Problem - windef.exe *32

Zpráva

ElimCz · #1 Příspěvek od **ElimCz** » 03 dub 2013 19:51

Dobrý den, dnes jsme normálně zapnul počítač a všiml jsem si přes měřič vytížení procesoru na 100%, i když je tichý a nedělá téměř žádný hluk, oproti i normálu kdy jede na 20% a je mnohem hlasitější. Každopádně jsem šel do správce úloh a tam našel zatěžující položku windef.exe *32. Trochu jsem byl na netu ale nepochopil jsem s definic a různých rad co s tím. Odviroval počítač přes antivir Microsoft Security Essentials našel pár virů a smazal, podle rad jsem zkusil i scaner Malwarebytes Anti-Malware našel nějakých 10 položek a smazal, resetoval počítač ale nekleslo to. Občas se stane že ale procesor klesne a windef.exe *32 se vypne, ale zase se brzy zapne, nevím co s tím, počítač mám v záruce ale pokud by s tím šlo něco udělat byl bych moc rád. Použil jsem výpis z RSIT.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Vojtěch at 2013-04-03 20:33:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 1369 GB (72%) free of 1894 GB
Total RAM: 8172 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:33:32, on 3.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Users\Vojtěch\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\Vojtěch\AppData\Roaming\Adobex86\windef.exe
C:\Users\Vojtěch\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vojtěch\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vojtěch\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vojtěch\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vojtěch\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vojtěch\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Vojtěch.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.babylon.com/?affID=11393 ... b70dd9d821
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPDTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Google Update] "C:\Users\Vojtěch\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Media Finder] "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray
O4 - HKCU\..\Run: [Yontoo Desktop] "C:\Users\Vojtěch\AppData\Roaming\Yontoo\YontooDesktop.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [AdobeUpdate] wscript "C:\Users\Vojtěch\AppData\Roaming\Adobex86\invis.vbs" "C:\Users\Vojtěch\AppData\Roaming\Adobex86\bat.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14470 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"
winlogon.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2544
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding
C:\Windows\explorer.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fa05f7bc-c754-48f4-bb41-752d0686bf7c -SystemEventPortName:HostProcess-fde8c789-320f-498d-b943-bedb6073b116 -IoCancelEventPortName:HostProcess-5e008214-9774-4507-a06e-5fd38bba49fc -NonStateChangingEventPortName:HostProcess-f7730b40-f417-4ebf-88fb-63f881c6b277 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:078a42fc-2d0b-4539-bdb0-1d60f09be4e3 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\IDT\WDM\beats64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Users\Vojtěch\AppData\Roaming\Yontoo\YontooDesktop.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
\??\C:\Windows\system32\conhost.exe "738639012-605894057503430351173322829-5673177291288697692-390295128497594465
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\Vojtěch\AppData\Roaming\Adobex86\windef.exe" -o http://notroll.in:6332 -u erianx.1 -p 12345
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Vojtěch\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Vojtěch\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3192.0.1205486179\1712368426" --supports-dual-gpus=false --gpu-vendor-id=0x10de --gpu-device-id=0x1243 --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.17.12.6795 --ignored=" --type=renderer " /prefetch:12
"C:\Users\Vojtěch\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Default/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/8/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_92/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="3192.2.216569587\1229595197" /prefetch:3
"C:\Users\Vojtěch\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Default/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/8/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/SpdyCwnd/cwnd10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_92/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="3192.4.1992600250\811731449" /prefetch:3
taskmgr.exe /3
"C:\Users\Vojtěch\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Default/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/8/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/SpdyCwnd/cwnd10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_92/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="3192.6.17966909\811903251" /prefetch:3
"C:\Users\Vojtěch\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/Default/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/8/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/SpdyCwnd/cwnd10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_92/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="3192.12.1982450678\249355206" /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Vojtěch\Stažené soubory\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3424782441-3329749989-1727220065-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3424782441-3329749989-1727220065-1000UA.job
C:\Windows\tasks\HPCeeScheduleForHP-PAVILION95$.job
C:\Windows\tasks\HPCeeScheduleForVojtìch.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Vojtěch\AppData\Roaming\Mozilla\Firefox\Profiles\q4v5rihb.default

prefs.js - "browser.startup.homepage" - "http://isearch.babylon.com/?affID=11393 ... b70dd9d821"
prefs.js - "keyword.URL" - "http://isearch.babylon.com/?affID=11393 ... dd9d821&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@gamersfirst.com/LiveLauncher]
"Description"=GamersFirst LIVE! Web Launcher
"Path"=C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
websitelogon@truesuite.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Vojtěch\AppData\Roaming\Mozilla\Firefox\Profiles\q4v5rihb.default\extensions\
plugin@yontoo.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-07 545264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-06-09 1747272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-07 193520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-11-02 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-06-09 1598792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-11-02 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-08-11 194928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2010-10-22 37888]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-06-10 1128448]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Vojtěch\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-25 116648]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-03-29 1631144]
"Media Finder"=C:\Program Files (x86)\Media Finder\Media Finder.exe /opentotray []
"Yontoo Desktop"=C:\Users\Vojtěch\AppData\Roaming\Yontoo\YontooDesktop.exe [2013-01-31 42784]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"AdobeUpdate"=wscript C:\Users\Vojtěch\AppData\Roaming\Adobex86\invis.vbs C:\Users\Vojtěch\AppData\Roaming\Adobex86\bat.exe []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
""= []
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-05-06 658424]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-08-29 1996200]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamersFirst LIVE!.lnk - C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-04-03 20:33:27 ----D---- C:\rsit
2013-04-03 20:33:27 ----D---- C:\Program Files\trend micro
2013-04-03 18:35:13 ----D---- C:\Users\Vojtěch\AppData\Roaming\Malwarebytes
2013-04-03 18:34:39 ----D---- C:\ProgramData\Malwarebytes
2013-04-03 18:34:38 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-03 18:34:38 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-04-03 17:09:36 ----D---- C:\ProgramData\SecTaskMan
2013-04-03 17:09:30 ----D---- C:\Program Files (x86)\Security Task Manager
2013-04-03 16:30:48 ----D---- C:\Users\Vojtěch\AppData\Roaming\Adobex86
2013-04-02 17:54:53 ----D---- C:\Users\Vojtěch\AppData\Roaming\Adobe64
2013-04-01 21:34:28 ----A---- C:\Users\Vojtěch\AppData\Roaming\QL5H60YACVHK5Rbat.bat
2013-04-01 13:45:47 ----A---- C:\Users\Vojtěch\AppData\Roaming\XZWXXFGY2PVBMHbat.bat
2013-04-01 12:52:15 ----A---- C:\Users\Vojtěch\AppData\Roaming\T7PRICVORY79bat.bat
2013-04-01 10:44:10 ----A---- C:\Users\Vojtěch\AppData\Roaming\WVB6PVbat.bat
2013-03-27 18:14:10 ----A---- C:\Users\Vojtěch\AppData\Roaming\invis.vbs
2013-03-27 18:14:10 ----A---- C:\Users\Vojtěch\AppData\Roaming\bat.bat
2013-03-26 17:32:16 ----D---- C:\ProgramData\RELOADED
2013-03-26 17:07:22 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-21 17:29:32 ----D---- C:\Program Files (x86)\The Walking Dead Survival Instinct
2013-03-14 00:27:17 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-14 00:27:17 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-14 00:27:17 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-14 00:27:17 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-14 00:27:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-14 00:27:16 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-14 00:27:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-14 00:27:16 ----A---- C:\Windows\system32\urlmon.dll
2013-03-14 00:27:16 ----A---- C:\Windows\system32\url.dll
2013-03-14 00:27:16 ----A---- C:\Windows\system32\jscript9.dll
2013-03-14 00:27:16 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-14 00:27:16 ----A---- C:\Windows\system32\ieui.dll
2013-03-14 00:27:15 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-14 00:27:15 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-14 00:27:15 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-14 00:27:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-14 00:27:15 ----A---- C:\Windows\system32\wininet.dll
2013-03-14 00:27:15 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-14 00:27:15 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-14 00:27:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-14 00:27:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-14 00:27:14 ----A---- C:\Windows\system32\vbscript.dll
2013-03-14 00:27:14 ----A---- C:\Windows\system32\jscript.dll
2013-03-14 00:27:14 ----A---- C:\Windows\system32\iertutil.dll
2013-03-14 00:27:13 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-14 00:27:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-14 00:27:12 ----A---- C:\Windows\system32\mshtml.dll
2013-03-14 00:27:12 ----A---- C:\Windows\system32\ieframe.dll
2013-03-14 00:26:30 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 00:26:30 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-09 19:13:58 ----HD---- C:\Windows\msdownld.tmp
2013-03-09 19:13:39 ----D---- C:\Windows\SYSWOW64\directx
2013-03-09 18:45:17 ----D---- C:\Program Files (x86)\Electronic Arts
2013-03-08 21:08:56 ----A---- C:\Windows\SYSWOW64\CmdLineExt.dll
2013-03-06 17:44:27 ----D---- C:\Users\Vojtěch\AppData\Roaming\YoudaGames
2013-03-06 17:43:50 ----D---- C:\Program Files (x86)\Governor of Poker 2 Premium Edition

======List of files/folders modified in the last 1 month======

2013-04-03 20:33:27 ----RD---- C:\Program Files
2013-04-03 20:33:00 ----D---- C:\Windows\Temp
2013-04-03 20:24:36 ----D---- C:\Users\Vojtěch\AppData\Roaming\Skype
2013-04-03 20:24:08 ----D---- C:\Windows\system32\config
2013-04-03 20:15:18 ----D---- C:\Windows\System32
2013-04-03 20:15:18 ----D---- C:\Windows\inf
2013-04-03 20:15:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-03 20:13:09 ----A---- C:\Windows\SYSWOW64\log.txt
2013-04-03 20:12:00 ----D---- C:\Users\Vojtěch\AppData\Roaming\Yontoo
2013-04-03 20:11:55 ----D---- C:\Program Files (x86)\Steam
2013-04-03 20:11:10 ----D---- C:\ProgramData\PDFC
2013-04-03 20:10:56 ----D---- C:\ProgramData\NVIDIA
2013-04-03 18:34:39 ----HD---- C:\ProgramData
2013-04-03 18:34:38 ----RD---- C:\Program Files (x86)
2013-04-03 18:34:38 ----D---- C:\Windows\system32\drivers
2013-04-03 17:58:55 ----D---- C:\Vojta
2013-04-03 16:56:36 ----D---- C:\Users\Vojtěch\AppData\Roaming\vlc
2013-04-03 16:29:25 ----D---- C:\ProgramData\truesuite
2013-04-02 21:29:34 ----SHD---- C:\System Volume Information
2013-04-02 12:34:28 ----N---- C:\Windows\system32\MpSigStub.exe
2013-04-01 13:44:08 ----D---- C:\Windows\Prefetch
2013-03-31 16:34:21 ----D---- C:\Windows\SysWOW64
2013-03-31 16:34:01 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-03-31 15:56:33 ----D---- C:\Program Files (x86)\Warcraft III
2013-03-28 16:24:02 ----D---- C:\Windows\Tasks
2013-03-28 16:23:09 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-03-28 16:21:46 ----D---- C:\Users\Vojtěch\AppData\Roaming\HpUpdate
2013-03-28 16:21:46 ----D---- C:\Users\Vojtěch\AppData\Roaming\HP Support Assistant
2013-03-27 16:36:35 ----D---- C:\Windows\winsxs
2013-03-27 16:35:48 ----D---- C:\Windows\system32\DriverStore
2013-03-26 17:06:32 ----D---- C:\Windows\system32\catroot
2013-03-24 15:49:56 ----D---- C:\Windows\system32\Tasks
2013-03-24 15:49:53 ----D---- C:\Fraps
2013-03-24 11:50:58 ----D---- C:\Windows\system32\catroot2
2013-03-24 02:10:36 ----D---- C:\Windows\rescache
2013-03-23 17:59:04 ----SHD---- C:\Windows\Installer
2013-03-23 17:59:03 ----SHD---- C:\Config.Msi
2013-03-23 17:58:54 ----D---- C:\UDK
2013-03-22 00:08:02 ----D---- C:\Users\Vojtěch\AppData\Roaming\uTorrent
2013-03-14 16:23:55 ----D---- C:\Windows\SYSWOW64\migration
2013-03-14 16:23:55 ----D---- C:\Windows\system32\migration
2013-03-14 16:23:55 ----D---- C:\Windows\AppPatch
2013-03-14 16:23:55 ----D---- C:\Program Files\Internet Explorer
2013-03-14 16:23:55 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 00:28:15 ----A---- C:\Windows\system32\MRT.exe
2013-03-14 00:28:11 ----D---- C:\ProgramData\Microsoft Help
2013-03-09 19:13:58 ----D---- C:\Windows
2013-03-09 19:08:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-08 21:04:20 ----RSD---- C:\Windows\assembly
2013-03-08 20:58:38 ----D---- C:\Program Files (x86)\Eidos
2013-03-05 19:06:13 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2011-04-26 557848]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2011-04-22 1360960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-03-03 174184]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-06-10 528384]
R3 tihub3;TI USB3 Hub Service; C:\Windows\system32\drivers\tihub3.sys [2011-04-21 131656]
R3 tixhci;TI XHCI Service; C:\Windows\system32\drivers\tixhci.sys [2011-04-21 399944]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pmxdrv;pmxdrv; \??\C:\Windows\system32\drivers\pmxdrv.sys [2012-03-21 31152]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-06-09 264008]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-03-30 1005160]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-05-06 1128952]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-04 76888]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-06-10 302592]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-03-30 378472]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-03-29 543656]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-26 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

Předem děkuji za každou pomoc a moc si ji vážím. Taky jsem si díval na téma http://forum.viry.cz/viewtopic.php?f=13&t=124872 , ale netuším jestli to s tím opravdu souvisí.

#2 Příspěvek od **vyosek** » 03 dub 2013 20:33

Zdravim

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

ElimCz · #3 Příspěvek od **ElimCz** » 04 dub 2013 15:19

Děkuji hned se do toho pustím jen ještě pár otázek, rači se nejdřív zeptám než něco udělám. První trochu od tématu jestli se na pc stahuje záruka i na problémy s softwarem jako jsou třeba viry atd. nebo čistě na technické problémy v hadwaru ?
A další taková otázka ve kterém určitém bodě mě může poškodit/vymazat combofix nějaké programy v systému? Bohužel nejsem nějaký profesionál tak se rači ptám než jednám.

#4 Příspěvek od **vyosek** » 04 dub 2013 17:01

Zaruka se vztahuje na HW kusy, to jest kdyz vam odejde disk, ne kdyz vam jej napadnou viry

ComboFix vykonava nekolik fazi, nelze rici kdy presne muze neco poskodit, ale v 99,9% pripadu, kdy chybne neco smaze, tak to lze obnovit

Klidne se ptejte, nejsou to zcestne dotazy a naprosto na miste

ElimCz · #5 Příspěvek od **ElimCz** » 04 dub 2013 17:13

Výpis s Rkill

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/04/2013 06:11:20 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Vojtěch\AppData\Roaming\Adobex86\windef.exe (PID: 4972) [Mal-GEN]

1 proccess terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Vojtěch\Desktop\rkill\rkill-04-04-2013-06-11-48.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
* HKCU\SOFTWARE\Classes\.exe has been deleted!

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 04/04/2013 06:11:53 PM
Execution time: 0 hours(s), 0 minute(s), and 32 seconds(s)

ElimCz · #6 Příspěvek od **ElimCz** » 04 dub 2013 17:19

Jinak po dokončení výpisu s Rkill procesor je opět na normální úrovni do 10%

#7 Příspěvek od **vyosek** » 04 dub 2013 17:22

OK, pokrracujte ComboFixem

ElimCz · #8 Příspěvek od **ElimCz** » 04 dub 2013 17:52

takže výpis s Combofix, myslel jsem si že už kompl nerozjedu ale bylo to jednoduší než se to zdálo návody jsou dobré.

ComboFix 13-04-04.01 - Vojtěch 04.04.2013 18:40:50.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8172.6386 [GMT 2:00]
Spuštěný z: c:\users\Vojtých\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\smartdl
c:\program files (x86)\smartdl\dler.exe
c:\program files (x86)\smartdl\gunzip.exe
c:\program files (x86)\smartdl\header.bmp
c:\program files (x86)\smartdl\header2.bmp
c:\program files (x86)\smartdl\header3.bmp
c:\program files (x86)\smartdl\next.bmp
c:\program files (x86)\smartdl\skip.bmp
c:\program files (x86)\smartdl\status-o
C:\torrent.exe
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-04 do 2013-04-04 )))))))))))))))))))))))))))))))
.
.
2074-05-18 15:44 . 2008-03-21 12:46 607296 ----a-w- c:\program files (x86)\Microsoft Games\Age of Empires III\deformerdllyD.dll
2013-04-04 16:45 . 2013-04-04 16:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-03 18:33 . 2013-04-03 18:33 -------- d-----w- C:\rsit
2013-04-03 18:33 . 2013-04-03 18:33 -------- d-----w- c:\program files\trend micro
2013-04-03 16:35 . 2013-04-03 16:35 -------- d-----w- c:\users\Vojtěch\AppData\Roaming\Malwarebytes
2013-04-03 16:34 . 2013-04-03 16:34 -------- d-----w- c:\programdata\Malwarebytes
2013-04-03 16:34 . 2013-04-03 16:34 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-04-03 16:34 . 2012-12-14 14:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-03 16:34 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3968614C-42C5-41E0-BE5C-DA92D522DD32}\mpengine.dll
2013-04-03 15:09 . 2013-04-03 15:11 -------- d-----w- c:\programdata\SecTaskMan
2013-04-03 15:09 . 2013-04-03 15:09 -------- d-----w- c:\program files (x86)\Security Task Manager
2013-04-03 14:30 . 2013-04-03 04:53 -------- d-----w- c:\users\Vojtěch\AppData\Roaming\Adobex86
2013-04-02 18:56 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-04-02 15:54 . 2013-04-02 18:37 -------- d-----w- c:\users\Vojtěch\AppData\Roaming\Adobe64
2013-04-01 19:34 . 2013-04-01 19:34 360 ----a-w- c:\users\Vojtěch\AppData\Roaming\QL5H60YACVHK5Rbat.bat
2013-04-01 11:45 . 2013-04-01 11:45 0 ----a-w- c:\users\Vojtěch\AppData\Roaming\XZWXXFGY2PVBMHbat.bat
2013-04-01 10:52 . 2013-04-01 10:52 0 ----a-w- c:\users\Vojtěch\AppData\Roaming\T7PRICVORY79bat.bat
2013-04-01 08:44 . 2013-04-01 08:44 360 ----a-w- c:\users\Vojtěch\AppData\Roaming\WVB6PVbat.bat
2013-03-31 18:43 . 2013-03-31 18:43 -------- d-----w- c:\users\Vojtěch\AppData\Local\{C3F20ABA-C353-44A2-A14E-2CA9F504A62B}
2013-03-30 13:53 . 2013-03-30 13:54 -------- d-----w- c:\users\Vojtěch\AppData\Local\{A5F817EF-5482-40B4-91C4-2D0ECAA01BBC}
2013-03-29 11:49 . 2013-03-29 11:49 -------- d-----w- c:\users\Vojtěch\AppData\Local\{C0BAD32A-998D-431D-B627-CCDC807C9C34}
2013-03-28 16:41 . 2013-03-28 16:42 -------- d-----w- c:\users\Vojtěch\AppData\Local\{23612F09-1718-4F46-91C7-1D6556384B1F}
2013-03-28 07:37 . 2013-03-28 07:37 163088 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10143.bin
2013-03-27 16:14 . 2013-03-27 06:07 314 ----a-w- c:\users\Vojtěch\AppData\Roaming\bat.bat
2013-03-27 16:14 . 2012-07-02 15:28 78 ----a-w- c:\users\Vojtěch\AppData\Roaming\invis.vbs
2013-03-26 15:32 . 2013-03-26 15:32 -------- d-----w- c:\programdata\RELOADED
2013-03-26 15:07 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-24 14:19 . 2013-03-24 14:20 -------- d-----w- c:\users\Vojtěch\AppData\Local\{724F2EB6-8A98-4760-A331-66E63169DF4B}
2013-03-23 18:38 . 2013-03-23 18:38 -------- d-----w- c:\users\Vojtěch\AppData\Local\{E635849C-DC2A-45A7-93B5-B8922B6F1A47}
2013-03-21 15:29 . 2013-03-21 15:33 -------- d-----w- c:\program files (x86)\The Walking Dead Survival Instinct
2013-03-21 14:48 . 2012-11-28 14:44 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A625D719-50D0-46B9-B747-7C4E8DAD9DB1}\gapaengine.dll
2013-03-17 08:20 . 2013-03-17 08:21 -------- d-----w- c:\users\Vojtěch\AppData\Local\{D37605B5-0C74-4D28-B565-B3A225B0EF3D}
2013-03-16 10:24 . 2013-03-16 10:25 -------- d-----w- c:\users\Vojtěch\AppData\Local\{41AFF55F-F139-49BE-8EA3-EB586B71807A}
2013-03-13 22:26 . 2013-03-13 22:26 -------- d-----w- c:\program files\Microsoft Silverlight
2013-03-13 22:26 . 2013-03-13 22:26 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-03-09 17:13 . 2013-03-09 17:13 -------- d--h--w- c:\windows\msdownld.tmp
2013-03-09 16:45 . 2013-03-09 17:05 -------- d-----w- c:\program files (x86)\Electronic Arts
2013-03-08 19:08 . 2013-03-08 19:08 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
2013-03-08 12:40 . 2013-03-08 12:41 -------- d-----w- c:\users\Vojtěch\AppData\Local\{6C821C66-22A0-4429-A3AA-F6FF87C42DB6}
2013-03-07 17:04 . 2013-03-07 17:04 201119 ----a-w- c:\users\Vojtěch\AppData\Roaming\poclbm121016GeForce GT 545v1w256l4.bin
2013-03-06 15:44 . 2013-03-06 15:44 -------- d-----w- c:\users\Vojtěch\AppData\Roaming\YoudaGames
2013-03-06 15:43 . 2013-03-06 15:44 -------- d-----w- c:\program files (x86)\Governor of Poker 2 Premium Edition
2013-03-05 17:06 . 2013-03-07 14:35 -------- d-----w- c:\users\Vojt?
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-02 10:34 . 2010-11-21 03:27 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-04-01 19:34 . 2013-04-01 19:34 360 ----a-w- c:\users\Vojtěch\AppData\Roaming\QL5H60YACVHK5Rbat.bat
2013-04-01 19:34 . 2013-04-01 19:34 360 ----a-w- c:\users\Vojtěch\AppData\Roaming\QL5H60YACVHK5Rbat.bat
2013-04-01 11:45 . 2013-04-01 11:45 0 ----a-w- c:\users\Vojtěch\AppData\Roaming\XZWXXFGY2PVBMHbat.bat
2013-04-01 11:45 . 2013-04-01 11:45 0 ----a-w- c:\users\Vojtěch\AppData\Roaming\XZWXXFGY2PVBMHbat.bat
2013-04-01 10:52 . 2013-04-01 10:52 0 ----a-w- c:\users\Vojtěch\AppData\Roaming\T7PRICVORY79bat.bat
2013-04-01 10:52 . 2013-04-01 10:52 0 ----a-w- c:\users\Vojtěch\AppData\Roaming\T7PRICVORY79bat.bat
2013-04-01 08:44 . 2013-04-01 08:44 360 ----a-w- c:\users\Vojtěch\AppData\Roaming\WVB6PVbat.bat
2013-04-01 08:44 . 2013-04-01 08:44 360 ----a-w- c:\users\Vojtěch\AppData\Roaming\WVB6PVbat.bat
2013-03-31 14:34 . 2012-07-25 18:15 201816 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-03-31 14:34 . 2012-07-25 18:15 201816 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-03-27 06:07 . 2013-03-27 16:14 314 ----a-w- c:\users\Vojtěch\AppData\Roaming\bat.bat
2013-03-27 06:07 . 2013-03-27 16:14 314 ----a-w- c:\users\Vojtěch\AppData\Roaming\bat.bat
2013-03-13 22:28 . 2012-07-26 08:49 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-07 17:04 . 2013-03-07 17:04 201119 ----a-w- c:\users\Vojtěch\AppData\Roaming\poclbm121016GeForce GT 545v1w256l4.bin
2013-03-07 17:04 . 2013-03-07 17:04 201119 ----a-w- c:\users\Vojtěch\AppData\Roaming\poclbm121016GeForce GT 545v1w256l4.bin
2013-02-13 13:07 . 2012-07-25 18:41 281120 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-02-13 10:48 . 2013-02-13 10:39 2829 ----a-w- c:\windows\War3Unin.pif
2013-02-13 10:48 . 2013-02-13 10:39 139264 ----a-w- c:\windows\War3Unin.exe
2013-02-12 05:45 . 2013-03-13 21:04 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 21:04 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 21:04 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 21:04 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 21:04 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 21:04 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-20 14:59 . 2013-01-20 14:59 230320 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-20 14:59 . 2012-03-20 18:44 130008 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-13 21:17 . 2013-02-27 22:02 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-27 22:02 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-27 22:02 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-27 22:02 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 22:02 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 22:02 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 22:02 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 22:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 22:02 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 22:02 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 22:02 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 22:02 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32 . 2013-02-27 22:02 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 22:02 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 22:02 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 22:02 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 22:02 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 22:02 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 22:02 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-01-13 20:22 . 2013-02-27 22:02 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20 . 2013-02-27 22:02 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-01-13 20:09 . 2013-02-27 22:02 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-27 22:02 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08 . 2013-02-27 22:02 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-01-13 19:59 . 2013-02-27 22:02 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 19:58 . 2013-02-27 22:02 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 19:54 . 2013-02-27 22:02 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53 . 2013-02-27 22:02 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-27 22:02 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-01-13 19:51 . 2013-02-27 22:02 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 19:49 . 2013-02-27 22:02 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 19:48 . 2013-02-27 22:02 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46 . 2013-02-27 22:02 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-01-13 19:43 . 2013-02-27 22:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38 . 2013-02-27 22:02 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 19:38 . 2013-02-27 22:02 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:38 . 2013-02-27 22:02 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 19:37 . 2013-02-27 22:02 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-01-13 19:25 . 2013-02-27 22:02 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:24 . 2013-02-27 22:02 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:24 . 2013-02-27 22:02 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:20 . 2013-02-27 22:02 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:20 . 2013-02-27 22:02 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:15 . 2013-02-27 22:02 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:10 . 2013-02-27 22:02 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-27 22:02 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-01-13 18:34 . 2013-02-27 22:02 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32 . 2013-02-27 22:02 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-01-13 18:09 . 2013-02-27 22:02 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26 . 2013-02-27 22:02 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-01-13 17:05 . 2013-02-27 22:02 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-01-05 05:53 . 2013-02-13 16:32 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-13 16:32 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-13 16:32 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2012-08-10 22:54 194928 ----a-w- c:\program files (x86)\Yontoo\YontooIEClient.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-03-29 1631144]
"Yontoo Desktop"="c:\users\Vojtěch\AppData\Roaming\Yontoo\YontooDesktop.exe" [2013-01-31 42784]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-05-05 658424]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamersFirst LIVE!.lnk - c:\program files (x86)\GamersFirst\LIVE!\Live.exe [2012-4-29 2647664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [2012-03-20 31152]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-26 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-06-09 264008]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-05-05 1128952]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-03-30 378472]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-04-22 1360960]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys [2011-04-20 131656]
S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys [2011-04-20 399944]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-14 c:\windows\Tasks\HPCeeScheduleForHP-PAVILION95$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2013-04-04 c:\windows\Tasks\HPCeeScheduleForVojt?ch.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2010-10-21 37888]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-06-10 1128448]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uStart Page = hxxp://isearch.babylon.com/?affID=113933&tt=3912_6&babsrc=HP_ss&mntrId=248e2a930000000000009cb70dd9d821
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.bing.com?pc=HPDTDF
mStart Page = hxxp://www.bing.com?pc=HPDTDF
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-Media Finder - c:\program files (x86)\Media Finder\Media Finder.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-1ClickDownload - c:\program files (x86)\1ClickDownload\uninst.exe
AddRemove-The Elder Scrolls V Skyrim Dragonborn (c) Bethes~300CD4A2_is1 - c:\vojta\Games\neorigo\The Elder Scrolls V Skyrim\unins000.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-04-04 18:47:45
ComboFix-quarantined-files.txt 2013-04-04 16:47
.
Před spuštěním: Volných bajtů: 1 434 583 293 952
Po spuštění: Volných bajtů: 1 439 572 865 024
.
- - End Of File - - FC075812ECE73CDE5E805F6A083E2ABB

ElimCz · #9 Příspěvek od **ElimCz** » 04 dub 2013 17:56

Kvůli internetu jsem ale musel resetovat počítač takže jestli se nepletu tak to vyrušilo účinky toho Rkill každopádně procesor na měřáku ukazuje opět do 10 max 20 % takže jsem spokojen a myslím že to pomohlo.

#10 Příspěvek od **vyosek** » 04 dub 2013 20:52

No jeste je tam hodne veci na mazani, ale ty nam CF nesmaze kvuli diakritice v nazvu uctu, takze na to pujdem jinak

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

ElimCz · #11 Příspěvek od **ElimCz** » 05 dub 2013 13:29

výpis s Extras.txt

OTL Extras logfile created on: 4/5/2013 1:47:42 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vojtěch\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7.98 Gb Total Physical Memory | 6.07 Gb Available Physical Memory | 76.04% Memory free
15.96 Gb Paging File | 13.75 Gb Available in Paging File | 86.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1849.44 Gb Total Space | 1340.74 Gb Free Space | 72.49% Space Free | Partition Type: NTFS
Drive D: | 13.47 Gb Total Space | 1.66 Gb Free Space | 12.33% Space Free | Partition Type: NTFS

Computer Name: HP-PAVILION95 | User Name: Vojtěch | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{011462F6-2F33-4D39-8D05-E5CDA59A011A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{08022B8D-67A8-4E03-A6C2-BAD529CBA532}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0E68C745-05AE-4191-B597-6062C00E4877}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1A1927BC-EFB9-4906-98D7-57B0DCB79CC8}" = lport=139 | protocol=6 | dir=in | app=system |
"{1D2B7CE0-6410-45B4-AC5F-5D85A617CEBE}" = rport=139 | protocol=6 | dir=out | app=system |
"{1E6FDB79-39AB-46D2-8959-AC00AE6E3898}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2D284177-254A-4497-9BF6-93167CC665D1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{371F5A82-6732-422C-8ED9-8A2F39B7843D}" = rport=445 | protocol=6 | dir=out | app=system |
"{41E2FF0D-8AE9-4504-B238-1312E74F66E5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{63F265EB-BC7A-48A0-A841-40034D276573}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{678D0407-E216-4521-8633-8642FBFA882F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6C559925-88BE-43C3-80F9-4A0B8DC330E0}" = lport=137 | protocol=17 | dir=in | app=system |
"{6D5129A1-C889-4F4D-9FD0-EF7A8E7ADD1A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6E22EBB9-5964-4D24-A570-8B67EC1F5411}" = lport=445 | protocol=6 | dir=in | app=system |
"{722CC40A-F8E0-422A-B5EF-6DD9C81E52AC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{771C571E-F62B-467C-B7CA-549CD92CABE1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7B7A1480-1E66-4808-B759-E36C808744AB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{833EB059-F101-41BA-96F7-4F4E7A308254}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{91927D0F-00D5-424D-8AB8-9A355C236E98}" = rport=137 | protocol=17 | dir=out | app=system |
"{9BF72EDB-AE88-459F-B55B-8640BAC9F756}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A50322BC-6339-4C5B-B403-5898764CE730}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C4C1A631-9E23-45E6-8016-E2DEC6F70B2E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{CC16FAA3-C187-46CA-B978-23EF84426A21}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{D7CCB26B-0E58-4C02-8E40-C6B6BB78EEE2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DCD82C84-C8D3-48E1-B792-A55E80307DFB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DF696E86-A71B-4A19-8437-1F7141F06CD9}" = lport=138 | protocol=17 | dir=in | app=system |
"{E79F6065-767D-4B6F-864C-2DDA77D2476A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EF3B9F08-ADE7-484F-B697-4B8D934E0F39}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01A2EE2A-39FC-4CCE-B945-2A8B806299B1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0274A5EC-8724-46BC-9D50-400693D97029}" = protocol=6 | dir=in | app=c:\program files (x86)\the witcher 2\bin\witcher2.exe |
"{03A7E6AE-5ACE-42E3-81F7-EA70DB3E818D}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{04808F56-18FF-43EC-A1BA-D62C80DE8D24}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{04CF9BD3-FB1A-484A-AF36-E225B7EABB7A}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{053F3018-1E73-49FB-AD40-857BACD342C9}" = protocol=17 | dir=in | app=c:\udk\udk-2013-02\binaries\win64\udk.exe |
"{0967A4BE-03EE-4443-96B1-56AC8B4E1C3D}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\remote graphics receiver\rgreceiver.exe |
"{0B2EE155-0C6D-4F3C-97FF-1C533651D00D}" = protocol=6 | dir=in | app=c:\udk\udk-2012-07\binaries\win64\udk.exe |
"{0C8FE9EF-0BA0-4225-B08B-BDEAC5154C76}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3.exe |
"{169B77AC-E0AF-40D6-B1BE-C9CEBF7E1D41}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{17446DA0-3706-4DB2-8010-203A54E41048}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
"{17F695C8-0472-4DEB-B1E9-2ABD5CFA5834}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1813D4FF-4FFD-4972-84CD-0C6DC10F3358}" = protocol=6 | dir=in | app=c:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
"{1AD1353A-DF0E-4BF0-A7E5-3A18F23CE311}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{21AD637D-1957-4112-B05C-EB050DF7213B}" = protocol=6 | dir=in | app=c:\udk\udk-2013-02\binaries\win32\udk.exe |
"{23040195-ADC6-4978-AC8B-214D7C03ACFE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\james cameron's avatar - the game\bin\avatar.exe |
"{25FCF063-0590-4A35-85F1-C5CE04C56B5B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{26DF9991-FDEB-48DB-839E-32D1FA7247DE}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{27331CBF-FE18-481F-8D78-CB2E808BD6A0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"{280DE322-9AF9-431C-949E-06787B58FA9A}" = protocol=6 | dir=in | app=c:\users\vojtěch\appdata\local\temp\dsoclient\dlcache\app.n3app |
"{2D370813-FD58-4429-8114-6A2CFF162EDB}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
"{317C25C6-D4EE-443E-AD19-7CE0141C00CC}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{33CDEF20-AB1E-4AA3-8FA0-BD786D95BDF6}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{392E0B26-BF8B-4285-A756-98AAC4FFC9FC}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{3F2F0809-905A-409E-B1D5-8B3FF5DD1942}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{408A87C6-853A-487F-8BB3-EF7C23D901F3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{40ADC3F5-512C-4F1E-89AD-5438BA8E9ACE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{427D985B-2BA4-458E-915E-2AEE0C0BA7DC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{43CC1AE4-9E24-4CEB-A3EB-2C4E55BE8501}" = protocol=6 | dir=in | app=c:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001e_488c36b75bc31b10\launcher.exe |
"{482629FB-7502-4EE4-9674-5B87E8F3257D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{48C1786E-36C0-455E-946C-E6C0A65F9AFB}" = protocol=58 | dir=in | app=system |
"{49EC6266-E33A-4190-B90F-E928AD299BB3}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{4FFC5156-3855-4047-97B4-B51B28A5A523}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{514D0571-B89C-4029-BB41-E8022CD49EF8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{51BC5118-EFCF-403D-B16E-D6C6FD6EAF37}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\wolfenstein\mp\wolf2mp.exe |
"{51C2224A-1C5A-473F-A92B-F03C249A637C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{54834C7A-56AB-4ED8-9D5F-F1398D86F1ED}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5CE00759-D13B-42DC-966C-137DDCF41450}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\james cameron's avatar - the game\bin\avatarlauncher.exe |
"{5F60974F-CC8C-4881-9FB3-1319841A8C08}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5FBAA880-6850-4699-AADB-9AE38A766F87}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{5FC26D84-7C95-48FA-AF6D-74FB104757E3}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{61F86D53-F7B8-4053-98A5-F54F7773B50B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{63266819-02F8-4076-B12D-BEA43DDB29F9}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{63D1BC59-E07F-499E-A540-2E4D50F256EE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{6DBEDCAE-A4F8-4DEC-855D-882C2837BE51}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{6E417172-38CD-45A0-8878-3B45A14823BA}" = protocol=6 | dir=in | app=c:\program files (x86)\capcom\resident evil 5\launcher.exe |
"{73F8948D-538C-4026-9867-2ED47859946C}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{7503F106-508E-4DBA-A326-13EE752ED33C}" = protocol=6 | dir=out | app=c:\program files (x86)\hewlett-packard\remote graphics receiver\rgreceiver.exe |
"{7545A98E-ADFA-4550-A83B-6BFDFA1C5C61}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7619E3AC-D211-46FF-B4C3-310DCCC4686F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3x.exe |
"{77891880-CCAE-4857-99ED-E315F0AFC687}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3.exe |
"{7815EA89-768E-407A-95B1-8F692E18A5AA}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{7931EA79-FB42-4EFB-A5AD-308C2EAC7DEA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{7A45C27D-5794-48A1-B1CA-CE5CAD82FDC7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\eliminatorczech\source sdk base 2007\hl2.exe |
"{7A56D356-3124-4910-93D3-6F121A248572}" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"{7AA7ECED-1C0E-4616-916E-1674E13B762A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7C3B82F3-BFD9-414A-9AC7-0425E74A26B6}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{7DCDF688-5AD1-43FB-B9E9-94079B903569}" = protocol=6 | dir=in | app=c:\udk\udk-2013-02\binaries\win64\udk.exe |
"{807BB721-6FB6-47E9-A5DF-3479E4EA19BC}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{809D77ED-B6A9-46D5-9140-323F31DBBE04}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8248B7AC-4FA3-475F-BF0F-4747934DD8EA}" = protocol=17 | dir=in | app=j:\transformers fall of cybertron\binaries\tfoc.exe |
"{869DD386-5BA5-44BF-9B8D-FD240C3D23B1}" = protocol=6 | dir=in | app=c:\users\vojtěch\appdata\local\temp\gw2.exe |
"{8768CA12-339E-4189-8146-547A8325A778}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{8792268E-4C31-41EC-B1A7-466FDA6B5CD9}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{88E2DA14-83AE-40AB-83ED-A439C1589580}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\eliminatorczech\source sdk base 2007\hl2.exe |
"{8DDD9345-C5E2-4945-97F8-19CF658D2681}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E2BA75B-B431-4B42-8DD2-CB067915D9EC}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{901FD7AD-E2FE-4AA6-8764-FC66EF20DA03}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{906581EF-1B1E-44F9-982E-43614D1ED4EB}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\wolfenstein\mp\wolf2mplite.exe |
"{911A07D7-1D6E-4505-841E-9E082EBFC66C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{9181B540-1E50-4C1C-A060-5871A0AF88A8}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{91C64659-7A79-4D69-A696-FB8591CE2C30}" = protocol=17 | dir=in | app=c:\program files (x86)\the witcher 2\bin\witcher2.exe |
"{91D21ABB-5292-46EE-8861-4165EFAEA330}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{91DF9008-EC2C-48BE-B58D-6DA50550B107}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{9383AD6C-561E-44D1-A376-6B33A5264C91}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\james cameron's avatar - the game\bin\avatar.exe |
"{9540CE83-619C-4F1C-B079-5521833C0E1F}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{96EC53FE-11A1-4E2C-A0BF-7BC120CDBA85}" = protocol=17 | dir=in | app=c:\udk\udk-2013-02\binaries\win32\udk.exe |
"{9BCECB28-D803-4320-8D53-DF384B572AC5}" = protocol=17 | dir=in | app=c:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
"{9BD8C204-1DBB-4E25-872F-9CA31881F83F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9D2F5AA2-FE7D-4568-A4F3-2138BC226E7F}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
"{A45AA9DF-55FB-45B1-94B8-4B53C2E33D27}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A4DA3B50-20F4-4EF9-9F49-C89FEB147EF1}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{A6BE6A6F-B5D1-4553-9535-B7F5C2DB056B}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A796C9C2-FB2F-4D0E-AEAB-2A3C8EB31FFD}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{A9587FBF-9ADC-4E53-A4AA-50CA4F38FDFD}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\james cameron's avatar - the game\bin\avatarlauncher.exe |
"{AA62F998-13EA-4957-A70E-538D06136A5E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3x.exe |
"{ADBFA741-420A-4404-8878-A9975EF7F594}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\wolfenstein\mp\wolf2mplite.exe |
"{AFDB31E3-2010-440E-BAFF-04FBC70CC42C}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{B01B6AB2-8261-432B-A85F-99368A1468DA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B069617B-3BDC-4CD7-80C2-B61B5E67F3E8}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
"{B13E0011-2940-4CFC-9DDF-6D10CC6D1AD2}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{B23D9CBA-C56F-4BAB-9112-9376BD76332D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B2F094C6-2874-4C62-B610-EB4FC2DF1106}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\hp linkup\hp linkup viewer.exe |
"{B3FF7134-B4D7-4D8D-899B-9A589B2EF71F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{B479B547-09FA-43A0-93B3-F19B59F8C834}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
"{B512CDC3-74E8-40A8-8EAD-0D67B613BEF2}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{B5DE6ABF-0996-4B24-A619-DD3010EFAE28}" = protocol=6 | dir=out | app=system |
"{B9E5CF48-F4C0-45D0-AEF3-31FC0B131BE5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BB599FFC-ED3C-43B7-B621-C6C157D8141C}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\wolfenstein\mp\wolf2mp.exe |
"{BC01F69A-A5D2-4B90-B947-8D91F4036D74}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{BCB9F860-C768-4B26-A0F7-150440E400D6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{BF517AF3-F5C1-44E9-BD2D-50A5035D4367}" = protocol=17 | dir=in | app=c:\users\vojtěch\appdata\local\temp\dsoclient\dlcache\app.n3app |
"{C1A4C580-C3CA-41DF-BE55-2A0F36B51713}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C31FB51A-9B52-4ED7-BD2D-20A9D38B0FF5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island\deadislandgame.exe |
"{C3A14F3B-836A-4375-885E-BA9B978A2384}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"{C543971C-59A6-4040-ACE7-9BBA968C51BE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"{C5AB30F3-F3E4-4173-8467-1CAAF78ECC2B}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{C5BD6421-784B-4456-9D3E-0F2E625DD1D7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C91F6436-2811-4C98-BF3F-714313DF0149}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{CD334629-DEE3-433F-AB04-1AD9D6C447D6}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{CDD727AB-70C9-4297-9E8C-C5512375627B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CE9C0BDA-81E6-4017-9C76-1A22F98265B9}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{CEEC20E7-AAA9-4491-908D-E331DFD0ADA3}" = protocol=17 | dir=in | app=c:\udk\udk-2012-07\binaries\win32\udk.exe |
"{D328BE54-50BC-4D70-BB40-CFCC0971DDB5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{D3D979F5-7943-4448-BFB3-28682096F478}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D4D4B900-2302-4CFE-A2F5-BE24AA99394D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"{D7AB8C37-0AEC-41FB-8544-F651561054AE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D8FBE0D9-0D65-4F0C-A03E-C3E9C2356091}" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"{DA2C664E-924D-4884-B7FF-38E95C4EC692}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{DB208F8F-6C89-481B-B35D-5CC5CCDD1369}" = protocol=17 | dir=in | app=c:\vojta\games\zaklínač\launcher.exe |
"{E0532E77-8AB4-4EE7-B1EE-B2D3FF21DA2C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{E109A086-B0DA-44DB-BE93-22F89100811A}" = protocol=17 | dir=in | app=c:\users\vojtěch\appdata\local\temp\gw2.exe |
"{E18D7BAF-B157-4802-9708-E87E95C71420}" = protocol=6 | dir=in | app=c:\vojta\games\zaklínač\launcher.exe |
"{E2A56B43-468B-4DAE-8AC8-A9E60D7EDDD4}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
"{E33960A0-9753-40BD-9DCD-8F1BEDCD6246}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{E85DDE16-5990-412F-B1B7-77EF715A5BE0}" = protocol=17 | dir=in | app=c:\udk\udk-2012-07\binaries\win64\udk.exe |
"{E95210B9-D40D-49B0-BCC1-8243C6B99761}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E9FE4381-96F3-4871-81EE-C9A9E14C6E60}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{EF3926D3-075A-4F53-98D2-8DD2FF0A1D6B}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{F0D5C30C-3867-422C-8B95-994A082BF0F7}" = protocol=17 | dir=in | app=c:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001e_488c36b75bc31b10\launcher.exe |
"{F5106818-0CB8-4AD6-A5E7-02FF68EF2959}" = protocol=17 | dir=in | app=c:\program files (x86)\capcom\resident evil 5\launcher.exe |
"{F56CBC96-B931-445D-B2FF-11889429AC8D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F647D72C-CFA4-4DC3-8E76-F5FEE72DB960}" = protocol=6 | dir=in | app=j:\transformers fall of cybertron\binaries\tfoc.exe |
"{F7E8D411-9805-42DF-8006-E4DEF6271360}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F9288490-5E51-4AA4-99E1-C2B1F014D125}" = protocol=17 | dir=out | app=c:\program files (x86)\hewlett-packard\hp linkup\hp linkup viewer.exe |
"{FE42EAE7-437C-496B-8DF3-CE7CFCCD2861}" = protocol=6 | dir=in | app=c:\udk\udk-2012-07\binaries\win32\udk.exe |
"TCP Query User{122BD07B-AD8B-4044-A773-02D164743867}C:\program files (x86)\thq\saints row the third\saintsrowthethird.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\saints row the third\saintsrowthethird.exe |
"TCP Query User{1A5672E4-FF65-42DA-826F-4AC3AAE42FB1}C:\vojta\games\neorigo\dead island\dead island\deadislandgame.exe" = protocol=6 | dir=in | app=c:\vojta\games\neorigo\dead island\dead island\deadislandgame.exe |
"TCP Query User{1BC93024-0881-4A57-B196-FB00B4CF3925}C:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe" = protocol=6 | dir=in | app=c:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
"TCP Query User{25B437A3-47E3-4421-90C9-3FAB6AF90EC0}C:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" = protocol=6 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"TCP Query User{35349DCF-F254-416F-B373-C9ED2EF2AE91}C:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001c_366d3edf94a00510\launcher.exe" = protocol=6 | dir=in | app=c:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001c_366d3edf94a00510\launcher.exe |
"TCP Query User{45540DD7-3373-4E3E-BFAB-43598246FBAC}C:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe" = protocol=6 | dir=in | app=c:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"TCP Query User{5D0E3BF7-0C9C-4F30-B825-5CDDF7FE765B}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{652D19FC-BF88-45EB-91BF-54BFF7C8A5A7}C:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe |
"TCP Query User{6791014B-5432-4B6A-8CA7-8BC321DB3118}C:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001e_488c36b75bc31b10\launcher.exe" = protocol=6 | dir=in | app=c:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001e_488c36b75bc31b10\launcher.exe |
"TCP Query User{6804842E-8B8E-4545-B67E-398065B8CC04}C:\program files (x86)\hd publishing\joint task force\jtf.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hd publishing\joint task force\jtf.exe |
"TCP Query User{6CE4CF6C-D1B3-4676-8094-9BBF290FB5B9}C:\users\vojtěch\appdata\local\mediaget2\mediaget.exe" = protocol=6 | dir=in | app=c:\users\vojtěch\appdata\local\mediaget2\mediaget.exe |
"TCP Query User{7384452C-0A12-47DE-BC0B-CB8975E5A570}C:\program files (x86)\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\the witcher 2\bin\witcher2.exe |
"TCP Query User{A96890F7-A5B2-47AC-A1E4-A0E744D46642}C:\users\vojtěch\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\vojtěch\appdata\local\temp\gw2.exe |
"TCP Query User{C5E5142B-2E6E-40B2-8B82-0FA434300A18}C:\udk\udk-2012-07\binaries\win64\udk.exe" = protocol=6 | dir=in | app=c:\udk\udk-2012-07\binaries\win64\udk.exe |
"TCP Query User{D061FB42-23C1-498B-A623-B16204228E6D}C:\udk\udk-2012-07\binaries\win32\udk.exe" = protocol=6 | dir=in | app=c:\udk\udk-2012-07\binaries\win32\udk.exe |
"TCP Query User{D8E52607-4CFE-4006-84D6-8F057CC8387B}J:\transformers fall of cybertron\binaries\tfoc.exe" = protocol=6 | dir=in | app=j:\transformers fall of cybertron\binaries\tfoc.exe |
"TCP Query User{E4CCD903-1F58-43D0-9E41-7F2AA99495DF}C:\vojta\games\neorigo\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\vojta\games\neorigo\borderlands\binaries\borderlands.exe |
"TCP Query User{F5E7110B-72D0-4858-9EDC-E1D24B3AC2A0}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"TCP Query User{FB122FB3-BEC7-48D4-A70B-E4CCEC977CA7}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{0DBDEE77-6431-4BE3-838F-815CF074E191}C:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe" = protocol=17 | dir=in | app=c:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001d_f787194a90b5ba90\launcher.exe |
"UDP Query User{140216C3-C9AA-44CE-BAA6-32566C52421D}C:\program files (x86)\thq\saints row the third\saintsrowthethird.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\saints row the third\saintsrowthethird.exe |
"UDP Query User{2D7037C8-A2FE-4BA4-924B-AD85A66DCD2A}C:\users\vojtěch\appdata\local\mediaget2\mediaget.exe" = protocol=17 | dir=in | app=c:\users\vojtěch\appdata\local\mediaget2\mediaget.exe |
"UDP Query User{33C115F8-301E-476F-825C-4877BB32C1B0}C:\udk\udk-2012-07\binaries\win64\udk.exe" = protocol=17 | dir=in | app=c:\udk\udk-2012-07\binaries\win64\udk.exe |
"UDP Query User{381057FC-178C-4D2F-ACD0-90D3AE659ACF}C:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\saints row the third\saintsrowthethird_dx11.exe |
"UDP Query User{433750B9-9783-4B8C-90C3-5D6F59F59136}C:\vojta\games\neorigo\dead island\dead island\deadislandgame.exe" = protocol=17 | dir=in | app=c:\vojta\games\neorigo\dead island\dead island\deadislandgame.exe |
"UDP Query User{58EF6796-61A4-4A76-BAAD-A4383262572F}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"UDP Query User{5A1C659E-9C6C-4236-B248-ECF1855FBB77}C:\program files (x86)\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\the witcher 2\bin\witcher2.exe |
"UDP Query User{6F684921-98F6-43B5-B13B-D4EA1EFA92F3}C:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001c_366d3edf94a00510\launcher.exe" = protocol=17 | dir=in | app=c:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001c_366d3edf94a00510\launcher.exe |
"UDP Query User{775EFCAC-1A6B-4CBD-A502-A8E6DE64D6C6}C:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe" = protocol=17 | dir=in | app=c:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001c_77533cf46d050dd0\launcher.exe |
"UDP Query User{8B3A20F8-1CBD-4123-854C-E4977C9BF78C}C:\users\vojtěch\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\vojtěch\appdata\local\temp\gw2.exe |
"UDP Query User{907D510E-6099-4AE2-97B6-D8C0945709E7}C:\udk\udk-2012-07\binaries\win32\udk.exe" = protocol=17 | dir=in | app=c:\udk\udk-2012-07\binaries\win32\udk.exe |
"UDP Query User{9E1E7238-DB9F-4434-8B66-23B99C794C07}C:\vojta\games\neorigo\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\vojta\games\neorigo\borderlands\binaries\borderlands.exe |
"UDP Query User{A412FF1E-9904-48BB-8263-C36202FA66E6}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{B1AF13FC-4DD2-43B8-B842-7EB2ED20D8DB}C:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001e_488c36b75bc31b10\launcher.exe" = protocol=17 | dir=in | app=c:\users\vojtěch\appdata\local\apps\2.0\l948p9nj.g8l\gh7wwcp3.kgr\laun...app_59711684aa47878d_0001.001e_488c36b75bc31b10\launcher.exe |
"UDP Query User{C1431178-847C-42CC-BCDA-6157CC2F37E2}C:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" = protocol=17 | dir=in | app=c:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe |
"UDP Query User{CF646C15-AEC8-401F-9652-9381C08DD176}J:\transformers fall of cybertron\binaries\tfoc.exe" = protocol=17 | dir=in | app=j:\transformers fall of cybertron\binaries\tfoc.exe |
"UDP Query User{D6BF5F27-427E-44EC-BF53-C8045C17D566}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{DD7D39D2-B365-48FB-8448-BC61C27FC1B3}C:\program files (x86)\hd publishing\joint task force\jtf.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hd publishing\joint task force\jtf.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A116A8-E559-488C-879C-B212F3EA963A}" = Far Cry (Patch 1.32 AMD64)
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable - x64 8.0.56336 False
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2304A2EE-010B-43EE-90F8-2218FB93244E}" = Far Cry (AMD64 Exclusive Content Update)
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2DFD8316-9EF1-3210-908C-4CB61961C1AC}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 False
"{314DDDC0-E935-11E0-8F9F-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}" = MSVCRT Redists
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.0 False
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 False
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{68F250EA-9638-4DCF-96C4-D68CC340EC48}" = Google Chrome Extension Updater 1.12.02
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable - x64 8.0.59192 False
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable - x64 8.0.50727.42 False
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 False
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.5570 False
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A7395F20-2B22-4CB8-8510-B452C0F47E02}" = Movie Maker 6.0 for Windows 7 (64-bit)
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable - x64 8.0.51011 False
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 267.95
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 267.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 267.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{BBBE35B2-9349-3C48-BD3D-F574B17C7924}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 False
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D04659D1-EB2D-3DE5-A833-837A623CCCF7}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 False
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{D93AC9C8-B6CF-391E-BD2F-48AF4727476C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411 False
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 Redistributable - x64 10.0.30319 False
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Blender" = Blender
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"UDK-f36977a1-239e-4521-8903-c8ea482fb8a5" = Unreal Development Kit: 2013-02
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}" = HP SimplePass PE 2011
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08A25478-C5DD-4EA7-B168-3D687CA987FF}" = The Sims™ 3 Master Suite Stuff
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = The Sims™ 3 Outdoor Living Stuff
"{13618932-98D6-4A42-BC27-D4C2E9445693}" = Resident Evil 5
"{16FC3056-90C0-4757-8A68-64D8DA846ADA}" = Remote Graphics Receiver
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}" = The Sims™ 3 Diesel Stuff
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = The Sims™ 3 Showtime
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Backburner
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = The Sims™ 3 Seasons
"{3EC0A49B-BF10-45A5-B15C-D90484A846E6}" = Letopisy Narnie Princ Kaspian
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{62C68336-B969-4097-B0BD-A3A0FBFD59C1}" = Mumble 1.2.3
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = The Sims™ 3 Town Life Stuff
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR(tm): THE GAME
"{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4)
"{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}" = HP Support Information
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86ACE727-A4F2-4B28-A37D-254D9CC03156}" = Zaklínač - Rozšířená edice
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False
"{8BF806C4-2D77-4F67-8435-D4BDCEB665A8}_is1" = Governor of Poker 2 Premium Edition v1.0 Multi
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = 802.11n Wireless LAN Card
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{91C514E8-C92E-48E4-BDEE-DE3407837194}" = Wolfenstein(TM) 1.2 Patch
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False
"{9B2506E3-9A3F-45B5-96BF-509CAD584650}" = The Sims™ 3 Katy Perry Sweet Treats
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ACE86D58-5876-4CA5-95F4-D8A6802D5055}" = Letopisy Narnie
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = The Sims™ 3 Supernatural
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BCB9DF93-537D-433D-AF3B-36025DEF5798}" = Joint Task Force
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D35B72B6-F0E4-462B-BDEB-E08032B3B681}" = HP Setup
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB3147AB-4024-4773-8EC0-A1FE5B44933D}" = HP LinkUp
"{DCB46B42-723F-350E-B18A-449BC6C21636}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False
"{DCC90D9D-4F8D-4A06-9050-ADDB284FF9FA}" = Adobe Flash Player 10 ActiveX
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Fast Lane Stuff
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EFC97089-04D6-42CE-A707-A343B4A7D2CD}" = Ghost Recon Advanced Warfighter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FDD6ED8B-DB77-43BC-B0B2-608A1F27AABC}}_is1" = UnCodeX
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False
"1ClickDownload" = 1ClickDownloader
"Adobe AIR" = Adobe AIR
"APB Reloaded" = APB Reloaded
"Audacity_is1" = Audacity 2.0.3
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Drakensang Online" = Drakensang Online
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FLV Player" = FLV Player 2.0 (build 25)
"Fraps" = Fraps (remove only)
"GamersFirst LIVE!" = GamersFirst LIVE!
"Guild Wars 2" = Guild Wars 2
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{91C514E8-C92E-48E4-BDEE-DE3407837194}" = Wolfenstein(TM) 1.2 Patch
"InstallShield_{ACE86D58-5876-4CA5-95F4-D8A6802D5055}" = Letopisy Narnie
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"LAME_is1" = LAME v3.99.3 (for Windows)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.70.0.1100
"Mozilla Firefox 14.0.1 (x86 cs)" = Mozilla Firefox 14.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PDF Complete" = PDF Complete Special Edition
"PunkBusterSvc" = PunkBuster Services
"Saints Row The Third_is1" = Saints Row The Third
"Security Task Manager" = Security Task Manager 1.8g
"Steam App 218" = Source SDK Base 2007
"Steam App 218230" = PlanetSide 2
"Steam App 55230" = Saints Row: The Third
"Steam App 570" = Dota 2
"Steam App 91310" = Dead Island
"The Elder Scrolls V Skyrim Dragonborn (c) Bethes~300CD4A2_is1" = The Elder Scrolls V Skyrim Dragonborn (c) Bethesda Softworks version 1
"The KMPlayer" = The KMPlayer (remove only)
"The Witcher - Scabbard Mod_is1" = Scabbar Mod ver 1.02
"The Witcher 2 Enhanced Edition_is1" = The Witcher 2 Enhanced Edition verze 3.0
"Uplay" = Uplay
"uTorrent" = µTorrent
"VGhlIFdhbGtpbmcgRGVhZCBTdXJ2aXZhbCBJbnN0aW5jdCAo~1255DFC2_is1" = The Walking Dead Survival Instinct (c) Activision version 1
"VIP Access SDK" = VIP Access SDK (1.0.1.4)
"VLC media player" = VLC media player 2.0.4
"Warcraft III" = Warcraft III
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-097c9a40-201b-4e68-9d1b-47433267658e" = Namco All-Stars: PAC-MAN
"WTA-168e623a-9311-4c2f-a790-1be8d86faa78" = Polar Bowler
"WTA-17b86e9e-0f57-464f-8bdd-75933a6bacd2" = FATE
"WTA-1cbcf0e7-e221-45ea-be47-7c137458eced" = Poker Superstars III
"WTA-1de8a50e-5d4e-45de-b963-719c393c75de" = Blasterball 3
"WTA-268d5d24-62f2-45bf-ab92-801659e87ae5" = Slingo Supreme
"WTA-315c2244-572c-41b1-a371-20b9f1d70206" = Jewel Quest: The Sleepless Star - Collector's Edition
"WTA-4688f6ef-8c45-4215-a362-47a86d62e9cb" = Mystery of Mortlake Mansion
"WTA-4db64dc8-de1d-4e4e-bba2-335652c4edc8" = Chronicles of Albian
"WTA-666d7389-9e60-4b9b-a68d-08af09c082ef" = Vacation Quest - The Hawaiian Islands
"WTA-866c3060-0f04-4c0a-9a8c-f63fdf535dfa" = Mah Jong Medley
"WTA-88ceebc7-44c1-42c9-93f3-bfa26a0b55fb" = Agatha Christie - Peril at End House
"WTA-8fa5c2e2-de0c-4536-87b5-bc9d9d964c81" = Bounce Symphony
"WTA-96a01822-65a9-4cdf-aa74-dacf3639f74f" = Final Drive: Nitro
"WTA-9f642731-df6c-446c-9c4d-aef4c4bf9473" = Bejeweled 3
"WTA-a41bd43a-72e4-479b-8078-cd812afbe196" = Penguins!
"WTA-a929cde0-028d-42a7-9128-f0f10824c591" = Plants vs. Zombies - Game of the Year
"WTA-b80f7679-0ae3-4457-87c1-20dbcf322aa9" = Governor of Poker 2 Premium Edition
"WTA-b848a255-bc0c-40d2-a3c8-a619f4e02346" = Chuzzle Deluxe
"WTA-b9c16cd3-8077-4a62-9c01-82249cb33b6a" = Cake Mania
"WTA-d9cbf4e1-fc46-40e1-bcc9-c12ba2bcaadb" = Cradle of Rome 2
"WTA-e3fad52e-670b-4eb0-8af5-21806f5d0a25" = Farm Frenzy
"WTA-e4bf79de-d651-4d61-a5c3-5c7ece9ee950" = Zuma Deluxe
"WTA-eb7f50e5-6739-4b46-acb2-4f234aee5fdf" = Blackhawk Striker 2
"WTA-f0254c4e-a684-4347-a61b-eb3b91b3804c" = Polar Golfer
"WTA-f8d52b2c-244e-4376-810b-de1d552f3494" = Virtual Villagers 5 - New Believers

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3424782441-3329749989-1727220065-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{E2AF26F0-6DCC-410c-A24D-ED093DDE1638}" = Free Media Pack
"d8be6c3f847d7d92" = Ghost Recon Online
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/15/2013 9:39:44 AM | Computer Name = HP-Pavilion95 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: TombRaider.exe, verze: 1.0.716.5, časové
razítko: 0x5131eb70 Název chybujícího modulu: d3d11.dll, verze: 6.2.9200.16492,
časové razítko: 0x50f31443 Kód výjimky: 0xc0000005 Posun chyby: 0x0008eb9e ID chybujícího
procesu: 0x6c4 Čas spuštění chybující aplikace: 0x01ce21823eaebb76 Cesta k chybující
aplikaci: C:\Users\Vojtěch\Desktop\NEW\Tombraider\TombRaider.exe Cesta k chybujícímu
modulu: C:\Windows\system32\d3d11.dll ID zprávy: cb3cfd1c-8d75-11e2-91ef-e840f20c1159

Error - 3/15/2013 10:13:51 AM | Computer Name = HP-Pavilion95 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe, verze: 0.0.0.0, časové razítko:
0x512849c8 Název chybujícího modulu: nvcuda.dll, verze: 8.17.12.6795, časové razítko:
0x4d92c17b Kód výjimky: 0xc0000005 Posun chyby: 0x00029a25 ID chybujícího procesu:
0x17dc Čas spuštění chybující aplikace: 0x01ce217a29d017f0 Cesta k chybující aplikaci:
C:\Users\Vojtěch\AppData\Roaming\Adobe32\svchost.exe Cesta k chybujícímu modulu:
C:\Windows\system32\nvcuda.dll ID zprávy: 8f36143d-8d7a-11e2-91ef-e840f20c1159

Error - 3/15/2013 10:14:18 AM | Computer Name = HP-Pavilion95 | Source = Application Hang | ID = 1002
Description = Program TombRaider.exe verze 1.0.716.5 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
166c Čas spuštění: 01ce21829c94c06d Čas ukončení: 347 Cesta k aplikaci: C:\Users\Vojtěch\Desktop\NEW\Tombraider\TombRaider.exe

ID
hlášení:

Error - 3/15/2013 10:23:15 AM | Computer Name = HP-Pavilion95 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe, verze: 0.0.0.0, časové razítko:
0x512849c8 Název chybujícího modulu: nvcuda.dll, verze: 8.17.12.6795, časové razítko:
0x4d92c17b Kód výjimky: 0xc0000005 Posun chyby: 0x00029a25 ID chybujícího procesu:
0x1348 Čas spuštění chybující aplikace: 0x01ce217a0a045e76 Cesta k chybující aplikaci:
C:\Users\Vojtěch\AppData\Roaming\Adobe32\svchost.exe Cesta k chybujícímu modulu:
C:\Windows\system32\nvcuda.dll ID zprávy: dfb63a37-8d7b-11e2-91ef-e840f20c1159

Error - 3/15/2013 10:29:37 AM | Computer Name = HP-Pavilion95 | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 3/15/2013 1:35:36 PM | Computer Name = HP-Pavilion95 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: TombRaider.exe, verze: 1.0.716.5, časové
razítko: 0x5131eb70 Název chybujícího modulu: d3d11.dll, verze: 6.2.9200.16492,
časové razítko: 0x50f31443 Kód výjimky: 0xc0000005 Posun chyby: 0x0008eb9e ID chybujícího
procesu: 0x15f8 Čas spuštění chybující aplikace: 0x01ce21a30b670538 Cesta k chybující
aplikaci: C:\Users\Vojtěch\Desktop\NEW\Tombraider\TombRaider.exe Cesta k chybujícímu
modulu: C:\Windows\system32\d3d11.dll ID zprávy: be511709-8d96-11e2-91ef-e840f20c1159

Error - 3/15/2013 1:47:52 PM | Computer Name = HP-Pavilion95 | Source = Application Hang | ID = 1002
Description = Program TombRaider.exe verze 1.0.716.5 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1650 Čas spuštění: 01ce21a385e9e5f2 Čas ukončení: 257 Cesta k aplikaci: C:\Users\Vojtěch\Desktop\NEW\Tombraider\TombRaider.exe

ID
hlášení:

Error - 3/15/2013 2:19:58 PM | Computer Name = HP-Pavilion95 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: svchost.exe, verze: 0.0.0.0, časové razítko:
0x512849c8 Název chybujícího modulu: nvcuda.dll, verze: 8.17.12.6795, časové razítko:
0x4d92c17b Kód výjimky: 0xc0000005 Posun chyby: 0x00029a25 ID chybujícího procesu:
0x1528 Čas spuštění chybující aplikace: 0x01ce219c97a5f9a6 Cesta k chybující aplikaci:
C:\Users\Vojtěch\AppData\Roaming\Adobe32\svchost.exe Cesta k chybujícímu modulu:
C:\Windows\system32\nvcuda.dll ID zprávy: f158bc8e-8d9c-11e2-91ef-e840f20c1159

Error - 3/15/2013 4:31:52 PM | Computer Name = HP-Pavilion95 | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\activision\wolfenstein\MP\ServerLauncher.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 3/15/2013 4:52:36 PM | Computer Name = HP-Pavilion95 | Source = Application Hang | ID = 1002
Description = Program farcry2.exe verze 0.1.0.1 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
14ac Čas spuštění: 01ce21bebebb30dd Čas ukončení: 176 Cesta k aplikaci: C:\Program
Files (x86)\Ubisoft\Far Cry 2\bin\farcry2.exe ID hlášení:

[ Hewlett-Packard Events ]
Error - 10/15/2012 5:05:24 PM | Computer Name = HP-Pavilion95 | Source = HPSF.exe | ID = 4000
Description =

Error - 11/16/2012 1:55:36 PM | Computer Name = HP-Pavilion95 | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 v HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Odkaz na objekt není nastaven na instanci objektu. StackTrace: v HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: cs-CZ RAM: 8172
Ram
Utilization: 30 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()

Error - 11/16/2012 1:55:45 PM | Computer Name = HP-Pavilion95 | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 v HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Odkaz na objekt není nastaven na instanci objektu. StackTrace: v HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: cs-CZ RAM: 8172
Ram
Utilization: 30 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()

[ System Events ]
Error - 12/24/2012 7:56:05 PM | Computer Name = HP-Pavilion95 | Source = bowser | ID = 8003
Description =

Error - 12/24/2012 8:20:02 PM | Computer Name = HP-Pavilion95 | Source = bowser | ID = 8003
Description =

Error - 12/24/2012 8:44:07 PM | Computer Name = HP-Pavilion95 | Source = bowser | ID = 8003
Description =

Error - 12/24/2012 9:20:05 PM | Computer Name = HP-Pavilion95 | Source = bowser | ID = 8003
Description =

Error - 12/24/2012 9:56:03 PM | Computer Name = HP-Pavilion95 | Source = bowser | ID = 8003
Description =

Error - 12/24/2012 10:20:04 PM | Computer Name = HP-Pavilion95 | Source = bowser | ID = 8003
Description =

Error - 12/24/2012 10:55:56 PM | Computer Name = HP-Pavilion95 | Source = bowser | ID = 8003
Description =

Error - 12/24/2012 11:31:56 PM | Computer Name = HP-Pavilion95 | Source = bowser | ID = 8003
Description =

Error - 12/28/2012 7:04:02 AM | Computer Name = HP-Pavilion95 | Source = bowser | ID = 8003
Description =

Error - 12/28/2012 4:37:37 PM | Computer Name = HP-Pavilion95 | Source = bowser | ID = 8003
Description =

< End of report >

ElimCz · #12 Příspěvek od **ElimCz** » 05 dub 2013 13:30

Bohužel soubory jsou příliš dlouhé a budu je muset oba rozdělit, výpis s OTL.txt

ElimCz · #13 Příspěvek od **ElimCz** » 05 dub 2013 13:36

výpis s OTL.exe
OTL logfile created on: 4/5/2013 1:47:42 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vojtěch\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7.98 Gb Total Physical Memory | 6.07 Gb Available Physical Memory | 76.04% Memory free
15.96 Gb Paging File | 13.75 Gb Available in Paging File | 86.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1849.44 Gb Total Space | 1340.74 Gb Free Space | 72.49% Space Free | Partition Type: NTFS
Drive D: | 13.47 Gb Total Space | 1.66 Gb Free Space | 12.33% Space Free | Partition Type: NTFS

Computer Name: HP-PAVILION95 | User Name: Vojtěch | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013/04/05 13:42:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vojtěch\Desktop\OTL.exe
PRC - [2013/01/31 21:42:17 | 000,042,784 | ---- | M] (Yontoo LLC) -- C:\Users\Vojtěch\AppData\Roaming\Yontoo\YontooDesktop.exe
PRC - [2013/01/31 11:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/01/04 15:13:22 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/08/29 13:03:38 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011/06/09 14:37:18 | 000,264,008 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/06/09 14:37:00 | 000,653,128 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/06/09 14:36:34 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011/05/06 01:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011/03/30 09:41:10 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/02/25 19:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/24 09:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011/02/01 09:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 09:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2008/11/20 19:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

========== Modules (No Company Name) ==========

MOD - [2013/02/14 11:35:16 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/01/10 16:32:17 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/10 16:32:05 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/10 16:32:03 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/10 16:32:02 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/10 16:31:57 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/10/05 12:53:24 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2010/11/21 05:24:32 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2010/11/21 05:23:48 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010/11/13 04:00:59 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/01/27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/01/27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/06/10 12:35:04 | 000,302,592 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/10/11 11:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2013/03/29 21:53:56 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/01/31 11:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/01/08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/04 15:13:22 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/08/29 13:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/07/14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/06/09 14:37:18 | 000,264,008 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011/05/06 01:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011/03/30 09:41:10 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/03/02 06:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 19:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/24 09:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011/02/01 09:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 09:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/10/12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/01/20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/21 00:12:49 | 000,031,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)
DRV:64bit: - [2012/03/20 23:53:15 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/03/20 23:53:15 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/06/10 12:35:04 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/04/26 21:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/22 12:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/22 02:46:54 | 001,360,960 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011/04/21 01:07:22 | 000,399,944 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tixhci.sys -- (tixhci)
DRV:64bit: - [2011/04/21 01:07:22 | 000,131,656 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tihub3.sys -- (tihub3)
DRV:64bit: - [2011/03/03 19:59:20 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 13:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPDTDF
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{72DC1050-D691-42CC-9A42-FF0EC097214A}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPDTDF
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes\{72DC1050-D691-42CC-9A42-FF0EC097214A}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.babylon.com/?affID=11393 ... b70dd9d821
IE - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://isearch.babylon.com/?q={searchTe ... b70dd9d821
IE - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..\SearchScopes\{72DC1050-D691-42CC-9A42-FF0EC097214A}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
IE - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://cs.wikipedia.org/wiki/Special:Se ... earchTerms}
IE - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "iSearch"
FF - prefs.js..browser.search.order.1: "iSearch"
FF - prefs.js..browser.search.selectedEngine: "iSearch"
FF - prefs.js..browser.startup.homepage: "http://isearch.babylon.com/?affID=11393 ... b70dd9d821"
FF - prefs.js..extensions.enabledAddons: plugin@yontoo.com:1.20.00
FF - prefs.js..keyword.URL: "http://isearch.babylon.com/?affID=11393 ... dd9d821&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vojtěch\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vojtěch\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ntfdsaftsfdfdxx@mozilla.org: C:\Users\Vojtěch\AppData\Roaming\Free Media Pack\extension_firefox.xpi [2012/09/25 23:11:46 | 000,049,469 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/27 10:11:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/09/25 21:55:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vojtěch\AppData\Roaming\Mozilla\Extensions
[2012/11/15 22:05:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vojtěch\AppData\Roaming\Mozilla\Firefox\Profiles\q4v5rihb.default\extensions
[2012/09/22 12:27:49 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Vojtěch\AppData\Roaming\Mozilla\Firefox\Profiles\q4v5rihb.default\extensions\plugin@yontoo.com
[2012/08/27 21:41:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/08/27 21:41:02 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com
File not found (No name found) -- C:\USERS\VOJTÄ›CH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q4V5RIHB.DEFAULT\EXTENSIONS\PLUGIN@YONTOO.COM
[2012/07/14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/25 23:11:59 | 000,002,334 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/07/14 04:30:04 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012/07/14 04:30:04 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012/07/14 04:30:05 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012/07/14 04:30:05 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012/07/14 04:30:05 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: iSearch (Enabled)
CHR - default_search_provider: search_url = http://isearch.babylon.com/?q={searchTe ... b70dd9d821
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://isearch.babylon.com/?affID=11513 ... b70dd9d821
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Vojt\u011Bch\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vojt\u011Bch\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vojt\u011Bch\AppData\Local\Google\Chrome\Application\26.0.1410.43\gcswf32.dll
CHR - plugin: Simple Pass 2011 (Enabled) = C:\Users\Vojt\u011Bch\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe\1.0_0\npwebsitelogon.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\Vojt\u011Bch\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\6.0.2_0\npcoplgn.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Vojt\u011Bch\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: General Crawler = C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.6_0\
CHR - Extension: Website Logon = C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe\1.0_0\
CHR - Extension: SharaGet download helper = C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\kekfoodhbhpjhjcdecjngamojfhknooc\1.1_0\
CHR - Extension: Skype Click to Call = C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\
CHR - Extension: Yontoo = C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0\
CHR - Extension: Gmail = C:\Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/04/04 18:45:54 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BeatsOSDApp] C:\Program Files\IDT\WDM\beats64.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000..\Run: [Yontoo Desktop] C:\Users\Vojtěch\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA7E083A-8B5A-4D31-8420-E8BD00297692}: DhcpNameServer = 172.16.255.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013/04/05 13:42:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Vojtěch\Desktop\OTL.exe
[2013/04/04 18:50:30 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/04/04 18:47:46 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/04/04 18:38:21 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/04/04 18:38:21 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/04/04 18:38:21 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/04/04 18:38:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/04/04 18:38:08 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/04/04 18:15:28 | 005,047,266 | R--- | C] (Swearware) -- C:\Users\Vojtěch\Desktop\ComboFix.exe
[2013/04/04 18:11:48 | 000,000,000 | ---D | C] -- C:\Users\Vojtěch\Desktop\rkill
[2013/04/04 18:09:09 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Vojtěch\Desktop\rkill.com
[2013/04/03 20:33:27 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/04/03 20:33:27 | 000,000,000 | ---D | C] -- C:\rsit
[2013/04/03 18:35:13 | 000,000,000 | ---D | C] -- C:\Users\Vojtěch\AppData\Roaming\Malwarebytes
[2013/04/03 18:34:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/04/03 18:34:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/04/03 18:34:38 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/04/03 18:34:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/04/03 17:09:36 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2013/04/03 17:09:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
[2013/04/03 17:09:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2013/04/03 16:30:48 | 000,000,000 | ---D | C] -- C:\Users\Vojtěch\AppData\Roaming\Adobex86
[2013/04/02 17:54:53 | 000,000,000 | ---D | C] -- C:\Users\Vojtěch\AppData\Roaming\Adobe64
[2013/03/31 20:43:22 | 000,000,000 | ---D | C] -- C:\Users\Vojtěch\AppData\Local\{C3F20ABA-C353-44A2-A14E-2CA9F504A62B}
[2013/03/30 15:53:36 | 000,000,000 | ---D | C] -- C:\Users\Vojtěch\AppData\Local\{A5F817EF-5482-40B4-91C4-2D0ECAA01BBC}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013/04/05 13:48:48 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/04/05 13:47:18 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/05 13:47:18 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/05 13:45:21 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/05 13:45:21 | 000,666,194 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013/04/05 13:45:21 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/05 13:45:21 | 000,139,890 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013/04/05 13:45:21 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/05 13:42:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vojtěch\Desktop\OTL.exe
[2013/04/05 13:40:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/05 13:39:58 | 2132,008,959 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/04 18:45:54 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/04/04 18:15:41 | 005,047,266 | R--- | M] (Swearware) -- C:\Users\Vojtěch\Desktop\ComboFix.exe
[2013/04/04 18:09:18 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Vojtěch\Desktop\rkill.com
[2013/04/04 16:09:57 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForVojtìch.job
[2013/04/03 20:32:58 | 000,935,175 | ---- | M] () -- C:\Users\Vojtěch\Desktop\RSITx64.exe
[2013/04/01 21:34:29 | 000,000,360 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\QL5H60YACVHK5Rbat.bat
[2013/04/01 13:45:47 | 000,000,000 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\XZWXXFGY2PVBMHbat.bat
[2013/04/01 12:52:15 | 000,000,000 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\T7PRICVORY79bat.bat
[2013/04/01 10:44:12 | 000,000,360 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\WVB6PVbat.bat
[2013/03/31 16:34:01 | 000,201,816 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/03/31 16:34:01 | 000,201,816 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/04/05 13:48:48 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/04/04 18:38:21 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/04/04 18:38:21 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/04/04 18:38:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/04/04 18:38:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/04/04 18:38:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/04/03 20:32:53 | 000,935,175 | ---- | C] () -- C:\Users\Vojtěch\Desktop\RSITx64.exe
[2013/04/01 21:34:28 | 000,000,360 | ---- | C] () -- C:\Users\Vojtěch\AppData\Roaming\QL5H60YACVHK5Rbat.bat
[2013/04/01 13:45:47 | 000,000,000 | ---- | C] () -- C:\Users\Vojtěch\AppData\Roaming\XZWXXFGY2PVBMHbat.bat
[2013/04/01 12:52:15 | 000,000,000 | ---- | C] () -- C:\Users\Vojtěch\AppData\Roaming\T7PRICVORY79bat.bat
[2013/04/01 10:44:10 | 000,000,360 | ---- | C] () -- C:\Users\Vojtěch\AppData\Roaming\WVB6PVbat.bat
[2013/03/27 18:14:10 | 000,000,314 | ---- | C] () -- C:\Users\Vojtěch\AppData\Roaming\bat.bat
[2013/03/27 18:14:10 | 000,000,078 | ---- | C] () -- C:\Users\Vojtěch\AppData\Roaming\invis.vbs
[2013/03/07 19:04:23 | 000,201,119 | ---- | C] () -- C:\Users\Vojtěch\AppData\Roaming\poclbm121016GeForce GT 545v1w256l4.bin
[2013/02/13 12:39:17 | 000,056,707 | ---- | C] () -- C:\Windows\War3Unin.dat
[2012/07/27 19:39:04 | 000,001,297 | ---- | C] () -- C:\Windows\disney.ini
[2012/07/27 16:20:08 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/07/25 20:15:08 | 000,201,816 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/07/25 20:15:07 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/03/21 00:13:30 | 000,002,792 | ---- | C] () -- C:\Program Files\HP SimplePass 2011
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/06/21 09:07:00 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/11/28 17:06:46 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\.minecraft
[2012/11/08 22:32:25 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\.Nitrous
[2013/02/12 18:25:55 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Audacity
[2012/09/20 22:16:12 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Babylon
[2012/07/27 20:00:29 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Disney Interactive Studios
[2012/09/23 17:10:17 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\ExpressFiles
[2012/09/23 17:21:33 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Free Media Pack
[2013/01/04 15:30:23 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Kalypso Media
[2012/09/26 14:47:16 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Media Finder
[2012/09/23 23:43:07 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Media Get LLC
[2013/02/12 17:37:16 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Mumble
[2012/07/27 11:28:09 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Need for Speed World
[2012/07/25 19:43:38 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\OpenCandy
[2012/07/25 11:48:05 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\ProfiCAD
[2012/10/27 18:37:53 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Publish Providers
[2012/11/08 21:39:31 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\skyz
[2012/10/27 18:37:51 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Sony
[2012/10/27 18:35:26 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Sony Creative Software Inc
[2013/02/27 20:48:01 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Tropico 4
[2013/03/22 00:08:02 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\uTorrent
[2012/11/23 19:22:30 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\WildTangent
[2012/08/10 19:42:01 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\WinBatch
[2013/04/05 13:41:19 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Yontoo
[2013/03/06 17:44:27 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\YoudaGames
[2012/09/20 22:16:07 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\YourFileDownloader

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,536 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/07/25 09:42:50 | 000,000,340 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForVojtìch.job
[2012/11/14 17:37:21 | 000,000,352 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForHP-PAVILION95$.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2012/03/20 23:50:41 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2012/03/20 23:50:41 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2012/03/20 23:50:41 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2012/03/20 23:50:41 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2012/03/20 23:50:41 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2012/03/20 23:50:41 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2012/03/20 23:50:41 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010/11/21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012/08/22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2012/03/20 23:48:30 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2012/03/30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013/01/03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\erdnt\cache64\tcpip.sys
[2013/01/03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/01/03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2012/03/20 23:48:30 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013/01/04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012/08/22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/11/28 17:06:46 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\.minecraft
[2012/11/08 22:32:25 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\.Nitrous
[2012/11/10 19:34:38 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Adobe
[2013/04/02 20:37:25 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Adobe64
[2013/04/03 06:53:36 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Adobex86
[2013/02/12 18:25:55 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Audacity
[2012/09/20 22:16:12 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Babylon
[2012/07/27 20:00:29 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Disney Interactive Studios
[2012/09/23 17:10:17 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\ExpressFiles
[2012/09/23 17:21:33 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Free Media Pack
[2012/08/13 22:09:01 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Hewlett-Packard
[2013/04/04 16:07:06 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\HP Support Assistant
[2012/11/16 19:51:49 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\hpqLog
[2013/04/04 16:07:06 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\HpUpdate
[2012/07/25 09:42:55 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Identities
[2012/07/25 14:07:15 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\InstallShield
[2013/01/04 15:30:23 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Kalypso Media
[2012/07/25 09:53:49 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Macromedia
[2013/04/03 18:35:13 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Malwarebytes
[2010/11/21 09:16:41 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Media Center Programs
[2012/09/26 14:47:16 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Media Finder
[2012/09/23 23:43:07 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Media Get LLC
[2013/02/11 23:50:39 | 000,000,000 | --SD | M] -- C:\Users\Vojtěch\AppData\Roaming\Microsoft
[2012/08/27 10:11:52 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Mozilla
[2013/02/12 17:37:16 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Mumble
[2012/07/27 11:28:09 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Need for Speed World
[2012/07/25 20:41:12 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\NVIDIA
[2012/07/25 19:43:38 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\OpenCandy
[2012/07/25 11:48:05 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\ProfiCAD
[2012/07/25 11:47:27 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\PSpad
[2012/10/27 18:37:53 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Publish Providers
[2013/04/05 13:41:35 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Skype
[2012/11/08 21:39:31 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\skyz
[2012/10/27 18:37:51 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Sony
[2012/10/27 18:35:26 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Sony Creative Software Inc
[2012/07/25 09:33:06 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Symantec
[2013/02/27 20:48:01 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Tropico 4
[2013/03/22 00:08:02 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\uTorrent
[2013/04/03 16:56:36 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\vlc
[2012/11/23 19:22:30 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\WildTangent
[2012/08/10 19:42:01 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\WinBatch
[2012/07/25 12:52:42 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\WinRAR
[2013/04/05 13:41:19 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Yontoo
[2013/03/06 17:44:27 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\YoudaGames
[2012/09/20 22:16:07 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\YourFileDownloader

< %APPDATA%\*.exe /s >
[2013/04/02 08:33:32 | 000,090,601 | ---- | M] (hngvmbvmc) -- C:\Users\Vojtěch\AppData\Roaming\Adobe64\bat.exe
[2013/04/02 07:46:25 | 000,215,552 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\Adobe64\winucs.exe
[2013/04/03 06:53:36 | 000,090,558 | ---- | M] (lioqhigohon) -- C:\Users\Vojtěch\AppData\Roaming\Adobex86\bat.exe
[2012/08/05 18:09:42 | 000,068,096 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\Adobex86\windef.exe
[2012/09/25 23:11:30 | 002,378,752 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\Free Media Pack\FreeMediaPack.exe
[2004/06/13 17:21:34 | 000,751,616 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blaiz Enterprises\Image Tools\Text Effects.EXE
[2012/02/06 20:18:56 | 002,081,208 | ---- | M] (Speedchecker Limited ) -- C:\Users\Vojtěch\AppData\Roaming\OpenCandy\95DC8376729C441A82048200B372F629\pcspeedup_oc.exe
[2012/11/23 19:23:47 | 000,000,172 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-hp.exe_filedata
[2012/05/22 03:34:34 | 000,571,040 | ---- | M] (WildTangent, Inc.) -- C:\Users\Vojtěch\AppData\Roaming\WildTangent\WildTangent Games\App\Update\Updater.exe
[2013/01/31 21:42:17 | 000,042,784 | ---- | M] (Yontoo LLC) -- C:\Users\Vojtěch\AppData\Roaming\Yontoo\YontooDesktop.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013/03/14 17:37:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForHP-PAVILION95$.job
[2013/04/04 16:09:57 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForVojtìch.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013/04/04 16:09:29 | 000,000,052 | ---- | M] () -- C:\Windows\system32\DOErrors.log
[2013/04/05 13:42:16 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Steam" = "C:\Program Files (x86)\Steam\steam.exe" -silent -- [2013/03/29 21:53:56 | 001,631,144 | ---- | M] (Valve Corporation)
"Yontoo Desktop" = "C:\Users\Vojtěch\AppData\Roaming\Yontoo\YontooDesktop.exe" -- [2013/01/31 21:42:17 | 000,042,784 | ---- | M] (Yontoo LLC)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2013/01/08 13:59:26 | 018,705,664 | R--- | M] (Skype Technologies S.A.)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010/11/21 05:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012/07/14 02:13:42 | 000,913,888 | ---- | M] (Mozilla Corporation) MD5=3F677172F23FC17283D9BCE4B42E3F65 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013/02/02 06:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=DDE5A0DFAF7C6370FB36402D7A746ED3 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/04/05 13:48:48 | 000,000,512 | ---- | M] () MD5=4AF13B47295484C8D04B8AA86480AA61 -- C:\PhysicalMBR.bin

< >

ElimCz · #14 Příspěvek od **ElimCz** » 05 dub 2013 13:42

[2013/04/05 13:48:48 | 000,000,512 | ---- | M] () MD5=4AF13B47295484C8D04B8AA86480AA61 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010/08/06 23:23:48 | 000,000,403 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack.snt
[2010/08/06 23:23:48 | 000,020,362 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack01.ogg
[2010/08/06 23:23:48 | 000,020,539 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack02.ogg
[2010/08/06 23:23:48 | 000,019,081 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack03.ogg
[2010/08/07 00:00:56 | 000,013,009 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\castlebase\ceiling\corridor_crack.dae
[2010/08/27 07:33:12 | 000,014,477 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\castlebase\ceiling\corridor_crack.msh
[2010/08/06 23:50:20 | 000,094,462 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\cellarbase\special\cracked_ceiling.dae
[2010/08/27 07:33:24 | 000,065,436 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\cellarbase\special\cracked_ceiling.msh
[2010/08/06 23:50:02 | 000,349,680 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue.dds
[2010/08/06 23:50:02 | 000,000,932 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue.mat
[2010/08/06 23:50:02 | 000,016,101 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue01.dae
[2010/08/27 07:33:34 | 000,001,220 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue01.msh
[2010/08/06 23:50:04 | 000,016,053 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue02.dae
[2010/08/27 07:33:34 | 000,001,220 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue02.msh
[2010/08/06 23:50:02 | 000,016,053 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue03.dae
[2010/08/27 07:33:34 | 000,001,220 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue03.msh
[2010/08/06 23:50:04 | 000,016,053 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue04.dae
[2010/08/27 07:33:34 | 000,001,220 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue04.msh
[2010/08/06 23:50:04 | 000,349,680 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue_back.dds
[2010/08/06 23:50:04 | 000,000,410 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue_back.mat
[2010/08/06 23:50:02 | 000,349,680 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown.dds
[2010/08/06 23:50:02 | 000,000,933 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown.mat
[2010/08/06 23:50:02 | 000,016,057 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown01.dae
[2010/08/27 07:33:34 | 000,001,222 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown01.msh
[2010/08/06 23:50:04 | 000,016,057 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown02.dae
[2010/08/27 07:33:34 | 000,001,222 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown02.msh
[2010/08/06 23:50:02 | 000,016,057 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown03.dae
[2010/08/27 07:33:34 | 000,001,222 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown03.msh
[2010/08/06 23:50:04 | 000,016,057 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown04.dae
[2010/08/27 07:33:34 | 000,001,222 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown04.msh
[2010/08/06 23:50:02 | 000,349,680 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown_back.dds
[2010/08/06 23:50:04 | 000,000,409 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown_back.mat
[2010/08/06 23:50:02 | 000,349,680 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_nrm.dds
[2010/08/06 23:50:02 | 000,174,904 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_spec.dds
[2010/08/06 23:49:16 | 000,062,915 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\ceiling\default_cracked.dae
[2010/08/27 07:33:40 | 000,037,741 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\ceiling\default_cracked.msh
[2010/08/06 23:48:40 | 000,019,532 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.dae
[2010/08/27 07:33:50 | 000,017,545 | ---- | M] () -- \Program Files (x86)\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.msh
[2005/06/23 10:51:26 | 000,018,430 | ---- | M] () -- \Program Files (x86)\Disney Interactive Studios\Letopisy Narnie\narnia_data\Audio\_SoundFX\Rock\FSRockCrack.wav
[2012/02/28 17:14:48 | 000,599,242 | ---- | M] () -- \Program Files (x86)\GamersFirst\APB Reloaded\APBGame\Content\Release\Packages\SymbolEditor\Primitives_SplatsCracks.upk
[2010/07/04 20:46:05 | 000,000,146 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack2.vmt
[2010/07/04 20:46:06 | 000,174,944 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack2.vtf
[2010/07/04 20:46:06 | 000,000,146 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack3.vmt
[2010/07/04 20:46:06 | 000,087,616 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\ConcreteCrack3.vtf
[2010/07/04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack1.vmt
[2010/07/04 20:46:05 | 000,699,232 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack1.vtf
[2010/07/04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack2.vmt
[2010/07/04 20:46:05 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack2.vtf
[2010/07/04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack3.vmt
[2010/07/04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack3.vtf
[2010/07/04 20:46:05 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack4.vmt
[2010/07/04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack4.vtf
[2010/07/04 20:46:06 | 000,000,153 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack5.vmt
[2010/07/04 20:46:06 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete_Large_Crack5.vtf
[2010/07/04 20:46:05 | 000,000,143 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Floorcrack2.vmt
[2010/07/04 20:46:06 | 000,087,616 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Floorcrack2.vtf
[2010/07/04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_01.vmt
[2010/07/04 20:43:24 | 000,087,588 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_01.vtf
[2010/07/04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_03.vmt
[2010/07/04 20:43:24 | 001,398,308 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_03.vtf
[2010/07/04 20:43:24 | 000,000,150 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_04.vmt
[2010/07/04 20:43:24 | 000,087,532 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_04.vtf
[2010/07/04 20:43:24 | 000,000,151 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_05.vmt
[2010/07/04 20:43:24 | 000,174,908 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\decals\Concrete\crack_05.vtf
[2010/07/04 21:50:42 | 000,150,012 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.dx80.vtx
[2010/07/04 21:50:42 | 000,149,958 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.dx90.vtx
[2010/07/04 21:50:42 | 000,109,264 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.mdl
[2010/07/04 21:50:42 | 000,149,443 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.sw.vtx
[2010/07/04 21:50:42 | 000,658,880 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_powerup\cinephys_wallcrack.vvd
[2010/07/04 23:09:58 | 001,129,094 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\sound\BMS_scripted\app\wood_crack.wav
[2012/11/18 03:10:01 | 000,000,152 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\nmrih\materials\nmrih\decals\BU_cracks001.vmt
[2012/11/18 03:10:01 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\nmrih\materials\nmrih\decals\BU_cracks001.vtf
[2012/11/18 03:10:01 | 000,000,152 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\nmrih\materials\nmrih\decals\BU_cracks002.vmt
[2012/11/18 03:10:00 | 000,349,760 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\nmrih\materials\nmrih\decals\BU_cracks002.vtf
[2012/11/06 23:04:31 | 000,128,000 | ---- | M] () -- \Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.easy-crack.com_0.localstorage
[2012/11/06 23:04:31 | 000,003,608 | ---- | M] () -- \Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.easy-crack.com_0.localstorage-journal
[2013/03/21 17:33:45 | 000,001,497 | ---- | M] () -- \Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Recent\Crack.lnk
[2010/08/06 23:23:48 | 000,000,403 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack.snt
[2010/08/06 23:23:48 | 000,020,362 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack01.ogg
[2010/08/06 23:23:48 | 000,020,539 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack02.ogg
[2010/08/06 23:23:48 | 000,019,081 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack03.ogg
[2010/08/07 00:00:56 | 000,013,009 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\castlebase\ceiling\corridor_crack.dae
[2010/08/27 07:33:12 | 000,014,477 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\castlebase\ceiling\corridor_crack.msh
[2010/08/06 23:50:20 | 000,094,462 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\cellarbase\special\cracked_ceiling.dae
[2010/08/27 07:33:24 | 000,065,436 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\cellarbase\special\cracked_ceiling.msh
[2010/08/06 23:50:02 | 000,349,680 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue.dds
[2010/08/06 23:50:02 | 000,000,932 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue.mat
[2010/08/06 23:50:02 | 000,016,101 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue01.dae
[2010/08/27 07:33:34 | 000,001,220 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue01.msh
[2010/08/06 23:50:04 | 000,016,053 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue02.dae
[2010/08/27 07:33:34 | 000,001,220 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue02.msh
[2010/08/06 23:50:02 | 000,016,053 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue03.dae
[2010/08/27 07:33:34 | 000,001,220 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue03.msh
[2010/08/06 23:50:04 | 000,016,053 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue04.dae
[2010/08/27 07:33:34 | 000,001,220 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue04.msh
[2010/08/06 23:50:04 | 000,349,680 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue_back.dds
[2010/08/06 23:50:04 | 000,000,410 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue_back.mat
[2010/08/06 23:50:02 | 000,349,680 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown.dds
[2010/08/06 23:50:02 | 000,000,933 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown.mat
[2010/08/06 23:50:02 | 000,016,057 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown01.dae
[2010/08/27 07:33:34 | 000,001,222 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown01.msh
[2010/08/06 23:50:04 | 000,016,057 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown02.dae
[2010/08/27 07:33:34 | 000,001,222 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown02.msh
[2010/08/06 23:50:02 | 000,016,057 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown03.dae
[2010/08/27 07:33:34 | 000,001,222 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown03.msh
[2010/08/06 23:50:04 | 000,016,057 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown04.dae
[2010/08/27 07:33:34 | 000,001,222 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown04.msh
[2010/08/06 23:50:02 | 000,349,680 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown_back.dds
[2010/08/06 23:50:04 | 000,000,409 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown_back.mat
[2010/08/06 23:50:02 | 000,349,680 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_nrm.dds
[2010/08/06 23:50:02 | 000,174,904 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_spec.dds
[2010/08/06 23:49:16 | 000,062,915 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\ceiling\default_cracked.dae
[2010/08/27 07:33:40 | 000,037,741 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\ceiling\default_cracked.msh
[2010/08/06 23:48:40 | 000,019,532 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.dae
[2010/08/27 07:33:50 | 000,017,545 | ---- | M] () -- \Vojta\Navíc\Fleška\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.msh
[2010/08/06 23:23:48 | 000,000,403 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack.snt
[2010/08/06 23:23:48 | 000,020,362 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack01.ogg
[2010/08/06 23:23:48 | 000,020,539 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack02.ogg
[2010/08/06 23:23:48 | 000,019,081 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\sounds\11\11_glass_crack03.ogg
[2010/08/07 00:00:56 | 000,013,009 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\castlebase\ceiling\corridor_crack.dae
[2010/08/27 07:33:12 | 000,014,477 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\castlebase\ceiling\corridor_crack.msh
[2010/08/06 23:50:20 | 000,094,462 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\cellarbase\special\cracked_ceiling.dae
[2010/08/27 07:33:24 | 000,065,436 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\cellarbase\special\cracked_ceiling.msh
[2010/08/06 23:50:02 | 000,349,680 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue.dds
[2010/08/06 23:50:02 | 000,000,932 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue.mat
[2010/08/06 23:50:02 | 000,016,101 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue01.dae
[2010/08/27 07:33:34 | 000,001,220 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue01.msh
[2010/08/06 23:50:04 | 000,016,053 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue02.dae
[2010/08/27 07:33:34 | 000,001,220 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue02.msh
[2010/08/06 23:50:02 | 000,016,053 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue03.dae
[2010/08/27 07:33:34 | 000,001,220 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue03.msh
[2010/08/06 23:50:04 | 000,016,053 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue04.dae
[2010/08/27 07:33:34 | 000,001,220 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue04.msh
[2010/08/06 23:50:04 | 000,349,680 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue_back.dds
[2010/08/06 23:50:04 | 000,000,410 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_blue_back.mat
[2010/08/06 23:50:02 | 000,349,680 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown.dds
[2010/08/06 23:50:02 | 000,000,933 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown.mat
[2010/08/06 23:50:02 | 000,016,057 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown01.dae
[2010/08/27 07:33:34 | 000,001,222 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown01.msh
[2010/08/06 23:50:04 | 000,016,057 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown02.dae
[2010/08/27 07:33:34 | 000,001,222 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown02.msh
[2010/08/06 23:50:02 | 000,016,057 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown03.dae
[2010/08/27 07:33:34 | 000,001,222 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown03.msh
[2010/08/06 23:50:04 | 000,016,057 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown04.dae
[2010/08/27 07:33:34 | 000,001,222 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown04.msh
[2010/08/06 23:50:02 | 000,349,680 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown_back.dds
[2010/08/06 23:50:04 | 000,000,409 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_brown_back.mat
[2010/08/06 23:50:02 | 000,349,680 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_nrm.dds
[2010/08/06 23:50:02 | 000,174,904 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\decals\cracks_spec.dds
[2010/08/06 23:49:16 | 000,062,915 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\ceiling\default_cracked.dae
[2010/08/27 07:33:40 | 000,037,741 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\ceiling\default_cracked.msh
[2010/08/06 23:48:40 | 000,019,532 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.dae
[2010/08/27 07:33:50 | 000,017,545 | ---- | M] () -- \Vojta\Navíc\NEW\Amnesia - The Dark Descent\redist\static_objects\dungeonbase\wall\corridor_graves_cracked.msh
[2012/06/26 17:31:50 | 000,001,746 | ---- | M] () -- \Vojta\Navíc\NEW\The Elder Scrolls V Skyrim\The.Elder.Scrolls.V.Skyrim.v1.6.89.0.6.Update.9.CRACKED-P2P.nfo

< *keygen* /s >
[2012/10/27 16:15:58 | 000,017,067 | ---- | M] () -- \Users\Vojtěch\AppData\Roaming\uTorrent\Sony Vegas Pro 11.0.370 64 bit patch keygen huoyuan.torrent

< *loader* /s >
[2011/03/02 22:35:42 | 005,299,048 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\Photodownloader.exe
[2011/03/02 19:57:10 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2011/03/02 19:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2011/03/02 19:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\de_de\Photodownloader.ini
[2011/03/02 19:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\en_us\Photodownloader.ini
[2011/03/02 19:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\es_es\Photodownloader.ini
[2011/03/02 19:57:10 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2011/03/02 19:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2011/03/02 19:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\it_it\Photodownloader.ini
[2011/03/02 19:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2011/03/02 19:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2011/03/02 19:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2011/03/02 19:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\no_no\Photodownloader.ini
[2011/03/02 19:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2011/03/02 19:57:12 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2011/03/02 19:57:14 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2011/03/02 19:57:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5.1\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2010/11/21 05:22:22 | 000,013,782 | ---- | M] () -- \Program Files (x86)\Blender Foundation\Blender\2.64\python\lib\unittest\loader.py
[2006/10/26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2006/05/04 18:16:50 | 000,333,840 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\hideout\Loader_Sequence.WAV
[2006/05/04 18:16:50 | 000,005,952 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\hideout\Loader_Sequence.WHD
[2006/05/04 18:16:50 | 000,351,949 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\hideout\Loader_Sequence.ZIP
[2006/05/04 18:17:20 | 000,313,360 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M00\Loader_Sequence.WAV
[2006/05/04 18:17:20 | 000,005,392 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M00\Loader_Sequence.WHD
[2006/05/04 18:17:20 | 000,570,691 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M00\Loader_Sequence.ZIP
[2006/05/04 18:18:02 | 000,320,528 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M01\Loader_Sequence.WAV
[2006/05/04 18:18:02 | 000,005,616 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M01\Loader_Sequence.WHD
[2006/05/04 18:18:02 | 000,711,223 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M01\Loader_Sequence.ZIP
[2006/05/04 18:18:52 | 000,320,528 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M02\Loader_Sequence.WAV
[2006/05/04 18:18:52 | 000,005,616 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M02\Loader_Sequence.WHD
[2006/05/04 18:18:52 | 000,634,201 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M02\Loader_Sequence.ZIP
[2006/05/04 18:19:46 | 000,320,528 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M03\Loader_Sequence.WAV
[2006/05/04 18:19:46 | 000,005,616 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M03\Loader_Sequence.WHD
[2006/05/04 18:19:46 | 000,707,294 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M03\Loader_Sequence.ZIP
[2006/05/04 18:20:20 | 000,320,528 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M04\Loader_Sequence.WAV
[2006/05/04 18:20:20 | 000,005,616 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M04\Loader_Sequence.WHD
[2006/05/04 18:20:20 | 000,531,761 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M04\Loader_Sequence.ZIP
[2006/05/04 18:21:00 | 000,320,528 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M05\Loader_Sequence.WAV
[2006/05/04 18:21:00 | 000,005,616 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M05\Loader_Sequence.WHD
[2006/05/04 18:21:00 | 000,591,946 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M05\Loader_Sequence.ZIP
[2006/05/04 18:21:50 | 000,320,528 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M06\Loader_Sequence.WAV
[2006/05/04 18:21:50 | 000,005,616 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M06\Loader_Sequence.WHD
[2006/05/04 18:21:50 | 000,617,459 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M06\Loader_Sequence.ZIP
[2006/05/04 18:22:26 | 000,320,528 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M08\Loader_Sequence.WAV
[2006/05/04 18:22:26 | 000,005,616 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M08\Loader_Sequence.WHD
[2006/05/04 18:22:28 | 000,440,664 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M08\Loader_Sequence.ZIP
[2006/05/04 18:23:14 | 000,320,528 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M09\Loader_Sequence.WAV
[2006/05/04 18:23:14 | 000,005,616 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M09\Loader_Sequence.WHD
[2006/05/04 18:23:14 | 000,550,700 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M09\Loader_Sequence.ZIP
[2006/05/04 18:24:14 | 000,320,528 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M10\Loader_Sequence.WAV
[2006/05/04 18:24:14 | 000,005,616 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M10\Loader_Sequence.WHD
[2006/05/04 18:24:14 | 000,650,200 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M10\Loader_Sequence.ZIP
[2006/05/04 18:24:58 | 000,320,528 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M11\Loader_Sequence.WAV
[2006/05/04 18:24:58 | 000,005,616 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M11\Loader_Sequence.WHD
[2006/05/04 18:24:58 | 000,596,635 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M11\Loader_Sequence.ZIP
[2006/05/04 18:25:40 | 000,320,528 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M12\Loader_Sequence.WAV
[2006/05/04 18:25:40 | 000,005,616 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M12\Loader_Sequence.WHD
[2006/05/04 18:25:40 | 000,668,734 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M12\Loader_Sequence.ZIP
[2006/05/04 18:26:20 | 000,320,528 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M13\Loader_Sequence.WAV
[2006/05/04 18:26:20 | 000,005,616 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M13\Loader_Sequence.WHD
[2006/05/04 18:26:20 | 000,632,940 | ---- | M] () -- \Program Files (x86)\Eidos\Hitman Blood Money\Scenes\M13\Loader_Sequence.ZIP
[2012/02/28 17:15:38 | 000,002,713 | ---- | M] () -- \Program Files (x86)\GamersFirst\APB Reloaded\APBGame\Gecko\Data\components\uriloader.xpt
[2012/02/28 17:16:06 | 000,065,536 | ---- | M] () -- \Program Files (x86)\GamersFirst\APB Reloaded\Binaries\PhysXLocal\PhysXLoader.dll
[2011/08/24 05:53:16 | 000,006,820 | ---- | M] () -- \Program Files (x86)\GamersFirst\LIVE!\Content\ajax-loader.gif
[2006/09/12 15:21:18 | 000,053,248 | ---- | M] () -- \Program Files (x86)\HD Publishing\Joint Task Force\PhysXLoader.dll
[2011/06/15 22:58:28 | 000,053,248 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe
[2011/02/24 03:12:16 | 000,005,974 | ---- | M] () -- \Program Files (x86)\Hewlett-Packard\HP Setup\ContentDownloader.exe.config
[2010/10/15 04:58:50 | 000,001,012 | ---- | M] () -- \Program Files (x86)\HP Games\onplay\downloader_bg_400.gif
[2005/09/19 12:30:30 | 000,001,825 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Empires III\AI\aiLoaderInactive.xs
[2005/09/19 12:30:30 | 000,001,575 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Empires III\AI\aiLoaderStandard.xs
[2006/09/06 17:14:02 | 000,001,825 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Empires III\AI2\aiLoaderInactive.xs
[2006/09/06 17:14:02 | 000,001,575 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Empires III\AI2\aiLoaderStandard.xs
[2007/08/10 16:52:00 | 000,001,825 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Empires III\AI3\aiLoaderInactive.xs
[2007/08/10 16:52:00 | 000,001,575 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Empires III\AI3\aiLoaderStandard.xs
[2011/02/25 19:46:24 | 000,005,987 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\scripts\io\downloader.js
[2009/05/31 12:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009/05/31 12:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013/02/15 00:21:17 | 000,142,336 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\PlanetSide 2\APEX_Loader_x86.dll
[2012/06/05 19:24:09 | 000,290,816 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\PlanetSide 2\wws_crashreport_uploader.exe
[2013/02/02 00:04:54 | 000,300,392 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe
[2012/02/06 18:45:23 | 000,000,726 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body.vmt
[2010/07/04 21:09:08 | 000,699,272 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body.vtf
[2010/07/04 21:09:08 | 001,398,336 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_body_normal.vtf
[2012/02/06 18:45:23 | 000,000,724 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg.vmt
[2010/07/04 21:09:08 | 000,699,272 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg.vtf
[2010/07/04 21:09:08 | 001,398,336 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\materials\models\props_vehicles\loader_leg_normal.vtf
[2010/07/04 21:51:41 | 000,178,888 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.dx80.vtx
[2010/07/04 21:51:41 | 000,178,861 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.dx90.vtx
[2010/07/04 21:51:41 | 000,012,873 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.jpg
[2010/07/04 21:51:41 | 000,349,716 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.mdl
[2010/07/04 21:51:41 | 000,269,969 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.phy
[2010/07/04 21:51:41 | 000,178,517 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.sw.vtx
[2010/07/04 21:51:41 | 000,797,056 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\sourcemods\BMS\models\props_vehicles\loader.vvd
[2008/02/25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2011/11/09 17:28:52 | 000,022,574 | ---- | M] () -- \Program Files (x86)\The Witcher 2\CookedPC\globals\gui\loadingscreens\loader.swf
[2012/12/19 12:31:24 | 000,329,384 | ---- | M] () -- \Program Files (x86)\Ubisoft\FarCry 3\bin\ubiorbitapi_r2_loader.dll
[2012/12/19 12:31:26 | 000,300,200 | ---- | M] () -- \Program Files (x86)\Ubisoft\FarCry 3\bin\uplay_r1_loader.dll
[2006/04/15 00:01:12 | 000,049,152 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ghost Recon Advanced Warfighter\PhysXLoader.dll
[2013/03/31 23:52:16 | 000,330,040 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2013/03/31 23:52:17 | 000,294,400 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\uplay_r1_loader.dll
[2012/05/21 23:56:04 | 000,002,196 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\GamePlay_Loader.html
[2012/07/19 01:18:28 | 000,000,598 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\EULA\images\downloader_bg_400.gif
[2012/05/21 23:56:04 | 000,009,085 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Scripts\gameplay_loader.js
[2010/11/03 23:17:00 | 000,002,355 | ---- | M] () -- \Program Files (x86)\WildTangent Games\App\UI\Skins\default\gameplay_loader.css
[2012/06/09 19:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013/03/09 19:08:13 | 000,002,493 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\The Sims™ 3\Install Origin Loader.lnk
[2012/12/04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/12/04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012/12/04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013/02/01 02:16:50 | 000,065,344 | ---- | M] () -- \UDK\UDK-2013-02\Binaries\Win32\PhysXLoader.dll
[2013/02/01 02:17:41 | 000,067,904 | ---- | M] () -- \UDK\UDK-2013-02\Binaries\Win64\PhysXLoader64.dll
[2011/10/08 01:09:20 | 000,057,856 | ---- | M] () -- \UDK\UDK-2013-02\Development\Flash\AS2\CLIK\components\UILoader.fla
[2011/09/27 22:01:20 | 000,141,824 | ---- | M] () -- \UDK\UDK-2013-02\Development\Flash\AS2\CLIK\demosTBD\PreloaderRadial.fla
[2011/09/27 22:01:20 | 000,528,384 | ---- | M] () -- \UDK\UDK-2013-02\Development\Flash\AS2\CLIK\demosTBD\UILoader.fla
[2011/10/08 01:09:24 | 000,008,430 | ---- | M] () -- \UDK\UDK-2013-02\Development\Flash\AS2\CLIK\gfx\controls\UILoader.as
[2012/04/10 16:44:26 | 000,011,753 | ---- | M] () -- \UDK\UDK-2013-02\Development\Flash\AS3\CLIK\scaleform\clik\controls\UILoader.as
[2013/01/22 16:21:02 | 000,008,042 | ---- | M] () -- \UDK\UDK-2013-02\Development\Src\IpDrv\Classes\OnlineImageDownloaderWeb.uc
[2013/03/09 19:08:13 | 000,002,493 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Electronic Arts\The Sims™ 3\Install Origin Loader.lnk
[2012/12/04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/12/04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012/12/04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012/09/30 23:18:50 | 000,249,856 | ---- | M] () -- \Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_step.yourfiledownloader.com_0.localstorage
[2012/09/30 23:18:50 | 000,004,640 | ---- | M] () -- \Users\Vojtěch\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_step.yourfiledownloader.com_0.localstorage-journal
[2013/04/04 18:51:27 | 000,105,903 | ---- | M] () -- \Users\Vojtěch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BGLY46EP\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013/04/04 18:51:27 | 000,000,753 | ---- | M] () -- \Users\Vojtěch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VRP872AI\AdLoader[1].htm
[2012/08/27 10:09:00 | 000,040,876 | ---- | M] () -- \Users\Vojtěch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\38BN8N3J\jquery.uploader[1].js
[2012/08/27 09:59:59 | 000,002,756 | ---- | M] () -- \Users\Vojtěch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\38BN8N3J\RmsLoader[1].js
[2012/12/20 00:38:05 | 000,004,176 | ---- | M] () -- \Users\Vojtěch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3GTWFHH9\loader[1].gif
[2012/12/20 00:38:04 | 000,000,404 | ---- | M] () -- \Users\Vojtěch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3GTWFHH9\loader_2[1].gif
[2013/03/17 09:18:36 | 000,004,178 | ---- | M] () -- \Users\Vojtěch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZU0KM65I\loader[1].gif
[2012/11/28 17:06:46 | 000,001,237 | ---- | M] () -- \Users\Vojtěch\AppData\Roaming\.minecraft\ModLoader.txt
[2012/11/28 17:06:41 | 000,000,123 | ---- | M] () -- \Users\Vojtěch\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2008/05/27 10:43:24 | 000,001,666 | ---- | M] () -- \Vojta\Games\Zaklínač\System\Scripts\CSkinLoader.luc
[2012/03/16 00:18:45 | 000,132,096 | ---- | M] () -- \Vojta\Navíc\NEW\The Elder Scrolls V Skyrim\skse_loader.exe
[2012/11/27 22:34:16 | 000,001,064 | ---- | M] () -- \Vojta\Navíc\NEW\The Elder Scrolls V Skyrim\skse_loader.log
[2012/03/16 00:18:32 | 000,093,184 | ---- | M] () -- \Vojta\Navíc\NEW\The Elder Scrolls V Skyrim\skse_steam_loader.dll
[2012/07/25 12:55:46 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/03/20 23:43:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2012/03/20 23:43:20 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2012/03/20 23:43:20 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2012/03/20 23:43:20 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2012/03/20 23:43:20 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012/03/20 23:49:05 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012/03/20 23:49:05 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012/03/20 23:49:05 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012/03/20 23:49:05 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012/03/20 23:49:05 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2012/03/20 23:42:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010/11/21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2012/03/20 23:49:03 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012/03/20 23:49:03 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 21 bytes -> \Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe:crc
@Alternate Data Stream - 20 bytes -> \Program Files (x86)\Steam\steamapps\common\PlanetSide 2\APEX_Loader_x86.dll:crc

< End of report >

#15 Příspěvek od **vyosek** » 06 dub 2013 06:48

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPDTDF
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{72DC1050-D691-42CC-9A42-FF0EC097214A}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://cs.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPDTDF
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{72DC1050-D691-42CC-9A42-FF0EC097214A}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://cs.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.babylon.com/?affID=11393 ... b70dd9d821
IE - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://isearch.babylon.com/?q={searchTerms}&affID=113933&tt=3912_6&babsrc=SP_ss&mntrId=248e2a930000000000009cb70dd9d821
IE - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..\SearchScopes\{72DC1050-D691-42CC-9A42-FF0EC097214A}: "URL" = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
IE - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://cs.wikipedia.org/wiki/Special:Search?search={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "iSearch"
FF - prefs.js..browser.search.order.1: "iSearch"
FF - prefs.js..browser.search.selectedEngine: "iSearch"
FF - prefs.js..browser.startup.homepage: "http://isearch.babylon.com/?affID=113933&tt=3912_6&babsrc=HP_ss&mntrId=248e2a930000000000009cb70dd9d821"
FF - prefs.js..extensions.enabledAddons: plugin@yontoo.com:1.20.00
FF - prefs.js..keyword.URL: "http://isearch.babylon.com/?affID=113933&tt=3912_6&babsrc=KW_ss&mntrId=248e2a930000000000009cb70dd9d821&q="
[2012/09/25 23:11:59 | 000,002,334 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.
CHR - default_search_provider: iSearch (Enabled)
CHR - default_search_provider: search_url = http://isearch.babylon.com/?q={searchTerms}&affID=116061&tt=3812_4&babsrc=SP_iclro&mntrId=248e2a930000000000009cb70dd9d821
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://isearch.babylon.com/?affID=11513 ... b70dd9d821
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3424782441-3329749989-1727220065-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2013/03/31 20:43:22 | 000,000,000 | ---D | C] -- C:\Users\Vojtěch\AppData\Local\{C3F20ABA-C353-44A2-A14E-2CA9F504A62B}
[2013/03/30 15:53:36 | 000,000,000 | ---D | C] -- C:\Users\Vojtěch\AppData\Local\{A5F817EF-5482-40B4-91C4-2D0ECAA01BBC}
[2013/04/01 21:34:29 | 000,000,360 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\QL5H60YACVHK5Rbat.bat
[2013/04/01 13:45:47 | 000,000,000 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\XZWXXFGY2PVBMHbat.bat
[2013/04/01 12:52:15 | 000,000,000 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\T7PRICVORY79bat.bat
[2013/04/01 10:44:12 | 000,000,360 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\WVB6PVbat.bat
[2013/03/27 18:14:10 | 000,000,078 | ---- | C] () -- C:\Users\Vojtěch\AppData\Roaming\invis.vbs
[2012/09/20 22:16:12 | 000,000,000 | ---D | M] -- C:\Users\Vojtěch\AppData\Roaming\Babylon
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2013/04/02 08:33:32 | 000,090,601 | ---- | M] (hngvmbvmc) -- C:\Users\Vojtěch\AppData\Roaming\Adobe64\bat.exe
[2013/04/02 07:46:25 | 000,215,552 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\Adobe64\winucs.exe
[2013/04/03 06:53:36 | 000,090,558 | ---- | M] (lioqhigohon) -- C:\Users\Vojtěch\AppData\Roaming\Adobex86\bat.exe
[2012/08/05 18:09:42 | 000,068,096 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\Adobex86\windef.exe
[2012/09/25 23:11:30 | 002,378,752 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\Free Media Pack\FreeMediaPack.exe
[2004/06/13 17:21:34 | 000,751,616 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blaiz Enterprises\Image Tools\Text Effects.EXE
[2012/02/06 20:18:56 | 002,081,208 | ---- | M] (Speedchecker Limited ) -- C:\Users\Vojtěch\AppData\Roaming\OpenCandy\95DC8376729C441A82048200B372F629\pcspeedup_oc.exe
[2012/11/23 19:23:47 | 000,000,172 | ---- | M] () -- C:\Users\Vojtěch\AppData\Roaming\WildTangent\WildTangent Games\App\DPConfig\InstallTouchpoints-hp.exe_filedata
[2012/05/22 03:34:34 | 000,571,040 | ---- | M] (WildTangent, Inc.) -- C:\Users\Vojtěch\AppData\Roaming\WildTangent\WildTangent Games\App\Update\Updater.exe
[2013/03/14 17:37:00 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForHP-PAVILION95$.job
[2013/04/04 16:09:57 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\HPCeeScheduleForVojtìch.job
@Alternate Data Stream - 21 bytes -> \Program Files (x86)\Steam\steamapps\common\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe:crc
@Alternate Data Stream - 20 bytes -> \Program Files (x86)\Steam\steamapps\common\PlanetSide 2\APEX_Loader_x86.dll:crc

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
"Steam"=-
"Media Finder"=-
"Skype"=-
"AdobeUpdate"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
""=-
"PDF Complete"=-
"GrooveMonitor"=-
"SunJavaUpdateSched"=-
"LogMeIn Hamachi Ui"=-
"SwitchBoard"=-
"AdobeCS5.5ServiceManager"=-

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

VIRY.CZ

Problem - windef.exe *32

Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32

Re: Problem - windef.exe *32