4. čast (poslední)
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.01.30 13:04:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\.minecraft
[2012.08.27 11:56:06 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\AVG2012
[2012.08.27 11:50:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BSplayer Pro
[2013.04.13 20:16:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2012.08.30 22:26:14 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GHISLER
[2012.08.31 09:38:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LolClient
[2012.10.28 11:03:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mass Effect 3
[2012.08.31 12:47:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PunkBuster
[2012.11.25 11:10:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Theta
[2012.09.12 16:31:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TS3Client
[2013.04.09 20:24:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TuneUp Software
[2012.08.31 17:57:26 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ubisoft
[2013.02.15 18:56:16 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Wargaming.net
[2013.01.31 13:37:27 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.01.31 13:37:27 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,602 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.08.27 11:56:33 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.11.30 17:19:18 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.11.30 17:19:19 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.04.22 10:47:16 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000Core.job
[2013.04.22 10:47:17 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000UA.job
[2013.04.24 20:08:39 | 000,000,368 | ---- | C] () -- C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< >
< %systemroot%*.* /U /s >
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[17 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.01.30 13:04:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\.minecraft
[2013.01.17 12:18:57 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Adobe
[2012.08.27 17:44:26 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ATI
[2012.08.27 11:56:06 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\AVG2012
[2012.08.27 11:50:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BSplayer Pro
[2013.04.13 20:16:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2012.08.30 22:26:14 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GHISLER
[2013.02.10 15:01:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Google Chrome Backup
[2012.08.27 17:22:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Identities
[2012.08.31 09:38:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LolClient
[2012.08.30 22:20:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Macromedia
[2013.04.22 20:44:56 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Malwarebytes
[2012.10.28 11:03:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mass Effect 3
[2011.04.12 10:45:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Media Center Programs
[2012.11.19 13:00:11 | 000,000,000 | --SD | M] -- C:\Users\Admin\AppData\Roaming\Microsoft
[2012.08.27 11:52:10 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mozilla
[2012.08.27 14:07:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Nero
[2012.08.31 12:47:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PunkBuster
[2013.04.24 20:35:49 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Skype
[2012.11.25 11:10:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Theta
[2012.09.12 16:31:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TS3Client
[2013.04.09 20:24:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TuneUp Software
[2012.08.31 17:57:26 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ubisoft
[2013.02.15 18:56:16 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Wargaming.net
[2013.04.14 02:24:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Winamp
< %APPDATA%\*.exe /s >
[2012.10.28 10:45:47 | 001,111,909 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mass Effect 3\Uninstall\unins000.exe
[2011.02.17 23:46:25 | 000,835,440 | R--- | M] () -- C:\Users\Admin\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2013.04.24 21:09:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.04.24 10:52:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000Core.job
[2013.04.24 19:52:01 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000UA.job
[2013.04.24 08:36:18 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.04.24 20:15:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.04.24 20:08:39 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.04.22 20:08:22 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt
[2013.04.22 19:57:21 | 000,000,004 | ---- | M] () -- C:\Windows\system32\GVTunner.ref
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" -- [2007.09.20 15:35:10 | 000,202,024 | ---- | M] (Nero AG)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.04.17 17:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd)
"Akamai NetSession Interface" = "C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe" -- [2013.01.26 08:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.)
"Facebook Update" = "C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2013.04.22 10:47:12 | 000,138,096 | ---- | M] (Facebook Inc.)
"PCSpeedUp" = C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe -- [2013.03.07 12:14:34 | 000,256,808 | ---- | M] ()
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.08.27 11:54:06 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=4F69AABB5D82AA4EF6DFF7871212ADF6 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.02.22 06:10:00 | 000,757,376 | ---- | M] (Microsoft Corporation) MD5=32732CEDE2A1106B736EF3D84054EE04 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.04.09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) MD5=4E9592BB2C100E571F82640E59E9ECD5 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.04.24 20:44:19 | 000,000,512 | ---- | M] () MD5=E5F2B9923A3725B3F80CDE44A0C3E460 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2011.01.27 22:50:08 | 000,695,296 | ---- | M] () -- \GAMES\MineCraft\minecraft 1.0 od tomaska\Minecraft cracked.exe
[2012.10.29 00:03:00 | 000,000,312 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\crack (2).lnk
[2012.10.28 22:45:36 | 000,000,430 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\crack.lnk
[2012.10.28 23:12:06 | 000,000,898 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\instalace cracku devil may4.lnk
[2012.10.28 23:11:51 | 000,000,774 | ---- | M] () -- \Users\Admin\AppData\Roaming\Microsoft\Office\Naposledy otevřené\instalace cracku devil may4.LNK
< *keygen* /s >
< *loader* /s >
[2011.02.17 16:50:18 | 000,234,104 | ---- | M] () -- \GAMES\Assassin´s Creed B\ubiorbitapi_r2_loader.dll
[2012.11.14 12:41:38 | 000,234,616 | ---- | M] () -- \GAMES\Assassins Creed III\ubiorbitapi_r2_loader.dll
[2012.11.18 23:58:16 | 000,003,584 | ---- | M] () -- \GAMES\Assassins Creed III\uplay_r1_loader.dll
[2003.09.15 16:02:00 | 000,169,384 | ---- | M] () -- \GAMES\counter\cstrike\models\qloader.mdl
[2003.09.15 15:55:50 | 000,352,548 | ---- | M] () -- \GAMES\counter\valve\models\loader.mdl
[2003.09.15 15:56:04 | 000,012,764 | ---- | M] () -- \GAMES\counter\valve\sound\ambience\loader_hydra1.wav
[2003.09.15 15:56:04 | 000,012,164 | ---- | M] () -- \GAMES\counter\valve\sound\ambience\loader_step1.wav
[2012.02.16 14:44:38 | 000,000,404 | ---- | M] () -- \GAMES\LeagueOfLegends\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.255\deploy\assets\storeImages\layout\small_loader.gif
[2012.02.16 14:44:38 | 000,000,404 | ---- | M] () -- \GAMES\LeagueOfLegends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.0\deploy\assets\storeImages\layout\small_loader.gif
[2011.12.07 16:14:10 | 000,004,416 | ---- | M] () -- \GAMES\MineCraft\minecraft 1.0 od tomaska\ModLoader.txt
[2011.11.09 17:26:18 | 000,003,384 | ---- | M] () -- \GAMES\MineCraft\minecraft 1.0 od tomaska\ModLoader.txt.1
[2011.12.07 16:13:52 | 000,000,364 | ---- | M] () -- \GAMES\MineCraft\minecraft 1.0 od tomaska\config\ModLoader.cfg
[2011.06.27 19:06:26 | 000,064,280 | R--- | M] () -- \GAMES\Smite\HiRezGames\smite\Binaries\Win32\PhysXLoader.dll
[2013.01.09 19:20:26 | 000,071,208 | ---- | M] () -- \GAMES\World_of_Tanks\PhysXLoader.dll
[2013.01.09 19:20:26 | 000,003,668 | ---- | M] () -- \GAMES\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2013.01.09 19:20:26 | 000,005,363 | ---- | M] () -- \GAMES\World_of_Tanks\res\scripts\client\tutorial\tutorialloader.pyc
[2008.05.27 10:43:24 | 000,001,666 | ---- | M] () -- \GAMES\Zaklínač\System\Scripts\CSkinLoader.luc
[2007.09.26 19:37:48 | 000,107,816 | ---- | M] () -- \Program Files (x86)\Common Files\Nero\Shared\NSCLoader.dll
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.17 14:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.04.08 13:57:46 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2013.04.06 16:28:59 | 000,330,040 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2013.04.06 16:29:00 | 000,294,400 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\uplay_r1_loader.dll
[2007.09.18 11:59:00 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013.02.20 16:28:38 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.02.20 16:28:38 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.02.20 16:28:38 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.02.23 22:08:08 | 000,005,505 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2EXHAO67\queryLoader[1].js
[2013.02.07 15:26:19 | 000,105,903 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C6Q20YNN\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.02.21 18:21:17 | 000,005,505 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C6Q20YNN\queryLoader[1].js
[2013.02.08 10:02:40 | 000,105,903 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PG1MHKM2\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.02.11 20:32:44 | 000,005,708 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PG1MHKM2\queryLoader[1].js
[2013.04.22 10:43:58 | 000,000,374 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OBDLU0W\queryLoader[1].css
[2013.04.22 10:43:58 | 000,005,708 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OBDLU0W\queryLoader[1].js
[2013.04.24 20:02:18 | 000,005,187 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OBDLU0W\universaldownloader-prefetch[1].htm
[2013.04.23 16:46:55 | 000,000,753 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9HUG2R5\AdLoader[1].htm
[2013.04.17 17:07:35 | 000,000,374 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9HUG2R5\queryLoader[1].css
[2013.04.17 17:07:35 | 000,005,708 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9HUG2R5\queryLoader[1].js
[2013.04.22 18:41:18 | 000,000,374 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9HUG2R5\queryLoader[2].css
[2013.04.21 11:53:15 | 000,005,708 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9HUG2R5\queryLoader[2].js
[2013.04.23 16:46:56 | 000,105,903 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4CDP7HI\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.04.21 11:53:14 | 000,000,374 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4CDP7HI\queryLoader[1].css
[2013.04.22 18:41:19 | 000,005,708 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4CDP7HI\queryLoader[1].js
[2012.11.17 19:27:17 | 000,373,456 | ---- | M] () -- \Users\Admin\Downloads\SoftonicDownloader_for_microsoft-flight-simulator.exe
[2007.09.18 11:59:00 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013.02.20 16:28:38 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.02.20 16:28:38 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.02.20 16:28:38 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.04.12 10:34:35 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.04.12 10:34:35 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.04.12 10:34:35 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.04.12 10:34:35 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.04.12 10:34:35 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.08.27 12:03:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.08.27 12:03:35 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.08.27 12:03:35 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.08.27 12:03:35 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.08.27 12:03:35 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.04.12 10:33:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
< End of report >
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
nefunkční stránky google.cz, youtube.com
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: nefunkční stránky google.cz, youtube.com
Extras log
OTL Extras logfile created on: 24.4.2013 20:42:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Admin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
8,00 Gb Total Physical Memory | 6,39 Gb Available Physical Memory | 79,90% Memory free
15,99 Gb Paging File | 13,80 Gb Available in Paging File | 86,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 50,59 Gb Free Space | 25,91% Space Free | Partition Type: NTFS
Drive E: | 736,20 Gb Total Space | 315,17 Gb Free Space | 42,81% Space Free | Partition Type: NTFS
Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1377487255-3514349385-2910328215-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D8C4FE3-2F30-4B3F-9787-0165D9DF652C}" = lport=139 | protocol=6 | dir=in | app=system |
"{2AA1C876-5CCE-4C96-AD86-E33A982E8D8A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{32B75609-B53E-4F8D-BE67-1D688BB49EFA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{43150969-7F4C-4993-B059-0010E8AD6A52}" = lport=137 | protocol=17 | dir=in | app=system |
"{5325FFF5-4C92-4A5A-ABC2-772D9CAE448E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5D95840A-D05C-47F2-BC92-A7246AA00BAC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{60318006-F953-43F6-A8E6-A9EE4F265882}" = lport=445 | protocol=6 | dir=in | app=system |
"{692B239A-6865-4932-A9E5-528B3DB9748E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6C0FBE53-1E00-42FC-9E18-D83900B754F9}" = rport=139 | protocol=6 | dir=out | app=system |
"{79DC94E0-4417-4F8A-ACC4-61B0B90FF1BE}" = rport=137 | protocol=17 | dir=out | app=system |
"{7C459103-C2B3-4713-9AF0-797D97B3147C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8DC569B8-F3FA-4286-AE59-04CCF5D6C1B6}" = lport=138 | protocol=17 | dir=in | app=system |
"{8E3653B6-5656-4162-9584-6D5E2BF9003C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{90FCDE45-3854-4621-A1E9-FC88EC8BA60E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A69DF412-462D-4B71-89FD-636729C17343}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B0400DF1-A870-4917-B962-5361AE6DD675}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{B412A5B6-85DD-41FF-8C41-1FD554AFC7A9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E1F14960-93AA-44CC-A1FB-C3F2B0C983AD}" = rport=138 | protocol=17 | dir=out | app=system |
"{E419085D-22AB-44C3-8AAE-2621AE751A07}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E620F8D3-E98B-4262-A4D2-1AA28788D8F5}" = lport=49654 | protocol=6 | dir=in | name=akamai netsession interface |
"{F9C6929D-876E-4988-9F6A-D0E6F6F51D17}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FC8E6BE6-7FD5-4B27-AA89-7A6D8DD98BC3}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0513F614-3BBC-4D0E-A2F7-3C0E75A6AB00}" = protocol=17 | dir=in | app=e:\games\dragon age\daoriginslauncher.exe |
"{052A6AE9-395B-4921-9A90-D456F860A21C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{063FB694-52FB-4409-A149-1656ABA9843B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0C640E77-2453-4FFC-8EB3-F14319CAB2C2}" = protocol=6 | dir=in | app=e:\games\swor\star wars-the old republic\launcher.exe |
"{10063644-612C-4838-A4AA-994C2CA9AD9D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{12488137-569B-4289-ADC0-0C9C526B5D01}" = protocol=6 | dir=in | app=e:\games\sindicate\client.bin |
"{1340960C-6D99-40F7-BB5F-4C69502D5A96}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{14E804CA-5DEA-4AAA-8F3D-A38574B684F7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{177B4CF8-B0CD-46CA-A56D-B02EF913D540}" = protocol=17 | dir=in | app=e:\games\dragon age 2\bin_ship\dragonage2.exe |
"{1A57F126-039F-4DD4-9B3E-B52ED4394D1F}" = protocol=17 | dir=in | app=c:\games\assassin´s creed b\assassinscreedbrotherhood.exe |
"{2546BA1D-4107-48D7-9BB8-68B3A1D508D2}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{28224474-0EAE-46F3-AD8F-39811CFE0196}" = protocol=17 | dir=in | app=e:\games\prototype 2\steam.exe |
"{2B6C88B5-7A7E-430C-AE2E-3083EA156DFE}" = protocol=6 | dir=in | app=e:\games\swor\star wars-the old republic\launcher.exe |
"{2BDF47ED-0FE3-449F-A766-CBB226FD620F}" = protocol=6 | dir=in | app=e:\games\dragon age 2\dragonage2launcher.exe |
"{2C91350A-29B2-4FAE-B52F-90A188396412}" = protocol=17 | dir=in | app=e:\games\mirror's edge\binaries\mirrorsedge.exe |
"{30598FF9-6F53-4B90-B2E7-D294220DB51D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{322E779A-DB57-4E9C-B889-BDB854950E5E}" = protocol=6 | dir=in | app=e:\games\rise of the argonauts\binaries\riseoftheargonauts.exe |
"{32C99A00-8FA6-460D-981F-2B50EB1DF304}" = protocol=6 | dir=in | app=c:\games\star wars the force unleashed 2\swtfu2.exe |
"{35CB5728-1DA3-4D00-86E5-79CE4B8C7449}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{3DD35D6B-487E-457E-88DF-67F2338A2D78}" = protocol=17 | dir=in | app=e:\games\swor\star wars-the old republic\launcher.exe |
"{3E1D0ACB-63A9-40C6-96AA-FBB257E9D6C3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{3EA4B69B-1E1D-4537-8F20-7077593715C4}" = protocol=17 | dir=in | app=c:\games\assassin´s creed b\acbsp.exe |
"{3F4B1FA0-C60A-48E8-B189-40BF2A8336C6}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{46750DE1-C577-45CC-9DE5-FC53E570B536}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{469256E8-9D58-47C9-8683-E2AB599605FF}" = protocol=6 | dir=in | app=c:\games\assassin´s creed b\uplaybrowser.exe |
"{4A51DC6D-2A22-410E-BE7C-022C271D4B91}" = protocol=6 | dir=in | app=e:\games\prototype 2\steam.exe |
"{4D9061BF-CD5C-43DA-AD05-33AD0AC162EE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4E982E2D-C22D-48C4-8556-B3002F176394}" = protocol=17 | dir=in | app=c:\games\assassin´s creed b\uplaybrowser.exe |
"{51DBE903-DC99-4266-9BCE-AC66DB1FCCAA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{52384C1C-50BA-461E-9135-6855684831A2}" = protocol=6 | dir=in | app=c:\games\assassin´s creed b\acbsp.exe |
"{540B8A3C-97E3-41BE-8835-1A2350C052AD}" = protocol=17 | dir=in | app=e:\games\dragon age 2\dragonage2launcher.exe |
"{5A238905-B477-462A-929C-06CE3EAC5309}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{5CAE8A14-569D-4A39-AEA0-E140ECC1CCDC}" = protocol=17 | dir=in | app=e:\games\dragon age\bin_ship\daorigins.exe |
"{5DE3F6B9-ED22-488F-AC0E-6C102C57F0C5}" = protocol=6 | dir=in | app=c:\games\assassin´s creed b\acbmp.exe |
"{61A83F0F-FE05-4801-BDD6-808A17E8BAC2}" = protocol=6 | dir=in | app=e:\games\dragon age\daoriginslauncher.exe |
"{65166BBA-B731-4757-9272-3C648AB3EC44}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{6CA17BD5-0016-46AB-8D98-02020D64CF66}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{72D65F29-CD3A-40FA-AA4D-2C609A0790C2}" = protocol=6 | dir=in | app=c:\games\call of duty 4 - modern warfare\iw3mp.exe |
"{7C929757-F761-47CC-A729-03B35CF9122B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{7E17C575-2640-4C80-A4D4-3A684D8A1993}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{8555600C-7D6E-4256-A11E-FF292052A509}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{85F0CD48-AF20-477E-B908-69706E839896}" = protocol=17 | dir=in | app=e:\games\rise of the argonauts\binaries\riseoftheargonauts.exe |
"{885C65BE-36D9-41B4-8228-147FBE8471EE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{8A08ADFA-3A88-4EB4-A075-202B25D256CE}" = protocol=17 | dir=in | app=c:\games\star wars the force unleashed 2\swtfu2.exe |
"{92323300-C151-4367-8758-DC996752E3BA}" = protocol=6 | dir=in | app=e:\games\mirror's edge\binaries\mirrorsedge.exe |
"{974D7AC2-DCBF-429E-BF6C-456F4C20F903}" = protocol=6 | dir=in | app=e:\games\dragon age\bin_ship\daupdatersvc.service.exe |
"{9CC57C98-980A-4471-8037-702205BDD468}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A05EC70A-74EC-42C5-94AD-97BC0A4E3489}" = protocol=17 | dir=in | app=c:\games\call of duty 4 - modern warfare\iw3mp.exe |
"{A1D45F19-474C-4EE8-8164-2ADC38514397}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A2A1AF8B-8586-4BB1-AC11-BFF256BEE49E}" = protocol=17 | dir=in | app=e:\games\sindicate\client.bin |
"{A5F97FCB-A45E-47D7-8C71-F0A566CAC38C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A75D9777-24C2-4B29-BD6A-4A78F5557846}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{AE0F5651-FBB0-4BC7-B6FD-B63486387BA4}" = protocol=6 | dir=in | app=e:\games\dragon age\bin_ship\daorigins.exe |
"{B29959BA-EDDF-42CC-AA0C-81A924F54EC4}" = protocol=17 | dir=in | app=c:\program files (x86)\cerberus llc\cerberus ftp server\cerberusgui.exe |
"{B3784D0E-9156-4637-80D4-5AF629DBB19C}" = protocol=17 | dir=in | app=e:\games\dragon age\bin_ship\daupdatersvc.service.exe |
"{B6DCB9E5-9064-4D1E-9B80-E979C097D11E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{BB945C89-CE48-4550-9672-0CB67CDE83A9}" = protocol=17 | dir=in | app=c:\games\assassin´s creed b\acbmp.exe |
"{BCD80FDA-D35C-44BB-96CA-3228B5B29321}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{BD7D475F-F1C9-48C3-B4D0-0C0729D17987}" = protocol=6 | dir=in | app=e:\games\dragon age 2\bin_ship\dragonage2.exe |
"{BE9E46A2-3DFD-4DB7-AB32-631FED88DB54}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{C781737D-89BC-4054-9311-B36FE6899157}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{CAF5E67A-8184-418E-8E6F-C6796D1E4422}" = dir=in | app=c:\users\admin\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{CD5338FB-04A0-4560-B5E7-C129782C494B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{CF0BA5A5-416D-42B4-AC42-B71DAF249F82}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D8555CB2-543B-4CFA-AFE3-60137085E59F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D9B3E7B8-51E0-436B-9F2E-6D6EF02BBB51}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{DEB518E6-DBB3-4C4F-8763-FA711E981FF6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DFE11E74-1E81-41C1-8E99-A073DAD00C6E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{E580E6E2-DA83-4AB2-87DE-F64454D30CC3}" = protocol=6 | dir=in | app=c:\program files (x86)\cerberus llc\cerberus ftp server\cerberusgui.exe |
"{E7F06C18-A783-45E5-8BE4-2678998DABA3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E8E546EA-FA5C-4CA6-BC15-81F51A03E48A}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{E8FA434A-53AD-4938-961F-8A68F93B2364}" = protocol=17 | dir=in | app=e:\games\swor\star wars-the old republic\launcher.exe |
"{F11B83DB-6520-4E00-966C-B9C902907E47}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{F1CAF288-5333-4B3B-B7BC-C877AC9A3DE1}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F204578A-B6D2-40FA-A8F6-810D089CDDFF}" = protocol=6 | dir=in | app=c:\games\assassin´s creed b\assassinscreedbrotherhood.exe |
"{F44B15BA-7766-415B-8102-A8DA7FFB109F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{FA14E930-8979-4D8A-AF2B-6C695226D5F5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FCD40DE3-8108-4BE6-BFA8-2ACC6703E5CF}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"TCP Query User{0D52CF33-2EF4-46ED-9779-5A098635DCAC}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{12C9E2B5-DB94-4F47-8C96-C29970B589A8}C:\program files (x86)\prototype 2\prototype2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\prototype 2\prototype2.exe |
"TCP Query User{1531237E-5B35-49B3-B4E1-3F4F03207AFB}C:\games\assassins creed iii\ac3sp.exe" = protocol=6 | dir=in | app=c:\games\assassins creed iii\ac3sp.exe |
"TCP Query User{1536CF21-8B3D-4CCB-A51C-C1A2A9571730}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{276DA4D3-6A72-41AC-83BD-4BE5983F9C02}E:\games\splinter cell conviction\src\system\conviction_game.exe" = protocol=6 | dir=in | app=e:\games\splinter cell conviction\src\system\conviction_game.exe |
"TCP Query User{34B0E9C9-C2CD-49DD-B67A-515925383E6C}E:\games\the witcher 2 (cz)\bin\witcher2.exe" = protocol=6 | dir=in | app=e:\games\the witcher 2 (cz)\bin\witcher2.exe |
"TCP Query User{4A94010A-97BA-42F5-AC26-E9F3717A1149}K:\games\laroxion mt2\trable.dll" = protocol=6 | dir=in | app=k:\games\laroxion mt2\trable.dll |
"TCP Query User{4ACF112E-4FA9-44C0-A275-1F4DECD3AE78}E:\games\call of duty 7 - black ops\blackops.exe" = protocol=6 | dir=in | app=e:\games\call of duty 7 - black ops\blackops.exe |
"TCP Query User{4B704438-A102-4BDB-8186-1D0E7769C6F2}C:\programdata\battle.net\agent\agent.524\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"TCP Query User{66E225AD-D0DB-45C5-9ADF-EBFC23302159}E:\games\sindicate\client.bin" = protocol=6 | dir=in | app=e:\games\sindicate\client.bin |
"TCP Query User{723FCF1A-89D0-4F71-85D4-48E34AF73055}E:\games\rise of the argonauts\binaries\riseoftheargonauts.exe" = protocol=6 | dir=in | app=e:\games\rise of the argonauts\binaries\riseoftheargonauts.exe |
"TCP Query User{956127A8-91CA-4B8D-83EF-E6B4258354BB}C:\users\admin\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\admin\appdata\local\akamai\netsession_win.exe |
"TCP Query User{98E7F073-AC35-424E-8531-C85DF5E8A7A4}C:\games\laroxion mt2\trable.dll" = protocol=6 | dir=in | app=c:\games\laroxion mt2\trable.dll |
"TCP Query User{C6D528DF-3B18-4695-858D-B24800CBA079}C:\games\counter\hltv.exe" = protocol=6 | dir=in | app=c:\games\counter\hltv.exe |
"TCP Query User{D22D9417-ABF5-408E-97E9-2A550733772E}C:\users\admin\downloads\psro_full_client_downloader_v3.exe" = protocol=6 | dir=in | app=c:\users\admin\downloads\psro_full_client_downloader_v3.exe |
"TCP Query User{E04617F8-E36C-4BFF-B9AA-4E3691B3A18D}E:\games\mass effect 3\binaries\win32\masseffect3.exe" = protocol=6 | dir=in | app=e:\games\mass effect 3\binaries\win32\masseffect3.exe |
"TCP Query User{E5ABA304-6245-497C-905A-FAB91E8B575A}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{EA9FA225-1C1C-4DF3-A079-A562FCE8FE4E}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{F81B3691-5451-4B25-BECD-2EEBAEF2B0E8}E:\games\call of duty 7 - black ops\blackopsmp.exe" = protocol=6 | dir=in | app=e:\games\call of duty 7 - black ops\blackopsmp.exe |
"TCP Query User{F9914A74-70CC-4B8D-AF5C-E19529486C48}C:\games\counter\csko.exe" = protocol=6 | dir=in | app=c:\games\counter\csko.exe |
"UDP Query User{0F6B1FDD-5950-4B8A-B912-3FE4BE09DB3E}C:\games\assassins creed iii\ac3sp.exe" = protocol=17 | dir=in | app=c:\games\assassins creed iii\ac3sp.exe |
"UDP Query User{2CC0B1FB-C570-4796-959A-1D5E2A3F8FF2}E:\games\the witcher 2 (cz)\bin\witcher2.exe" = protocol=17 | dir=in | app=e:\games\the witcher 2 (cz)\bin\witcher2.exe |
"UDP Query User{2FB44E3A-C53D-4BBF-8582-9251A374E5B7}C:\program files (x86)\prototype 2\prototype2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\prototype 2\prototype2.exe |
"UDP Query User{2FFBA635-A4B7-43D1-AEB3-3DD24DC5C333}E:\games\mass effect 3\binaries\win32\masseffect3.exe" = protocol=17 | dir=in | app=e:\games\mass effect 3\binaries\win32\masseffect3.exe |
"UDP Query User{347490C3-A8EF-43E4-B11D-FA6775E8441B}C:\users\admin\downloads\psro_full_client_downloader_v3.exe" = protocol=17 | dir=in | app=c:\users\admin\downloads\psro_full_client_downloader_v3.exe |
"UDP Query User{4BC92AAF-244E-40F0-BBA9-D281AA17A669}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{4DD97DEE-4B83-4C7A-80C5-72968859DC14}E:\games\call of duty 7 - black ops\blackopsmp.exe" = protocol=17 | dir=in | app=e:\games\call of duty 7 - black ops\blackopsmp.exe |
"UDP Query User{4EBDA78F-D880-4EAC-A8A6-6D33A8409804}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{4EC56163-5C21-46BF-8C59-D78710239687}E:\games\sindicate\client.bin" = protocol=17 | dir=in | app=e:\games\sindicate\client.bin |
"UDP Query User{58F3737D-C468-461D-B988-86EF8B0C83A8}K:\games\laroxion mt2\trable.dll" = protocol=17 | dir=in | app=k:\games\laroxion mt2\trable.dll |
"UDP Query User{7CA8670E-25EE-4DBF-B5FD-DFB1804101C8}C:\games\counter\csko.exe" = protocol=17 | dir=in | app=c:\games\counter\csko.exe |
"UDP Query User{80E417E6-4D1F-4324-B9DE-5346A04FECF8}C:\programdata\battle.net\agent\agent.524\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"UDP Query User{91452124-5F8B-4E63-9051-BC4E1683583B}E:\games\rise of the argonauts\binaries\riseoftheargonauts.exe" = protocol=17 | dir=in | app=e:\games\rise of the argonauts\binaries\riseoftheargonauts.exe |
"UDP Query User{91D9580F-BED2-498C-B4A3-DEFC6C35E4A0}C:\games\counter\hltv.exe" = protocol=17 | dir=in | app=c:\games\counter\hltv.exe |
"UDP Query User{9C5F9A1A-A2F4-4307-8DE9-683A8D22F648}C:\users\admin\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\admin\appdata\local\akamai\netsession_win.exe |
"UDP Query User{A2527152-3015-426A-9A6A-861B2D7DCE7F}E:\games\call of duty 7 - black ops\blackops.exe" = protocol=17 | dir=in | app=e:\games\call of duty 7 - black ops\blackops.exe |
"UDP Query User{A3884238-B082-48C9-BC07-08275B434D4B}E:\games\splinter cell conviction\src\system\conviction_game.exe" = protocol=17 | dir=in | app=e:\games\splinter cell conviction\src\system\conviction_game.exe |
"UDP Query User{ABCAC640-E3E9-42C8-80E7-3622BB1BF42B}C:\games\laroxion mt2\trable.dll" = protocol=17 | dir=in | app=c:\games\laroxion mt2\trable.dll |
"UDP Query User{D53B7848-8CBC-4D1F-B96D-338D4860025D}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{F85A9D3F-2262-4715-9877-8860A6EA0E1A}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{25367871-3964-0801-34BB-2B369DCA9A26}" = AMD Catalyst Install Manager
"{27A813D1-18D3-656F-5C9E-DC61B8E5C2A1}" = AMD Drag and Drop Transcoding
"{286DF036-3FE3-0959-125C-7FEF26DDA7FD}" = AMD Media Foundation Decoders
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8B1881C3-A40C-4DF3-BFD2-CCD2FEDD7D83}" = BCool Gadget
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{B01E81A4-A434-8543-68FA-38870F75AFD5}" = AMD Fuel
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC9F2154-40A0-F617-DD11-900119C45C1E}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"PCSU-SL_is1" = Zrychleni Pocitace
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.1124.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B4D5056-3600-A76A-76A7-A758B70B0801}" = KMP Media Toolbar
"{4B7IL77L-LKS1-75B1-BF321-18CD6E6334R1}_is1" = Battlefield 3 version 1.0
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6DAF1523-51E9-CCC9-5C23-C96CFC01477C}" = Catalyst Control Center InstallProxy
"{6F8A555E-F2E1-415D-AD8A-67C0A7671029}" = Nero 8
"{70E64861-CD51-AF29-7E09-9D2CC74D4757}" = Catalyst Control Center Graphics Previews Common
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75A332A1-1145-6A64-216A-9CC102CBA58D}" = CCC Help English
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8ED39263-2F44-2500-26D4-1BD7BBBE6162}" = Catalyst Control Center Localization All
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Czech
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Prameny
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{B085A1BA-AB1B-4226-B7B3-C28C70CA780B}" = AMD VISION Engine Control Center
"{B5AC8149-56AF-49EE-8835-EE17DAE86494}" = Cerberus FTP Server
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BDC242BE-A84E-D32C-2003-7B59230697B1}" = CCC Help Czech
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C8A122DE-ACB5-47BB-8661-369D8E46BF92}" = X-Men(TM) Legends 2
"{CC35B08B-4EC1-4759-B159-0EC4E69C3E7C}" = Ultimate Spider-Man (TM)
"{CF6AE90D-05E8-4D0B-AF79-94F9E1CA5601}" = Microsoft Flight Simulator X Demo
"{D4A8FCAB-9D30-4509-A3F1-D0B7E1BE9F00}" = Devil May Cry 3 Special Edition
"{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}" = Star Wars Republic Commando
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EC7EBCD9-0CB4-472B-BC64-364CDC3CAC4C}" = Rise of the Argonauts
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.155
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Zaklínač rozšířená edice
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FD1B1980-8CAB-4474-89F8-1245AF657AD1}" = Harry Potter a Princ Dvojí Krve™
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.1.0
"Assassins Creed III_is1" = Assassins Creed III v1.0.1
"avast" = avast! Free Antivirus
"Call of Duty - Black Ops-=AviaRa=- 7" = Call of Duty - Black Ops-=AviaRa=- 7
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.1124.1
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"InstallShield_{C8A122DE-ACB5-47BB-8661-369D8E46BF92}" = X-Men(TM) Legends 2
"InstallShield_{CC35B08B-4EC1-4759-B159-0EC4E69C3E7C}" = Ultimate Spider-Man (TM)
"InstallShield_{CF6AE90D-05E8-4D0B-AF79-94F9E1CA5601}" = Microsoft Flight Simulator X Demo
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{EC7EBCD9-0CB4-472B-BC64-364CDC3CAC4C}" = Rise of the Argonauts
"jv16 PowerTools 1.1_is1" = jv16 PowerTools 1.1
"Lord of the Rings - War in the North_is1" = Lord of the Rings - War in the North
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mass Effect 3_R.G. Mechanics_is1" = Mass Effect 3
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PunkBusterSvc" = PunkBuster Services
"Silkroad" = Silkroad
"Splinter Cell Conviction 1.00" = Splinter Cell Conviction 1.00
"Star Wars: The Force Unleashed 2_is1" = Star Wars: The Force Unleashed 2
"TeamViewer 8" = TeamViewer 8
"The KMPlayer" = The KMPlayer (remove only)
"Update Engine" = Sony Ericsson Update Engine
"Winamp" = Winamp
"Zaklínač 2: Vrahové Králů Rozšířená Edice_is1" = Zaklínač 2: Vrahové Králů v3.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1377487255-3514349385-2910328215-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Counter-Strike 1.6_is1" = Counter-Strike 1.6 v42
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.4.2013 10:08:44 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\ATI\CIM\Bin64\SetACL64.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 22.4.2013 13:57:32 | Computer Name = Admin-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.4.2013 17:59:19 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: KMPlayer.exe, verze: 3.4.0.59, časové razítko:
0x5099b3d0 Název chybujícího modulu: ole32.dll, verze: 6.1.7601.17514, časové razítko:
0x4ce7b96f Kód výjimky: 0xc0000005 Posun chyby: 0x0002b5f0 ID chybujícího procesu:
0x12bc Čas spuštění chybující aplikace: 0x01ce3fa4a09becd3 Cesta k chybující aplikaci:
C:\PROGRA~2\THEKMP~1\KMPlayer.exe Cesta k chybujícímu modulu: C:\Windows\syswow64\ole32.dll
ID
zprávy: e162a43d-ab97-11e2-846d-902b341163b0
Error - 23.4.2013 8:30:00 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku
. Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která
je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 23.4.2013 8:30:01 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na
řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 23.4.2013 8:30:01 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 23.4.2013 8:30:25 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\ATI\CIM\Bin64\SetACL64.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 24.4.2013 14:02:20 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\Admin\AppData\Local\Temp\KMP_3.6.0.87.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 24.4.2013 14:02:23 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\Admin\AppData\Local\Temp\KMP_3.6.0.87.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 24.4.2013 14:04:35 | Computer Name = Admin-PC | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Aplikaci nebo službu PandoraService nelze restartovat.
[ System Events ]
Error - 21.4.2013 3:55:47 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR6.
Error - 21.4.2013 4:45:38 | Computer Name = Admin-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 21.4.2013 5:08:06 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR5.
Error - 21.4.2013 5:08:07 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR5.
Error - 21.4.2013 5:08:07 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR5.
Error - 21.4.2013 5:08:08 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR5.
Error - 22.4.2013 9:38:50 | Computer Name = Admin-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (11:15:59, ?22.?4.?2013) bylo neočekávané.
Error - 22.4.2013 13:54:31 | Computer Name = Admin-PC | Source = DCOM | ID = 10010
Description =
Error - 22.4.2013 13:56:31 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AVGIDSHA
Error - 23.4.2013 2:11:00 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby lmhosts bylo dosaženo časového
limitu (30000 ms).
< End of report >
OTL Extras logfile created on: 24.4.2013 20:42:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Admin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
8,00 Gb Total Physical Memory | 6,39 Gb Available Physical Memory | 79,90% Memory free
15,99 Gb Paging File | 13,80 Gb Available in Paging File | 86,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 50,59 Gb Free Space | 25,91% Space Free | Partition Type: NTFS
Drive E: | 736,20 Gb Total Space | 315,17 Gb Free Space | 42,81% Space Free | Partition Type: NTFS
Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1377487255-3514349385-2910328215-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D8C4FE3-2F30-4B3F-9787-0165D9DF652C}" = lport=139 | protocol=6 | dir=in | app=system |
"{2AA1C876-5CCE-4C96-AD86-E33A982E8D8A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{32B75609-B53E-4F8D-BE67-1D688BB49EFA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{43150969-7F4C-4993-B059-0010E8AD6A52}" = lport=137 | protocol=17 | dir=in | app=system |
"{5325FFF5-4C92-4A5A-ABC2-772D9CAE448E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5D95840A-D05C-47F2-BC92-A7246AA00BAC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{60318006-F953-43F6-A8E6-A9EE4F265882}" = lport=445 | protocol=6 | dir=in | app=system |
"{692B239A-6865-4932-A9E5-528B3DB9748E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6C0FBE53-1E00-42FC-9E18-D83900B754F9}" = rport=139 | protocol=6 | dir=out | app=system |
"{79DC94E0-4417-4F8A-ACC4-61B0B90FF1BE}" = rport=137 | protocol=17 | dir=out | app=system |
"{7C459103-C2B3-4713-9AF0-797D97B3147C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8DC569B8-F3FA-4286-AE59-04CCF5D6C1B6}" = lport=138 | protocol=17 | dir=in | app=system |
"{8E3653B6-5656-4162-9584-6D5E2BF9003C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{90FCDE45-3854-4621-A1E9-FC88EC8BA60E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A69DF412-462D-4B71-89FD-636729C17343}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B0400DF1-A870-4917-B962-5361AE6DD675}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{B412A5B6-85DD-41FF-8C41-1FD554AFC7A9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E1F14960-93AA-44CC-A1FB-C3F2B0C983AD}" = rport=138 | protocol=17 | dir=out | app=system |
"{E419085D-22AB-44C3-8AAE-2621AE751A07}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E620F8D3-E98B-4262-A4D2-1AA28788D8F5}" = lport=49654 | protocol=6 | dir=in | name=akamai netsession interface |
"{F9C6929D-876E-4988-9F6A-D0E6F6F51D17}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FC8E6BE6-7FD5-4B27-AA89-7A6D8DD98BC3}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0513F614-3BBC-4D0E-A2F7-3C0E75A6AB00}" = protocol=17 | dir=in | app=e:\games\dragon age\daoriginslauncher.exe |
"{052A6AE9-395B-4921-9A90-D456F860A21C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{063FB694-52FB-4409-A149-1656ABA9843B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0C640E77-2453-4FFC-8EB3-F14319CAB2C2}" = protocol=6 | dir=in | app=e:\games\swor\star wars-the old republic\launcher.exe |
"{10063644-612C-4838-A4AA-994C2CA9AD9D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{12488137-569B-4289-ADC0-0C9C526B5D01}" = protocol=6 | dir=in | app=e:\games\sindicate\client.bin |
"{1340960C-6D99-40F7-BB5F-4C69502D5A96}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{14E804CA-5DEA-4AAA-8F3D-A38574B684F7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{177B4CF8-B0CD-46CA-A56D-B02EF913D540}" = protocol=17 | dir=in | app=e:\games\dragon age 2\bin_ship\dragonage2.exe |
"{1A57F126-039F-4DD4-9B3E-B52ED4394D1F}" = protocol=17 | dir=in | app=c:\games\assassin´s creed b\assassinscreedbrotherhood.exe |
"{2546BA1D-4107-48D7-9BB8-68B3A1D508D2}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{28224474-0EAE-46F3-AD8F-39811CFE0196}" = protocol=17 | dir=in | app=e:\games\prototype 2\steam.exe |
"{2B6C88B5-7A7E-430C-AE2E-3083EA156DFE}" = protocol=6 | dir=in | app=e:\games\swor\star wars-the old republic\launcher.exe |
"{2BDF47ED-0FE3-449F-A766-CBB226FD620F}" = protocol=6 | dir=in | app=e:\games\dragon age 2\dragonage2launcher.exe |
"{2C91350A-29B2-4FAE-B52F-90A188396412}" = protocol=17 | dir=in | app=e:\games\mirror's edge\binaries\mirrorsedge.exe |
"{30598FF9-6F53-4B90-B2E7-D294220DB51D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{322E779A-DB57-4E9C-B889-BDB854950E5E}" = protocol=6 | dir=in | app=e:\games\rise of the argonauts\binaries\riseoftheargonauts.exe |
"{32C99A00-8FA6-460D-981F-2B50EB1DF304}" = protocol=6 | dir=in | app=c:\games\star wars the force unleashed 2\swtfu2.exe |
"{35CB5728-1DA3-4D00-86E5-79CE4B8C7449}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{3DD35D6B-487E-457E-88DF-67F2338A2D78}" = protocol=17 | dir=in | app=e:\games\swor\star wars-the old republic\launcher.exe |
"{3E1D0ACB-63A9-40C6-96AA-FBB257E9D6C3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{3EA4B69B-1E1D-4537-8F20-7077593715C4}" = protocol=17 | dir=in | app=c:\games\assassin´s creed b\acbsp.exe |
"{3F4B1FA0-C60A-48E8-B189-40BF2A8336C6}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{46750DE1-C577-45CC-9DE5-FC53E570B536}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{469256E8-9D58-47C9-8683-E2AB599605FF}" = protocol=6 | dir=in | app=c:\games\assassin´s creed b\uplaybrowser.exe |
"{4A51DC6D-2A22-410E-BE7C-022C271D4B91}" = protocol=6 | dir=in | app=e:\games\prototype 2\steam.exe |
"{4D9061BF-CD5C-43DA-AD05-33AD0AC162EE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4E982E2D-C22D-48C4-8556-B3002F176394}" = protocol=17 | dir=in | app=c:\games\assassin´s creed b\uplaybrowser.exe |
"{51DBE903-DC99-4266-9BCE-AC66DB1FCCAA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{52384C1C-50BA-461E-9135-6855684831A2}" = protocol=6 | dir=in | app=c:\games\assassin´s creed b\acbsp.exe |
"{540B8A3C-97E3-41BE-8835-1A2350C052AD}" = protocol=17 | dir=in | app=e:\games\dragon age 2\dragonage2launcher.exe |
"{5A238905-B477-462A-929C-06CE3EAC5309}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{5CAE8A14-569D-4A39-AEA0-E140ECC1CCDC}" = protocol=17 | dir=in | app=e:\games\dragon age\bin_ship\daorigins.exe |
"{5DE3F6B9-ED22-488F-AC0E-6C102C57F0C5}" = protocol=6 | dir=in | app=c:\games\assassin´s creed b\acbmp.exe |
"{61A83F0F-FE05-4801-BDD6-808A17E8BAC2}" = protocol=6 | dir=in | app=e:\games\dragon age\daoriginslauncher.exe |
"{65166BBA-B731-4757-9272-3C648AB3EC44}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{6CA17BD5-0016-46AB-8D98-02020D64CF66}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{72D65F29-CD3A-40FA-AA4D-2C609A0790C2}" = protocol=6 | dir=in | app=c:\games\call of duty 4 - modern warfare\iw3mp.exe |
"{7C929757-F761-47CC-A729-03B35CF9122B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{7E17C575-2640-4C80-A4D4-3A684D8A1993}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{8555600C-7D6E-4256-A11E-FF292052A509}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{85F0CD48-AF20-477E-B908-69706E839896}" = protocol=17 | dir=in | app=e:\games\rise of the argonauts\binaries\riseoftheargonauts.exe |
"{885C65BE-36D9-41B4-8228-147FBE8471EE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{8A08ADFA-3A88-4EB4-A075-202B25D256CE}" = protocol=17 | dir=in | app=c:\games\star wars the force unleashed 2\swtfu2.exe |
"{92323300-C151-4367-8758-DC996752E3BA}" = protocol=6 | dir=in | app=e:\games\mirror's edge\binaries\mirrorsedge.exe |
"{974D7AC2-DCBF-429E-BF6C-456F4C20F903}" = protocol=6 | dir=in | app=e:\games\dragon age\bin_ship\daupdatersvc.service.exe |
"{9CC57C98-980A-4471-8037-702205BDD468}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A05EC70A-74EC-42C5-94AD-97BC0A4E3489}" = protocol=17 | dir=in | app=c:\games\call of duty 4 - modern warfare\iw3mp.exe |
"{A1D45F19-474C-4EE8-8164-2ADC38514397}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A2A1AF8B-8586-4BB1-AC11-BFF256BEE49E}" = protocol=17 | dir=in | app=e:\games\sindicate\client.bin |
"{A5F97FCB-A45E-47D7-8C71-F0A566CAC38C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A75D9777-24C2-4B29-BD6A-4A78F5557846}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{AE0F5651-FBB0-4BC7-B6FD-B63486387BA4}" = protocol=6 | dir=in | app=e:\games\dragon age\bin_ship\daorigins.exe |
"{B29959BA-EDDF-42CC-AA0C-81A924F54EC4}" = protocol=17 | dir=in | app=c:\program files (x86)\cerberus llc\cerberus ftp server\cerberusgui.exe |
"{B3784D0E-9156-4637-80D4-5AF629DBB19C}" = protocol=17 | dir=in | app=e:\games\dragon age\bin_ship\daupdatersvc.service.exe |
"{B6DCB9E5-9064-4D1E-9B80-E979C097D11E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{BB945C89-CE48-4550-9672-0CB67CDE83A9}" = protocol=17 | dir=in | app=c:\games\assassin´s creed b\acbmp.exe |
"{BCD80FDA-D35C-44BB-96CA-3228B5B29321}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{BD7D475F-F1C9-48C3-B4D0-0C0729D17987}" = protocol=6 | dir=in | app=e:\games\dragon age 2\bin_ship\dragonage2.exe |
"{BE9E46A2-3DFD-4DB7-AB32-631FED88DB54}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{C781737D-89BC-4054-9311-B36FE6899157}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{CAF5E67A-8184-418E-8E6F-C6796D1E4422}" = dir=in | app=c:\users\admin\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{CD5338FB-04A0-4560-B5E7-C129782C494B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{CF0BA5A5-416D-42B4-AC42-B71DAF249F82}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D8555CB2-543B-4CFA-AFE3-60137085E59F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D9B3E7B8-51E0-436B-9F2E-6D6EF02BBB51}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{DEB518E6-DBB3-4C4F-8763-FA711E981FF6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DFE11E74-1E81-41C1-8E99-A073DAD00C6E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{E580E6E2-DA83-4AB2-87DE-F64454D30CC3}" = protocol=6 | dir=in | app=c:\program files (x86)\cerberus llc\cerberus ftp server\cerberusgui.exe |
"{E7F06C18-A783-45E5-8BE4-2678998DABA3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E8E546EA-FA5C-4CA6-BC15-81F51A03E48A}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{E8FA434A-53AD-4938-961F-8A68F93B2364}" = protocol=17 | dir=in | app=e:\games\swor\star wars-the old republic\launcher.exe |
"{F11B83DB-6520-4E00-966C-B9C902907E47}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{F1CAF288-5333-4B3B-B7BC-C877AC9A3DE1}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F204578A-B6D2-40FA-A8F6-810D089CDDFF}" = protocol=6 | dir=in | app=c:\games\assassin´s creed b\assassinscreedbrotherhood.exe |
"{F44B15BA-7766-415B-8102-A8DA7FFB109F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{FA14E930-8979-4D8A-AF2B-6C695226D5F5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FCD40DE3-8108-4BE6-BFA8-2ACC6703E5CF}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"TCP Query User{0D52CF33-2EF4-46ED-9779-5A098635DCAC}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{12C9E2B5-DB94-4F47-8C96-C29970B589A8}C:\program files (x86)\prototype 2\prototype2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\prototype 2\prototype2.exe |
"TCP Query User{1531237E-5B35-49B3-B4E1-3F4F03207AFB}C:\games\assassins creed iii\ac3sp.exe" = protocol=6 | dir=in | app=c:\games\assassins creed iii\ac3sp.exe |
"TCP Query User{1536CF21-8B3D-4CCB-A51C-C1A2A9571730}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{276DA4D3-6A72-41AC-83BD-4BE5983F9C02}E:\games\splinter cell conviction\src\system\conviction_game.exe" = protocol=6 | dir=in | app=e:\games\splinter cell conviction\src\system\conviction_game.exe |
"TCP Query User{34B0E9C9-C2CD-49DD-B67A-515925383E6C}E:\games\the witcher 2 (cz)\bin\witcher2.exe" = protocol=6 | dir=in | app=e:\games\the witcher 2 (cz)\bin\witcher2.exe |
"TCP Query User{4A94010A-97BA-42F5-AC26-E9F3717A1149}K:\games\laroxion mt2\trable.dll" = protocol=6 | dir=in | app=k:\games\laroxion mt2\trable.dll |
"TCP Query User{4ACF112E-4FA9-44C0-A275-1F4DECD3AE78}E:\games\call of duty 7 - black ops\blackops.exe" = protocol=6 | dir=in | app=e:\games\call of duty 7 - black ops\blackops.exe |
"TCP Query User{4B704438-A102-4BDB-8186-1D0E7769C6F2}C:\programdata\battle.net\agent\agent.524\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"TCP Query User{66E225AD-D0DB-45C5-9ADF-EBFC23302159}E:\games\sindicate\client.bin" = protocol=6 | dir=in | app=e:\games\sindicate\client.bin |
"TCP Query User{723FCF1A-89D0-4F71-85D4-48E34AF73055}E:\games\rise of the argonauts\binaries\riseoftheargonauts.exe" = protocol=6 | dir=in | app=e:\games\rise of the argonauts\binaries\riseoftheargonauts.exe |
"TCP Query User{956127A8-91CA-4B8D-83EF-E6B4258354BB}C:\users\admin\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\admin\appdata\local\akamai\netsession_win.exe |
"TCP Query User{98E7F073-AC35-424E-8531-C85DF5E8A7A4}C:\games\laroxion mt2\trable.dll" = protocol=6 | dir=in | app=c:\games\laroxion mt2\trable.dll |
"TCP Query User{C6D528DF-3B18-4695-858D-B24800CBA079}C:\games\counter\hltv.exe" = protocol=6 | dir=in | app=c:\games\counter\hltv.exe |
"TCP Query User{D22D9417-ABF5-408E-97E9-2A550733772E}C:\users\admin\downloads\psro_full_client_downloader_v3.exe" = protocol=6 | dir=in | app=c:\users\admin\downloads\psro_full_client_downloader_v3.exe |
"TCP Query User{E04617F8-E36C-4BFF-B9AA-4E3691B3A18D}E:\games\mass effect 3\binaries\win32\masseffect3.exe" = protocol=6 | dir=in | app=e:\games\mass effect 3\binaries\win32\masseffect3.exe |
"TCP Query User{E5ABA304-6245-497C-905A-FAB91E8B575A}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{EA9FA225-1C1C-4DF3-A079-A562FCE8FE4E}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{F81B3691-5451-4B25-BECD-2EEBAEF2B0E8}E:\games\call of duty 7 - black ops\blackopsmp.exe" = protocol=6 | dir=in | app=e:\games\call of duty 7 - black ops\blackopsmp.exe |
"TCP Query User{F9914A74-70CC-4B8D-AF5C-E19529486C48}C:\games\counter\csko.exe" = protocol=6 | dir=in | app=c:\games\counter\csko.exe |
"UDP Query User{0F6B1FDD-5950-4B8A-B912-3FE4BE09DB3E}C:\games\assassins creed iii\ac3sp.exe" = protocol=17 | dir=in | app=c:\games\assassins creed iii\ac3sp.exe |
"UDP Query User{2CC0B1FB-C570-4796-959A-1D5E2A3F8FF2}E:\games\the witcher 2 (cz)\bin\witcher2.exe" = protocol=17 | dir=in | app=e:\games\the witcher 2 (cz)\bin\witcher2.exe |
"UDP Query User{2FB44E3A-C53D-4BBF-8582-9251A374E5B7}C:\program files (x86)\prototype 2\prototype2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\prototype 2\prototype2.exe |
"UDP Query User{2FFBA635-A4B7-43D1-AEB3-3DD24DC5C333}E:\games\mass effect 3\binaries\win32\masseffect3.exe" = protocol=17 | dir=in | app=e:\games\mass effect 3\binaries\win32\masseffect3.exe |
"UDP Query User{347490C3-A8EF-43E4-B11D-FA6775E8441B}C:\users\admin\downloads\psro_full_client_downloader_v3.exe" = protocol=17 | dir=in | app=c:\users\admin\downloads\psro_full_client_downloader_v3.exe |
"UDP Query User{4BC92AAF-244E-40F0-BBA9-D281AA17A669}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{4DD97DEE-4B83-4C7A-80C5-72968859DC14}E:\games\call of duty 7 - black ops\blackopsmp.exe" = protocol=17 | dir=in | app=e:\games\call of duty 7 - black ops\blackopsmp.exe |
"UDP Query User{4EBDA78F-D880-4EAC-A8A6-6D33A8409804}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{4EC56163-5C21-46BF-8C59-D78710239687}E:\games\sindicate\client.bin" = protocol=17 | dir=in | app=e:\games\sindicate\client.bin |
"UDP Query User{58F3737D-C468-461D-B988-86EF8B0C83A8}K:\games\laroxion mt2\trable.dll" = protocol=17 | dir=in | app=k:\games\laroxion mt2\trable.dll |
"UDP Query User{7CA8670E-25EE-4DBF-B5FD-DFB1804101C8}C:\games\counter\csko.exe" = protocol=17 | dir=in | app=c:\games\counter\csko.exe |
"UDP Query User{80E417E6-4D1F-4324-B9DE-5346A04FECF8}C:\programdata\battle.net\agent\agent.524\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"UDP Query User{91452124-5F8B-4E63-9051-BC4E1683583B}E:\games\rise of the argonauts\binaries\riseoftheargonauts.exe" = protocol=17 | dir=in | app=e:\games\rise of the argonauts\binaries\riseoftheargonauts.exe |
"UDP Query User{91D9580F-BED2-498C-B4A3-DEFC6C35E4A0}C:\games\counter\hltv.exe" = protocol=17 | dir=in | app=c:\games\counter\hltv.exe |
"UDP Query User{9C5F9A1A-A2F4-4307-8DE9-683A8D22F648}C:\users\admin\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\admin\appdata\local\akamai\netsession_win.exe |
"UDP Query User{A2527152-3015-426A-9A6A-861B2D7DCE7F}E:\games\call of duty 7 - black ops\blackops.exe" = protocol=17 | dir=in | app=e:\games\call of duty 7 - black ops\blackops.exe |
"UDP Query User{A3884238-B082-48C9-BC07-08275B434D4B}E:\games\splinter cell conviction\src\system\conviction_game.exe" = protocol=17 | dir=in | app=e:\games\splinter cell conviction\src\system\conviction_game.exe |
"UDP Query User{ABCAC640-E3E9-42C8-80E7-3622BB1BF42B}C:\games\laroxion mt2\trable.dll" = protocol=17 | dir=in | app=c:\games\laroxion mt2\trable.dll |
"UDP Query User{D53B7848-8CBC-4D1F-B96D-338D4860025D}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{F85A9D3F-2262-4715-9877-8860A6EA0E1A}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{25367871-3964-0801-34BB-2B369DCA9A26}" = AMD Catalyst Install Manager
"{27A813D1-18D3-656F-5C9E-DC61B8E5C2A1}" = AMD Drag and Drop Transcoding
"{286DF036-3FE3-0959-125C-7FEF26DDA7FD}" = AMD Media Foundation Decoders
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8B1881C3-A40C-4DF3-BFD2-CCD2FEDD7D83}" = BCool Gadget
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{B01E81A4-A434-8543-68FA-38870F75AFD5}" = AMD Fuel
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC9F2154-40A0-F617-DD11-900119C45C1E}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"PCSU-SL_is1" = Zrychleni Pocitace
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.1124.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B4D5056-3600-A76A-76A7-A758B70B0801}" = KMP Media Toolbar
"{4B7IL77L-LKS1-75B1-BF321-18CD6E6334R1}_is1" = Battlefield 3 version 1.0
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6DAF1523-51E9-CCC9-5C23-C96CFC01477C}" = Catalyst Control Center InstallProxy
"{6F8A555E-F2E1-415D-AD8A-67C0A7671029}" = Nero 8
"{70E64861-CD51-AF29-7E09-9D2CC74D4757}" = Catalyst Control Center Graphics Previews Common
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75A332A1-1145-6A64-216A-9CC102CBA58D}" = CCC Help English
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8ED39263-2F44-2500-26D4-1BD7BBBE6162}" = Catalyst Control Center Localization All
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Czech
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Prameny
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{B085A1BA-AB1B-4226-B7B3-C28C70CA780B}" = AMD VISION Engine Control Center
"{B5AC8149-56AF-49EE-8835-EE17DAE86494}" = Cerberus FTP Server
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BDC242BE-A84E-D32C-2003-7B59230697B1}" = CCC Help Czech
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C8A122DE-ACB5-47BB-8661-369D8E46BF92}" = X-Men(TM) Legends 2
"{CC35B08B-4EC1-4759-B159-0EC4E69C3E7C}" = Ultimate Spider-Man (TM)
"{CF6AE90D-05E8-4D0B-AF79-94F9E1CA5601}" = Microsoft Flight Simulator X Demo
"{D4A8FCAB-9D30-4509-A3F1-D0B7E1BE9F00}" = Devil May Cry 3 Special Edition
"{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}" = Star Wars Republic Commando
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EC7EBCD9-0CB4-472B-BC64-364CDC3CAC4C}" = Rise of the Argonauts
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.155
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Zaklínač rozšířená edice
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FD1B1980-8CAB-4474-89F8-1245AF657AD1}" = Harry Potter a Princ Dvojí Krve™
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.1.0
"Assassins Creed III_is1" = Assassins Creed III v1.0.1
"avast" = avast! Free Antivirus
"Call of Duty - Black Ops-=AviaRa=- 7" = Call of Duty - Black Ops-=AviaRa=- 7
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.1124.1
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"InstallShield_{C8A122DE-ACB5-47BB-8661-369D8E46BF92}" = X-Men(TM) Legends 2
"InstallShield_{CC35B08B-4EC1-4759-B159-0EC4E69C3E7C}" = Ultimate Spider-Man (TM)
"InstallShield_{CF6AE90D-05E8-4D0B-AF79-94F9E1CA5601}" = Microsoft Flight Simulator X Demo
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{EC7EBCD9-0CB4-472B-BC64-364CDC3CAC4C}" = Rise of the Argonauts
"jv16 PowerTools 1.1_is1" = jv16 PowerTools 1.1
"Lord of the Rings - War in the North_is1" = Lord of the Rings - War in the North
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mass Effect 3_R.G. Mechanics_is1" = Mass Effect 3
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PunkBusterSvc" = PunkBuster Services
"Silkroad" = Silkroad
"Splinter Cell Conviction 1.00" = Splinter Cell Conviction 1.00
"Star Wars: The Force Unleashed 2_is1" = Star Wars: The Force Unleashed 2
"TeamViewer 8" = TeamViewer 8
"The KMPlayer" = The KMPlayer (remove only)
"Update Engine" = Sony Ericsson Update Engine
"Winamp" = Winamp
"Zaklínač 2: Vrahové Králů Rozšířená Edice_is1" = Zaklínač 2: Vrahové Králů v3.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1377487255-3514349385-2910328215-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Counter-Strike 1.6_is1" = Counter-Strike 1.6 v42
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.4.2013 10:08:44 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\ATI\CIM\Bin64\SetACL64.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 22.4.2013 13:57:32 | Computer Name = Admin-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.4.2013 17:59:19 | Computer Name = Admin-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: KMPlayer.exe, verze: 3.4.0.59, časové razítko:
0x5099b3d0 Název chybujícího modulu: ole32.dll, verze: 6.1.7601.17514, časové razítko:
0x4ce7b96f Kód výjimky: 0xc0000005 Posun chyby: 0x0002b5f0 ID chybujícího procesu:
0x12bc Čas spuštění chybující aplikace: 0x01ce3fa4a09becd3 Cesta k chybující aplikaci:
C:\PROGRA~2\THEKMP~1\KMPlayer.exe Cesta k chybujícímu modulu: C:\Windows\syswow64\ole32.dll
ID
zprávy: e162a43d-ab97-11e2-846d-902b341163b0
Error - 23.4.2013 8:30:00 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku
. Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která
je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 23.4.2013 8:30:01 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na
řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 23.4.2013 8:30:01 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 23.4.2013 8:30:25 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\ATI\CIM\Bin64\SetACL64.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 24.4.2013 14:02:20 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\Admin\AppData\Local\Temp\KMP_3.6.0.87.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 24.4.2013 14:02:23 | Computer Name = Admin-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\Admin\AppData\Local\Temp\KMP_3.6.0.87.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 24.4.2013 14:04:35 | Computer Name = Admin-PC | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Aplikaci nebo službu PandoraService nelze restartovat.
[ System Events ]
Error - 21.4.2013 3:55:47 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR6.
Error - 21.4.2013 4:45:38 | Computer Name = Admin-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 21.4.2013 5:08:06 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR5.
Error - 21.4.2013 5:08:07 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR5.
Error - 21.4.2013 5:08:07 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR5.
Error - 21.4.2013 5:08:08 | Computer Name = Admin-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR5.
Error - 22.4.2013 9:38:50 | Computer Name = Admin-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (11:15:59, ?22.?4.?2013) bylo neočekávané.
Error - 22.4.2013 13:54:31 | Computer Name = Admin-PC | Source = DCOM | ID = 10010
Description =
Error - 22.4.2013 13:56:31 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AVGIDSHA
Error - 23.4.2013 2:11:00 | Computer Name = Admin-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby lmhosts bylo dosaženo časového
limitu (30000 ms).
< End of report >
Re: nefunkční stránky google.cz, youtube.com
OTL (7 dnů), Extras to nevytvořilo ??
k PC se dostanu až v pátek, takže času je dost
Děkuji
1. část
OTL logfile created on: 24.4.2013 22:03:09 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Admin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
8,00 Gb Total Physical Memory | 6,02 Gb Available Physical Memory | 75,31% Memory free
15,99 Gb Paging File | 13,62 Gb Available in Paging File | 85,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 50,59 Gb Free Space | 25,91% Space Free | Partition Type: NTFS
Drive E: | 736,20 Gb Total Space | 315,17 Gb Free Space | 42,81% Space Free | Partition Type: NTFS
Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.04.24 20:39:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
PRC - [2013.04.05 01:15:48 | 000,169,096 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013.04.05 01:15:40 | 001,483,912 | ---- | M] (APN) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.04.03 03:06:08 | 003,684,488 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2013.03.07 12:14:32 | 000,341,800 | ---- | M] () -- C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
PRC - [2013.03.07 00:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.03.06 17:30:44 | 004,161,888 | ---- | M] (TeamViewer GmbH) -- c:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Desktop.exe
PRC - [2013.03.06 17:30:43 | 010,220,896 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.03.06 17:22:26 | 000,185,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013.01.26 08:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.08.31 17:57:54 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.06.22 10:32:12 | 000,625,816 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
PRC - [2011.10.07 19:08:38 | 000,219,760 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
PRC - [2011.07.26 04:38:51 | 005,381,952 | ---- | M] (Cerberus, LLC) -- C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe
PRC - [2007.09.20 15:35:40 | 001,410,344 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007.09.20 15:35:10 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
========== Modules (No Company Name) ==========
MOD - [2011.11.24 11:08:20 | 002,662,471 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
MOD - [2011.11.24 10:41:36 | 000,548,931 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\work.dll
MOD - [2011.11.23 14:29:36 | 000,286,720 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.dll
MOD - [2011.11.22 17:12:22 | 001,474,628 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
MOD - [2011.11.02 13:48:48 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
MOD - [2011.10.20 14:47:40 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
MOD - [2011.10.18 09:26:16 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\STT.dll
MOD - [2011.10.07 19:08:38 | 000,219,760 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
MOD - [2011.10.05 18:23:14 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
MOD - [2011.09.14 17:12:30 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
MOD - [2011.03.01 19:00:58 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll
MOD - [2010.10.19 10:59:46 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll
MOD - [2010.06.24 15:50:08 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll
MOD - [2010.06.10 15:52:24 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll
MOD - [2010.03.12 05:40:58 | 004,449,632 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\platform.dll
MOD - [2010.03.12 05:40:56 | 000,423,256 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\device.dll
MOD - [2008.05.07 15:22:58 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
MOD - [2003.02.14 14:11:46 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012.01.18 07:22:34 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.01.18 01:44:02 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.04.23 14:48:24 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\GAMES\Smite\HiPatchService.exe -- (HiPatchService)
SRV - [2013.04.08 16:49:12 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.05 01:15:48 | 000,169,096 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.07 12:14:32 | 000,341,800 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe -- (PCSUService)
SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.02.04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.10.24 23:02:58 | 004,999,600 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012.08.31 17:57:54 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.08.27 11:54:06 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.22 10:32:12 | 000,625,816 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2011.07.26 04:38:51 | 005,381,952 | ---- | M] (Cerberus, LLC) [Auto | Running] -- C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe -- (Cerberus FTP Server)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.07.26 07:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- E:\GAMES\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.03.07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.03.07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.03.07 00:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.03.07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.03.07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.03.07 00:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.03.07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.03.07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012.08.30 22:37:57 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.18 10:44:40 | 010,731,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.01.18 06:22:34 | 000,328,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.08.23 15:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.07.29 05:40:00 | 000,079,104 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011.07.29 05:40:00 | 000,056,960 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011.07.06 12:12:50 | 000,367,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011.06.24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013.04.22 19:57:21 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2013.04.22 19:57:12 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2013.04.20 21:10:09 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2010.03.12 05:40:48 | 000,052,280 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys -- (AODDriver)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?l=dis&o=APN1 ... 2013-04-24
IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:12.0
FF - prefs.js..browser.startup.homepage: "http://www.search.ask.com/?l=dis&o=APN1 ... 2013-04-24"
FF - prefs.js..browser.search.selectedEngine: "Ask Search"
FF - prefs.js..browser.search.order.1: "Ask Search"
FF - prefs.js..browser.search.defaultengine: "Ask Search"
FF - prefs.js..browser.search.defaultenginename: "Ask Search"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Admin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012.08.30 22:26:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.04.22 20:00:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.08.27 11:54:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.21 11:04:56 | 000,000,000 | ---D | M]
[2012.08.27 11:52:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Extensions
[2013.04.24 20:06:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\extensions
[2012.12.16 14:49:40 | 000,000,000 | ---D | M] (Bcool) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\extensions\50795a5a3c0e3@50795a5a3c11b.com
[2013.04.24 20:06:03 | 000,457,284 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\extensions\toolbar_KMPV6@apn.ask.com.xpi
[2012.09.21 21:28:01 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013.04.24 20:06:02 | 000,002,513 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\searchplugins\ask-search.xml
[2012.08.27 11:52:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.08.27 11:54:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.08.27 11:54:07 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.16 00:31:23 | 000,186,432 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2012.08.27 11:54:05 | 000,003,413 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2012.08.27 11:54:05 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.08.27 11:54:05 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.08.27 11:54:05 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.08.27 11:54:05 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.08.27 11:54:05 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Ask Search (Enabled)
CHR - default_search_provider: search_url = http://asksearch.ask.com/redirect?clien ... earchTerms}
CHR - default_search_provider: suggest_url = http://ss.websearch.ask.com/query?qsrc= ... earchTerms}
CHR - homepage: http://www.search.ask.com/?l=dis&o=APN1 ... 2013-04-24
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - Extension: KMP Media Toolbar = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaknbnblifjbchcfcaibjkccmfhmed\12.42734_0\
CHR - Extension: avast! WebRep = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: Bcool = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbihbfhflakligaidbjipbglhcfpcaoi\7.1_0\
O1 HOSTS File: ([2013.04.21 11:03:19 | 000,000,038 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll File not found
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll File not found
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (KMP Media Toolbar) - {4B4D5056-3600-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\KMPV6\Passport.dll (APN LLC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (KMP Media Toolbar) - {4B4D5056-3600-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\KMPV6\Passport.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe File not found
O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000..\Run: [Akamai NetSession Interface] C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000..\Run: [Facebook Update] C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000..\Run: [PCSpeedUp] C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe ()
O4 - HKLM..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll File not found
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{385CC86C-B0AC-44F1-B928-37C348936347}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47A69FAA-0DAB-44D6-A442-9705DB98FF08}: NameServer = 10.10.10.10,10.10.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdo - No CLSID value found
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\http\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\https\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 7 Days ==========
[2013.04.24 20:39:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2013.04.24 20:08:46 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\PCSpeedUp
[2013.04.24 20:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
[2013.04.24 20:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zrychleni Pocitace
[2013.04.24 20:08:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.04.24 20:08:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.04.24 20:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2013.04.24 20:05:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork
[2013.04.24 20:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013.04.23 16:46:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.04.23 16:46:38 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013.04.23 16:46:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.22 20:44:56 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Malwarebytes
[2013.04.22 20:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.22 20:44:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.04.22 20:44:47 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.22 20:44:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.22 20:00:48 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.04.22 20:00:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.04.22 20:00:47 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.04.22 20:00:46 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.04.22 20:00:46 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.04.22 20:00:45 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.04.22 20:00:41 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.04.22 20:00:41 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.04.22 19:59:59 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.04.22 19:59:50 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.04.22 19:58:00 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.04.22 10:47:12 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Facebook
[2013.04.21 15:31:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013.04.21 09:51:21 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\RK_Quarantine
[2013.04.21 09:36:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2013.04.21 00:19:08 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.04.21 00:19:08 | 000,000,000 | ---D | C] -- C:\rsit
[2013.04.20 23:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.04.20 23:10:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013.04.20 23:10:05 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Programs
[2013.04.20 21:10:09 | 000,025,640 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\etdrv.sys
[2013.04.20 20:52:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools
[2013.04.20 20:52:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\jv16 PowerTools
[2013.04.20 19:34:19 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2013.04.20 19:34:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
[2013.04.19 16:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.04.19 16:45:00 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.19 16:45:00 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.19 16:45:00 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.18 12:44:52 | 000,000,000 | -HSD | C] -- C:\found.000
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2013.04.24 21:49:30 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.04.24 21:15:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.24 21:09:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.24 20:39:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2013.04.24 20:08:39 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\PC SpeedUp Service Deactivator.job
[2013.04.24 20:08:37 | 000,001,061 | ---- | M] () -- C:\Users\Admin\Desktop\Zrychleni Pocitace.lnk
[2013.04.24 20:04:05 | 000,000,999 | ---- | M] () -- C:\Users\Admin\Desktop\KMPlayer.lnk
[2013.04.24 20:03:24 | 032,642,064 | ---- | M] () -- C:\Users\Admin\Desktop\KMPlayer_3-6-0-87.exe
[2013.04.24 19:52:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000UA.job
[2013.04.24 11:09:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.24 10:52:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000Core.job
[2013.04.24 08:36:18 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.23 16:46:39 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.04.22 20:44:49 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.22 20:08:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.04.22 20:03:33 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.22 20:03:33 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.22 20:00:48 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.04.22 19:57:21 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2013.04.22 19:57:21 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2013.04.22 19:57:12 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013.04.22 19:55:43 | 2145,312,767 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.22 15:38:56 | 000,292,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.21 15:31:16 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.04.21 09:43:18 | 000,816,128 | ---- | M] () -- C:\Users\Admin\Desktop\RogueKiller.exe
[2013.04.21 09:43:06 | 000,613,083 | ---- | M] () -- C:\Users\Admin\Desktop\adwcleaner.exe
[2013.04.21 00:18:44 | 000,935,175 | ---- | M] () -- C:\Users\Admin\Desktop\RSITx64.exe
[2013.04.20 21:10:09 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\etdrv.sys
[2013.04.20 20:53:45 | 001,577,410 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.20 20:53:45 | 000,666,406 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.04.20 20:53:45 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.20 20:53:45 | 000,140,102 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.04.20 20:53:45 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.20 20:52:58 | 000,000,977 | ---- | M] () -- C:\Users\Admin\Desktop\jv16 PowerTools.lnk
[2013.04.20 19:34:19 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2013.04.19 13:58:51 | 000,001,986 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.04.24 20:44:19 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.04.24 20:08:39 | 000,000,368 | ---- | C] () -- C:\Windows\tasks\PC SpeedUp Service Deactivator.job
[2013.04.24 20:08:37 | 000,001,061 | ---- | C] () -- C:\Users\Admin\Desktop\Zrychleni Pocitace.lnk
[2013.04.24 20:02:35 | 032,642,064 | ---- | C] () -- C:\Users\Admin\Desktop\KMPlayer_3-6-0-87.exe
[2013.04.23 21:27:05 | 000,935,175 | ---- | C] () -- C:\Users\Admin\Desktop\RSITx64.exe
[2013.04.23 16:46:39 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.04.22 20:44:49 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.22 20:00:48 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.04.22 20:00:45 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.04.22 20:00:43 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.04.22 20:00:41 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.04.22 10:47:17 | 000,000,928 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000UA.job
[2013.04.22 10:47:16 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000Core.job
[2013.04.21 15:31:16 | 000,001,138 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.04.21 15:31:16 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.04.21 09:45:49 | 000,816,128 | ---- | C] () -- C:\Users\Admin\Desktop\RogueKiller.exe
[2013.04.21 09:45:49 | 000,613,083 | ---- | C] () -- C:\Users\Admin\Desktop\adwcleaner.exe
[2013.04.20 22:51:32 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\GVTunner.ref
[2013.04.20 20:52:58 | 000,000,977 | ---- | C] () -- C:\Users\Admin\Desktop\jv16 PowerTools.lnk
[2013.02.04 11:03:59 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012.09.22 18:46:35 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.09.22 15:07:04 | 001,555,696 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.09.22 13:17:30 | 000,000,259 | ---- | C] () -- C:\Windows\game.ini
[2012.08.31 12:47:15 | 000,270,408 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.08.31 12:47:14 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.08.27 17:42:58 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012.08.27 17:42:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.08.27 17:32:11 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.08.27 17:32:11 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.08.27 17:32:11 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.08.27 17:23:02 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.08.27 13:44:42 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2012.01.18 02:27:52 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2012.01.18 02:27:42 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.01.30 13:04:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\.minecraft
[2012.08.27 11:56:06 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\AVG2012
[2012.08.27 11:50:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BSplayer Pro
[2013.04.13 20:16:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2012.08.30 22:26:14 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GHISLER
[2012.08.31 09:38:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LolClient
[2012.10.28 11:03:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mass Effect 3
[2012.08.31 12:47:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PunkBuster
[2012.11.25 11:10:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Theta
[2012.09.12 16:31:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TS3Client
[2013.04.09 20:24:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TuneUp Software
[2012.08.31 17:57:26 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ubisoft
[2013.02.15 18:56:16 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Wargaming.net
[2013.01.31 13:37:27 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.01.31 13:37:27 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,602 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.08.27 11:56:33 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.11.30 17:19:18 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.11.30 17:19:19 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.04.22 10:47:16 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000Core.job
[2013.04.22 10:47:17 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000UA.job
[2013.04.24 20:08:39 | 000,000,368 | ---- | C] () -- C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
k PC se dostanu až v pátek, takže času je dost
Děkuji
1. část
OTL logfile created on: 24.4.2013 22:03:09 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Admin\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
8,00 Gb Total Physical Memory | 6,02 Gb Available Physical Memory | 75,31% Memory free
15,99 Gb Paging File | 13,62 Gb Available in Paging File | 85,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 50,59 Gb Free Space | 25,91% Space Free | Partition Type: NTFS
Drive E: | 736,20 Gb Total Space | 315,17 Gb Free Space | 42,81% Space Free | Partition Type: NTFS
Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.04.24 20:39:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
PRC - [2013.04.05 01:15:48 | 000,169,096 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013.04.05 01:15:40 | 001,483,912 | ---- | M] (APN) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.04.03 03:06:08 | 003,684,488 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2013.03.07 12:14:32 | 000,341,800 | ---- | M] () -- C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
PRC - [2013.03.07 00:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.03.06 17:30:44 | 004,161,888 | ---- | M] (TeamViewer GmbH) -- c:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Desktop.exe
PRC - [2013.03.06 17:30:43 | 010,220,896 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.03.06 17:22:26 | 000,185,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013.01.26 08:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.08.31 17:57:54 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.06.22 10:32:12 | 000,625,816 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
PRC - [2011.10.07 19:08:38 | 000,219,760 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
PRC - [2011.07.26 04:38:51 | 005,381,952 | ---- | M] (Cerberus, LLC) -- C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe
PRC - [2007.09.20 15:35:40 | 001,410,344 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007.09.20 15:35:10 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
========== Modules (No Company Name) ==========
MOD - [2011.11.24 11:08:20 | 002,662,471 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
MOD - [2011.11.24 10:41:36 | 000,548,931 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\work.dll
MOD - [2011.11.23 14:29:36 | 000,286,720 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.dll
MOD - [2011.11.22 17:12:22 | 001,474,628 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
MOD - [2011.11.02 13:48:48 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
MOD - [2011.10.20 14:47:40 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
MOD - [2011.10.18 09:26:16 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\STT.dll
MOD - [2011.10.07 19:08:38 | 000,219,760 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
MOD - [2011.10.05 18:23:14 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
MOD - [2011.09.14 17:12:30 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
MOD - [2011.03.01 19:00:58 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll
MOD - [2010.10.19 10:59:46 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll
MOD - [2010.06.24 15:50:08 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll
MOD - [2010.06.10 15:52:24 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll
MOD - [2010.03.12 05:40:58 | 004,449,632 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\platform.dll
MOD - [2010.03.12 05:40:56 | 000,423,256 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\device.dll
MOD - [2008.05.07 15:22:58 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
MOD - [2003.02.14 14:11:46 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012.01.18 07:22:34 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.01.18 01:44:02 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.04.23 14:48:24 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\GAMES\Smite\HiPatchService.exe -- (HiPatchService)
SRV - [2013.04.08 16:49:12 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.05 01:15:48 | 000,169,096 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.07 12:14:32 | 000,341,800 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe -- (PCSUService)
SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.02.04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.10.24 23:02:58 | 004,999,600 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012.08.31 17:57:54 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.08.27 11:54:06 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.22 10:32:12 | 000,625,816 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2011.07.26 04:38:51 | 005,381,952 | ---- | M] (Cerberus, LLC) [Auto | Running] -- C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe -- (Cerberus FTP Server)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.07.26 07:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- E:\GAMES\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.03.07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.03.07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.03.07 00:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.03.07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.03.07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.03.07 00:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.03.07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.03.07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012.08.30 22:37:57 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.18 10:44:40 | 010,731,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.01.18 06:22:34 | 000,328,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.08.23 15:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.07.29 05:40:00 | 000,079,104 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011.07.29 05:40:00 | 000,056,960 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011.07.06 12:12:50 | 000,367,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011.06.24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013.04.22 19:57:21 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2013.04.22 19:57:12 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2013.04.20 21:10:09 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2010.03.12 05:40:48 | 000,052,280 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys -- (AODDriver)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?l=dis&o=APN1 ... 2013-04-24
IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:12.0
FF - prefs.js..browser.startup.homepage: "http://www.search.ask.com/?l=dis&o=APN1 ... 2013-04-24"
FF - prefs.js..browser.search.selectedEngine: "Ask Search"
FF - prefs.js..browser.search.order.1: "Ask Search"
FF - prefs.js..browser.search.defaultengine: "Ask Search"
FF - prefs.js..browser.search.defaultenginename: "Ask Search"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Admin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012.08.30 22:26:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.04.22 20:00:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.08.27 11:54:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.21 11:04:56 | 000,000,000 | ---D | M]
[2012.08.27 11:52:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Extensions
[2013.04.24 20:06:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\extensions
[2012.12.16 14:49:40 | 000,000,000 | ---D | M] (Bcool) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\extensions\50795a5a3c0e3@50795a5a3c11b.com
[2013.04.24 20:06:03 | 000,457,284 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\extensions\toolbar_KMPV6@apn.ask.com.xpi
[2012.09.21 21:28:01 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013.04.24 20:06:02 | 000,002,513 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\searchplugins\ask-search.xml
[2012.08.27 11:52:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.08.27 11:54:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.08.27 11:54:07 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.16 00:31:23 | 000,186,432 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2012.08.27 11:54:05 | 000,003,413 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2012.08.27 11:54:05 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.08.27 11:54:05 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.08.27 11:54:05 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.08.27 11:54:05 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.08.27 11:54:05 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Ask Search (Enabled)
CHR - default_search_provider: search_url = http://asksearch.ask.com/redirect?clien ... earchTerms}
CHR - default_search_provider: suggest_url = http://ss.websearch.ask.com/query?qsrc= ... earchTerms}
CHR - homepage: http://www.search.ask.com/?l=dis&o=APN1 ... 2013-04-24
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Uplay PC (Enabled) = C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - Extension: KMP Media Toolbar = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaknbnblifjbchcfcaibjkccmfhmed\12.42734_0\
CHR - Extension: avast! WebRep = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: Bcool = C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbihbfhflakligaidbjipbglhcfpcaoi\7.1_0\
O1 HOSTS File: ([2013.04.21 11:03:19 | 000,000,038 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll File not found
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll File not found
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (KMP Media Toolbar) - {4B4D5056-3600-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\KMPV6\Passport.dll (APN LLC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (KMP Media Toolbar) - {4B4D5056-3600-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\KMPV6\Passport.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe File not found
O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000..\Run: [Akamai NetSession Interface] C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000..\Run: [Facebook Update] C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000..\Run: [PCSpeedUp] C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe ()
O4 - HKLM..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll File not found
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{385CC86C-B0AC-44F1-B928-37C348936347}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47A69FAA-0DAB-44D6-A442-9705DB98FF08}: NameServer = 10.10.10.10,10.10.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdo - No CLSID value found
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\http\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\https\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 7 Days ==========
[2013.04.24 20:39:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2013.04.24 20:08:46 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\PCSpeedUp
[2013.04.24 20:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
[2013.04.24 20:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zrychleni Pocitace
[2013.04.24 20:08:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.04.24 20:08:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.04.24 20:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2013.04.24 20:05:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork
[2013.04.24 20:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013.04.23 16:46:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.04.23 16:46:38 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013.04.23 16:46:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.22 20:44:56 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Malwarebytes
[2013.04.22 20:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.22 20:44:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.04.22 20:44:47 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.22 20:44:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.22 20:00:48 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.04.22 20:00:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.04.22 20:00:47 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.04.22 20:00:46 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.04.22 20:00:46 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.04.22 20:00:45 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.04.22 20:00:41 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.04.22 20:00:41 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.04.22 19:59:59 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.04.22 19:59:50 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.04.22 19:58:00 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.04.22 10:47:12 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Facebook
[2013.04.21 15:31:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013.04.21 09:51:21 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\RK_Quarantine
[2013.04.21 09:36:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2013.04.21 00:19:08 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.04.21 00:19:08 | 000,000,000 | ---D | C] -- C:\rsit
[2013.04.20 23:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.04.20 23:10:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013.04.20 23:10:05 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Programs
[2013.04.20 21:10:09 | 000,025,640 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\etdrv.sys
[2013.04.20 20:52:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools
[2013.04.20 20:52:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\jv16 PowerTools
[2013.04.20 19:34:19 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2013.04.20 19:34:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
[2013.04.19 16:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.04.19 16:45:00 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.04.19 16:45:00 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.04.19 16:45:00 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.04.18 12:44:52 | 000,000,000 | -HSD | C] -- C:\found.000
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2013.04.24 21:49:30 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.04.24 21:15:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.24 21:09:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.24 20:39:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2013.04.24 20:08:39 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\PC SpeedUp Service Deactivator.job
[2013.04.24 20:08:37 | 000,001,061 | ---- | M] () -- C:\Users\Admin\Desktop\Zrychleni Pocitace.lnk
[2013.04.24 20:04:05 | 000,000,999 | ---- | M] () -- C:\Users\Admin\Desktop\KMPlayer.lnk
[2013.04.24 20:03:24 | 032,642,064 | ---- | M] () -- C:\Users\Admin\Desktop\KMPlayer_3-6-0-87.exe
[2013.04.24 19:52:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000UA.job
[2013.04.24 11:09:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.24 10:52:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000Core.job
[2013.04.24 08:36:18 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.23 16:46:39 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.04.22 20:44:49 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.22 20:08:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.04.22 20:03:33 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.22 20:03:33 | 000,022,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.22 20:00:48 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.04.22 19:57:21 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2013.04.22 19:57:21 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2013.04.22 19:57:12 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013.04.22 19:55:43 | 2145,312,767 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.22 15:38:56 | 000,292,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.21 15:31:16 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.04.21 09:43:18 | 000,816,128 | ---- | M] () -- C:\Users\Admin\Desktop\RogueKiller.exe
[2013.04.21 09:43:06 | 000,613,083 | ---- | M] () -- C:\Users\Admin\Desktop\adwcleaner.exe
[2013.04.21 00:18:44 | 000,935,175 | ---- | M] () -- C:\Users\Admin\Desktop\RSITx64.exe
[2013.04.20 21:10:09 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\etdrv.sys
[2013.04.20 20:53:45 | 001,577,410 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.20 20:53:45 | 000,666,406 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.04.20 20:53:45 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.20 20:53:45 | 000,140,102 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.04.20 20:53:45 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.20 20:52:58 | 000,000,977 | ---- | M] () -- C:\Users\Admin\Desktop\jv16 PowerTools.lnk
[2013.04.20 19:34:19 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2013.04.19 13:58:51 | 000,001,986 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.04.24 20:44:19 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.04.24 20:08:39 | 000,000,368 | ---- | C] () -- C:\Windows\tasks\PC SpeedUp Service Deactivator.job
[2013.04.24 20:08:37 | 000,001,061 | ---- | C] () -- C:\Users\Admin\Desktop\Zrychleni Pocitace.lnk
[2013.04.24 20:02:35 | 032,642,064 | ---- | C] () -- C:\Users\Admin\Desktop\KMPlayer_3-6-0-87.exe
[2013.04.23 21:27:05 | 000,935,175 | ---- | C] () -- C:\Users\Admin\Desktop\RSITx64.exe
[2013.04.23 16:46:39 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.04.22 20:44:49 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.22 20:00:48 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.04.22 20:00:45 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.04.22 20:00:43 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.04.22 20:00:41 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013.04.22 10:47:17 | 000,000,928 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000UA.job
[2013.04.22 10:47:16 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000Core.job
[2013.04.21 15:31:16 | 000,001,138 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.04.21 15:31:16 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.04.21 09:45:49 | 000,816,128 | ---- | C] () -- C:\Users\Admin\Desktop\RogueKiller.exe
[2013.04.21 09:45:49 | 000,613,083 | ---- | C] () -- C:\Users\Admin\Desktop\adwcleaner.exe
[2013.04.20 22:51:32 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\GVTunner.ref
[2013.04.20 20:52:58 | 000,000,977 | ---- | C] () -- C:\Users\Admin\Desktop\jv16 PowerTools.lnk
[2013.02.04 11:03:59 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012.09.22 18:46:35 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.09.22 15:07:04 | 001,555,696 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.09.22 13:17:30 | 000,000,259 | ---- | C] () -- C:\Windows\game.ini
[2012.08.31 12:47:15 | 000,270,408 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.08.31 12:47:14 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.08.27 17:42:58 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012.08.27 17:42:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.08.27 17:32:11 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.08.27 17:32:11 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.08.27 17:32:11 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.08.27 17:23:02 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.08.27 13:44:42 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2012.01.18 02:27:52 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2012.01.18 02:27:42 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.01.30 13:04:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\.minecraft
[2012.08.27 11:56:06 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\AVG2012
[2012.08.27 11:50:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BSplayer Pro
[2013.04.13 20:16:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2012.08.30 22:26:14 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GHISLER
[2012.08.31 09:38:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LolClient
[2012.10.28 11:03:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mass Effect 3
[2012.08.31 12:47:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PunkBuster
[2012.11.25 11:10:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Theta
[2012.09.12 16:31:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TS3Client
[2013.04.09 20:24:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TuneUp Software
[2012.08.31 17:57:26 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ubisoft
[2013.02.15 18:56:16 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Wargaming.net
[2013.01.31 13:37:27 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.01.31 13:37:27 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,602 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.08.27 11:56:33 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.11.30 17:19:18 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.11.30 17:19:19 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.04.22 10:47:16 | 000,000,906 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000Core.job
[2013.04.22 10:47:17 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000UA.job
[2013.04.24 20:08:39 | 000,000,368 | ---- | C] () -- C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
Re: nefunkční stránky google.cz, youtube.com
OTL (7 dnů) 2. část
< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< >
< %systemroot%*.* /U /s >
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[17 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.01.30 13:04:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\.minecraft
[2013.01.17 12:18:57 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Adobe
[2012.08.27 17:44:26 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ATI
[2012.08.27 11:56:06 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\AVG2012
[2012.08.27 11:50:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BSplayer Pro
[2013.04.13 20:16:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2012.08.30 22:26:14 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GHISLER
[2013.02.10 15:01:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Google Chrome Backup
[2012.08.27 17:22:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Identities
[2012.08.31 09:38:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LolClient
[2012.08.30 22:20:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Macromedia
[2013.04.22 20:44:56 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Malwarebytes
[2012.10.28 11:03:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mass Effect 3
[2011.04.12 10:45:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Media Center Programs
[2012.11.19 13:00:11 | 000,000,000 | --SD | M] -- C:\Users\Admin\AppData\Roaming\Microsoft
[2012.08.27 11:52:10 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mozilla
[2012.08.27 14:07:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Nero
[2012.08.31 12:47:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PunkBuster
[2013.04.24 20:35:49 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Skype
[2012.11.25 11:10:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Theta
[2012.09.12 16:31:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TS3Client
[2013.04.09 20:24:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TuneUp Software
[2012.08.31 17:57:26 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ubisoft
[2013.02.15 18:56:16 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Wargaming.net
[2013.04.14 02:24:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Winamp
< %APPDATA%\*.exe /s >
[2012.10.28 10:45:47 | 001,111,909 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mass Effect 3\Uninstall\unins000.exe
[2011.02.17 23:46:25 | 000,835,440 | R--- | M] () -- C:\Users\Admin\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2013.04.24 22:09:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.04.24 10:52:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000Core.job
[2013.04.24 19:52:01 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000UA.job
[2013.04.24 08:36:18 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.04.24 21:15:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.04.24 20:08:39 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.04.22 20:08:22 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt
[2013.04.22 19:57:21 | 000,000,004 | ---- | M] () -- C:\Windows\system32\GVTunner.ref
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" -- [2007.09.20 15:35:10 | 000,202,024 | ---- | M] (Nero AG)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.04.17 17:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd)
"Akamai NetSession Interface" = "C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe" -- [2013.01.26 08:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.)
"Facebook Update" = "C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2013.04.22 10:47:12 | 000,138,096 | ---- | M] (Facebook Inc.)
"PCSpeedUp" = C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe -- [2013.03.07 12:14:34 | 000,256,808 | ---- | M] ()
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.08.27 11:54:06 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=4F69AABB5D82AA4EF6DFF7871212ADF6 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.02.22 06:10:00 | 000,757,376 | ---- | M] (Microsoft Corporation) MD5=32732CEDE2A1106B736EF3D84054EE04 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.04.09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) MD5=4E9592BB2C100E571F82640E59E9ECD5 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.04.24 21:49:30 | 000,000,512 | ---- | M] () MD5=E5F2B9923A3725B3F80CDE44A0C3E460 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2011.01.27 22:50:08 | 000,695,296 | ---- | M] () -- \GAMES\MineCraft\minecraft 1.0 od tomaska\Minecraft cracked.exe
[2012.10.29 00:03:00 | 000,000,312 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\crack (2).lnk
[2012.10.28 22:45:36 | 000,000,430 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\crack.lnk
[2012.10.28 23:12:06 | 000,000,898 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\instalace cracku devil may4.lnk
[2012.10.28 23:11:51 | 000,000,774 | ---- | M] () -- \Users\Admin\AppData\Roaming\Microsoft\Office\Naposledy otevřené\instalace cracku devil may4.LNK
< *keygen* /s >
< *loader* /s >
[2011.02.17 16:50:18 | 000,234,104 | ---- | M] () -- \GAMES\Assassin´s Creed B\ubiorbitapi_r2_loader.dll
[2012.11.14 12:41:38 | 000,234,616 | ---- | M] () -- \GAMES\Assassins Creed III\ubiorbitapi_r2_loader.dll
[2012.11.18 23:58:16 | 000,003,584 | ---- | M] () -- \GAMES\Assassins Creed III\uplay_r1_loader.dll
[2003.09.15 16:02:00 | 000,169,384 | ---- | M] () -- \GAMES\counter\cstrike\models\qloader.mdl
[2003.09.15 15:55:50 | 000,352,548 | ---- | M] () -- \GAMES\counter\valve\models\loader.mdl
[2003.09.15 15:56:04 | 000,012,764 | ---- | M] () -- \GAMES\counter\valve\sound\ambience\loader_hydra1.wav
[2003.09.15 15:56:04 | 000,012,164 | ---- | M] () -- \GAMES\counter\valve\sound\ambience\loader_step1.wav
[2012.02.16 14:44:38 | 000,000,404 | ---- | M] () -- \GAMES\LeagueOfLegends\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.255\deploy\assets\storeImages\layout\small_loader.gif
[2012.02.16 14:44:38 | 000,000,404 | ---- | M] () -- \GAMES\LeagueOfLegends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.0\deploy\assets\storeImages\layout\small_loader.gif
[2011.12.07 16:14:10 | 000,004,416 | ---- | M] () -- \GAMES\MineCraft\minecraft 1.0 od tomaska\ModLoader.txt
[2011.11.09 17:26:18 | 000,003,384 | ---- | M] () -- \GAMES\MineCraft\minecraft 1.0 od tomaska\ModLoader.txt.1
[2011.12.07 16:13:52 | 000,000,364 | ---- | M] () -- \GAMES\MineCraft\minecraft 1.0 od tomaska\config\ModLoader.cfg
[2011.06.27 19:06:26 | 000,064,280 | R--- | M] () -- \GAMES\Smite\HiRezGames\smite\Binaries\Win32\PhysXLoader.dll
[2013.01.09 19:20:26 | 000,071,208 | ---- | M] () -- \GAMES\World_of_Tanks\PhysXLoader.dll
[2013.01.09 19:20:26 | 000,003,668 | ---- | M] () -- \GAMES\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2013.01.09 19:20:26 | 000,005,363 | ---- | M] () -- \GAMES\World_of_Tanks\res\scripts\client\tutorial\tutorialloader.pyc
[2008.05.27 10:43:24 | 000,001,666 | ---- | M] () -- \GAMES\Zaklínač\System\Scripts\CSkinLoader.luc
[2007.09.26 19:37:48 | 000,107,816 | ---- | M] () -- \Program Files (x86)\Common Files\Nero\Shared\NSCLoader.dll
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.17 14:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.04.08 13:57:46 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2013.04.06 16:28:59 | 000,330,040 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2013.04.06 16:29:00 | 000,294,400 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\uplay_r1_loader.dll
[2007.09.18 11:59:00 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013.02.20 16:28:38 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.02.20 16:28:38 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.02.20 16:28:38 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.02.23 22:08:08 | 000,005,505 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2EXHAO67\queryLoader[1].js
[2013.02.07 15:26:19 | 000,105,903 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C6Q20YNN\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.02.21 18:21:17 | 000,005,505 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C6Q20YNN\queryLoader[1].js
[2013.02.08 10:02:40 | 000,105,903 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PG1MHKM2\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.02.11 20:32:44 | 000,005,708 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PG1MHKM2\queryLoader[1].js
[2013.04.22 10:43:58 | 000,000,374 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OBDLU0W\queryLoader[1].css
[2013.04.22 10:43:58 | 000,005,708 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OBDLU0W\queryLoader[1].js
[2013.04.24 20:02:18 | 000,005,187 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OBDLU0W\universaldownloader-prefetch[1].htm
[2013.04.23 16:46:55 | 000,000,753 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9HUG2R5\AdLoader[1].htm
[2013.04.17 17:07:35 | 000,000,374 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9HUG2R5\queryLoader[1].css
[2013.04.17 17:07:35 | 000,005,708 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9HUG2R5\queryLoader[1].js
[2013.04.22 18:41:18 | 000,000,374 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9HUG2R5\queryLoader[2].css
[2013.04.21 11:53:15 | 000,005,708 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9HUG2R5\queryLoader[2].js
[2013.04.23 16:46:56 | 000,105,903 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4CDP7HI\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.04.21 11:53:14 | 000,000,374 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4CDP7HI\queryLoader[1].css
[2013.04.22 18:41:19 | 000,005,708 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4CDP7HI\queryLoader[1].js
[2012.11.17 19:27:17 | 000,373,456 | ---- | M] () -- \Users\Admin\Downloads\SoftonicDownloader_for_microsoft-flight-simulator.exe
[2007.09.18 11:59:00 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013.02.20 16:28:38 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.02.20 16:28:38 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.02.20 16:28:38 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.04.12 10:34:35 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.04.12 10:34:35 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.04.12 10:34:35 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.04.12 10:34:35 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.04.12 10:34:35 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.08.27 12:03:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.08.27 12:03:35 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.08.27 12:03:35 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.08.27 12:03:35 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.08.27 12:03:35 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.04.12 10:33:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
< End of report >
< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< >
< %systemroot%*.* /U /s >
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[17 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.01.30 13:04:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\.minecraft
[2013.01.17 12:18:57 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Adobe
[2012.08.27 17:44:26 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ATI
[2012.08.27 11:56:06 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\AVG2012
[2012.08.27 11:50:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BSplayer Pro
[2013.04.13 20:16:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2012.08.30 22:26:14 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GHISLER
[2013.02.10 15:01:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Google Chrome Backup
[2012.08.27 17:22:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Identities
[2012.08.31 09:38:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LolClient
[2012.08.30 22:20:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Macromedia
[2013.04.22 20:44:56 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Malwarebytes
[2012.10.28 11:03:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mass Effect 3
[2011.04.12 10:45:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Media Center Programs
[2012.11.19 13:00:11 | 000,000,000 | --SD | M] -- C:\Users\Admin\AppData\Roaming\Microsoft
[2012.08.27 11:52:10 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mozilla
[2012.08.27 14:07:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Nero
[2012.08.31 12:47:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PunkBuster
[2013.04.24 20:35:49 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Skype
[2012.11.25 11:10:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Theta
[2012.09.12 16:31:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TS3Client
[2013.04.09 20:24:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TuneUp Software
[2012.08.31 17:57:26 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Ubisoft
[2013.02.15 18:56:16 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Wargaming.net
[2013.04.14 02:24:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Winamp
< %APPDATA%\*.exe /s >
[2012.10.28 10:45:47 | 001,111,909 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mass Effect 3\Uninstall\unins000.exe
[2011.02.17 23:46:25 | 000,835,440 | R--- | M] () -- C:\Users\Admin\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2013.04.24 22:09:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.04.24 10:52:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000Core.job
[2013.04.24 19:52:01 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000UA.job
[2013.04.24 08:36:18 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.04.24 21:15:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.04.24 20:08:39 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.04.22 20:08:22 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt
[2013.04.22 19:57:21 | 000,000,004 | ---- | M] () -- C:\Windows\system32\GVTunner.ref
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" -- [2007.09.20 15:35:10 | 000,202,024 | ---- | M] (Nero AG)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.04.17 17:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd)
"Akamai NetSession Interface" = "C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe" -- [2013.01.26 08:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.)
"Facebook Update" = "C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2013.04.22 10:47:12 | 000,138,096 | ---- | M] (Facebook Inc.)
"PCSpeedUp" = C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe -- [2013.03.07 12:14:34 | 000,256,808 | ---- | M] ()
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.08.27 11:54:06 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=4F69AABB5D82AA4EF6DFF7871212ADF6 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.02.22 06:10:00 | 000,757,376 | ---- | M] (Microsoft Corporation) MD5=32732CEDE2A1106B736EF3D84054EE04 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.04.09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) MD5=4E9592BB2C100E571F82640E59E9ECD5 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.04.24 21:49:30 | 000,000,512 | ---- | M] () MD5=E5F2B9923A3725B3F80CDE44A0C3E460 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2011.01.27 22:50:08 | 000,695,296 | ---- | M] () -- \GAMES\MineCraft\minecraft 1.0 od tomaska\Minecraft cracked.exe
[2012.10.29 00:03:00 | 000,000,312 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\crack (2).lnk
[2012.10.28 22:45:36 | 000,000,430 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\crack.lnk
[2012.10.28 23:12:06 | 000,000,898 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\instalace cracku devil may4.lnk
[2012.10.28 23:11:51 | 000,000,774 | ---- | M] () -- \Users\Admin\AppData\Roaming\Microsoft\Office\Naposledy otevřené\instalace cracku devil may4.LNK
< *keygen* /s >
< *loader* /s >
[2011.02.17 16:50:18 | 000,234,104 | ---- | M] () -- \GAMES\Assassin´s Creed B\ubiorbitapi_r2_loader.dll
[2012.11.14 12:41:38 | 000,234,616 | ---- | M] () -- \GAMES\Assassins Creed III\ubiorbitapi_r2_loader.dll
[2012.11.18 23:58:16 | 000,003,584 | ---- | M] () -- \GAMES\Assassins Creed III\uplay_r1_loader.dll
[2003.09.15 16:02:00 | 000,169,384 | ---- | M] () -- \GAMES\counter\cstrike\models\qloader.mdl
[2003.09.15 15:55:50 | 000,352,548 | ---- | M] () -- \GAMES\counter\valve\models\loader.mdl
[2003.09.15 15:56:04 | 000,012,764 | ---- | M] () -- \GAMES\counter\valve\sound\ambience\loader_hydra1.wav
[2003.09.15 15:56:04 | 000,012,164 | ---- | M] () -- \GAMES\counter\valve\sound\ambience\loader_step1.wav
[2012.02.16 14:44:38 | 000,000,404 | ---- | M] () -- \GAMES\LeagueOfLegends\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.255\deploy\assets\storeImages\layout\small_loader.gif
[2012.02.16 14:44:38 | 000,000,404 | ---- | M] () -- \GAMES\LeagueOfLegends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.0\deploy\assets\storeImages\layout\small_loader.gif
[2011.12.07 16:14:10 | 000,004,416 | ---- | M] () -- \GAMES\MineCraft\minecraft 1.0 od tomaska\ModLoader.txt
[2011.11.09 17:26:18 | 000,003,384 | ---- | M] () -- \GAMES\MineCraft\minecraft 1.0 od tomaska\ModLoader.txt.1
[2011.12.07 16:13:52 | 000,000,364 | ---- | M] () -- \GAMES\MineCraft\minecraft 1.0 od tomaska\config\ModLoader.cfg
[2011.06.27 19:06:26 | 000,064,280 | R--- | M] () -- \GAMES\Smite\HiRezGames\smite\Binaries\Win32\PhysXLoader.dll
[2013.01.09 19:20:26 | 000,071,208 | ---- | M] () -- \GAMES\World_of_Tanks\PhysXLoader.dll
[2013.01.09 19:20:26 | 000,003,668 | ---- | M] () -- \GAMES\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2013.01.09 19:20:26 | 000,005,363 | ---- | M] () -- \GAMES\World_of_Tanks\res\scripts\client\tutorial\tutorialloader.pyc
[2008.05.27 10:43:24 | 000,001,666 | ---- | M] () -- \GAMES\Zaklínač\System\Scripts\CSkinLoader.luc
[2007.09.26 19:37:48 | 000,107,816 | ---- | M] () -- \Program Files (x86)\Common Files\Nero\Shared\NSCLoader.dll
[2011.10.17 15:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.17 14:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.06 12:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.04.08 13:57:46 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Sony Ericsson\Update Engine\licenses\loaderbinarylegal.txt
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2013.04.06 16:28:59 | 000,330,040 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2013.04.06 16:29:00 | 000,294,400 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\uplay_r1_loader.dll
[2007.09.18 11:59:00 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013.02.20 16:28:38 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.02.20 16:28:38 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.02.20 16:28:38 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.02.23 22:08:08 | 000,005,505 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2EXHAO67\queryLoader[1].js
[2013.02.07 15:26:19 | 000,105,903 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C6Q20YNN\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.02.21 18:21:17 | 000,005,505 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C6Q20YNN\queryLoader[1].js
[2013.02.08 10:02:40 | 000,105,903 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PG1MHKM2\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.02.11 20:32:44 | 000,005,708 | ---- | M] () -- \System Volume Information\SystemRestore\FRStaging\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PG1MHKM2\queryLoader[1].js
[2013.04.22 10:43:58 | 000,000,374 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OBDLU0W\queryLoader[1].css
[2013.04.22 10:43:58 | 000,005,708 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OBDLU0W\queryLoader[1].js
[2013.04.24 20:02:18 | 000,005,187 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OBDLU0W\universaldownloader-prefetch[1].htm
[2013.04.23 16:46:55 | 000,000,753 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9HUG2R5\AdLoader[1].htm
[2013.04.17 17:07:35 | 000,000,374 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9HUG2R5\queryLoader[1].css
[2013.04.17 17:07:35 | 000,005,708 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9HUG2R5\queryLoader[1].js
[2013.04.22 18:41:18 | 000,000,374 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9HUG2R5\queryLoader[2].css
[2013.04.21 11:53:15 | 000,005,708 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M9HUG2R5\queryLoader[2].js
[2013.04.23 16:46:56 | 000,105,903 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4CDP7HI\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2013.04.21 11:53:14 | 000,000,374 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4CDP7HI\queryLoader[1].css
[2013.04.22 18:41:19 | 000,005,708 | ---- | M] () -- \Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4CDP7HI\queryLoader[1].js
[2012.11.17 19:27:17 | 000,373,456 | ---- | M] () -- \Users\Admin\Downloads\SoftonicDownloader_for_microsoft-flight-simulator.exe
[2007.09.18 11:59:00 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013.02.20 16:28:38 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.02.20 16:28:38 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.02.20 16:28:38 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.04.12 10:34:35 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.04.12 10:34:35 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.04.12 10:34:35 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.04.12 10:34:35 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.04.12 10:34:35 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.08.27 12:03:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.08.27 12:03:35 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.08.27 12:03:35 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.08.27 12:03:35 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.08.27 12:03:35 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.04.12 10:33:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
< End of report >
Re: nefunkční stránky google.cz, youtube.com
Odinstalujte Zrychleni Pocitace - zcela nesmyslny kram 
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl SRV - [2013.04.05 01:15:48 | 000,169,096 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP) SRV - [2013.03.07 12:14:32 | 000,341,800 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe -- (PCSUService) IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?l=dis&o=APN1 ... apn_ptnrs=^AUC&apn_dtid=^YYYYYY^YY^CZ&p2=^AUC^YYYYYY^YY^CZ&tpid=KMPV6&apn_dbr=cr_26.0.1410.64&apn_uid=304D53CD-2B59-4428-A899-3A1A0DA94E56&itbv=11.8.1.343&doi=2013-04-24 IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) IE - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.) FF - prefs.js..browser.startup.homepage: "http://www.search.ask.com/?l=dis&o=APN10749&gct=hp&apn_ptnrs=^AUC&apn_dtid=^YYYYYY^YY^CZ&p2=^AUC^YYYYYY^YY^CZ&tpid=KMPV6&apn_dbr=cr_26.0.1410.64&apn_uid=304D53CD-2B59-4428-A899-3A1A0DA94E56&itbv=11.8.1.343&doi=2013-04-24" FF - prefs.js..browser.search.selectedEngine: "Ask Search" FF - prefs.js..browser.search.order.1: "Ask Search" FF - prefs.js..browser.search.defaultengine: "Ask Search" FF - prefs.js..browser.search.defaultenginename: "Ask Search" [2012.12.16 14:49:40 | 000,000,000 | ---D | M] (Bcool) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\extensions\50795a5a3c0e3@50795a5a3c11b.com [2013.04.24 20:06:03 | 000,457,284 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\extensions\toolbar_KMPV6@apn.ask.com.xpi [2013.04.24 20:06:02 | 000,002,513 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\searchplugins\ask-search.xml CHR - default_search_provider: Ask Search (Enabled) CHR - default_search_provider: search_url = http://asksearch.ask.com/redirect?clien ... apn_ptnrs=^AUC&apn_dtid=^YYYYYY^YY^CZ&apn_dbr=cr_26.0.1410.64&&q={searchTerms} CHR - default_search_provider: suggest_url = http://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms} CHR - homepage: http://www.search.ask.com/?l=dis&o=APN1 ... apn_ptnrs=^AUC&apn_dtid=^YYYYYY^YY^CZ&p2=^AUC^YYYYYY^YY^CZ&tpid=KMPV6&apn_dbr=cr_26.0.1410.64&apn_uid=304D53CD-2B59-4428-A899-3A1A0DA94E56&itbv=11.8.1.343&doi=2013-04-24 CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll File not found O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll File not found O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O3 - HKLM\..\Toolbar: (KMP Media Toolbar) - {4B4D5056-3600-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\KMPV6\Passport.dll (APN LLC.) O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe File not found O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com) O4 - HKU\S-1-5-21-1377487255-3514349385-2910328215-1000..\Run: [PCSpeedUp] C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe () O4 - HKLM..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll File not found O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O18:64bit: - Protocol\Handler\cdo - No CLSID value found O18:64bit: - Protocol\Handler\http\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\http\oledb - No CLSID value found O18:64bit: - Protocol\Handler\https\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\https\oledb - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\msdaipp - No CLSID value found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. [2013.04.24 20:08:46 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\PCSpeedUp [2013.04.24 20:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace [2013.04.24 20:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zrychleni Pocitace [2013.04.24 20:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork [2013.04.24 20:05:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork [2013.04.24 20:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\APN [2013.04.21 09:36:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator [2013.04.20 23:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2013.04.20 23:10:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2 [2013.04.20 19:34:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator [2013.04.24 20:08:39 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\PC SpeedUp Service Deactivator.job [2013.04.24 20:08:37 | 000,001,061 | ---- | M] () -- C:\Users\Admin\Desktop\Zrychleni Pocitace.lnk [2012.08.27 11:56:06 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\AVG2012 [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ] [1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ] [17 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ] [2013.04.24 22:09:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2013.04.24 10:52:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000Core.job [2013.04.24 19:52:01 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000UA.job [2013.04.24 08:36:18 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2013.04.24 21:15:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2013.04.24 20:08:39 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\PC SpeedUp Service Deactivator.job @Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT :reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=- "DAEMON Tools Lite"=- "Akamai NetSession Interface"=- "Facebook Update"=- "PCSpeedUp"=- :files C:\Program Files (x86)\AskPartnerNetwork C:\Users\Admin\AppData\Local\Akamai C:\Program Files (x86)\Zrychleni Pocitace %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: nefunkční stránky google.cz, youtube.com
Dobrý den,
log OTL po opravě
All processes killed
========== OTL ==========
Error: No service named APNMCP was found to stop!
Service\Driver key APNMCP not found.
File C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe not found.
Error: No service named PCSUService was found to stop!
Service\Driver key PCSUService not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1377487255-3514349385-2910328215-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\ not found.
File move failed. C:\Windows\SysWOW64\ieframe.dll scheduled to be moved on reboot.
Registry value HKEY_USERS\S-1-5-21-1377487255-3514349385-2910328215-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\ not found.
File C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll not found.
Prefs.js: "http://www.search.ask.com/?l=dis&o=APN1 ... 2013-04-24" removed from browser.startup.homepage
Prefs.js: "Ask Search" removed from browser.search.selectedEngine
Prefs.js: "Ask Search" removed from browser.search.order.1
Prefs.js: "Ask Search" removed from browser.search.defaultengine
Prefs.js: "Ask Search" removed from browser.search.defaultenginename
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\extensions\50795a5a3c0e3@50795a5a3c11b.com\content folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\extensions\50795a5a3c0e3@50795a5a3c11b.com folder moved successfully.
File C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\extensions\toolbar_KMPV6@apn.ask.com.xpi not found.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\searchplugins\ask-search.xml moved successfully.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to change the HomePage.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4B4D5056-3600-A76A-76A7-7A786E7484D7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B4D5056-3600-A76A-76A7-7A786E7484D7}\ not found.
File C:\Program Files (x86)\AskPartnerNetwork\Toolbar\KMPV6\Passport.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorShield deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdater deleted successfully.
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-1377487255-3514349385-2910328215-1000\Software\Microsoft\Windows\CurrentVersion\Run\\PCSpeedUp not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\EasyTuneVI deleted successfully.
C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16}\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\cdo\ deleted successfully.
File Protocol\Handler\cdo - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\0x00000001\ deleted successfully.
File Protocol\Handler\http\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\oledb\ deleted successfully.
File Protocol\Handler\http\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\0x00000001\ deleted successfully.
File Protocol\Handler\https\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\oledb\ deleted successfully.
File Protocol\Handler\https\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap\ deleted successfully.
File Protocol\Handler\mso-offdap - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ not found.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Folder C:\Users\Admin\Documents\PCSpeedUp\ not found.
Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace\ not found.
Folder C:\Program Files (x86)\Zrychleni Pocitace\ not found.
Folder C:\ProgramData\AskPartnerNetwork\ not found.
Folder C:\Program Files (x86)\AskPartnerNetwork\ not found.
C:\ProgramData\APN\APN-Stub folder moved successfully.
C:\ProgramData\APN folder moved successfully.
C:\ProgramData\Spyware Terminator\Update folder moved successfully.
C:\ProgramData\Spyware Terminator\Shared folder moved successfully.
C:\ProgramData\Spyware Terminator\Down folder moved successfully.
C:\ProgramData\Spyware Terminator folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Quarantine folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Logs folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Cleaning folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy folder moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 folder moved successfully.
C:\Program Files (x86)\Spyware Terminator folder moved successfully.
File C:\Windows\tasks\PC SpeedUp Service Deactivator.job not found.
File C:\Users\Admin\Desktop\Zrychleni Pocitace.lnk not found.
C:\Users\Admin\AppData\Roaming\AVG2012\cfgall folder moved successfully.
C:\Users\Admin\AppData\Roaming\AVG2012 folder moved successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP folder deleted successfully.
C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP folder deleted successfully.
C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6BAD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA360.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD77.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDC69.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSICF33.tmp deleted successfully.
C:\Windows\Installer\MSIEEF2.tmp deleted successfully.
C:\Windows\Temp\~52F0.tmp deleted successfully.
C:\Windows\Temp\~5438.tmp deleted successfully.
C:\Windows\Temp\~5995.tmp deleted successfully.
C:\Windows\Temp\~5FBC.tmp deleted successfully.
C:\Windows\Temp\~6335.tmp deleted successfully.
C:\Windows\Temp\~63B2.tmp deleted successfully.
C:\Windows\Temp\~64BB.tmp deleted successfully.
C:\Windows\Temp\~69DA.tmp deleted successfully.
C:\Windows\Temp\~6F08.tmp deleted successfully.
C:\Windows\Temp\~704F.tmp deleted successfully.
C:\Windows\Temp\~7501.tmp deleted successfully.
C:\Windows\Temp\~85C3.tmp deleted successfully.
C:\Windows\Temp\~8758.tmp deleted successfully.
C:\Windows\Temp\~88EE.tmp deleted successfully.
C:\Windows\Temp\~8BAC.tmp deleted successfully.
C:\Windows\Temp\~95F8.tmp deleted successfully.
C:\Windows\Temp\~9E04.tmp deleted successfully.
C:\Windows\Temp\~9FC8.tmp deleted successfully.
C:\Windows\Temp\~C9A5.tmp deleted successfully.
C:\Windows\Temp\~DC22.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000Core.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000UA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File C:\Windows\Tasks\PC SpeedUp Service Deactivator.job not found.
ADS C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PCSpeedUp not found.
========== FILES ==========
File\Folder C:\Program Files (x86)\AskPartnerNetwork not found.
C:\Users\Admin\AppData\Local\Akamai\Logs\dump folder moved successfully.
C:\Users\Admin\AppData\Local\Akamai\Logs folder moved successfully.
C:\Users\Admin\AppData\Local\Akamai\Languages folder moved successfully.
C:\Users\Admin\AppData\Local\Akamai\Cache\download.joymax.com\property\silkroad folder moved successfully.
C:\Users\Admin\AppData\Local\Akamai\Cache\download.joymax.com\property folder moved successfully.
C:\Users\Admin\AppData\Local\Akamai\Cache\download.joymax.com folder moved successfully.
C:\Users\Admin\AppData\Local\Akamai\Cache folder moved successfully.
C:\Users\Admin\AppData\Local\Akamai folder moved successfully.
File\Folder C:\Program Files (x86)\Zrychleni Pocitace not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Admin
->Temp folder emptied: 65494384 bytes
->Temporary Internet Files folder emptied: 31836267 bytes
->Java cache emptied: 22146 bytes
->FireFox cache emptied: 66370615 bytes
->Google Chrome cache emptied: 250018306 bytes
->Flash cache emptied: 1611 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: hedev
->Temp folder emptied: 43164427 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 34569812 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 142098462 bytes
Total Files Cleaned = 604,00 mb
[EMPTYFLASH]
User: Admin
->Flash cache emptied: 0 bytes
User: All Users
User: Default
User: Default User
User: hedev
User: Public
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: Admin
->Java cache emptied: 0 bytes
User: All Users
User: Default
User: Default User
User: hedev
User: Public
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 04272013_103812
Files\Folders moved on Reboot...
File move failed. C:\Windows\SysWOW64\ieframe.dll scheduled to be moved on reboot.
C:\Users\Admin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
log OTL po opravě
All processes killed
========== OTL ==========
Error: No service named APNMCP was found to stop!
Service\Driver key APNMCP not found.
File C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe not found.
Error: No service named PCSUService was found to stop!
Service\Driver key PCSUService not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-1377487255-3514349385-2910328215-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1377487255-3514349385-2910328215-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\ not found.
File move failed. C:\Windows\SysWOW64\ieframe.dll scheduled to be moved on reboot.
Registry value HKEY_USERS\S-1-5-21-1377487255-3514349385-2910328215-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\ not found.
File C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll not found.
Prefs.js: "http://www.search.ask.com/?l=dis&o=APN1 ... 2013-04-24" removed from browser.startup.homepage
Prefs.js: "Ask Search" removed from browser.search.selectedEngine
Prefs.js: "Ask Search" removed from browser.search.order.1
Prefs.js: "Ask Search" removed from browser.search.defaultengine
Prefs.js: "Ask Search" removed from browser.search.defaultenginename
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\extensions\50795a5a3c0e3@50795a5a3c11b.com\content folder moved successfully.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\extensions\50795a5a3c0e3@50795a5a3c11b.com folder moved successfully.
File C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\extensions\toolbar_KMPV6@apn.ask.com.xpi not found.
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vbgb11pi.default\searchplugins\ask-search.xml moved successfully.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to change the HomePage.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4B4D5056-3600-A76A-76A7-7A786E7484D7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B4D5056-3600-A76A-76A7-7A786E7484D7}\ not found.
File C:\Program Files (x86)\AskPartnerNetwork\Toolbar\KMPV6\Passport.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorShield deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdater deleted successfully.
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-1377487255-3514349385-2910328215-1000\Software\Microsoft\Windows\CurrentVersion\Run\\PCSpeedUp not found.
File C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\EasyTuneVI deleted successfully.
C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16}\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\cdo\ deleted successfully.
File Protocol\Handler\cdo - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\0x00000001\ deleted successfully.
File Protocol\Handler\http\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\oledb\ deleted successfully.
File Protocol\Handler\http\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\0x00000001\ deleted successfully.
File Protocol\Handler\https\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\oledb\ deleted successfully.
File Protocol\Handler\https\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap\ deleted successfully.
File Protocol\Handler\mso-offdap - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ not found.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Folder C:\Users\Admin\Documents\PCSpeedUp\ not found.
Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace\ not found.
Folder C:\Program Files (x86)\Zrychleni Pocitace\ not found.
Folder C:\ProgramData\AskPartnerNetwork\ not found.
Folder C:\Program Files (x86)\AskPartnerNetwork\ not found.
C:\ProgramData\APN\APN-Stub folder moved successfully.
C:\ProgramData\APN folder moved successfully.
C:\ProgramData\Spyware Terminator\Update folder moved successfully.
C:\ProgramData\Spyware Terminator\Shared folder moved successfully.
C:\ProgramData\Spyware Terminator\Down folder moved successfully.
C:\ProgramData\Spyware Terminator folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Quarantine folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Logs folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Cleaning folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy folder moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 folder moved successfully.
C:\Program Files (x86)\Spyware Terminator folder moved successfully.
File C:\Windows\tasks\PC SpeedUp Service Deactivator.job not found.
File C:\Users\Admin\Desktop\Zrychleni Pocitace.lnk not found.
C:\Users\Admin\AppData\Roaming\AVG2012\cfgall folder moved successfully.
C:\Users\Admin\AppData\Roaming\AVG2012 folder moved successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP folder deleted successfully.
C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP folder deleted successfully.
C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6BAD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA360.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD77.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDC69.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSICF33.tmp deleted successfully.
C:\Windows\Installer\MSIEEF2.tmp deleted successfully.
C:\Windows\Temp\~52F0.tmp deleted successfully.
C:\Windows\Temp\~5438.tmp deleted successfully.
C:\Windows\Temp\~5995.tmp deleted successfully.
C:\Windows\Temp\~5FBC.tmp deleted successfully.
C:\Windows\Temp\~6335.tmp deleted successfully.
C:\Windows\Temp\~63B2.tmp deleted successfully.
C:\Windows\Temp\~64BB.tmp deleted successfully.
C:\Windows\Temp\~69DA.tmp deleted successfully.
C:\Windows\Temp\~6F08.tmp deleted successfully.
C:\Windows\Temp\~704F.tmp deleted successfully.
C:\Windows\Temp\~7501.tmp deleted successfully.
C:\Windows\Temp\~85C3.tmp deleted successfully.
C:\Windows\Temp\~8758.tmp deleted successfully.
C:\Windows\Temp\~88EE.tmp deleted successfully.
C:\Windows\Temp\~8BAC.tmp deleted successfully.
C:\Windows\Temp\~95F8.tmp deleted successfully.
C:\Windows\Temp\~9E04.tmp deleted successfully.
C:\Windows\Temp\~9FC8.tmp deleted successfully.
C:\Windows\Temp\~C9A5.tmp deleted successfully.
C:\Windows\Temp\~DC22.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000Core.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1377487255-3514349385-2910328215-1000UA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File C:\Windows\Tasks\PC SpeedUp Service Deactivator.job not found.
ADS C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PCSpeedUp not found.
========== FILES ==========
File\Folder C:\Program Files (x86)\AskPartnerNetwork not found.
C:\Users\Admin\AppData\Local\Akamai\Logs\dump folder moved successfully.
C:\Users\Admin\AppData\Local\Akamai\Logs folder moved successfully.
C:\Users\Admin\AppData\Local\Akamai\Languages folder moved successfully.
C:\Users\Admin\AppData\Local\Akamai\Cache\download.joymax.com\property\silkroad folder moved successfully.
C:\Users\Admin\AppData\Local\Akamai\Cache\download.joymax.com\property folder moved successfully.
C:\Users\Admin\AppData\Local\Akamai\Cache\download.joymax.com folder moved successfully.
C:\Users\Admin\AppData\Local\Akamai\Cache folder moved successfully.
C:\Users\Admin\AppData\Local\Akamai folder moved successfully.
File\Folder C:\Program Files (x86)\Zrychleni Pocitace not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Admin
->Temp folder emptied: 65494384 bytes
->Temporary Internet Files folder emptied: 31836267 bytes
->Java cache emptied: 22146 bytes
->FireFox cache emptied: 66370615 bytes
->Google Chrome cache emptied: 250018306 bytes
->Flash cache emptied: 1611 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: hedev
->Temp folder emptied: 43164427 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 34569812 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 142098462 bytes
Total Files Cleaned = 604,00 mb
[EMPTYFLASH]
User: Admin
->Flash cache emptied: 0 bytes
User: All Users
User: Default
User: Default User
User: hedev
User: Public
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: Admin
->Java cache emptied: 0 bytes
User: All Users
User: Default
User: Default User
User: hedev
User: Public
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 04272013_103812
Files\Folders moved on Reboot...
File move failed. C:\Windows\SysWOW64\ieframe.dll scheduled to be moved on reboot.
C:\Users\Admin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: nefunkční stránky google.cz, youtube.com
Zdravicko 
OTL nam udelalo co melo, jak se chova PC
OTL nam udelalo co melo, jak se chova PC
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: nefunkční stránky google.cz, youtube.com
dobrý den, PC pracuje korektně a zdá se být v pořádku
Re: nefunkční stránky google.cz, youtube.com
Tak jeste uklidime 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?
