Prosím o preventivku

Zpráva

JohnnieM · #1 Příspěvek od **JohnnieM** » 02 zář 2012 08:16

Ahoj prosím o preventivní zkontrolování logu. Pc občas laguje i když není spuštěná/ý žádný program který by využíval internet.
tu je log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2012-09-02 09:15:49
Microsoft Windows 7 Ultimate
System drive C: has 111 GB (36%) free of 305 GB
Total RAM: 8191 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:15:52, on 2.9.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\GIGABYTE FORCE\GIGABYTE FORCE.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
C:\Program Files (x86)\Altap Salamander 2.5\salamand.exe
C:\Program Files\trend micro\Jirka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GMouse] "C:\GIGABYTE FORCE\GIGABYTE FORCE.EXE" /hide
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3636547274-2444135525-1829590436-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3636547274-2444135525-1829590436-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9914 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Saitek\SD6\Software\ProfilerU.exe"
"C:\Program Files\Saitek\SD6\Software\SaiMfd.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\GIGABYTE FORCE\GIGABYTE FORCE.exe" /hide
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"taskhost.exe"
C:\Windows\system32\AUDIODG.EXE 0xa04
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4704.5d9e210.737912499 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 4704 "\\.\pipe\gecko-crash-server-pipe.4704" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe" --proxy-stub-channel=Flash3568.69ADA168.41 --host-broker-channel=Flash3568.69ADA168.18467 --host-pid=3568 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe" --channel=4220.0022F824.365760880 --proxy-stub-channel=Flash3568.69ADA168.41 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files (x86)\Altap Salamander 2.5\salamand.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Jirka\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\8l4rplm1.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.271 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.271 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-01 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-01 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"AutoKMS"=C:\Windows\AutoKMS.exe [2012-06-17 615936]
"SaiVolume"=C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe [2008-01-18 186880]
"ProfilerU"=C:\Program Files\Saitek\SD6\Software\ProfilerU.exe [2010-07-29 310272]
"SaiMfd"=C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [2010-07-29 158208]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-08-29 1996200]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-10-28 2763776]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"GMouse"=C:\GIGABYTE FORCE\GIGABYTE FORCE.EXE [2011-11-08 667648]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-08-29 1996200]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-09-02 09:12:13 ----D---- C:\rsit
2012-09-02 09:12:13 ----D---- C:\Program Files\trend micro
2012-09-01 13:49:28 ----N---- C:\Windows\KMSEmulator.exe
2012-09-01 13:49:15 ----A---- C:\Windows\AutoKMS.tmp
2012-09-01 13:44:15 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-09-01 13:44:06 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-09-01 13:44:06 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-09-01 13:44:06 ----A---- C:\Windows\SYSWOW64\java.exe
2012-09-01 13:43:59 ----D---- C:\Program Files (x86)\Java
2012-08-26 11:26:29 ----D---- C:\Users\Jirka\AppData\Roaming\Play withSIX
2012-08-25 17:31:59 ----D---- C:\ProgramData\Sony
2012-08-25 17:31:56 ----D---- C:\Users\Jirka\AppData\Roaming\Publish Providers
2012-08-25 17:24:32 ----D---- C:\Program Files\Sony
2012-08-25 17:24:32 ----D---- C:\Program Files (x86)\Sony
2012-08-20 19:53:44 ----D---- C:\Users\Jirka\AppData\Roaming\six-zsync
2012-08-20 19:52:47 ----D---- C:\Program Files (x86)\SIX Networks
2012-08-20 14:50:43 ----D---- C:\Program Files (x86)\PROTOTYPE 2
2012-08-14 19:02:05 ----D---- C:\Fraps
2012-08-14 18:29:43 ----A---- C:\Windows\system32\drivers\pcouffin.sys
2012-08-14 18:29:43 ----A---- C:\Users\Jirka\AppData\Roaming\pcouffin.sys
2012-08-14 18:29:43 ----A---- C:\Users\Jirka\AppData\Roaming\inst.exe
2012-08-14 18:29:42 ----D---- C:\Users\Jirka\AppData\Roaming\Vso
2012-08-14 18:29:38 ----A---- C:\Windows\SYSWOW64\sipr3260.dll
2012-08-14 18:29:37 ----A---- C:\Windows\SYSWOW64\Pncrt.dll
2012-08-14 18:29:37 ----A---- C:\Windows\SYSWOW64\drv43260.dll
2012-08-14 18:29:37 ----A---- C:\Windows\SYSWOW64\drv33260.dll
2012-08-14 18:29:37 ----A---- C:\Windows\SYSWOW64\drv23260.dll
2012-08-14 18:29:37 ----A---- C:\Windows\SYSWOW64\cook3260.dll
2012-08-14 18:29:36 ----A---- C:\Windows\SYSWOW64\wvc1dmod.dll
2012-08-14 18:29:36 ----A---- C:\Windows\SYSWOW64\vp7vfw.dll
2012-08-14 18:29:35 ----D---- C:\Program Files (x86)\VSO
2012-08-12 11:32:31 ----D---- C:\Users\Jirka\AppData\Roaming\Sony
2012-08-05 17:47:16 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2012-08-05 17:45:25 ----D---- C:\Program Files\Adobe
2012-08-05 17:39:23 ----D---- C:\Program Files\Common Files\Adobe
2012-08-04 12:45:32 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-08-04 12:41:15 ----A---- C:\Windows\Autorun.INI

======List of files/folders modified in the last 1 month======

2012-09-02 09:15:48 ----D---- C:\Windows\Temp
2012-09-02 09:15:27 ----D---- C:\Windows\Prefetch
2012-09-02 09:12:13 ----RD---- C:\Program Files
2012-09-02 09:11:18 ----D---- C:\ProgramData\PMB Files
2012-09-02 09:01:19 ----D---- C:\Steam
2012-09-02 09:00:34 ----D---- C:\Users\Jirka\AppData\Roaming\uTorrent
2012-09-01 21:59:35 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2012-09-01 18:55:20 ----D---- C:\Windows\inf
2012-09-01 17:55:06 ----D---- C:\Windows
2012-09-01 16:34:14 ----D---- C:\Windows\system32\config
2012-09-01 15:45:45 ----D---- C:\Windows\System32
2012-09-01 15:45:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-09-01 13:48:26 ----D---- C:\ProgramData\NVIDIA
2012-09-01 13:44:31 ----SHD---- C:\Windows\Installer
2012-09-01 13:44:30 ----D---- C:\Program Files (x86)\Common Files
2012-09-01 13:44:15 ----D---- C:\Windows\SysWOW64
2012-09-01 13:44:00 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2012-09-01 13:44:00 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-09-01 13:43:59 ----RD---- C:\Program Files (x86)
2012-09-01 13:43:30 ----SHD---- C:\System Volume Information
2012-09-01 13:37:22 ----D---- C:\Windows\system32\Tasks
2012-09-01 13:36:18 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-09-01 13:34:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-08-30 22:04:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-08-27 09:15:06 ----D---- C:\Utorrent
2012-08-25 17:31:59 ----HD---- C:\ProgramData
2012-08-25 13:03:26 ----D---- C:\Users\Jirka\AppData\Roaming\BSplayer PRO
2012-08-24 05:20:58 ----D---- C:\Windows\Panther
2012-08-24 05:20:58 ----D---- C:\Windows\Minidump
2012-08-24 05:20:58 ----D---- C:\Windows\Logs
2012-08-24 05:20:58 ----D---- C:\Windows\debug
2012-08-23 16:39:59 ----D---- C:\ProgramData\TrackMania
2012-08-22 03:25:38 ----D---- C:\Users\Jirka\AppData\Roaming\.minecraft
2012-08-21 12:47:10 ----RSD---- C:\Windows\assembly
2012-08-21 11:12:23 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-08-21 11:12:02 ----A---- C:\Windows\system32\aswBoot.exe
2012-08-18 20:09:28 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2012-08-15 18:01:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-08-14 18:30:06 ----D---- C:\Windows\system32\drivers
2012-08-14 18:30:05 ----D---- C:\Windows\system32\DriverStore
2012-08-14 18:30:05 ----D---- C:\Windows\system32\catroot
2012-08-12 11:32:57 ----D---- C:\Windows\winsxs
2012-08-06 10:04:53 ----D---- C:\Program Files (x86)\Aliens vs. Predator
2012-08-06 06:35:38 ----SD---- C:\Users\Jirka\AppData\Roaming\Microsoft
2012-08-06 06:35:38 ----SD---- C:\ProgramData\Microsoft
2012-08-05 22:24:28 ----D---- C:\Windows\system32\catroot2
2012-08-05 17:53:31 ----D---- C:\Users\Jirka\AppData\Roaming\Adobe
2012-08-05 17:47:17 ----D---- C:\ProgramData\Adobe
2012-08-05 17:45:39 ----D---- C:\Program Files (x86)\Adobe
2012-08-05 17:44:30 ----RSD---- C:\Windows\Fonts
2012-08-05 17:40:21 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-08-05 17:39:23 ----D---- C:\Program Files\Common Files
2012-08-04 14:07:18 ----D---- C:\Windows\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-08-21 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-08-21 969200]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-08-21 359464]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-08-21 59728]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-08-21 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2009-07-30 339744]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-28 28704]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-08-14 82816]
R3 SaiK0728;SaiK0728; C:\Windows\system32\DRIVERS\SaiK0728.sys [2008-02-18 129024]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2010-08-10 22792]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2010-08-10 50056]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-10-21 1270784]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 SaiK0CEA;SaiK0CEA; C:\Windows\system32\DRIVERS\SaiK0CEA.sys [2008-04-04 129024]
S3 SaiU0CEA;SaiU0CEA; C:\Windows\system32\DRIVERS\SaiU0CEA.sys [2008-04-04 34432]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-07-12 8704]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-05-15 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-07-26 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-30 114144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-08-24 529744]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 02 zář 2012 21:51

Zdravim

Mohu mit dotaz, proc si bezny uzivatel kupuje nejvyssi licenci Windows Ultimate, ktera je urcena spise pro velke korporace, kdyz stejne nevyuzije nic vic nez nabizi verze Home Premium

A nebo byla "koupena" nekde na internetu

JohnnieM · #3 Příspěvek od **JohnnieM** » 03 zář 2012 11:28

Vzheldem k tomu ze toto forum na toto téma není, rád vám odpovím. V nejmenované firmě kde pracuji nabízí licence za více než výhodné ceny, tak proč si ji nekoupit a nenechat se omezovat?

#4 Příspěvek od **vyosek** » 03 zář 2012 11:39

Ale licence na Office uz nenabizi ze

Proc jinak by tam byl crack

Toto forum nepodporuje piratsky SW, proto pokud chcete pomoci odinstalujte nelegalni Office a pote dejte nove logy z RSIT (log.txt i info.txt)

#5 Příspěvek od **vyosek** » 15 zář 2012 03:25

Jak to tu vypada

Pokud nebude zde vyvijena nejaka cinnost - bude tema na zaklade Pravidla o zamykani temat

JohnnieM · #6 Příspěvek od **JohnnieM** » 21 zář 2012 17:10

Ahoj, omlouvám se za delší neaktivitu, moc starostí.. zde jsou logy.

ď»żLogfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2012-09-21 18:02:28
Microsoft Windows 7 Ultimate
System drive C: has 101 GB (33%) free of 305 GB
Total RAM: 8191 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:02:32, on 21.9.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\GIGABYTE FORCE\GIGABYTE FORCE.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Jirka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [GMouse] "C:\GIGABYTE FORCE\GIGABYTE FORCE.EXE" /hide
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3636547274-2444135525-1829590436-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3636547274-2444135525-1829590436-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8543 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2c8
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe"
"C:\Program Files\Saitek\SD6\Software\ProfilerU.exe"
"C:\Program Files\Saitek\SD6\Software\SaiMfd.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\GIGABYTE FORCE\GIGABYTE FORCE.exe" /hide
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {D7D14C70-24DB-4AE9-9676-FE52C74D9495}
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Jirka\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\8l4rplm1.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=AdobeÂ® FlashÂ® Player 11.4.402.278 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Javaâ„˘ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=OracleÂ® Next Generation Javaâ„˘ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=AdobeÂ® FlashÂ® Player 11.4.402.278 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-01 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-01 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AutoKMS"=C:\Windows\AutoKMS.exe [2012-06-17 615936]
"SaiVolume"=C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe [2008-01-18 186880]
"ProfilerU"=C:\Program Files\Saitek\SD6\Software\ProfilerU.exe [2010-07-29 310272]
"SaiMfd"=C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [2010-07-29 158208]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-08-29 1996200]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-10-28 2763776]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"GMouse"=C:\GIGABYTE FORCE\GIGABYTE FORCE.EXE [2011-11-08 667648]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-08-29 1996200]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-09-21 18:02:28 ----D---- C:\rsit
2012-09-16 18:23:45 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2012-09-16 18:23:45 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2012-09-15 19:57:04 ----D---- C:\Windows\SYSWOW64\Logs
2012-09-13 17:58:32 ----A---- C:\Windows\AutoKMS.tmp
2012-09-13 17:52:31 ----SHD---- C:\Config.Msi
2012-09-07 21:55:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-09-02 09:12:13 ----D---- C:\Program Files\trend micro
2012-09-01 13:44:15 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-09-01 13:44:06 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2012-09-01 13:44:06 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-09-01 13:44:06 ----A---- C:\Windows\SYSWOW64\java.exe
2012-09-01 13:43:59 ----D---- C:\Program Files (x86)\Java
2012-08-26 11:26:29 ----D---- C:\Users\Jirka\AppData\Roaming\Play withSIX
2012-08-25 17:31:59 ----D---- C:\ProgramData\Sony
2012-08-25 17:31:56 ----D---- C:\Users\Jirka\AppData\Roaming\Publish Providers
2012-08-25 17:24:32 ----D---- C:\Program Files\Sony
2012-08-25 17:24:32 ----D---- C:\Program Files (x86)\Sony

======List of files/folders modified in the last 1 month======

2012-09-21 18:02:27 ----D---- C:\Windows\Temp
2012-09-21 18:01:58 ----D---- C:\Windows\System32
2012-09-21 18:01:58 ----D---- C:\Windows\inf
2012-09-21 18:01:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-09-21 18:01:39 ----D---- C:\Windows\Prefetch
2012-09-21 18:00:26 ----D---- C:\Windows\SoftwareDistribution
2012-09-21 17:59:57 ----D---- C:\Users\Jirka\AppData\Roaming\Vso
2012-09-21 17:59:57 ----D---- C:\Users\Jirka\AppData\Roaming\uTorrent
2012-09-21 17:59:49 ----D---- C:\Windows
2012-09-21 17:58:45 ----D---- C:\Program Files\CCleaner
2012-09-21 17:56:53 ----D---- C:\ProgramData\NVIDIA
2012-09-21 16:47:05 ----D---- C:\Users\Jirka\AppData\Roaming\.minecraft
2012-09-21 15:50:14 ----D---- C:\ProgramData\PMB Files
2012-09-21 14:01:19 ----D---- C:\Windows\SysWOW64
2012-09-21 14:01:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-09-20 22:04:31 ----D---- C:\Utorrent
2012-09-20 05:16:52 ----SHD---- C:\System Volume Information
2012-09-19 19:40:27 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2012-09-17 19:59:18 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2012-09-17 00:10:45 ----D---- C:\Windows\system32\config
2012-09-16 18:02:58 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-09-16 18:02:42 ----D---- C:\Games
2012-09-13 21:03:49 ----D---- C:\Windows\Microsoft.NET
2012-09-13 21:03:48 ----RSD---- C:\Windows\assembly
2012-09-13 17:56:17 ----SHD---- C:\Windows\Installer
2012-09-13 17:56:07 ----D---- C:\ProgramData\Microsoft Help
2012-09-13 17:55:36 ----SD---- C:\ProgramData\Microsoft
2012-09-13 17:55:36 ----RD---- C:\Program Files (x86)
2012-09-13 17:55:36 ----RD---- C:\Program Files
2012-09-13 17:55:36 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-09-13 17:55:36 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-09-13 17:54:55 ----RSD---- C:\Windows\Fonts
2012-09-13 17:54:42 ----D---- C:\Windows\ShellNew
2012-09-13 17:54:37 ----D---- C:\Program Files (x86)\MSBuild
2012-09-13 17:54:24 ----D---- C:\Program Files\Common Files
2012-09-13 17:53:22 ----D---- C:\Program Files\Common Files\System
2012-09-13 17:53:21 ----A---- C:\Windows\win.ini
2012-09-13 17:07:24 ----D---- C:\Steam
2012-09-13 16:32:26 ----D---- C:\ProgramData\TrackMania
2012-09-10 08:29:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-09-06 22:26:37 ----D---- C:\Windows\system32\DriverStore
2012-09-06 22:26:37 ----D---- C:\Windows\system32\drivers
2012-09-06 22:26:37 ----D---- C:\Windows\system32\catroot2
2012-09-06 22:26:37 ----D---- C:\Windows\system32\catroot
2012-09-01 13:44:30 ----D---- C:\Program Files (x86)\Common Files
2012-09-01 13:44:00 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2012-09-01 13:44:00 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-09-01 13:37:22 ----D---- C:\Windows\system32\Tasks
2012-09-01 13:36:18 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-08-25 19:43:02 ----D---- C:\Users\Jirka\AppData\Roaming\Sony
2012-08-25 17:31:59 ----HD---- C:\ProgramData
2012-08-25 13:03:26 ----D---- C:\Users\Jirka\AppData\Roaming\BSplayer PRO
2012-08-24 05:20:58 ----D---- C:\Windows\Panther
2012-08-24 05:20:58 ----D---- C:\Windows\Minidump
2012-08-24 05:20:58 ----D---- C:\Windows\Logs
2012-08-24 05:20:58 ----D---- C:\Windows\debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-08-21 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-08-21 969200]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-08-21 359464]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-08-21 59728]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-08-21 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2009-07-30 339744]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-28 28704]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-08-14 82816]
R3 SaiK0728;SaiK0728; C:\Windows\system32\DRIVERS\SaiK0728.sys [2008-02-18 129024]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2010-08-10 22792]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2010-08-10 50056]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-10-21 1270784]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 athr;Atheros â€“ ovladaÄŤ pro zaĹ™ĂzenĂ pro rozĹˇiĹ™itelnou bezdrĂˇtovou sĂĹĄ LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 SaiK0CEA;SaiK0CEA; C:\Windows\system32\DRIVERS\SaiK0CEA.sys [2008-04-04 129024]
S3 SaiU0CEA;SaiU0CEA; C:\Windows\system32\DRIVERS\SaiU0CEA.sys [2008-04-04 34432]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-07-12 8704]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-05-15 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-07-26 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-21 250288]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-07 114144]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-09-07 529744]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

info.txt

ÔĽNinfo.txt logfile of random's system information tool 1.09 2012-09-21 18:02:34

======Uninstall list======

-->MsiExec /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
¬KTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_278_Plugin.exe -maintain plugin
Adobe Photoshop CS6-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}"
Adobe Reader X (10.1.4) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Adobe Shockwave Player 11.6-->"C:\Windows\SysWOW64\Adobe\Shockwave 11\uninstaller.exe"
Aktualizace NVIDIA 1.8.15-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Update
Aliens vs. Predator-->"C:\Program Files (x86)\Aliens vs. Predator\Uninstall\unins000.exe"
Altap Salamander 2.51-->C:\Program Files (x86)\Altap Salamander 2.5\remove\remove.exe
ARMA 2: Operation Arrowhead-->"C:\Steam\steam.exe" steam://uninstall/33930
ARMA 2-->"C:\Steam\steam.exe" steam://uninstall/33910
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
BattlEye for OA Uninstall-->c:\steam\steamapps\common\arma 2 operation arrowhead\Expansion\BattlEye\UnInstallBE.exe
BattlEye Uninstall-->c:\steam\steamapps\common\arma 2BattlEye\UnInstallBE.exe
BS.Player PRO-->"C:\Program Files (x86)\Webteh\BSplayerPro\uninstall.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Combined Community Codec Pack 2011-11-11-->"C:\Program Files (x86)\Combined Community Codec Pack\unins000.exe"
ConvertXtoDVD 4.0.9.322-->"C:\Program Files (x86)\VSO\ConvertX\4\unins000.exe"
Counter-Strike: Source-->"C:\Steam\steam.exe" steam://uninstall/240
Diablo II-->C:\Windows\DIIUnin.exe C:\Windows\DIIUnin.dat
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
GIGABYTE FORCE Driver-->"C:\GIGABYTE FORCE\uninstall.exe"
Hi-Rez Studios Authenticate and Update Service-->"C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe" uninstall=all
Java 7 Update 7-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217007FF}
JavaFX 2.1.1-->MsiExec.exe /X{1111706F-666A-4037-7777-211328764D10}
K-Lite Codec Pack 6.3.0 (64-bit)-->"C:\Program Files\K-Lite Codec Pack x64\unins000.exe"
League of Legends-->"C:\Program Files (x86)\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe" -runfromtemp -l0x0409 -removeonly
LogMeIn Hamachi-->C:\Windows\SysWOW64\\msiexec.exe /i {B8ABD8C7-991E-4A70-B5A3-20C6FC680680} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft Chart Controls for Microsoft .NET Framework 3.5-->MsiExec.exe /X{41785C66-90F2-40CE-8CB5-1C94BFC97280}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Mozilla Firefox 15.0.1 (x86 cs)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Mozilla Thunderbird 14.0 (x86 cs)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT Redists-->MsiExec.exe /I{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}
MSVCRT Redists-->MsiExec.exe /I{C9608300-11F5-11E0-A64B-0013D3D69929}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA Ovladańć 3D Vision 301.42-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladańć Ňô??d??c?? jednotky 3D Vision 301.42-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Ovladańće grafiky 301.42-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Syst?©mov?Ĺ software PhysX 9.12.0213-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.PhysX
Pando Media Booster-->C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
PDF Settings CS6-->MsiExec.exe /I{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}
Play withSIX-->MsiExec.exe /I{E42D4F41-392F-4993-A584-23A70118E7F3}
Portal-->"C:\Steam\steam.exe" steam://uninstall/400
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Recuva-->"C:\Program Files\Recuva\uninst.exe"
Saitek Cyborg Keyboard Volume 6.2.1.3-->MsiExec.exe /X{34280DB1-8558-4709-AB7E-62A572C03355}
Skype‚ĄĘ 5.10-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
Smart Technology Programming Software 7.0.2.7-->MsiExec.exe /X{ACC82418-8C69-40D0-BA23-F9528F66B521}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
TeamViewer 7-->C:\Program Files (x86)\TeamViewer\Version7\uninstall.exe
The Ball-->"C:\Steam\steam.exe" steam://uninstall/35460
Tom Clancy's Ghost Recon Future Soldier-->"C:\Program Files (x86)\InstallShield Installation Information\{6D87CAD9-9B94-4421-A439-B25F8DE14575}\setup.exe" -runfromtemp -l0x0409 -removeonly
TrackMania Nations Forever-->"C:\Steam\steam.exe" steam://uninstall/11020
Tribes: Ascend-->"C:\Steam\steam.exe" steam://uninstall/17080
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
UFO Aftershock-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{122DF4F2-575A-4CCF-9DFE-75482EBE1660}\setup.exe" -l0x5
Vegas Pro 11.0 (64-bit)-->MsiExec.exe /X{314DDDC0-E935-11E0-8F9F-F04DA23A5C58}
VIA Platforma Ovladańće zaŇô??zen??-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VirtualCloneDrive-->"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR 4.11 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe
World of Tanks-->"C:\Games\World_of_Tanks\unins000.exe"

======System event log======

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav sluŇĺby Cryptographic Services byl zmńonńon na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714051424.262212-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav sluŇĺby Windows Modules Installer byl zmńonńon na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714051424.168612-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav sluŇĺby Software Protection byl zmńonńon na: stopped
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714051424.059412-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav sluŇĺby Windows Event Log byl zmńonńon na: stopped
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714051424.012612-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav sluŇĺby Volume Shadow Copy byl zmńonńon na: stopped
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714051423.934612-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: Jirka-PC
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 182675
Source Name: NVIDIA OpenGL Driver
Time Written: 20120617025435.000000-000
Event Type: Upozornńon??
User:

Computer Name: Jirka-PC
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 182674
Source Name: NVIDIA OpenGL Driver
Time Written: 20120617025435.000000-000
Event Type: Upozornńon??
User:

Computer Name: Jirka-PC
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 182673
Source Name: NVIDIA OpenGL Driver
Time Written: 20120617025435.000000-000
Event Type: Upozornńon??
User:

Computer Name: Jirka-PC
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 182672
Source Name: NVIDIA OpenGL Driver
Time Written: 20120617025435.000000-000
Event Type: Upozornńon??
User:

Computer Name: Jirka-PC
Event Code: 2
Message: The NVIDIA OpenGL driver has encountered
an out of memory error. This application might
behave inconsistently and fail.
Record Number: 182671
Source Name: NVIDIA OpenGL Driver
Time Written: 20120617025435.000000-000
Event Type: Upozornńon??
User:

#7 Příspěvek od **vyosek** » 21 zář 2012 19:39

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku[

[/list]

JohnnieM · #8 Příspěvek od **JohnnieM** » 23 zář 2012 18:54

OTL logfile created on: 23.9.2012 18:48:59 - Run 1
OTL by OldTimer - Version 3.2.66.0 Folder = C:\Users\Jirka\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

8,00 Gb Total Physical Memory | 6,34 Gb Available Physical Memory | 79,23% Memory free
16,00 Gb Paging File | 14,05 Gb Available in Paging File | 87,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 111,25 Gb Free Space | 37,32% Space Free | Partition Type: NTFS
Drive D: | 232,89 Gb Total Space | 230,56 Gb Free Space | 99,00% Space Free | Partition Type: NTFS
Drive E: | 465,65 Gb Total Space | 349,65 Gb Free Space | 75,09% Space Free | Partition Type: FAT32

Computer Name: JIRKA-PC | User Name: Jirka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.09.23 18:45:57 | 000,601,600 | ---- | M] (OldTimer Tools) -- C:\Users\Jirka\Downloads\OTL.exe
PRC - [2012.09.21 14:01:16 | 001,807,280 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe
PRC - [2012.09.07 21:55:30 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.08.29 12:03:38 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.26 00:49:46 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011.11.08 08:31:08 | 000,667,648 | ---- | M] () -- C:\GIGABYTE FORCE\GIGABYTE FORCE.exe
PRC - [2008.03.19 23:46:50 | 001,611,272 | ---- | M] (ALTAP) -- C:\Program Files (x86)\Altap Salamander 2.5\salamand.exe

========== Modules (No Company Name) ==========

MOD - [2012.09.21 14:01:16 | 009,813,424 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
MOD - [2012.09.07 21:55:30 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.05.15 02:21:26 | 000,368,448 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2012.02.17 20:55:36 | 000,166,912 | ---- | M] () -- C:\Program Files (x86)\WinRAR\RarExt.dll
MOD - [2011.11.08 08:31:08 | 000,667,648 | ---- | M] () -- C:\GIGABYTE FORCE\GIGABYTE FORCE.exe

========== Services (SafeList) ==========

SRV:64bit: - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.09.21 14:01:16 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.07 21:55:30 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.07 17:47:11 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.08.29 12:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.26 00:49:46 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.07.12 21:16:55 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.08.21 11:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.08.21 11:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.08.21 11:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.08.21 11:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.08.21 11:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.08.21 11:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.08.14 18:29:43 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2011.08.17 10:04:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011.01.15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.08.10 08:43:14 | 000,050,056 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:64bit: - [2010.08.10 08:43:14 | 000,022,792 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini)
DRV:64bit: - [2010.04.29 06:55:42 | 000,032,768 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb)
DRV:64bit: - [2009.10.21 05:30:32 | 001,270,784 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009.07.30 11:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.04.04 17:19:04 | 000,034,432 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiU0CEA.sys -- (SaiU0CEA)
DRV:64bit: - [2008.04.04 17:19:02 | 000,129,024 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiK0CEA.sys -- (SaiK0CEA)
DRV:64bit: - [2008.02.18 14:20:12 | 000,129,024 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiK0728.sys -- (SaiK0728)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3636547274-2444135525-1829590436-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3636547274-2444135525-1829590436-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3636547274-2444135525-1829590436-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.09.01 13:37:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 21:55:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.09.07 21:55:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.07.18 14:14:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2012.06.12 11:47:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jirka\AppData\Roaming\Mozilla\Extensions
[2012.06.14 10:04:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\8l4rplm1.default\extensions
[2012.09.07 21:55:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.09.07 21:55:30 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.24 10:51:09 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.07.24 10:51:09 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.07.24 10:51:09 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.07.24 10:51:09 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.07.24 10:51:09 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe ()
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4:64bit: - HKLM..\Run: [SaiVolume] C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe (Saitek)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [GMouse] C:\GIGABYTE FORCE\GIGABYTE FORCE.EXE ()
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3636547274-2444135525-1829590436-1001..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3636547274-2444135525-1829590436-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3636547274-2444135525-1829590436-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB699263-38A8-46A6-AC9A-6B4BC2ACFB8B}: DhcpNameServer = 84.42.251.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD52D80D-AC96-4332-A373-D021AC09F76B}: DhcpNameServer = 84.42.251.2
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Program Files (x86)\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.09.23 17:01:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2012.09.23 15:46:15 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2012.09.23 15:46:15 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2012.09.23 15:46:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2012.09.21 18:02:28 | 000,000,000 | ---D | C] -- C:\rsit
[2012.09.20 14:15:08 | 000,000,000 | ---D | C] -- C:\Users\Jirka\Desktop\funny
[2012.08.14 18:29:43 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Jirka\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.09.23 18:50:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.09.23 18:01:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.23 17:14:13 | 000,001,642 | ---- | M] () -- C:\Users\Public\Desktop\Age of Mythology - The Titans Expansion.lnk
[2012.09.23 17:12:04 | 001,583,754 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.23 17:12:04 | 000,668,960 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.09.23 17:12:04 | 000,654,354 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.23 17:12:04 | 000,140,592 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.09.23 17:12:04 | 000,121,226 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.23 17:10:29 | 000,010,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.23 17:10:29 | 000,010,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.23 17:06:20 | 005,030,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.09.23 17:05:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.23 17:05:08 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.23 17:01:32 | 000,001,633 | ---- | M] () -- C:\Users\Public\Desktop\Age of Mythology.lnk
[2012.09.23 15:58:21 | 000,092,383 | ---- | M] () -- C:\Windows\War3Unin.dat
[2012.09.23 15:52:36 | 000,001,669 | ---- | M] () -- C:\Users\Jirka\Desktop\Frozen Throne.lnk
[2012.09.23 15:52:18 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2012.09.23 15:52:18 | 000,002,829 | ---- | M] () -- C:\Windows\War3Unin.pif
[2012.09.23 15:46:26 | 000,001,662 | ---- | M] () -- C:\Users\Jirka\Desktop\Warcraft III.lnk
[2012.09.21 14:01:16 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.09.21 14:01:16 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.09.23 18:50:15 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.09.23 17:14:13 | 000,001,642 | ---- | C] () -- C:\Users\Public\Desktop\Age of Mythology - The Titans Expansion.lnk
[2012.09.23 17:01:32 | 000,001,633 | ---- | C] () -- C:\Users\Public\Desktop\Age of Mythology.lnk
[2012.09.23 15:52:36 | 000,001,669 | ---- | C] () -- C:\Users\Jirka\Desktop\Frozen Throne.lnk
[2012.09.23 15:46:26 | 000,001,662 | ---- | C] () -- C:\Users\Jirka\Desktop\Warcraft III.lnk
[2012.09.23 15:46:15 | 000,092,383 | ---- | C] () -- C:\Windows\War3Unin.dat
[2012.09.23 15:46:15 | 000,002,829 | ---- | C] () -- C:\Windows\War3Unin.pif
[2012.08.14 18:30:32 | 000,001,041 | ---- | C] () -- C:\Users\Jirka\AppData\Roaming\vso_ts_preview.xml
[2012.08.14 18:29:43 | 000,099,384 | ---- | C] () -- C:\Users\Jirka\AppData\Roaming\inst.exe
[2012.08.14 18:29:43 | 000,007,859 | ---- | C] () -- C:\Users\Jirka\AppData\Roaming\pcouffin.cat
[2012.08.14 18:29:43 | 000,001,167 | ---- | C] () -- C:\Users\Jirka\AppData\Roaming\pcouffin.inf
[2012.08.04 12:45:32 | 001,562,216 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.08.04 12:41:15 | 000,000,032 | ---- | C] () -- C:\Windows\Autorun.INI
[2012.07.26 00:49:46 | 000,282,696 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.07.26 00:49:46 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.07.09 19:18:40 | 000,030,358 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2012.06.17 17:59:47 | 000,615,936 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2012.06.17 17:59:47 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012.06.17 16:55:56 | 000,003,584 | ---- | C] () -- C:\Users\Jirka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.12 12:58:18 | 000,000,600 | ---- | C] () -- C:\Users\Jirka\winscp.RND
[2012.06.12 11:05:04 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.06.12 11:04:57 | 000,022,045 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009.07.14 03:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.09.23 18:24:30 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\.minecraft
[2012.08.25 13:03:26 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\BSplayer PRO
[2012.06.29 11:29:46 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\LolClient
[2012.06.12 22:37:40 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\LolClient2
[2012.09.10 16:29:44 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Play withSIX
[2012.08.25 17:31:56 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Publish Providers
[2012.07.04 14:42:52 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\QIP
[2012.08.20 19:53:44 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\six-zsync
[2012.08.25 19:43:02 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Sony
[2012.06.30 22:04:51 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\TeamViewer
[2012.07.18 14:14:07 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Thunderbird
[2012.07.26 00:37:44 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Ubisoft
[2012.09.22 23:56:05 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\uTorrent
[2012.09.21 17:59:57 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Vso
[2012.07.04 20:31:14 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\wargaming.net

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,024,868 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.06.12 12:11:35 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\SysNative\drivers\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.09.23 18:24:30 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\.minecraft
[2012.08.05 17:53:31 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Adobe
[2012.08.25 13:03:26 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\BSplayer PRO
[2012.06.12 10:52:38 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Identities
[2012.06.29 11:29:46 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\LolClient
[2012.06.12 22:37:40 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\LolClient2
[2012.06.12 12:11:45 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Macromedia
[2009.07.14 09:45:14 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Media Center Programs
[2012.08.06 06:35:38 | 000,000,000 | --SD | M] -- C:\Users\Jirka\AppData\Roaming\Microsoft
[2012.06.12 11:47:00 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Mozilla
[2012.06.23 15:42:29 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\NVIDIA
[2012.09.10 16:29:44 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Play withSIX
[2012.08.25 17:31:56 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Publish Providers
[2012.07.04 14:42:52 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\QIP
[2012.08.20 19:53:44 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\six-zsync
[2012.09.17 19:59:18 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Skype
[2012.08.25 19:43:02 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Sony
[2012.06.30 22:04:51 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\TeamViewer
[2012.07.18 14:14:07 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Thunderbird
[2012.07.26 00:37:44 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Ubisoft
[2012.09.22 23:56:05 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\uTorrent
[2012.09.21 17:59:57 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Vso
[2012.07.04 20:31:14 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\wargaming.net
[2012.06.12 12:55:53 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2012.08.14 18:29:43 | 000,099,384 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\inst.exe
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\BSplayer PRO\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\BSplayer PRO\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\BSplayer PRO\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\BSplayer PRO\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\BSplayer PRO\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\BSplayer PRO\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\BSplayer PRO\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\BSplayer PRO\Haali media splitter\uninstall.exe
[2012.06.17 17:56:13 | 000,786,492 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
[2012.06.17 17:56:15 | 015,823,872 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
[2012.06.17 17:56:13 | 000,107,008 | ---- | M] () -- C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
[2012.09.10 16:29:44 | 019,049,527 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Jirka\AppData\Roaming\Play withSIX\Play withSIX update.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.09.23 19:01:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.09.21 14:01:16 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2012.09.21 14:01:16 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AdobeBridge" =

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.09.07 21:55:30 | 000,917,984 | ---- | M] (Mozilla Corporation) MD5=9C376F42BDE37F18D0A39AF7415D9BE6 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.07.14 03:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.09.23 18:50:15 | 000,000,512 | ---- | M] () MD5=98F1F686DA34CCA7A3CACF7B75A12950 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.06.12 12:27:53 | 000,003,763 | ---- | M] () -- \Users\Jirka\AppData\Roaming\uTorrent\Altap.Salamander.v2.5.Final with crack.zip.torrent
[2012.08.12 20:01:06 | 000,003,617 | ---- | M] () -- \Users\Jirka\AppData\Roaming\uTorrent\Asphalt 7 Heat v1.0.0 HD [Cracked] + SD Data By bobiras2009.torrent
[2012.08.11 12:18:07 | 000,017,952 | ---- | M] () -- \Users\Jirka\AppData\Roaming\uTorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.torrent
[2012.07.26 10:22:17 | 000,003,911 | ---- | M] () -- \Users\Jirka\AppData\Roaming\uTorrent\Tom.Clancys.Ghost.Recon.Future.Soldier-SKIDROW.CRACK.ONLY.rar.torrent
[2012.08.05 17:50:56 | 000,315,178 | ---- | M] () -- \Utorrent\Adobe Photoshop CS5 CZ\Crack\ADBE_CRACK - 32bit.rar
[2012.08.05 17:50:55 | 000,377,747 | ---- | M] () -- \Utorrent\Adobe Photoshop CS5 CZ\Crack\ADBE_CRACK - 64bit.rar
[2012.08.12 20:01:36 | 002,750,436 | ---- | M] () -- \Utorrent\Asphalt 7 Heat v1.0.0 HD [Cracked] + SD Data By bobiras2009\Asphalt 7 Heat v1.0.0 HD [Cracked] By bobiras2009.apk
[2012.08.25 17:17:05 | 000,021,812 | ---- | M] () -- \Utorrent\Sony Vegas Pro 11_64bit\Crack.rar
[2012.08.11 12:21:12 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r00
[2012.08.11 12:21:16 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r01
[2012.08.11 12:21:16 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r02
[2012.08.11 12:21:16 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r03
[2012.08.11 12:21:17 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r04
[2012.08.11 12:21:17 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r05
[2012.08.11 12:21:16 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r06
[2012.08.11 12:21:17 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r07
[2012.08.11 12:21:17 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r08
[2012.08.11 12:21:17 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r09
[2012.08.11 12:21:17 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r10
[2012.08.11 12:21:17 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r11
[2012.08.11 12:21:17 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r12
[2012.08.11 12:21:17 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r13
[2012.08.11 12:21:17 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r14
[2012.08.11 12:21:16 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r15
[2012.08.11 12:21:18 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r16
[2012.08.11 12:21:18 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r17
[2012.08.11 12:21:18 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r18
[2012.08.11 12:21:18 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r19
[2012.08.11 12:21:18 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r20
[2012.08.11 12:21:11 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r21
[2012.08.11 12:21:18 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r22
[2012.08.11 12:21:18 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r23
[2012.08.11 12:21:12 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r24
[2012.08.11 12:21:20 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r25
[2012.08.11 12:20:51 | 000,237,348 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.r26
[2012.08.11 12:21:20 | 015,000,000 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.rar
[2012.08.11 12:19:10 | 000,004,259 | ---- | M] () -- \Utorrent\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech\Sony.Vegas.Pro.10.x86-x64.Cracked-Torrentleech.sfv
[2012.07.29 11:26:23 | 018,911,727 | ---- | M] () -- \Utorrent\Syndicate\Crack.rar

< *keygen* /s >
[2010.04.15 01:50:06 | 000,138,752 | ---- | M] () -- \Program Files (x86)\SIX Networks\Play withSIX\tools\bin\ssh-keygen.exe
[2012.08.05 17:50:56 | 000,063,365 | ---- | M] () -- \Utorrent\Adobe Photoshop CS5 CZ\Crack\adobe_PS_CS5_keygen.exe
[2012.08.05 17:50:56 | 000,003,121 | ---- | M] () -- \Utorrent\Adobe Photoshop CS5 CZ\Crack\KeyGen-Readme.txt

< *loader* /s >
[2003.07.03 22:37:58 | 000,006,995 | ---- | M] () -- \Games\Age of Mythology\ai2\aomxailoader.xs
[2003.07.03 22:37:35 | 000,002,522 | ---- | M] () -- \Games\Age of Mythology\ai2\aomxailoaderaggboom.xs
[2003.07.03 22:37:27 | 000,002,734 | ---- | M] () -- \Games\Age of Mythology\ai2\aomxailoaderbalanced.xs
[2003.07.03 22:37:17 | 000,002,486 | ---- | M] () -- \Games\Age of Mythology\ai2\aomxailoaderboom.xs
[2003.07.03 22:37:07 | 000,002,522 | ---- | M] () -- \Games\Age of Mythology\ai2\aomxailoaderdefboom.xs
[2003.07.03 22:37:02 | 000,002,491 | ---- | M] () -- \Games\Age of Mythology\ai2\aomxailoaderdefrush.xs
[2003.07.03 22:36:55 | 000,002,494 | ---- | M] () -- \Games\Age of Mythology\ai2\aomxailoaderecorush.xs
[2003.07.03 22:36:48 | 000,002,488 | ---- | M] () -- \Games\Age of Mythology\ai2\aomxailoaderrush.xs
[2012.06.15 11:10:23 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2012.06.15 11:10:23 | 000,005,679 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\TutorialLoader.pyc
[2012.03.13 12:18:28 | 003,297,128 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe
[2012.03.13 10:41:34 | 000,000,860 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\Photodownloader.exe.manifest
[2012.03.13 10:41:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 10:42:06 | 000,000,324 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 10:42:06 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012.02.22 23:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.22 23:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.22 23:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2011.10.17 14:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.17 13:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.06 11:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011.11.10 15:55:50 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2011.10.08 02:34:22 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderLargeBlue.gif
[2011.10.08 02:34:22 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderLargeGrey.gif
[2011.10.08 02:34:22 | 000,001,737 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderSmallBlue.gif
[2011.10.08 02:34:22 | 000,001,737 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\images\loaderSmallGold.gif
[2012.03.13 12:10:54 | 003,297,128 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012.03.13 10:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 10:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 10:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 10:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012.05.15 09:59:24 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.05.15 09:59:24 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.02.16 14:44:38 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.203\deploy\assets\storeImages\layout\small_loader.gif
[2012.08.30 09:58:58 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.203\deploy\assets\storeImages\layout\OldImages\small_loader.gif
[2012.06.16 14:19:29 | 000,061,720 | ---- | M] () -- \Steam\steamapps\common\the ball\Binaries\Win32\PhysXLocal\PhysXLoader.dll
[2012.06.27 21:12:13 | 000,064,280 | ---- | M] () -- \Steam\steamapps\common\tribes\Binaries\Win32\PhysXLoader.dll
[2012.05.15 09:59:24 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.05.15 09:59:24 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.09.22 17:26:13 | 000,000,353 | ---- | M] () -- \Users\Jirka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7PAGGE5B\queryLoader[1].css
[2012.09.22 17:26:13 | 000,005,505 | ---- | M] () -- \Users\Jirka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7PAGGE5B\queryLoader[1].js
[2012.09.22 09:44:38 | 000,000,353 | ---- | M] () -- \Users\Jirka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CRUGYIUH\queryLoader[1].css
[2012.09.22 09:44:38 | 000,005,505 | ---- | M] () -- \Users\Jirka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T1EI5STL\queryLoader[1].js
[2012.09.23 15:33:31 | 000,002,884 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\mcmodinst18308963959411564531348407211600\com\sijobe\spc\core\SPCLoader.class
[2012.09.23 15:33:31 | 000,006,490 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\mcmodinst18308963959411564531348407211600\com\sijobe\spc\util\DynamicClassLoader.class
[2012.09.21 22:12:09 | 000,002,884 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\mcmodinst2843422648502971221348258329603\com\sijobe\spc\core\SPCLoader.class
[2012.09.21 22:12:09 | 000,006,490 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\mcmodinst2843422648502971221348258329603\com\sijobe\spc\util\DynamicClassLoader.class
[2012.09.23 13:14:28 | 000,050,656 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\mcmodinst51375723101851732651348398865335\ModLoader.class
[2012.09.23 13:14:29 | 000,002,884 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\mcmodinst51375723101851732651348398865335\com\sijobe\spc\core\SPCLoader.class
[2012.09.23 13:14:29 | 000,006,490 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\mcmodinst51375723101851732651348398865335\com\sijobe\spc\util\DynamicClassLoader.class
[2012.09.23 13:14:31 | 000,050,656 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\mcmodinst82668708560087895641348398866640\ModLoader.class
[2012.09.23 13:14:32 | 000,002,884 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\mcmodinst82668708560087895641348398866640\com\sijobe\spc\core\SPCLoader.class
[2012.09.23 13:14:32 | 000,006,490 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\mcmodinst82668708560087895641348398866640\com\sijobe\spc\util\DynamicClassLoader.class
[2012.08.16 14:50:56 | 000,015,948 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\ModLoader.class
[2012.08.16 14:50:56 | 000,001,345 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\client\modloader\ModLoaderBlockRendererHandler.class
[2012.08.16 14:50:56 | 000,002,774 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\client\modloader\ModLoaderClientHelper.class
[2012.08.16 14:50:56 | 000,002,675 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\client\modloader\ModLoaderKeyBindingHandler.class
[2012.08.16 14:50:56 | 000,001,145 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\common\Loader$1.class
[2012.08.16 14:50:56 | 000,000,964 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\common\Loader$2.class
[2012.08.16 14:50:56 | 000,001,407 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\common\Loader$ModIdComparator.class
[2012.08.16 14:50:56 | 000,021,915 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\common\Loader.class
[2012.08.16 14:50:56 | 000,000,543 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\common\LoaderException.class
[2012.08.16 14:50:56 | 000,001,941 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\common\LoaderState$ModState.class
[2012.08.16 14:50:56 | 000,003,995 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\common\LoaderState.class
[2012.08.16 14:50:56 | 000,002,804 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\common\ModClassLoader.class
[2012.08.16 14:50:56 | 000,000,247 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\common\modloader\IModLoaderSidedHelper.class
[2012.08.16 14:50:56 | 000,001,820 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\common\modloader\ModLoaderConnectionHandler.class
[2012.08.16 14:50:56 | 000,000,967 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\common\modloader\ModLoaderCraftingHelper.class
[2012.08.16 14:50:56 | 000,000,758 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\common\modloader\ModLoaderFuelHelper.class
[2012.08.16 14:50:56 | 000,004,538 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\common\modloader\ModLoaderHelper.class
[2012.08.16 14:50:56 | 000,021,136 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\common\modloader\ModLoaderModContainer.class
[2012.08.16 14:50:56 | 000,000,904 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\common\modloader\ModLoaderPacketHandler.class
[2012.08.16 14:50:56 | 000,001,071 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\common\modloader\ModLoaderWorldGenerator.class
[2012.08.16 14:50:56 | 000,001,130 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\relauncher\Downloader$1.class
[2012.08.16 14:50:56 | 000,000,957 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\relauncher\Downloader$2.class
[2012.08.16 14:50:56 | 000,004,535 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\relauncher\Downloader.class
[2012.08.16 14:50:56 | 000,006,373 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\cpw\mods\fml\relauncher\RelaunchClassLoader.class
[2012.08.16 14:50:56 | 000,001,124 | ---- | M] () -- \Users\Jirka\AppData\Local\Temp\Rar$DRa0.794\net\minecraftforge\event\ASMEventHandler$ASMClassLoader.class
[2012.09.23 18:17:56 | 000,002,078 | ---- | M] () -- \Users\Jirka\AppData\Roaming\.minecraft\ModLoader.txt
[2012.09.23 18:14:35 | 000,000,129 | ---- | M] () -- \Users\Jirka\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2012.08.25 17:05:18 | 000,005,202 | ---- | M] () -- \Users\Jirka\AppData\Roaming\.minecraft\config\classes\wecui\vendor\org\yaml\snakeyaml\JavaBeanLoader.class
[2012.08.25 17:05:16 | 000,000,982 | ---- | M] () -- \Users\Jirka\AppData\Roaming\.minecraft\config\classes\wecui\vendor\org\yaml\snakeyaml\Loader.class
[2012.08.25 17:05:16 | 000,001,141 | ---- | M] () -- \Users\Jirka\AppData\Roaming\.minecraft\config\classes\wecui\vendor\org\yaml\snakeyaml\LoaderOptions.class
[2012.08.25 17:05:18 | 000,001,690 | ---- | M] () -- \Users\Jirka\AppData\Roaming\.minecraft\config\classes\wecui\vendor\org\yaml\snakeyaml\constructor\CustomClassLoaderConstructor.class
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.04.26 14:26:34 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2012.04.26 14:26:34 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.26 20:40:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.26 20:40:31 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.26 20:40:31 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.26 20:40:31 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.26 20:40:31 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009.07.14 07:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 07:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009.07.14 07:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009.07.14 07:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009.07.14 07:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2009.07.14 04:58:45 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2009.07.14 04:58:45 | 000,641,088 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.efi_75834aa0
[2009.07.14 04:58:45 | 000,604,192 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.exe_75835076
[2009.07.14 04:58:45 | 000,557,136 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.efi_85cd069f
[2009.07.14 04:58:45 | 000,518,352 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.26 20:38:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

JohnnieM · #9 Příspěvek od **JohnnieM** » 23 zář 2012 18:57

OTL Extras logfile created on: 23.9.2012 18:48:59 - Run 1
OTL by OldTimer - Version 3.2.66.0 Folder = C:\Users\Jirka\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

8,00 Gb Total Physical Memory | 6,34 Gb Available Physical Memory | 79,23% Memory free
16,00 Gb Paging File | 14,05 Gb Available in Paging File | 87,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 111,25 Gb Free Space | 37,32% Space Free | Partition Type: NTFS
Drive D: | 232,89 Gb Total Space | 230,56 Gb Free Space | 99,00% Space Free | Partition Type: NTFS
Drive E: | 465,65 Gb Total Space | 349,65 Gb Free Space | 75,09% Space Free | Partition Type: FAT32

Computer Name: JIRKA-PC | User Name: Jirka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3636547274-2444135525-1829590436-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AF4A60C-F144-4A80-B567-3BC433D5765E}" = lport=59081 | protocol=17 | dir=in | name=pando media booster |
"{1F2FDB02-4536-4B04-856E-77AAA4808376}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{24BC95F1-13D7-4E99-9BDE-A838070D6095}" = lport=445 | protocol=6 | dir=in | app=system |
"{2B84DE1B-B0E8-4894-A151-0CE440587A27}" = rport=137 | protocol=17 | dir=out | app=system |
"{3ECE7003-2F0A-4565-A57C-870F32C59D20}" = rport=139 | protocol=6 | dir=out | app=system |
"{405BE903-28C1-4C55-8E9F-03A888EBD192}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{51DC33D7-6BC1-405F-94CD-07354D804C89}" = lport=139 | protocol=6 | dir=in | app=system |
"{69292750-5005-4B04-9096-7F876B526876}" = lport=138 | protocol=17 | dir=in | app=system |
"{6BFF2859-284A-42B5-A89F-268E9E2131EA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{702A00EB-19D0-4542-827B-EA5D3BCADDB1}" = lport=59081 | protocol=6 | dir=in | name=pando media booster |
"{702CB7DE-5A7C-42AF-9096-04851DF26E63}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{70BC312C-5B2E-41DB-AC8F-696B04CE7048}" = lport=59081 | protocol=6 | dir=in | name=pando media booster |
"{832E9A62-8672-4AB3-B45B-3741D132B20A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{90FFF54F-908D-44CF-8CAB-85BD3485E58A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{975480BD-56FE-432E-959B-1779A7D5DE96}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A4FF14FA-B01B-4278-A466-99C969DCFEC6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B2EB3F0A-122F-46E4-A14C-1E0E2675E1EC}" = rport=445 | protocol=6 | dir=out | app=system |
"{B33234A8-E797-4728-A20B-CCC59205D6BF}" = rport=138 | protocol=17 | dir=out | app=system |
"{B7DB9FAC-888C-4EA5-AA3B-D97C69A25C51}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BC1BA7FD-84D1-4E0A-9ACA-083E7F71F070}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C1C117FC-2C9D-42CD-BAB1-5A46786E8BD0}" = lport=59081 | protocol=17 | dir=in | name=pando media booster |
"{CF0F7116-9AF5-4F0F-BCC1-0E6FD4F5311A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D019068B-606B-493A-BB0B-D7E24DE1FAEA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{DAE877E3-3C34-498C-9188-6C7C97D5B0B9}" = lport=137 | protocol=17 | dir=in | app=system |
"{E3AEEC57-2C21-4FFA-A94C-32D31C3212D6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E5275834-1FBE-4939-AB1E-48051CB83073}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F024AC3E-4D87-49D6-97E9-A682D505B4D6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B8B88A-697B-4036-BDAF-EC8681F5B003}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{089B65BD-F772-4542-A9F0-BF03BD46A734}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{0F9E0171-FAEC-44D6-BD25-53C2CE030604}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{14B75164-779B-4E4A-AC90-AC7EF0AE7B34}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{19BC9FDD-19B0-426D-A302-DC6C1F6C4E9F}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2298848B-A99C-48EF-893C-A7C2BB481223}" = protocol=6 | dir=in | app=e:\steam\steam.exe |
"{2405ABBA-EAC4-422F-9FDD-2B6C54123B80}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{2BF9A287-9B42-4CC5-9752-B636DE185C92}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{396B650A-9AF5-4EF5-86AD-10E99CE97CA8}" = protocol=17 | dir=in | app=c:\program files (x86)\aliens vs. predator\avp_dx11.exe |
"{39A7B1A4-CD00-4421-84C1-34F4D2ECF5B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3D5DC186-B45B-4636-A829-2C426D1491B4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{3EE1BBB6-EA43-4538-8F48-E7BCCE8B2803}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{418882F5-A512-4767-91ED-8F41D05AFA78}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\arma 2\arma2.exe |
"{49ECB221-0FE3-4570-A2FF-D09EBE72B51F}" = protocol=17 | dir=in | app=c:\steam\steam.exe |
"{4DED8E53-53E9-4C19-9B41-FF85BF9B388E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{55C78FFA-2812-48C2-8D5D-0D1C7C9A8FF9}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\tribes\binaries\win32\hirezbridge.exe |
"{55D99827-8B89-4E5B-999F-CA398D62A6A0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{56E43EE9-129C-4814-819A-4F4090D140D4}" = protocol=17 | dir=in | app=e:\steam\steam.exe |
"{5BD6590A-4D79-4BBD-88E0-735B288AA86B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5D06794C-E049-4EB9-85E8-C29A26C43EE1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5E09A164-22A9-495D-B156-6B08CB828BF8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E4A5E1B-F33A-43C0-856E-B99B777B49F4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{617E4838-B2E1-43C8-A07A-DB494A18CC9B}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{6221B648-6310-4260-A881-CA0D9E75E89C}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{63DD1E68-C7AE-4C62-B0C5-9009620D5029}" = protocol=6 | dir=in | app=c:\steam\steam.exe |
"{67E3C9C6-C9AC-4420-9067-4315FC17EF27}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{684F2871-E8E7-4D16-9F6E-908DA209DE79}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6B475554-AB8D-4918-B793-D63BEBBC16FE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6DDE45F7-9B44-4F64-A0C5-1CE6D7DBF94B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{71BEA5C4-0ED2-4642-9AFE-0D6DF2246910}" = protocol=6 | dir=in | app=c:\steam\steamapps\johnniem771\counter-strike source\hl2.exe |
"{73C66E9E-A18E-4DD5-9CA0-2BB7D3F4B111}" = protocol=58 | dir=in | app=system |
"{73C7FFF9-8670-4006-9C23-5DCE222D7F6F}" = protocol=6 | dir=in | app=c:\program files (x86)\aliens vs. predator\avp.exe |
"{75673956-3702-4BCF-BDD5-682054A107B4}" = protocol=6 | dir=in | app=c:\program files (x86)\aliens vs. predator\avp_dx11.exe |
"{7A0F0AD9-DAF4-4F22-8D80-3D49421CB704}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7C4A305F-C892-4CF3-ABA7-6727407C56FB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7E0716B1-29C5-45B9-A4F6-C2E413863A31}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{7EA13104-E05D-4467-A5F1-7D3F839DA71B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8148C6FD-8178-4A1B-8289-824F22C3B3F2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{86B741B7-2CA2-4E50-91EB-7DC0DD0A9A01}" = protocol=17 | dir=in | app=c:\program files (x86)\six networks\play withsix\play withsix.exe |
"{8C68FD20-B8EF-4827-A7B9-2C8E50A8EFA2}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"{8F4A4BB1-CAC7-4654-A332-E6343639CD49}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{96193588-7542-4ED9-B016-7AA63F429574}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9C24D2FA-D8C0-4A8B-A11D-FE56D5AFA0B4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9F9FFA4A-7998-417D-AA64-5EF2183AC3B0}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"{A669B846-A4FC-43B2-9716-89BC4310E62F}" = protocol=17 | dir=in | app=c:\program files (x86)\aliens vs. predator\avp.exe |
"{A6B81C1A-DCFE-4209-925A-0C47BCD5879B}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{AB34500E-BED2-48EA-960A-1E96886DBB73}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AC144F51-D7D8-4E8B-A919-AB6FE4CCDF5C}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{AD9CF765-D9BC-4377-B14B-80CDE52688E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AF8EABB2-6F61-4A22-B216-1AF16A2E5B67}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B011D0BD-6139-48D7-905C-4A8504575E71}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{B17CD782-159B-4541-90D5-3986A1D45BD0}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{B1BC962E-87F1-4320-B55A-C33E7DC78EFA}" = protocol=6 | dir=in | app=c:\program files (x86)\six networks\play withsix\play withsix.exe |
"{B672A5BB-81E1-4E8A-AED4-0F652602719F}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\arma 2 operation arrowhead\_runa2co.cmd |
"{B9900378-AAA3-4F45-A26F-E9321FD6300E}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\the ball\binaries\win32\theball.exe |
"{B9CA699A-15FC-4A8B-9AB2-F653E72E91C0}" = protocol=6 | dir=out | app=system |
"{BB68523A-33C9-4E44-A0E0-8A9BEA23EFCE}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{C20EA80B-372F-4F41-A4E4-CB20D6C71C02}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C5BEDDEE-D5F5-4C20-BF9D-01B96EAB7CD8}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{CB505FAC-B85A-4525-BA78-128901E496B5}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D9DAB171-A193-4282-B315-F46610389811}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{E14957A0-AB76-4B42-8FB6-9CF1598141F4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EF76DC1B-94D9-4C9E-933B-44D4894D0C5D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{F63E3CC0-6687-416D-9FD1-EACBFC20B477}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\the ball\binaries\win32\theball.exe |
"{F7B26D54-A863-4A3F-B5B4-D245553E7C4E}" = protocol=17 | dir=in | app=c:\steam\steamapps\common\arma 2\arma2.exe |
"{F7B3818C-C165-49B0-B606-D6DA138BCF35}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\tribes\binaries\win32\hirezbridge.exe |
"{F8D05FD9-2CF6-4D56-8F0F-96AA07CD7C47}" = protocol=6 | dir=in | app=c:\steam\steamapps\common\arma 2 operation arrowhead\besetup\setup_battleyearma2oa.exe |
"{FD7BDCD9-8F6C-466E-B6C7-AF971870DF39}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{FFA68615-A30D-4F5E-B14E-C71E892BA5FD}" = protocol=17 | dir=in | app=c:\steam\steamapps\johnniem771\counter-strike source\hl2.exe |
"TCP Query User{663EB05B-C5E8-4EEB-9FBA-E4EBE051DE80}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{A51243B8-D116-45BF-B35C-31AA5EDCD9B4}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{F0D4641A-1BC3-44B8-8C14-4DBD6C83522A}C:\steam\steamapps\johnniem771\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\steam\steamapps\johnniem771\counter-strike source\hl2.exe |
"UDP Query User{307BE754-5F59-4F8E-A0F8-B0391F2C3028}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{58D5564D-ED05-498C-8AB5-6EB7F274D79E}C:\steam\steamapps\johnniem771\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\steam\steamapps\johnniem771\counter-strike source\hl2.exe |
"UDP Query User{7B6C935F-2326-4D3C-8EB4-6C3EDFF0574E}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{314DDDC0-E935-11E0-8F9F-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}" = MSVCRT Redists
"{34280DB1-8558-4709-AB7E-62A572C03355}" = Saitek Cyborg Keyboard Volume 6.2.1.3
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{ACC82418-8C69-40D0-BA23-F9528F66B521}" = Smart Technology Programming Software 7.0.2.7
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"KLiteCodecPack64_is1" = K-Lite Codec Pack 6.3.0 (64-bit)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Drivers" = NVIDIA Drivers
"Recuva" = Recuva

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2A086701-1EEE-43F5-A9DB-DE2D73DC543D}_is1" = Aliens vs. Predator
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322
"{E42D4F41-392F-4993-A584-23A70118E7F3}" = Play withSIX
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Age of Mythology 1.0" = Age of Mythology
"Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion
"Altap Salamander 2.51" = Altap Salamander 2.51
"avast" = avast! Free Antivirus
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"BSPlayerp" = BS.Player PRO
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"Diablo II" = Diablo II
"Fraps" = Fraps (remove only)
"GMouse" = GIGABYTE FORCE Driver
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 15.0.1 (x86 cs)" = Mozilla Firefox 15.0.1 (x86 cs)
"Mozilla Thunderbird 14.0 (x86 cs)" = Mozilla Thunderbird 14.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PunkBusterSvc" = PunkBuster Services
"Steam App 11020" = TrackMania Nations Forever
"Steam App 17080" = Tribes: Ascend
"Steam App 240" = Counter-Strike: Source
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 35460" = The Ball
"Steam App 400" = Portal
"TeamViewer 7" = TeamViewer 7
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"Warcraft III" = Warcraft III
"WinRAR archiver" = WinRAR 4.11 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3636547274-2444135525-1829590436-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP Infium" = QIP Infium 3.0.9040
"Warcraft III" = Warcraft III: All Products

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2.9.2012 6:53:13 | Computer Name = Jirka-PC | Source = .NET Runtime | ID = 1022
Description =

Error - 4.9.2012 12:51:39 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: prototype2.exe, verze: 0.0.0.0, časové razítko:
0x4f871176 Název chybujícího modulu: d3d9.dll, verze: 6.1.7600.16385, časové razítko:
0x4a5bd9a9 Kód výjimky: 0xc0000005 Posun chyby: 0x00025a2c ID chybujícího procesu:
0x460 Čas spuštění chybující aplikace: 0x01cd8abbab4e1ce8 Cesta k chybující aplikaci:
C:\Program Files (x86)\PROTOTYPE 2\prototype2.exe Cesta k chybujícímu modulu: C:\Windows\system32\d3d9.dll
ID
zprávy: cb6fb818-f6b0-11e1-8026-bcaec554d10e

Error - 5.9.2012 16:36:26 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: firefox.exe, verze: 15.0.0.4619, časové
razítko: 0x50382fcd Název chybujícího modulu: xul.dll, verze: 15.0.0.4619, časové
razítko: 0x50382f44 Kód výjimky: 0xc0000005 Posun chyby: 0x001bea47 ID chybujícího
procesu: 0x580 Čas spuštění chybující aplikace: 0x01cd8ba1c3dc63b4 Cesta k chybující
aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Mozilla Firefox\xul.dll ID zprávy: 5cb7bbac-f799-11e1-8026-bcaec554d10e

Error - 7.9.2012 15:48:44 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: hl2.exe, verze: 0.0.0.0, časové razítko:
0x5029989b Název chybujícího modulu: client.dll, verze: 0.0.0.0, časové razítko:
0x5033b7fa Kód výjimky: 0xc0000005 Posun chyby: 0x0045d972 ID chybujícího procesu:
0x1bcc Čas spuštění chybující aplikace: 0x01cd8d308b2c361c Cesta k chybující aplikaci:
c:\steam\steamapps\johnniem771\counter-strike source\hl2.exe Cesta k chybujícímu
modulu: c:\steam\steamapps\johnniem771\counter-strike source\cstrike\bin\client.dll
ID
zprávy: 07b49f5c-f925-11e1-bd30-bcaec554d10e

Error - 13.9.2012 11:07:04 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: hl2.exe, verze: 0.0.0.0, časové razítko:
0x5047fbf4 Název chybujícího modulu: client.dll, verze: 0.0.0.0, časové razítko:
0x504e343b Kód výjimky: 0xc0000005 Posun chyby: 0x0046fd82 ID chybujícího procesu:
0x3a8 Čas spuštění chybující aplikace: 0x01cd91bdf0ebf371 Cesta k chybující aplikaci:
c:\steam\steamapps\johnniem771\counter-strike source\hl2.exe Cesta k chybujícímu
modulu: c:\steam\steamapps\johnniem771\counter-strike source\cstrike\bin\client.dll
ID
zprávy: acf89391-fdb4-11e1-8509-bcaec554d10e

Error - 13.9.2012 11:38:14 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: steam.exe, verze: 1.0.1446.623, časové razítko:
0x5004ae1a Název chybujícího modulu: steamservice.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x504966ca Kód výjimky: 0xc0000005 Posun chyby: 0x6dee1031 ID chybujícího
procesu: 0x16a4 Čas spuštění chybující aplikace: 0x01cd91bc7c0acc31 Cesta k chybující
aplikaci: C:\Steam\steam.exe Cesta k chybujícímu modulu: steamservice.dll ID zprávy:
07bbd181-fdb9-11e1-8509-bcaec554d10e

Error - 17.9.2012 1:08:31 | Computer Name = Jirka-PC | Source = .NET Runtime | ID = 1022
Description =

Error - 18.9.2012 13:25:04 | Computer Name = Jirka-PC | Source = Application Hang | ID = 1002
Description = Program rads_user_kernel.exe verze 0.0.0.0 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: b2c Čas spuštění: 01cd95c2857a4dcc Čas ukončení: 0 Cesta k aplikaci: C:\Riot
Games\League of Legends\RADS\system\rads_user_kernel.exe ID hlášení: c7b077ad-01b5-11e2-ba5f-bcaec554d10e

Error - 21.9.2012 11:50:57 | Computer Name = Jirka-PC | Source = Application Hang | ID = 1002
Description = Program RSITx64.exe verze 3.3.6.1 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
a28 Čas spuštění: 01cd98107e2b4abc Čas ukončení: 15 Cesta k aplikaci: C:\Users\Jirka\Downloads\RSITx64.exe

ID
hlášení:

Error - 21.9.2012 12:08:11 | Computer Name = Jirka-PC | Source = Application Hang | ID = 1002
Description = Program RSITx64.exe verze 3.3.6.1 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1208 Čas spuštění: 01cd98127f19b970 Čas ukončení: 16 Cesta k aplikaci: C:\Users\Jirka\Desktop\RSITx64.exe

ID
hlášení:

[ System Events ]
Error - 23.9.2012 11:02:54 | Computer Name = Jirka-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.9.2012 11:02:55 | Computer Name = Jirka-PC | Source = Ntfs | ID = 262199
Description = Struktura systému souborů disku je poškozená a je nepoužitelná. Je
nutné na svazek D: spustit nástroj chkdsk.

Error - 23.9.2012 11:03:13 | Computer Name = Jirka-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.9.2012 11:03:15 | Computer Name = Jirka-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.9.2012 11:03:17 | Computer Name = Jirka-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.9.2012 11:03:19 | Computer Name = Jirka-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.9.2012 11:03:21 | Computer Name = Jirka-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.9.2012 11:03:23 | Computer Name = Jirka-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.9.2012 11:03:25 | Computer Name = Jirka-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.9.2012 11:03:27 | Computer Name = Jirka-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

< End of report >

#10 Příspěvek od **vyosek** » 23 zář 2012 22:02

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3636547274-2444135525-1829590436-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3636547274-2444135525-1829590436-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3636547274-2444135525-1829590436-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2012.06.17 17:59:47 | 000,615,936 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2012.06.17 17:59:47 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2012.09.23 19:01:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=-
"AutoKMS"=-
"AdobeAAMUpdater-1.0"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"VirtualCloneDrive"=-
"SwitchBoard"=-
"AdobeCS6ServiceManager"=-
"LogMeIn Hamachi Ui"=-
"SunJavaUpdateSched"=-

:files
C:\Windows\KMSEmulator.exe
C:\Windows\AutoKMS.tmp
C:\Windows\AutoKMS.exe
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

JohnnieM · #11 Příspěvek od **JohnnieM** » 24 zář 2012 09:06

Dobrá den, zde jsou logy z OTL po restartu

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-3636547274-2444135525-1829590436-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3636547274-2444135525-1829590436-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3636547274-2444135525-1829590436-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\AutoKMS.exe moved successfully.
C:\Windows\AutoKMS.ini moved successfully.
C:\Windows\AutoKMS.tmp deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AutoKMS not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\VirtualCloneDrive deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
File\Folder C:\Windows\KMSEmulator.exe not found.
File\Folder C:\Windows\AutoKMS.tmp not found.
File\Folder C:\Windows\AutoKMS.exe not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jirka
->Temp folder emptied: 25173743 bytes
->Temporary Internet Files folder emptied: 16134130 bytes
->Java cache emptied: 25662 bytes
->FireFox cache emptied: 1137469606 bytes
->Flash cache emptied: 1863 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3822 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50641 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 124,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Jirka
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Jirka
->Java cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.66.0 log created on 09242012_095803

Files\Folders moved on Reboot...
C:\Users\Jirka\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#12 Příspěvek od **vyosek** » 24 zář 2012 09:07

Zdravim,

OTL udelalo co melo, jak se chova PC

JohnnieM · #13 Příspěvek od **JohnnieM** » 24 zář 2012 10:23

PC se chová zdánlivě v pořádku, připadné nesrovnalosti se možná ukážou časem, to ale kdyžtak někdy příště. Jen jsem se chtěl zeptat jak je možné že se promazávali a odstraňovali data z IE když ho v§bec nepoužívám. To si samotné win něják přidávají a spouští procesy IE, jde IE nějákým způsobem odstranit? Děkuji za pomoc.

#14 Příspěvek od **vyosek** » 24 zář 2012 19:20

Ty data do IE se tam dostavaji pri instalaci programu diky tomu ze ne kazdy dukladne cte co povoluje instalovat - vetsina programu jeste nuti dalsi program tretich stran

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

Prosím o preventivku

Prosím o preventivku

Re: Prosím o preventivku

Licence

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku