Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní prohlídka:)

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Preventivní prohlídka:)

#16 Příspěvek od vyosek »

:arrow: Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.
  • Utilitu spustte a prikazte ji, at skenuje - klik na Scan
  • Kliknutim na Save log ulozte log aswMBR na plochu
  • Obsah logu aswMBR mi sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Abcak
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 01 led 2012 14:12

Re: Preventivní prohlídka:)

#17 Příspěvek od Abcak »

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-09 14:35:51
-----------------------------
14:35:51.294 OS Version: Windows x64 6.1.7601 Service Pack 1
14:35:51.294 Number of processors: 2 586 0x170A
14:35:51.294 ComputerName: PC-PAVLOS UserName: Pavel
14:35:52.464 Initialize success
14:35:52.589 AVAST engine defs: 13060900
14:35:56.068 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-3
14:35:56.068 Disk 0 Vendor: SAMSUNG_HD322HJ 1AC01118 Size: 305244MB BusType: 3
14:35:56.177 Disk 0 MBR read successfully
14:35:56.177 Disk 0 MBR scan
14:35:56.177 Disk 0 Windows 7 default MBR code
14:35:56.192 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 283 MB offset 2048
14:35:56.208 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 304959 MB offset 581632
14:35:56.224 Disk 0 scanning C:\Windows\system32\drivers
14:36:06.676 Service scanning
14:36:21.090 Modules scanning
14:36:21.090 Disk 0 trace - called modules:
14:36:21.121 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys
14:36:21.121 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800278d2f0]
14:36:21.636 3 CLASSPNP.SYS[fffff8800191643f] -> nt!IofCallDriver -> [0xfffffa800225a520]
14:36:21.636 5 ACPI.sys[fffff88000f997a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-3[0xfffffa8002267060]
14:36:22.307 AVAST engine scan C:\Windows
14:36:24.241 AVAST engine scan C:\Windows\system32
14:38:25.001 AVAST engine scan C:\Windows\system32\drivers
14:38:33.503 AVAST engine scan C:\Users\Pavel
14:44:07.297 AVAST engine scan C:\ProgramData
14:46:02.082 Scan finished successfully
14:53:09.991 Disk 0 MBR has been saved successfully to "C:\Users\Pavel\Desktop\MBR.dat"
14:53:10.006 The log file has been saved successfully to "C:\Users\Pavel\Desktop\aswMBR.txt"
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Preventivní prohlídka:)

#18 Příspěvek od vyosek »

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Abcak
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 01 led 2012 14:12

Re: Preventivní prohlídka:)

#19 Příspěvek od Abcak »

OTL logfile created on: 9.6.2013 20:59:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pavel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 59,48% Memory free
3,98 Gb Paging File | 2,94 Gb Available in Paging File | 73,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,81 Gb Total Space | 43,21 Gb Free Space | 14,51% Space Free | Partition Type: NTFS

Computer Name: PC-PAVLOS | User Name: Pavel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.06.09 20:34:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
PRC - [2013.05.27 13:48:52 | 000,312,608 | ---- | M] (Skillbrains) -- C:\Users\Pavel\AppData\Local\Skillbrains\lightshot\4.3.0.0\Lightshot.exe
PRC - [2013.05.15 12:08:46 | 002,255,184 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.02.12 11:43:56 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.12.22 15:57:30 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.07.16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2009.09.02 16:29:58 | 000,218,384 | ---- | M] (PCTV Systems S.à r.l.) -- C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\remoterm.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.05.15 15:44:25 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.15 12:08:44 | 002,467,664 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.11 21:40:16 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.12 11:43:56 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.22 15:57:30 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.07.16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.05.09 10:59:07 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.05.09 10:59:07 | 000,378,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.05.09 10:59:07 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.05.09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.05.09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.05.09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.05.09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.05.09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.07.24 10:02:24 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.19 10:23:10 | 001,077,840 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mod7700.sys -- (mod7700)
DRV:64bit: - [2010.11.19 10:23:10 | 000,024,272 | ---- | M] (DiBcom S.A.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modrc.sys -- (MODRC)
DRV:64bit: - [2009.09.23 19:23:02 | 006,180,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-203566010-919265743-3024708729-1000\Software\Microsoft\Internet Explorer\SearchURL\y, = http://yandex.ru/yandsearch?win=41&clid=1855511&text=%s
IE - HKU\S-1-5-21-203566010-919265743-3024708729-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-203566010-919265743-3024708729-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://yandex.ru/yandsearch?win=41&clid ... earchTerms}
IE - HKU\S-1-5-21-203566010-919265743-3024708729-1000\..\SearchScopes\yandex.ru-224943: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-203566010-919265743-3024708729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Яндекс"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: autorefresh%40plugin:1.0.2
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher%40ea.com:5.0.145.0
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free%40ea.com:1.0.80.2
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1483
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.06.07 18:38:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.11 21:40:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.11 21:40:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013.03.15 17:55:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions
[2013.03.15 17:55:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2012.12.22 14:46:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\2hum3nps.default\extensions
[2012.11.07 10:48:36 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\2hum3nps.default\extensions\battlefieldheroespatcher@ea.com
[2012.12.22 14:46:20 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\2hum3nps.default\extensions\battlefieldplay4free@ea.com
[2012.10.01 23:03:44 | 000,036,763 | ---- | M] () (No name found) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\2hum3nps.default\extensions\autorefresh@plugin.xpi
[2012.10.12 22:49:44 | 000,007,859 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\2hum3nps.default\searchplugins\yandex.ru-224944.xml
[2013.04.11 21:40:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.06.07 18:38:41 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013.04.11 21:40:17 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.19 19:20:54 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.19 19:20:54 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.19 19:20:54 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.19 19:20:54 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.19 19:20:54 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========


O1 HOSTS File: ([2013.06.09 12:59:38 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-203566010-919265743-3024708729-1000..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-203566010-919265743-3024708729-1000..\Run: [LightShot] C:\Users\Pavel\AppData\Local\Skillbrains\lightshot\LightShot.exe ()
O4 - HKU\S-1-5-21-203566010-919265743-3024708729-1000..\Run: [RemoTerm.exe] C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\remoterm.exe (PCTV Systems S.à r.l.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-203566010-919265743-3024708729-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-203566010-919265743-3024708729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4A608E1-4B55-459F-A7BE-072411A13CC5}: DhcpNameServer = 192.168.10.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\PROGRA~3\e3qz6.bat) - File not found
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - frapsvid.dll File not found
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.06.09 20:34:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
[2013.06.09 13:41:11 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Pavel\Desktop\aswMBR.exe
[2013.06.09 12:59:40 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013.06.09 12:57:25 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.06.08 23:34:57 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013.06.06 21:11:21 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.06.06 21:11:21 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.06.06 21:11:21 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.06.06 21:11:02 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.06.06 20:49:11 | 005,077,996 | R--- | C] (Swearware) -- C:\Users\Pavel\Desktop\ComboFix.exe
[2013.06.06 20:32:20 | 001,814,144 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Pavel\Desktop\rkill.com
[2013.06.05 22:31:34 | 000,000,000 | ---D | C] -- C:\rsit

========== Files - Modified Within 7 Days ==========

[2013.06.09 21:01:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.06.09 20:34:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
[2013.06.09 14:53:09 | 000,000,512 | ---- | M] () -- C:\Users\Pavel\Desktop\MBR.dat
[2013.06.09 13:42:41 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Pavel\Desktop\aswMBR.exe
[2013.06.09 13:18:31 | 000,022,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.09 13:18:31 | 000,022,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.09 13:11:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.09 13:10:59 | 1602,347,008 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.09 12:59:38 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.06.09 00:42:36 | 000,001,010 | ---- | M] () -- C:\Users\Pavel\Documents\cc_20130609_004212.reg
[2013.06.08 23:35:04 | 000,000,151 | ---- | M] () -- C:\ProgramData\e3qz6.reg
[2013.06.07 18:50:48 | 000,000,151 | ---- | M] () -- C:\ProgramData\9wiz6.reg
[2013.06.07 18:38:42 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.06.07 18:15:46 | 001,583,054 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.07 18:15:46 | 000,668,502 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.06.07 18:15:46 | 000,653,890 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.07 18:15:46 | 000,141,162 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.06.07 18:15:46 | 000,121,762 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.06 20:50:28 | 005,077,996 | R--- | M] (Swearware) -- C:\Users\Pavel\Desktop\ComboFix.exe
[2013.06.06 20:49:40 | 000,779,759 | ---- | M] () -- C:\Users\Pavel\Desktop\9ctXiyw.png
[2013.06.06 20:32:23 | 001,814,144 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Pavel\Desktop\rkill.com

========== Files Created - No Company Name ==========

[2013.06.09 21:01:18 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.06.09 14:53:09 | 000,000,512 | ---- | C] () -- C:\Users\Pavel\Desktop\MBR.dat
[2013.06.09 00:42:34 | 000,001,010 | ---- | C] () -- C:\Users\Pavel\Documents\cc_20130609_004212.reg
[2013.06.08 23:35:04 | 000,000,151 | ---- | C] () -- C:\ProgramData\e3qz6.reg
[2013.06.07 18:50:48 | 000,000,151 | ---- | C] () -- C:\ProgramData\9wiz6.reg
[2013.06.06 21:11:21 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.06.06 21:11:21 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.06.06 21:11:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.06.06 21:11:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.06.06 21:11:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.06.06 20:49:40 | 000,779,759 | ---- | C] () -- C:\Users\Pavel\Desktop\9ctXiyw.png
[2013.01.12 12:43:05 | 000,151,774 | ---- | C] () -- C:\Windows\Čestina do SimCity 4 Rush Hour a Delux BETA Uninstaller.exe
[2013.01.12 12:09:57 | 000,000,534 | ---- | C] () -- C:\Windows\eReg.dat
[2012.12.02 10:53:51 | 000,000,044 | ---- | C] () -- C:\Users\Pavel\jagex_cl_runescape_LIVE.dat
[2012.12.02 10:53:51 | 000,000,024 | ---- | C] () -- C:\Users\Pavel\random.dat
[2012.11.07 12:27:07 | 000,234,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.11.07 12:27:02 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.10.25 15:02:12 | 001,557,208 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.10.12 22:49:09 | 000,000,440 | ---- | C] () -- C:\Users\Pavel\AppData\Local\UserProducts.xml

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.06.09 00:36:17 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\.minecraft
[2013.03.26 23:51:48 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\BSplayer
[2012.10.08 20:48:57 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\BSplayer Pro
[2013.03.12 18:31:58 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DAEMON Tools Lite
[2013.05.08 10:29:04 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\FileZilla
[2013.02.04 14:45:52 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\fizzy
[2013.05.06 21:47:33 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\GHISLER
[2012.10.18 17:54:14 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\LolClient
[2013.06.04 20:17:31 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Mumble
[2012.10.12 22:49:43 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Opera
[2013.01.20 12:01:47 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Red Alert 3
[2013.01.20 20:47:43 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Sony
[2012.10.28 10:39:50 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\SPORE
[2012.08.10 20:46:52 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\TeamViewer
[2013.03.15 17:55:15 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\TomTom
[2012.12.24 01:42:28 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\TS3Client
[2012.12.30 16:51:52 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\TunkDesign
[2012.08.11 13:27:52 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\wargaming.net

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,586 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\erdnt\cache64\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.06.09 00:36:17 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\.minecraft
[2012.08.31 17:50:31 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Adobe
[2013.03.26 23:51:48 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\BSplayer
[2012.10.08 20:48:57 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\BSplayer Pro
[2013.03.12 18:31:58 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DAEMON Tools Lite
[2012.08.04 17:26:31 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DivX
[2013.05.08 10:29:04 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\FileZilla
[2013.02.04 14:45:52 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\fizzy
[2013.05.06 21:47:33 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\GHISLER
[2012.07.23 20:39:54 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Identities
[2013.03.11 19:32:28 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\InstallShield
[2012.10.18 17:54:14 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\LolClient
[2012.07.23 22:14:25 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Macromedia
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Media Center Programs
[2013.05.06 21:46:11 | 000,000,000 | --SD | M] -- C:\Users\Pavel\AppData\Roaming\Microsoft
[2012.10.25 11:43:40 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Microsoft Games
[2012.07.23 22:13:16 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Mozilla
[2013.06.04 20:17:31 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Mumble
[2012.10.12 22:49:43 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Opera
[2013.01.20 12:01:47 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Red Alert 3
[2013.06.07 18:00:46 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Skype
[2013.01.20 20:47:43 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Sony
[2012.10.28 10:39:50 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\SPORE
[2012.08.10 20:46:52 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\TeamViewer
[2013.03.15 17:55:15 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\TomTom
[2012.12.24 01:42:28 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\TS3Client
[2012.12.30 16:51:52 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\TunkDesign
[2012.08.11 13:27:52 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\wargaming.net
[2012.07.24 09:55:37 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2012.08.01 16:53:54 | 000,263,186 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\.minecraft\Minecraft.exe
[2012.12.31 11:54:33 | 000,333,328 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\.minecraft\Uninstall.exe
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2013.05.02 21:16:37 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Pavel\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.10.11 15:11:42 | 000,010,134 | R--- | M] () -- C:\Users\Pavel\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2012.06.19 11:41:22 | 001,361,896 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\2hum3nps.default\extensions\battlefieldheroespatcher@ea.com\plugins\BFHUpdater.exe
[2012.06.28 01:03:24 | 001,034,224 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\2hum3nps.default\extensions\battlefieldplay4free@ea.com\plugins\BP4FUpdater.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.06.07 18:38:42 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RemoTerm.exe" = C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe -- [2009.09.02 16:29:58 | 000,218,384 | ---- | M] (PCTV Systems S.à r.l.)
"LightShot" = C:\Users\Pavel\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue -- [2012.02.02 22:14:04 | 000,220,160 | ---- | M] ()
"ccleaner" = "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO -- [2012.06.22 21:17:56 | 005,283,680 | ---- | M] (Piriform Ltd)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.04.11 21:40:17 | 000,920,472 | ---- | M] (Mozilla Corporation) MD5=6F5386A655598F71BAAB2D6B63A69D6A -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.04.05 08:02:26 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=AAD90795E84E710543C6C7C2F7048E30 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2013.04.05 11:55:36 | 000,879,456 | ---- | M] (Opera Software) MD5=2ABD166EC31BE154D8CBEEC5D7F5714C -- C:\Program Files (x86)\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.06.09 21:01:18 | 000,000,512 | ---- | M] () MD5=6AD6A3DB2FD647FAFEF5C290F0FCF8E0 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2002.05.30 18:16:22 | 000,013,160 | ---- | M] () -- \Hry\StrongholdCrusader\gm\cracks.gm1
[2013.04.12 15:20:00 | 002,881,385 | ---- | M] () -- \Users\Pavel\Downloads\SimCity-4-Deluxe-crack.rar

< *keygen* /s >
Nahoru
Abcak
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 01 led 2012 14:12

Re: Preventivní prohlídka:)

#20 Příspěvek od Abcak »

< *loader* /s >
[2008.07.09 14:32:48 | 000,019,968 | ---- | M] () -- \Hry\Euro Truck Simulator\lib\loaders.dll
[2005.11.21 21:03:26 | 000,046,080 | ---- | M] () -- \Hry\NFS-MW\speed_loader.exe
[2010.03.09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2012.12.01 20:43:56 | 000,000,948 | ---- | M] () -- \Program Files\Java\jdk1.7.0_09\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2012.12.01 20:43:57 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.7.0_09\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2012.12.01 20:43:58 | 001,170,520 | ---- | M] () -- \Program Files\Java\jdk1.7.0_09\lib\visualvm\platform\modules\org-openide-loaders.jar
[2012.12.01 20:43:58 | 000,006,244 | ---- | M] () -- \Program Files\Java\jdk1.7.0_09\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2012.12.01 20:43:58 | 000,005,873 | ---- | M] () -- \Program Files\Java\jdk1.7.0_09\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2012.12.01 20:43:58 | 000,000,457 | ---- | M] () -- \Program Files\Java\jdk1.7.0_09\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2013.01.18 22:38:29 | 000,000,072 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader Help.url
[2013.01.18 22:38:29 | 000,002,245 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.01.18 22:38:29 | 000,000,072 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader Help.url
[2013.01.18 22:38:29 | 000,002,245 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader\YTD Video Downloader.lnk
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.07.24 10:07:34 | 000,057,728 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2012.07.24 10:07:34 | 000,057,728 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2012.07.24 10:07:34 | 000,057,728 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2012.07.24 10:07:34 | 000,057,728 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2012.07.24 10:07:34 | 000,057,728 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2012.07.24 10:07:34 | 000,061,770 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2012.07.24 10:07:34 | 000,061,770 | ---- | M] () -- \Users\Pavel\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2013.05.27 13:48:54 | 000,176,416 | ---- | M] () -- \Users\Pavel\AppData\Local\Skillbrains\lightshot\4.3.0.0\uploader.dll
[2013.06.09 00:03:50 | 000,000,797 | ---- | M] () -- \Users\Pavel\AppData\Roaming\.minecraft\ModLoader.txt
[2013.05.20 19:56:29 | 000,000,781 | ---- | M] () -- \Users\Pavel\AppData\Roaming\.minecraft\ModLoader.txt.1
[2013.06.09 00:03:47 | 000,000,086 | ---- | M] () -- \Users\Pavel\AppData\Roaming\.minecraft\config\ModLoader.cfg
[2013.06.04 15:15:53 | 000,000,789 | ---- | M] () -- \Users\Pavel\Desktop\mc-zaloha\.minecraft\ModLoader.txt
[2013.05.20 19:56:29 | 000,000,781 | ---- | M] () -- \Users\Pavel\Desktop\mc-zaloha\.minecraft\ModLoader.txt.1
[2013.06.04 15:15:48 | 000,000,086 | ---- | M] () -- \Users\Pavel\Desktop\mc-zaloha\.minecraft\config\ModLoader.cfg
[2013.05.09 17:05:13 | 000,199,825 | ---- | M] () -- \Users\Pavel\Downloads\ModLoader.zip
[2012.10.27 04:28:20 | 000,008,192 | ---- | M] () -- \Users\Pavel\Downloads\MCEdit-0.1.7.1.win-amd64\MCEdit-0.1.7.1.win-amd64\_win32sysloader.pyd
[2013.05.05 10:30:47 | 000,002,884 | ---- | M] () -- \Users\Pavel\Downloads\SinglePlayerCommands-MC1.5.2_V4.8\com\sijobe\spc\core\SPCLoader.class
[2013.05.05 10:30:47 | 000,006,514 | ---- | M] () -- \Users\Pavel\Downloads\SinglePlayerCommands-MC1.5.2_V4.8\com\sijobe\spc\util\DynamicClassLoader.class
[2012.08.31 12:33:53 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2010.11.20 12:09:38 | 000,004,290 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_fi-fi_73a52105efe44483.manifest
[2010.11.20 14:33:18 | 000,004,338 | ---- | M] () -- \Windows\SoftwareDistribution\Download\433767575943dacb697ee0558fc08c06\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.17514_zh-cn_344529e2e1c53ac6.manifest
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 17:22:27 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.10.16 21:27:00 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.10.16 21:27:00 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.10.16 21:27:00 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.10.16 21:27:00 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.10.16 21:27:00 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >
Nahoru
Abcak
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 01 led 2012 14:12

Re: Preventivní prohlídka:)

#21 Příspěvek od Abcak »

OTL Extras logfile created on: 9.6.2013 20:59:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pavel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 59,48% Memory free
3,98 Gb Paging File | 2,94 Gb Available in Paging File | 73,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,81 Gb Total Space | 43,21 Gb Free Space | 14,51% Space Free | Partition Type: NTFS

Computer Name: PC-PAVLOS | User Name: Pavel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-203566010-919265743-3024708729-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{352498E1-FE24-4F5D-969A-08AB1C298C4F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C33555BD-15B1-4517-BA55-F6CAD2835C69}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06F06DA3-93BD-42CF-BF4B-17A81C43775E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0B21EAFA-F425-4FBC-92FE-2BCCA063C2C7}" = protocol=17 | dir=in | app=c:\hry\ea games\nová složka\bfp4f.exe |
"{0D15CDF1-EE1E-4870-8D4C-2A93B532C74C}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{12D0CE37-49F2-4FD1-87AC-6CD967CA4178}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{159142F7-A9FA-476A-93D0-BD454864E7AD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{1E03125F-CBFC-414F-88B5-47BB15518220}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pctv systems\streamingserver\strmserver.exe |
"{1E552EE5-D409-4E93-9F47-9797212DE91A}" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield heroes\bfheroes.exe |
"{202EB8B5-0D18-46EF-8816-ADAE35F8F226}" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield heroes\bfheroes.exe |
"{46CBCB6F-DA42-4066-8489-BE9DA67176F9}" = protocol=17 | dir=in | app=c:\program files\g3torrent\g3torrent.exe |
"{4C380220-E79E-4F5F-934C-CA8610ED7FEA}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4D5DA7EB-4E0C-4AE5-8201-44D565E89E6C}" = protocol=6 | dir=in | app=c:\program files\g3torrent\g3torrent.exe |
"{54EED2D7-59B9-48EA-9CC7-4028625D9981}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{558C15AF-C166-4237-B7D8-393872301922}" = protocol=17 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"{57C0BF57-57BB-4D34-AC42-20C527929950}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{58CE6AB8-AFF8-4CD3-83AC-CD9034B6F3E7}" = protocol=6 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"{61971597-2466-4481-9DD4-5C984A8A822D}" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"{727B2205-294B-483D-9CEB-6B10A3E9C76A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{73622001-93D8-4131-B831-FE9F6B4D01FA}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{7757D087-0CBF-4AE0-9AF0-97AD30775CBF}" = protocol=6 | dir=in | app=c:\hry\ea games\nová složka\bfp4f.exe |
"{7C1744B7-E03B-4FEA-8CCA-90F7E8FFC746}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8CAA6E97-B0B7-435E-99AA-CFF76515953B}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{94EC3236-B542-48ED-B333-AEF6C951A5E3}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A03D53C7-BC6B-4E2C-B737-1F40F6857FA5}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pctv systems\streamingserver\strmserver.exe |
"{A43B5655-3AE0-4610-950A-3FFEED599468}" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"{AE951888-0A7F-490B-87DF-0FF1A2FF14C2}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{B1DB6EE1-F7A8-4D96-8E19-8EB1A9E7E202}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BDB7B382-6B09-48E3-87D6-D8D15D06C681}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{CC53445B-69AA-4B54-81D9-F9419DECDC74}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{DB9720EC-E759-4A19-824A-E2ABCB2BFDDC}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{DC32C82F-804A-4058-B949-41CA9448E7BD}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{E1B30033-D3D8-4031-9942-C0ECA42C3CAC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E9E074CD-7AD2-4AC9-B47B-2C9A62B1DC2C}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{EF2AC4AE-18E1-472B-95E9-D577D9C3EF90}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"TCP Query User{03352EF0-AA7A-4FEA-A0EE-BC8304D5648C}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{2B42998A-93F5-4B8F-9DA1-3DF022CB5D14}C:\program files\g3torrent\g3torrent.exe" = protocol=6 | dir=in | app=c:\program files\g3torrent\g3torrent.exe |
"TCP Query User{8A2CCC7B-8B09-4587-9324-95894F662A72}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{9B115E67-45B0-4E45-9F9E-1D0CB48CCC3A}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{ACEB9768-6FD6-41B5-B225-68CC85B59AE7}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{BC097C30-1D04-4D0D-8D08-0C64F14CBB71}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{CA8E4C40-F0D2-4380-BC1F-9C5D791B4F79}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield heroes\bfheroes.exe |
"TCP Query User{D4A9B8D9-E44D-4D6D-8BCE-945A01BD1F53}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{D9C0782B-DA9E-44A2-A2AB-C9330A0CA1FE}C:\windows\syswow64\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"TCP Query User{E10E2B54-2BB1-4BB2-8B59-8A3CC5EE9FBA}C:\program files (x86)\cenega czech\vietcong\vietcong.exe" = protocol=6 | dir=in | app=c:\program files (x86)\cenega czech\vietcong\vietcong.exe |
"TCP Query User{F2B63720-4ED1-4996-8A2D-93C0F68D321B}C:\hry\ea games\nová složka\bfp4f.exe" = protocol=6 | dir=in | app=c:\hry\ea games\nová složka\bfp4f.exe |
"TCP Query User{FBDC8CAF-05D3-4F1F-94E5-CCBA35898ABD}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{04A53D88-84D8-4326-BCD4-DCF979C8F3F9}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{389013C3-211A-45CF-8E0E-E325579C36E5}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{46A3AED9-40AB-49C4-AEAE-0E29562F04EB}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{535BA734-8197-45B5-A503-A0A28513A5F0}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{6B2C08B3-FAFC-4A2D-B664-E6C1B97F40F8}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{908AF780-99F4-405D-876D-BD66D1C682C0}C:\windows\syswow64\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"UDP Query User{91E30F5D-2B71-4846-A1E3-531180A37F72}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{A519224A-59A0-4F17-910F-B3BDEE17F0FE}C:\hry\ea games\nová složka\bfp4f.exe" = protocol=17 | dir=in | app=c:\hry\ea games\nová složka\bfp4f.exe |
"UDP Query User{C2151793-2883-4706-B9AC-E7BFF00309EC}C:\program files\g3torrent\g3torrent.exe" = protocol=17 | dir=in | app=c:\program files\g3torrent\g3torrent.exe |
"UDP Query User{C2849567-ACD3-4C83-9B59-7C4F942D67D6}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{D8089D56-EEB0-4AB5-A2A9-C1684B6FE052}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield heroes\bfheroes.exe |
"UDP Query User{F92F287F-6385-46FB-98CD-12A6409BA671}C:\program files (x86)\cenega czech\vietcong\vietcong.exe" = protocol=17 | dir=in | app=c:\program files (x86)\cenega czech\vietcong\vietcong.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{64A3A4F4-B792-11D6-A78A-00B0D0170090}" = Java SE Development Kit 7 Update 9 (64-bit)
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{E29B2B35-C365-4C9A-8C5C-224E3B9A9ED1}" = TVCenter
"CCleaner" = CCleaner
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"Windows Movie Maker" = Windows Movie Maker

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1A2A15C2-6780-49c1-B296-503230E9DE00}" = The Sims™ 2 Sídla a zahrady Kolekce
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.6
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20E23A40-38E5-4DD6-B738-BC8097AE66B6}_is1" = FTL version 1.01
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbon
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1" = lightshot-4.3.0.0
"{30AFA56C-B802-47D7-B566-847221D10B6A}_is1" = SG Alert verze 1.0
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™ 2 Mazlíčci
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Pro Teenagery Kolekce
"{62C68336-B969-4097-B0BD-A3A0FBFD59C1}" = Mumble 1.2.3
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = The Sims™ 2 Koupelny a kuchyně Interiérový design Kolekce
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}" = The Sims 2 Pro rodinnou zábavu - Kolekce
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Domov Kolekce
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Ve světě podnikání
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BF68B83-5057-4D4B-0093-28285EEB9EE3}" = Harry Potter II
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = The Sims™ 2 H&M® Móda Kolekce
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 Volný čas
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims™ 2 Pro luxusní život - Kolekce
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A10F7877-4276-416C-9F22-CB56C0CB2700}" = Medieval - Total War - Gold Edition
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2011.10.29
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Czech
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Život v bytě
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}" = Vegas Pro 9.0
"{DCF5C463-BD5C-4982-91F9-2C3F8F9E9C88}" = Vietcong & Vietcong: Fist Alpha
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Roční období
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = The Sims™ 2 Pojďme slavit! Kolekce
"{EC5F4C1B-F838-4CB7-8561-8F809296428B}" = TomTom HOME
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Šťastnou cestu
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Noční život
"{F9706A8C-D740-42CA-8703-E08EDD0F0778}" = LogMeIn Hamachi
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FD1B1980-8CAB-4474-89F8-1245AF657AD1}" = Harry Potter a Princ Dvojí Krve™
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"BSPlayerf" = BS.Player FREE
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Čestina do SimCity 4 Rush Hour a Delux BETA" = Čestina do SimCity 4 Rush Hour a Delux BETA
"DAEMON Tools Lite" = DAEMON Tools Lite
"FileZilla Client" = FileZilla Client 3.5.3
"FormatFactory" = FormatFactory 3.00
"Fraps" = Fraps (remove only)
"g3torrent" = G3 Torrent
"GIF Viewer" = GIF Viewer 2.5
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 20.0.1 (x86 cs)" = Mozilla Firefox 20.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opera 12.14.1738" = Opera 12.14
"PunkBusterSvc" = PunkBuster Services
"R2FtZURldlR5Y29vbnYxMzI=_is1" = Game Dev Tycoon v1.3.2 (c) Greenheart Games version 1
"RisingSun" = RisingSun 1.00
"State of War" = State of War
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 7" = TeamViewer 7
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-203566010-919265743-3024708729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 27.5.2013 15:07:30 | Computer Name = PC-Pavlos | Source = Application Hang | ID = 1002
Description = Program javaw.exe verze 7.0.130.20 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
10e0 Čas spuštění: 01ce5afe49f1d944 Čas ukončení: 794 Cesta k aplikaci: C:\Windows\SysWOW64\javaw.exe

ID
hlášení:

Error - 7.6.2013 13:09:31 | Computer Name = PC-Pavlos | Source = Windows Search Service | ID = 9000
Description =

Error - 7.6.2013 13:09:31 | Computer Name = PC-Pavlos | Source = Windows Search Service | ID = 7040
Description =

Error - 7.6.2013 13:09:31 | Computer Name = PC-Pavlos | Source = Windows Search Service | ID = 9002
Description =

Error - 7.6.2013 13:09:31 | Computer Name = PC-Pavlos | Source = Windows Search Service | ID = 3029
Description =

Error - 7.6.2013 13:09:34 | Computer Name = PC-Pavlos | Source = Windows Search Service | ID = 3029
Description =

Error - 7.6.2013 13:09:34 | Computer Name = PC-Pavlos | Source = Windows Search Service | ID = 3028
Description =

Error - 7.6.2013 13:09:34 | Computer Name = PC-Pavlos | Source = Windows Search Service | ID = 3058
Description =

Error - 7.6.2013 13:09:34 | Computer Name = PC-Pavlos | Source = Windows Search Service | ID = 7010
Description =

Error - 7.6.2013 13:09:34 | Computer Name = PC-Pavlos | Source = Windows Search Service | ID = 7042
Description =

[ System Events ]
Error - 25.3.2013 11:55:13 | Computer Name = PC-Pavlos | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.

Error - 25.3.2013 11:55:13 | Computer Name = PC-Pavlos | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error - 25.3.2013 11:55:29 | Computer Name = PC-Pavlos | Source = DCOM | ID = 10005
Description =

Error - 25.3.2013 11:55:29 | Computer Name = PC-Pavlos | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 25.3.2013 11:55:29 | Computer Name = PC-Pavlos | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 25.3.2013 11:55:30 | Computer Name = PC-Pavlos | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 25.3.2013 11:55:30 | Computer Name = PC-Pavlos | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 25.3.2013 11:55:31 | Computer Name = PC-Pavlos | Source = DCOM | ID = 10005
Description =

Error - 25.3.2013 11:55:31 | Computer Name = PC-Pavlos | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 25.3.2013 11:55:31 | Computer Name = PC-Pavlos | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053


< End of report >
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Preventivní prohlídka:)

#22 Příspěvek od vyosek »

Na ty windows asi licenci koupenou nekate ze :?:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Abcak
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 01 led 2012 14:12

Re: Preventivní prohlídka:)

#23 Příspěvek od Abcak »

měli by být :) ta COA nebo jak nalepka tam je :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Preventivní prohlídka:)

#24 Příspěvek od vyosek »

A je na te nalepce Windows 7 Home Premium :???:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Abcak
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 01 led 2012 14:12

Re: Preventivní prohlídka:)

#25 Příspěvek od Abcak »

vyblejsknu to...
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Preventivní prohlídka:)

#26 Příspěvek od vyosek »

Poslete na mail, ne sem do fora :)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Preventivní prohlídka:)

#27 Příspěvek od vyosek »

:arrow: Za mail diky

:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-203566010-919265743-3024708729-1000\Software\Microsoft\Internet Explorer\SearchURL\y, = http://yandex.ru/yandsearch?win=41&clid=1855511&text=%s
IE - HKU\S-1-5-21-203566010-919265743-3024708729-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-203566010-919265743-3024708729-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://yandex.ru/yandsearch?win=41&clid=1855508&text={searchTerms}
IE - HKU\S-1-5-21-203566010-919265743-3024708729-1000\..\SearchScopes\yandex.ru-224943: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
FF - prefs.js..browser.search.defaultenginename: "Яндекс"
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20 - HKLM Winlogon: Shell - (C:\PROGRA~3\e3qz6.bat) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2013.06.08 23:35:04 | 000,000,151 | ---- | M] () -- C:\ProgramData\e3qz6.reg
[2013.06.07 18:50:48 | 000,000,151 | ---- | M] () -- C:\ProgramData\9wiz6.reg
[2013.06.06 20:49:40 | 000,779,759 | ---- | M] () -- C:\Users\Pavel\Desktop\9ctXiyw.png
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Abcak
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 01 led 2012 14:12

Re: Preventivní prohlídka:)

#28 Příspěvek od Abcak »

Zdravím!

bohužél nemám čas dokončit léčení a s největší pravděpodobností budu stejně reinstalovat v nejbližší době windows.... :)

Za pomoc moc děkuji a prosím o zamknutí témata :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Preventivní prohlídka:)

#29 Příspěvek od vyosek »

Neni tedy zac :worship:

:closed:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“