FABC14DC6659C83354800A5E\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\D1933581BD0C37A44F64F7D3D008F302\*.tmp files -> C:\Windows\SoftwareDistribution\Download\D1933581BD0C37A44F64F7D3D008F302\*.tmp -> ]
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[5 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[6 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\1157840481] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:7c41c8392e8ce54cb45a94e3db2339ba] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ladivojna^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk] /64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"SunJavaUpdateSched"=-
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Ladivojna\AppData\Roaming\plugin-container.exe"=-
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Uživatelský avatar
Flack007
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 93
Registrován: 14 črc 2010 13:10

Re: Jenom preventivně

#20 Příspěvek od Flack007 »

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Ladivojna
->Temp folder emptied: 10001813 bytes
->Temporary Internet Files folder emptied: 535 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 402558269 bytes
->Flash cache emptied: 57006 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 17489 bytes
%systemroot%\System32 .tmp files removed: 4039416 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5532423 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50635 bytes
RecycleBin emptied: 26175297246 bytes

Total Files Cleaned = 25,365.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Ladivojna
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search bar| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKU\S-1-5-21-3501040063-1355053042-2835894162-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Restore| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3501040063-1355053042-2835894162-1000\Software\Microsoft\Internet Explorer\SearchScopes\{searchCLSID}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchCLSID}\ not found.
Registry key HKEY_USERS\S-1-5-21-3501040063-1355053042-2835894162-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3501040063-1355053042-2835894162-1000\Software\Microsoft\Internet Explorer\SearchScopes\{71843D5F-4FC0-41B2-AB44-21833D08C11B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71843D5F-4FC0-41B2-AB44-21833D08C11B}\ not found.
Registry key HKEY_USERS\S-1-5-21-3501040063-1355053042-2835894162-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Users\Ladivojna\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\searchplugin folder moved successfully.
C:\Users\Ladivojna\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\modules folder moved successfully.
C:\Users\Ladivojna\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\META-INF folder moved successfully.
C:\Users\Ladivojna\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\defaults folder moved successfully.
C:\Users\Ladivojna\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\components folder moved successfully.
C:\Users\Ladivojna\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\chrome folder moved successfully.
C:\Users\Ladivojna\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} folder moved successfully.
File C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
C:\Users\Ladivojna\Desktop\~WRL0003.tmp deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP138F.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13BE.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19D6.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D18.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP31E8.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP337E.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3754.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP385E.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP398.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3A80.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3BB8.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3EE3.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP426C.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP44BC.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4549.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP45B6.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP45E5.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP46EE.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4910.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4C2C.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4EA3.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4EF9.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5169.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5AEB.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6A4.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6B4F.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6D0.tmp\HD-Agent.exe deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6D0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6DD5.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7425.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP75CB.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7AF9.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8E1B.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9A97.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA26D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBB64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBCA4.tmp\System.Web.Extensions.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBCA4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBF77.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC698.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC82E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCCC0.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD0A6.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD548.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD98C.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDF5F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE455.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE86A.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEDB8.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF018.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF2C6.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF630.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF9E8.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP112F.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1267.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP139F.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP15E0.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1728.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1785.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP186.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1DCB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2092.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP249F.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP24BF.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2521.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2AB8.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2C6C.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2EBD.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP30EF.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP33CC.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3523.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP35BF.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3764.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP43D3.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP44CC.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP474C.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP476B.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4E00.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4EF.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4EF9.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4F47.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5032.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP50F.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP532E.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP532F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP557F.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5B68.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5C13.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5C90.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5DA9.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5F9.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6612.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6A36.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP70DB.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7D0B.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8027.tmp\System.Data.OracleClient.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8027.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP80C3.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9443.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP978D.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA69C.tmp\mscorlib.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA69C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA746.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA8DC.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA8EB.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAB5B.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPACB2.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB9BD.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBB91.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBCC9.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC828.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCBA1.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCC43.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCD0E.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCEDC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD2C9.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD3A4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD401.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD48.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD5C5.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDA3E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDD15.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDD5.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE149.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE204.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE35E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE658.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE88A.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE945.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEA5E.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEEFF.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEFCA.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF0D3.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF1EC.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF372.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF556.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF611.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF91D.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFBD4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFD91.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFE5A.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPFE6A.tmp folder deleted successfully.
C:\Windows\Installer\MSI2778.tmp deleted successfully.
C:\Windows\Installer\MSI2C05.TMP deleted successfully.
C:\Windows\Installer\MSI3717.tmp deleted successfully.
C:\Windows\Installer\MSI41E1.tmp deleted successfully.
C:\Windows\Installer\MSI4F5F.tmp deleted successfully.
C:\Windows\Installer\MSI71E8.tmp deleted successfully.
C:\Windows\Installer\MSI976F.tmp deleted successfully.
C:\Windows\Installer\MSIB6A2.tmp deleted successfully.
C:\Windows\Installer\MSIBBE5.tmp deleted successfully.
C:\Windows\Installer\MSIF0E7.tmp deleted successfully.
C:\Windows\Installer\MSIFE0B.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt404B.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltF0D.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\03E28848D22A0CD38EB5C956AD74F164\$DPX$.TMP folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\2CCC56291FF811A24583012465E65B3B\$DPX$.TMP folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\6CFD6C69FABC14DC6659C83354800A5E\$DPX$.TMP folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\D1933581BD0C37A44F64F7D3D008F302\$DPX$.TMP folder deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\1157840481\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:7c41c8392e8ce54cb45a94e3db2339ba\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ladivojna^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Users\Ladivojna\AppData\Roaming\plugin-container.exe deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 12132013_234356

Files\Folders moved on Reboot...
C:\Users\Ladivojna\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Ladivojna\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Obrázek

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Jenom preventivně

#21 Příspěvek od Márty84 »

:!: Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

:arrow:
vyosek píše: :arrow: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

:arrow: Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

:arrow: Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

:arrow: Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pak napiste, jak je na tom pc.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Uživatelský avatar
Flack007
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 93
Registrován: 14 črc 2010 13:10

Re: Jenom preventivně

#22 Příspěvek od Flack007 »

Defragmentace bude na dýl(62 GB? :?:), ale před ní je počítač i tak rychlejší, zmizelo plno nechtěných souborů. Odinstalovala jsem některé programy a tak přidala snad místo, až se dokončí defragmentace ještě napíšu :)
Obrázek

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Jenom preventivně

#23 Příspěvek od Márty84 »

OK :) Jinak mista mate dost, takze kvuli mistu odinstalovavat nemusite :wink:
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Uživatelský avatar
Flack007
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 93
Registrován: 14 črc 2010 13:10

Re: Jenom preventivně

#24 Příspěvek od Flack007 »

Tak defragmentace trvala fakt dlouho, jak jsem čekala. Počítač je mnohem rychlejší, rychleji se zapíná/vypíná, načítá programy a více poslouchá na slovo :D

Děkuji vám :oops:
Obrázek

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Jenom preventivně

#25 Příspěvek od Márty84 »

Asi se dlouho nedelala, nebo hodne presouvate data :)

Pokud je tedy vse v poradku, mame hotovo a muzem to uzavrit. Jestli je to sice rychlejsi, ale k normalu jeste neco chybi, pisnete mail (v podpisu), znovu tema otevru a mrkneme jeste hloubeji.

A neni vubec zac! :wink:

Mejte se krasne a treba zase nekdy :bye:

:closed:
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Zamčeno