Možná nákaza, nestabilní net

Zpráva

Havlli · #16 Příspěvek od **Havlli** » 24 zář 2013 23:59

OTL Extras logfile created on: 24.9.2013 22:30:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Havlli\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: | Country: | Language: | Date Format:

3,25 Gb Total Physical Memory | 2,15 Gb Available Physical Memory | 66,28% Memory free
6,49 Gb Paging File | 4,76 Gb Available in Paging File | 73,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 407,07 Gb Total Space | 56,34 Gb Free Space | 13,84% Space Free | Partition Type: NTFS
Drive D: | 58,59 Gb Total Space | 29,18 Gb Free Space | 49,80% Space Free | Partition Type: NTFS
Drive S: | 100,00 Mb Total Space | 69,86 Mb Free Space | 69,86% Space Free | Partition Type: NTFS

Computer Name: HAVLLI-PC | User Name: Havlli | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = OperaStable] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A0F110C-9E40-473B-8833-30AE9BDA2407}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0B7CD931-38B8-4E8F-9333-1093C892B06A}" = lport=445 | protocol=6 | dir=in | app=system |
"{10168D0C-064A-4D8A-9059-5FFC8FF8542C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1212C05C-650E-44A8-AD33-FED3559C8AB2}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{2377B32D-4DD1-4C1B-A728-DCF165891999}" = lport=139 | protocol=6 | dir=in | app=system |
"{2BD4F0EC-DA2B-499E-B369-0FC132D7B831}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{329A12E4-9F41-4985-B557-187B1AA78EB0}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{3A12A21F-0C87-4C4A-96D9-666230F871A2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3E25DA86-50B2-4578-86AE-9E3E76ECCF1E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{501D3D10-D527-40FB-A667-673644DE770B}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{66483F82-FADC-480A-88B5-F0E73EE0EC87}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{6FA30AD8-38EE-48F5-A6A6-7D4B07C44D63}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{71DA19E3-05D2-40F4-8B92-B36A9F57A3DA}" = rport=138 | protocol=17 | dir=out | app=system |
"{75272E13-4313-4624-8A5F-EC894CD44988}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7E891688-ABAF-48A6-83F8-D67ED9706A71}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8207E6F6-7E46-47B9-AFF6-8C816F0C0491}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{84CCFE18-EF33-474C-8BF7-4BF5CF01E1F7}" = lport=137 | protocol=17 | dir=in | app=system |
"{96285479-15A7-4E42-9466-7542CF151B7E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{987291FD-0DF6-40EB-BEFA-7A544928A1DA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9A3E24B5-F1F7-4331-A30B-1A3EDF065262}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9BC47422-1C34-4746-B486-31BB532D0984}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A20A4E3E-5021-4325-BB09-74BC57CCEBEB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A2A6F0F6-22A1-4FC0-991A-91DA87A30325}" = rport=139 | protocol=6 | dir=out | app=system |
"{A8F22ABF-2C91-4394-9258-DA528B5E5B8C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B47BCBD1-E94F-4EEC-9A9B-97C519BFEE36}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{BE50041C-DFD1-4F96-A16A-DC1273E9D423}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C641D0F2-1D16-4488-80E1-CF3415439BA5}" = lport=138 | protocol=17 | dir=in | app=system |
"{C7BC8F48-F456-48AC-B027-666624AED920}" = rport=445 | protocol=6 | dir=out | app=system |
"{CDFE6C3B-1B4C-4C5B-B9DD-09580F1C59DA}" = rport=137 | protocol=17 | dir=out | app=system |
"{CF385209-2938-4F53-A1CE-3515A446E885}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{F810FC60-ECE4-40E9-9E98-8E20F5A92469}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{F873B6EE-1955-424E-B88E-00372BEC5DC9}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{FFF53BCE-114B-4628-B8A6-2AE42DE66AD5}" = lport=6881 | protocol=6 | dir=in | name=war thunder |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C3FC855-4853-4569-8CA1-7E8B7D369756}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{0FE34E6C-3EC2-4D16-9A1C-C98D410C883A}" = protocol=58 | dir=in | app=system |
"{11460D5E-96B6-41B6-8A93-2995282F1612}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{12A2CFDF-1DF4-45F9-98DE-1FA7100BCB3D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{19394ADB-D939-4B7E-8F2A-97504C0E95B6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1EDFB926-1DBB-4448-BC77-C3E0746EB26C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\bin\qsdklauncher.exe |
"{2188F397-7A37-4A39-9220-F1E0E3481AB9}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{2D3D6B2D-A356-4BC4-AA27-366B98F8FF31}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{3BF329C0-A36A-4086-B28E-08B835EB5C3E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3F6C56B2-069A-4AF7-9003-8B907D6E250B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{42800F5C-90E5-4BF3-B73C-F6E0B820EBDB}" = protocol=6 | dir=in | app=c:\program files\raptr\raptr_im.exe |
"{437E64C8-A039-49E5-9BDC-00F63C68E036}" = protocol=17 | dir=in | app=c:\program files\bitspirit\bitspirit.exe |
"{4E25EEB0-2CB2-484B-BCDF-7356AE11F9A3}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{4E3DA16A-DECF-44C5-9D60-4D77FE36C486}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{4F9E6E03-41D4-440A-AB87-7CC46C30F8E6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\sfm.exe |
"{509CDFE5-DF22-4B7E-B04F-818011993A49}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{522756ED-08A5-46AD-9398-7FD025A36B02}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{530EB184-082E-480A-B4EC-4532C487034F}" = protocol=17 | dir=in | app=d:\hry\saintsrowiv\saints row iv\saintsrowiv.exe |
"{53A1CD8F-C506-489F-AFED-D7D162C456CE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5549DF45-1F21-46B7-B6B8-C6C199A46C7E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5C2ED069-04D3-462D-A206-30D2BDA1BD86}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{73B72647-B7A8-4983-927E-6DCE27D48FFD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7B91D7AF-D3FC-467C-B635-F5CB6FF9A896}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{8C58F2FE-ED44-4B42-A9A7-040C28C69BF5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{8EB2D70C-75DA-4B7F-9A5C-1E7ABBCA47F8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\sfm.exe |
"{948BADDE-64BF-4251-A24C-45D95C578D31}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{9525C91B-9710-4E0D-B3BD-AD05B1914BC2}" = protocol=17 | dir=in | app=c:\program files\raptr\raptr.exe |
"{9743A8BF-DC66-4EFE-BFF4-539AF281D3AE}" = protocol=6 | dir=in | app=c:\program files\raptr\raptr.exe |
"{98DB1984-6619-437C-8329-F821DED5CC35}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{9C9DAA3B-C0FF-42ED-BF54-06C93C123067}" = protocol=6 | dir=in | app=d:\hry\saintsrowiv\saints row iv\saintsrowiv.exe |
"{B6098163-72D1-41B0-A5C0-17702605A249}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C5665958-262A-4233-9082-779D8181DE64}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{CABF9DA0-649D-4175-BCF7-3E7521A2B4C5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D2428355-BB0F-40D0-9C87-2F0FAB7C6F3F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{DAA44CD7-148E-4A41-BAD7-DE15D5BA3DF1}" = protocol=6 | dir=out | app=system |
"{DDC0F563-A761-421F-80DA-1C27F753665B}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{DDF924CD-0DA1-4048-AF0D-0347BA14474D}" = dir=in | app=d:\hry\infestation survivor stories\infestation.exe |
"{DFB40BED-F6B9-4DF7-B61D-42209C92ED80}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{E0E4F88D-912D-4B02-BDB9-EEF3BB65125D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E50C1D1C-0BB6-4648-9809-F20540E0E554}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E50D1337-38A1-41F5-BF29-B265C727BDD6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E8E14672-64E1-4CC5-ACE8-CAF92B1EF369}" = protocol=17 | dir=in | app=c:\program files\raptr\raptr_im.exe |
"{E90F2A2B-E7DA-4CA6-99A8-1AD108DF93F9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\bin\qsdklauncher.exe |
"{EB7035AE-E525-40DC-AA48-CB9A1EB9DE84}" = protocol=6 | dir=in | app=c:\program files\bitspirit\bitspirit.exe |
"{F9519628-556A-4C77-A358-A7CC3177970A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{FBD08C20-04E0-41FD-A216-A06207E8F259}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{022FE5C8-956B-4B36-8D74-6AC27B14E6B1}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{48C1C04F-6668-463D-863B-C55AF24F5388}C:\users\havlli\downloads\neverwinter_nw.1.20130416a.6.exe" = protocol=6 | dir=in | app=c:\users\havlli\downloads\neverwinter_nw.1.20130416a.6.exe |
"TCP Query User{5C00B1DE-8C15-4416-A15F-FA853BF1C99A}D:\hry\saintsrowiv\saints row iv\saintsrowiv.exe" = protocol=6 | dir=in | app=d:\hry\saintsrowiv\saints row iv\saintsrowiv.exe |
"TCP Query User{6311E043-ED18-4EA3-B852-841696F78D21}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{6B137C13-DFB6-4587-A43A-53FDDE2D64AF}C:\users\havlli\downloads\bitcoin-0.8.5-win32\bitcoin-0.8.5-win32\bitcoin-qt.exe" = protocol=6 | dir=in | app=c:\users\havlli\downloads\bitcoin-0.8.5-win32\bitcoin-0.8.5-win32\bitcoin-qt.exe |
"TCP Query User{897A8BEA-8A26-451E-B56B-55996C1E127E}C:\users\havlli\downloads\gw2.exe" = protocol=6 | dir=in | app=c:\users\havlli\downloads\gw2.exe |
"TCP Query User{96B7A76B-16B8-4F42-A5D8-D0F8B51E1D89}C:\users\havlli\appdata\local\apps\2.0\e67lmy52.ztr\gdhox4do.o5y\laun...app_59711684aa47878d_0001.0022_f1e11c361d677310\launcher.exe" = protocol=6 | dir=in | app=c:\users\havlli\appdata\local\apps\2.0\e67lmy52.ztr\gdhox4do.o5y\laun...app_59711684aa47878d_0001.0022_f1e11c361d677310\launcher.exe |
"TCP Query User{A2A71FA2-DF9B-4864-83E7-1505BD864E99}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{AC097549-C288-4097-8A83-5FDA70A3BE47}D:\hry\electronic arts\dawngate\game\dawngate.exe" = protocol=6 | dir=in | app=d:\hry\electronic arts\dawngate\game\dawngate.exe |
"TCP Query User{E389DDB6-B510-4B1C-8477-17CD6A109640}C:\users\havlli\appdata\local\apps\2.0\e67lmy52.ztr\gdhox4do.o5y\laun...app_59711684aa47878d_0001.0021_75874090487f0510\launcher.exe" = protocol=6 | dir=in | app=c:\users\havlli\appdata\local\apps\2.0\e67lmy52.ztr\gdhox4do.o5y\laun...app_59711684aa47878d_0001.0021_75874090487f0510\launcher.exe |
"UDP Query User{1501DA07-3182-440A-B200-C546081601A4}C:\users\havlli\appdata\local\apps\2.0\e67lmy52.ztr\gdhox4do.o5y\laun...app_59711684aa47878d_0001.0021_75874090487f0510\launcher.exe" = protocol=17 | dir=in | app=c:\users\havlli\appdata\local\apps\2.0\e67lmy52.ztr\gdhox4do.o5y\laun...app_59711684aa47878d_0001.0021_75874090487f0510\launcher.exe |
"UDP Query User{36CC089E-ABE8-4DA0-B1D6-8661BE20633C}C:\users\havlli\downloads\gw2.exe" = protocol=17 | dir=in | app=c:\users\havlli\downloads\gw2.exe |
"UDP Query User{3BF4914E-A75E-4ABB-BC4C-69ECB2032980}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{55BC8055-FAA8-4DF8-9187-419F0CD28A93}C:\users\havlli\appdata\local\apps\2.0\e67lmy52.ztr\gdhox4do.o5y\laun...app_59711684aa47878d_0001.0022_f1e11c361d677310\launcher.exe" = protocol=17 | dir=in | app=c:\users\havlli\appdata\local\apps\2.0\e67lmy52.ztr\gdhox4do.o5y\laun...app_59711684aa47878d_0001.0022_f1e11c361d677310\launcher.exe |
"UDP Query User{6BD3FEF3-0699-42E4-B38B-EA045FB9A8AD}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{81655AE1-32F4-4985-940F-2653B68FA46C}D:\hry\saintsrowiv\saints row iv\saintsrowiv.exe" = protocol=17 | dir=in | app=d:\hry\saintsrowiv\saints row iv\saintsrowiv.exe |
"UDP Query User{9FD0ECCF-B9E3-40DC-9B97-11E5A032ADFF}C:\users\havlli\downloads\neverwinter_nw.1.20130416a.6.exe" = protocol=17 | dir=in | app=c:\users\havlli\downloads\neverwinter_nw.1.20130416a.6.exe |
"UDP Query User{A486D598-1625-41D4-915A-C120D8A3E296}D:\hry\electronic arts\dawngate\game\dawngate.exe" = protocol=17 | dir=in | app=d:\hry\electronic arts\dawngate\game\dawngate.exe |
"UDP Query User{C513D715-9DCE-46F5-A0B3-6BCECD83B6A4}C:\users\havlli\downloads\bitcoin-0.8.5-win32\bitcoin-0.8.5-win32\bitcoin-qt.exe" = protocol=17 | dir=in | app=c:\users\havlli\downloads\bitcoin-0.8.5-win32\bitcoin-0.8.5-win32\bitcoin-qt.exe |
"UDP Query User{D2497146-3E9E-465E-A07A-AF9F2D7F0D93}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{036A2AC2-5514-1499-8F0E-48009132658F}" = CCC Help Portuguese
"{0685213E-9FF3-1368-37E3-5CECB5A0708C}" = CCC Help Russian
"{07CD994D-2144-41B9-5C2C-A85B40EBBA51}" = CCC Help Finnish
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F747F46-57A0-6CD3-A234-BD4E46F2BFEB}" = CCC Help Polish
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1EB8D6DC-DA9E-837D-C31A-0FCE20E1EF76}" = Catalyst Control Center Localization All
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{295E13D5-2CCE-C01B-4E21-F41F543CF2C2}" = CCC Help Spanish
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{384E9F9A-4E8C-562C-E6D1-E494F9CADF7C}" = CCC Help Korean
"{3C249872-D97C-62F9-A3E2-F7AAAC07BEF8}" = CCC Help Chinese Traditional
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{45160C56-61F6-468D-A5B0-9FAE2C3E68D6}" = Catalyst Control Center - Branding
"{45B2C1A3-2050-0BC1-0A90-50EB4A7E77A8}" = CCC Help Turkish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BB8B7F6-726B-2301-DD5A-067F95A8A48F}" = CCC Help German
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{528EFF5D-2209-B614-40C0-5D87F73F3E8D}" = CCC Help French
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{58ECCB6B-73FB-CBBA-42FC-91659DFA342C}" = CCC Help Chinese Standard
"{6547BC5F-1FC4-CD5D-3783-45370C980043}" = AMD VISION Engine Control Center
"{662DFDBB-A2D6-6B20-1349-BBDA83F7DF79}" = AMD Accelerated Video Transcoding
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{752EEDEB-8605-8E51-2135-48AF996C8DFC}" = CCC Help English
"{78E68EED-A253-11C0-D9A4-81628B8891F0}" = AMD Fuel
"{887868A2-D6DE-3255-AA92-AA0B5A59B874}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8D962C94-3D7C-2163-B37E-9CB48B7D1DCD}" = CCC Help Dutch
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8EB8E60B-315D-44EB-A896-10D88602EE46}" = Adobe Setup
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A6F818D2-85B7-84E2-C33C-8E74D747AD55}" = CCC Help Greek
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.02)
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B2EFA484-64DB-C1D8-DFD0-FF936FBC3CD9}" = AMD Wireless Display v3.0
"{B8230940-0DCC-E180-5744-4442F6C0CA28}" = CCC Help Thai
"{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1" = Infestation Survivor Stories version 1.0
"{C123749C-23EC-62DB-A5FD-1ED5BC359AAF}" = CCC Help Japanese
"{C218AFCB-7EAB-FEC3-6552-FF090B3FD0A1}" = CCC Help Czech
"{C41DBF39-4C20-7818-B84E-0B2215ABB48D}" = AMD Drag and Drop Transcoding
"{C533DBF1-3A98-5D7D-B6CA-59CC1816F38C}" = CCC Help Italian
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{CA9A3609-3ECC-4574-8824-A8161A71A603}" = Canon MP150
"{CC0B8E79-8968-80D2-86BD-7373ADCB3EE8}" = ccc-utility
"{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1" = VSO ConvertXToDVD
"{D29491A3-BA85-F712-5C8D-B7E6803FEAD7}" = CCC Help Hungarian
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{D9A1A69D-D788-12C5-3218-64EFB8C6ACFD}" = Catalyst Control Center Graphics Previews Common
"{E20BD715-3CAF-4A6C-A7F5-8F2216710B90}" = Dawngate
"{E745587A-2ED8-BA64-680E-BC35BE223275}" = CCC Help Danish
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{E9627240-E930-11E0-8690-F04DA23A5C58}" = MSVCRT Redists
"{EA6470CD-6865-8238-9232-B82BB30F2BEF}" = AMD Media Foundation Decoders
"{EA92CB68-9667-343A-1F53-B039583F2A3A}" = Catalyst Control Center InstallProxy
"{EC6004A3-B6E7-9728-55E8-508ABE51798F}" = CCC Help Norwegian
"{EDAA1085-C196-29B1-48B0-B82B72114001}" = CCC Help Swedish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF6A8312-0A62-3AC0-A49F-9CB7390AE5EC}" = AMD Catalyst Install Manager
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_5aab5a491a3a52ae624fd639f6aaa95" = Adobe After Effects CS4 Third Party Content
"avast" = avast! Internet Security
"BitSpirit_is1" = BitSpirit v3.6.0.550 Stable
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"DAEMON Tools Ultra" = DAEMON Tools Ultra
"FileASSASSIN" = FileASSASSIN
"Google Chrome" = Google Chrome
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.9.5
"Magic Bullet Looks" = Magic Bullet Looks
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MP Navigator 2.0" = Canon MP Navigator 2.0
"PunkBusterSvc" = PunkBuster Services
"Raptr" = Raptr
"Steam App 217750" = Age of Conan: Unchained - EU version
"Steam App 218230" = PlanetSide 2
"Steam App 218330" = Smashmuck Champions
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.8
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2405150799-624390421-4199432636-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"RIFT" = RIFT

========== Last 20 Event Log Errors ==========

Error: Unable to start EventLog service!

< End of report >

#17 Příspěvek od **vyosek** » 25 zář 2013 07:12

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\xhunter1.sys -- (xhunter1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\vtany.sys -- (vtany)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmci.sys -- (vmci)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\OQBLNIFWT.sys -- (TMUVSPFLEP)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\cmdatp.sys -- (ATP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\TEMP\aswArKrn.sys -- (aswArKrn)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys -- (AODDriver)
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
O4 - Startup: C:\Users\All Users\3DMGAME [2013.04.30 18:01:48 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Adobe [2013.04.21 23:41:06 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\AMD [2013.09.06 15:58:52 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Apple [2013.03.27 14:50:39 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Apple Computer [2013.03.27 14:50:58 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Application Data [2009.07.14 06:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\ATI [2013.09.06 15:58:53 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\AVAST Software [2013.09.24 17:33:26 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\CanonBJ [2013.03.28 13:26:04 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\All Users\COMODO [2013.05.27 22:18:35 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\DAEMON Tools Ultra [2013.04.11 09:00:41 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Desktop [2009.07.14 06:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Documents [2009.07.14 06:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Echobit [2013.05.13 11:37:45 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Favorites [2009.07.14 06:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Firefly Studios [2013.05.24 15:40:21 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\FLEXnet [2013.04.21 23:34:36 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Freemake [2013.09.22 19:18:26 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Malwarebytes [2013.03.29 01:08:49 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Microsoft [2013.09.23 22:32:17 | 000,000,000 | --SD | M]
O4 - Startup: C:\Users\All Users\Microsoft Help [2013.09.22 19:31:14 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Origin [2013.09.22 19:25:18 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Package Cache [2013.04.27 22:35:39 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\PDFEditor [2013.05.04 15:47:45 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\RELOADED [2013.04.29 22:29:52 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Skype [2013.09.10 12:56:38 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Sony [2013.09.22 19:31:10 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Sony Ericsson [2013.09.22 19:28:39 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\spotflux [2013.09.21 17:20:03 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Spybot - Search & Destroy [2013.04.10 00:30:06 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Start Menu [2009.07.14 06:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Steam [2013.09.11 22:47:01 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Sun [2013.05.04 12:42:00 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\TEMP [2013.05.11 11:59:42 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Templates [2009.07.14 06:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\TERA [2013.04.15 22:45:20 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Turbine [2013.07.25 06:35:05 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\VMware [2013.09.22 19:37:26 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\VSO [2013.09.22 16:46:20 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\vsosdk [2013.09.15 20:52:41 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\VueTec [2013.09.18 13:38:26 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\WarThunder [2013.04.11 09:04:53 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\WEBZEN [2013.06.17 19:30:41 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Default\AppData [2009.07.14 04:37:05 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Default\Application Data [2009.07.14 06:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Cookies [2009.07.14 06:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Desktop [2009.07.14 04:04:25 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Documents [2009.07.14 06:53:55 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Downloads [2009.07.14 04:04:25 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Favorites [2009.07.14 04:04:25 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Links [2009.07.14 04:04:25 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Local Settings [2009.07.14 06:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Music [2009.07.14 04:04:25 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\My Documents [2009.07.14 06:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\NetHood [2009.07.14 06:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\NTUSER.DAT ()
O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG ()
O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG1 ()
O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG2 ()
O4 - Startup: C:\Users\Default\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf ()
O4 - Startup: C:\Users\Default\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\Default\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\Default\Pictures [2009.07.14 04:04:25 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\PrintHood [2009.07.14 06:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Recent [2009.07.14 06:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Saved Games [2009.07.14 04:04:25 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Default\SendTo [2009.07.14 06:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Start Menu [2009.07.14 06:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Templates [2009.07.14 06:53:55 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Videos [2009.07.14 04:04:25 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Havlli\.dvdcss [2013.05.11 12:01:03 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Havlli\.swt [2013.09.21 17:23:02 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Havlli\AppData [2013.05.04 15:37:24 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Havlli\Application Data [2013.03.27 13:59:23 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Havlli\Contacts [2013.05.04 01:19:14 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Havlli\Cookies [2013.03.27 13:59:23 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Havlli\Desktop [2013.09.24 22:29:08 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Havlli\Doctor Web [2013.05.04 12:21:03 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Havlli\My Documents [2013.03.27 13:59:23 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Havlli\Downloads [2013.09.24 22:29:08 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Havlli\Favorites [2013.05.04 01:19:14 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Havlli\Links [2013.05.07 14:26:25 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Havlli\Local Settings [2013.03.27 13:59:23 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Havlli\Music [2013.09.04 12:22:35 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Havlli\My Documents [2013.03.27 13:59:23 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Havlli\NetHood [2013.03.27 13:59:23 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Havlli\NTUSER.DAT ()
O4 - Startup: C:\Users\Havlli\ntuser.dat.LOG1 ()
O4 - Startup: C:\Users\Havlli\ntuser.dat.LOG2 ()
O4 - Startup: C:\Users\Havlli\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf ()
O4 - Startup: C:\Users\Havlli\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\Havlli\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\Havlli\ntuser.ini ()
O4 - Startup: C:\Users\Havlli\Pictures [2013.09.19 21:19:06 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Havlli\PrintHood [2013.03.27 13:59:23 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Havlli\Recent [2013.03.27 13:59:23 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Havlli\Saved Games [2013.05.04 01:19:15 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Havlli\Searches [2013.05.04 01:19:14 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Havlli\SendTo [2013.03.27 13:59:23 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Havlli\Start Menu [2013.03.27 13:59:23 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Havlli\Templates [2013.03.27 13:59:23 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Havlli\Videos [2013.07.27 15:36:21 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\hedev\AppData [2013.05.04 20:09:55 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Public\Desktop [2013.09.24 20:28:55 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Users\Public\Documents [2013.09.22 19:42:47 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Downloads [2009.07.14 06:41:57 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Favorites [2009.07.14 04:04:25 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Users\Public\Games [2013.05.01 12:41:40 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Public\Libraries [2013.03.27 14:09:00 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Users\Public\Music [2009.07.14 06:41:57 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Pictures [2009.07.14 06:41:57 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Recorded TV [2009.07.14 09:48:45 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Videos [2013.05.15 08:14:55 | 000,000,000 | R--D | M]
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-2405150799-624390421-4199432636-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2405150799-624390421-4199432636-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2405150799-624390421-4199432636-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2405150799-624390421-4199432636-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{19241a3c-b6e8-11e2-882c-902b34264ec1}\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell - "" = AutoRun
[2013.09.24 22:54:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.09.24 22:54:24 | 000,000,512 | ---- | C] () -- \PhysicalMBR.bin
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0a8e28d1832d7c6ea92e16d34d3f0c3e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0a8e28d1832d7c6ea92e16d34d3f0c3e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1eede9db985985f5b6051e6f7e326c91\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1eede9db985985f5b6051e6f7e326c91\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3023c9e5d6c18b5bff2e679bed8431de\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3023c9e5d6c18b5bff2e679bed8431de\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\34581fac081b0e68710ca05652b8a07e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\34581fac081b0e68710ca05652b8a07e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\364db186872a2e0b286e90de4300bb9e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\364db186872a2e0b286e90de4300bb9e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\57cb4e61f6395fb6e83270feeaa9dd5e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\57cb4e61f6395fb6e83270feeaa9dd5e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\7cf649658ba95e0a08c224c9cd5d35dc\*.tmp files -> C:\Windows\SoftwareDistribution\Download\7cf649658ba95e0a08c224c9cd5d35dc\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\890c6f6a1ee4c089bc7cf467298ccc36\*.tmp files -> C:\Windows\SoftwareDistribution\Download\890c6f6a1ee4c089bc7cf467298ccc36\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\8c849dbc35a7abec5c09bf3951ecc5ba\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8c849dbc35a7abec5c09bf3951ecc5ba\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\9f0ecc434d7452322520f401147f712d\*.tmp files -> C:\Windows\SoftwareDistribution\Download\9f0ecc434d7452322520f401147f712d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a84c27bf9e5d6a9b835a3a1c9dae6bde\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a84c27bf9e5d6a9b835a3a1c9dae6bde\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b794b8281c5187024974ddfc5b595b48\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b794b8281c5187024974ddfc5b595b48\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b7b48cef3d99765a88a7e77860ea7001\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b7b48cef3d99765a88a7e77860ea7001\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ba97eab0d8414a271e66895c444efc20\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ba97eab0d8414a271e66895c444efc20\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\bd1f89a697bb7eeae50b63a0bf5be5ec\*.tmp files -> C:\Windows\SoftwareDistribution\Download\bd1f89a697bb7eeae50b63a0bf5be5ec\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c014c3807cfcbcd638ac513baf70748f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c014c3807cfcbcd638ac513baf70748f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\de1c9fb46a8cbe180b5832fc3fa100fb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\de1c9fb46a8cbe180b5832fc3fa100fb\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e0726bd08327e7d864980d4a53dcfc75\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e0726bd08327e7d864980d4a53dcfc75\*.tmp -> ]
[2013.09.24 18:02:50 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.09.24 23:22:05 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
@Alternate Data Stream - 20 bytes -> \Windows.old\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 Beta\APEX_Loader_x86.dll:crc
@Alternate Data Stream - 20 bytes -> \Windows.old\Documents and Settings\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 Beta\APEX_Loader_x86.dll:crc
@Alternate Data Stream - 184 bytes -> C:\Users\All Users\TEMP:B946D9EE
@Alternate Data Stream - 184 bytes -> C:\ProgramData\TEMP:B946D9EE

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Ultra Agent"=-
"Raptr"=-

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Havlli · #18 Příspěvek od **Havlli** » 25 zář 2013 11:55

Opravu jsem úspěšně provedl, ale žádný log se mi nezjevil.

#19 Příspěvek od **vyosek** » 25 zář 2013 14:08

Mrknete do C:\_OTL\MovedFiles

Havlli · #20 Příspěvek od **Havlli** » 25 zář 2013 14:35

Máte pravdu je to tam, bohužel je trošku více enormní. Má skoro 600000 tisíc znaků, takže si myslím že bude úspornější vám ten log někam uploadnout.

Log uploadnutý na leteckou poštu - pro jistotu i VirusTotal report

#21 Příspěvek od **vyosek** » 25 zář 2013 18:23

Mrcha nam smazala co nemela

Dejte obnovit system pred opravou, OTL melo udelat bod obnovy, vice o obnove http://windows.microsoft.com/cs-cz/wind ... em-restore

Havlli · #22 Příspěvek od **Havlli** » 25 zář 2013 22:38

Obnoveno, co dál?

#23 Příspěvek od **vyosek** » 26 zář 2013 05:58

Stahnete FRST 32-bit version z teto stranky http://www.bleepingcomputer.com/downloa ... scan-tool/

Spuštění FRST

Po spuštění FRST odsouhlasíme licenční podmínky kliknutím na [Ano].
Dooznačíme položku Addition.txt - viz obrázek.
Klikneme na tlačítko [Scan], čímž spustíme skenování.
Počkáme na dokončení skenování FRST
Otevře se nám textový soubor FRST.txt, což je požadovaný log a jehož obsah vložíme do svého tématu na fóru.
Na ploše nám zbyde utilita FRST a dva logy - FRST.txt a Addition.txt - nic z toho zatím nemažeme!

Havlli · #24 Příspěvek od **Havlli** » 26 zář 2013 11:52

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-09-2013
Ran by Havlli (administrator) on HAVLLI-PC on 26-09-2013 12:53:36
Running from C:\Users\Havlli\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Windows\system32\PnkBstrA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
(Raptr, Inc) C:\PROGRA~1\Raptr\raptr.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\PROGRA~1\Raptr\raptr_im.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11734240 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKCU\...\Run: [DAEMON Tools Ultra Agent] - C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [3088448 2013-03-06] (Disc Soft Ltd)
HKCU\...\Run: [Raptr] - C:\PROGRA~1\Raptr\raptrstub.exe [55360 2013-09-17] (Raptr, Inc)
MountPoints2: F - F:\FalloutLauncher.exe
MountPoints2: G - G:\setup.exe
MountPoints2: {19241a3c-b6e8-11e2-882c-902b34264ec1} - I:\SETUP.EXE
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

========================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-03-28] (Advanced Micro Devices, Inc.)
S4 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [137960 2013-08-30] (AVAST Software)
R3 Disc Soft Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [580672 2013-03-06] (Disc Soft Ltd)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-09-16] ()

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [19056 2011-11-02] ()
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [104752 2013-08-30] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2013-07-17] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\drivers\aswNdis2.sys [204784 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-30] ()
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2013-03-29] (Phoenix Technologies)
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [24704 2013-04-11] (Disc Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [17488 2013-04-18] (Windows (R) 2000 DDK provider)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [18584 2013-05-27] (Echobit, LLC)
S3 gdrv; C:\Windows\gdrv.sys [17488 2013-05-04] (Windows (R) 2000 DDK provider)
S3 GVTDrv; C:\Windows\system32\Drivers\GVTDrv.sys [24944 2013-05-04] ()
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 hmip; C:\Windows\system32\Drivers\hmip.sys [25448 2013-06-19] (Hide My IP)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [91760 2000-01-01] (Qualcomm Atheros Co., Ltd.)
S3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [328552 2011-07-06] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [443448 2013-05-04] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2013-04-10] ()
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [33728 2013-07-08] (Spotflux, Inc.)
S3 AODDriver; \??\C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys [x]
S3 aswArKrn; \??\C:\Windows\TEMP\aswArKrn.sys [x]
S3 ATP; system32\DRIVERS\cmdatp.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 TMUVSPFLEP; \??\C:\Windows\system32\drivers\OQBLNIFWT.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [x]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [x]
S3 vtany; \??\C:\Windows\vtany.sys [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-09-26 12:53 - 2013-09-26 12:53 - 00000000 ____D C:\FRST
2013-09-26 12:52 - 2013-09-26 12:52 - 01089329 _____ (Farbar) C:\Users\Havlli\Downloads\FRST.exe
2013-09-26 12:52 - 2013-09-26 12:52 - 01089329 _____ (Farbar) C:\Users\Havlli\Desktop\FRST.exe
2013-09-25 23:38 - 2013-09-25 23:38 - 00000000 ____D C:\ProgramData\DAEMON Tools Ultra
2013-09-25 12:53 - 2013-09-25 12:53 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\ATI
2013-09-25 12:53 - 2013-09-25 12:53 - 00000000 ____D C:\ProgramData\ATI
2013-09-25 12:38 - 2013-09-25 12:38 - 00000000 ____D C:\_OTL
2013-09-24 22:28 - 2013-09-24 22:29 - 00602112 _____ (OldTimer Tools) C:\Users\Havlli\Desktop\OTL.exe
2013-09-24 20:29 - 2013-09-25 23:35 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\vlc
2013-09-24 20:28 - 2013-09-24 20:28 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-24 20:28 - 2013-09-24 20:28 - 00000000 ____D C:\Program Files\VideoLAN
2013-09-24 20:26 - 2013-09-24 20:26 - 23003252 _____ C:\Users\Havlli\Downloads\vlc-2.0.8-win32.exe
2013-09-24 20:22 - 2013-09-25 23:35 - 00000000 ____D C:\Users\Havlli\Downloads\102-cz
2013-09-24 20:18 - 2013-09-24 20:18 - 00001080 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk
2013-09-24 20:16 - 2013-09-24 20:17 - 10511384 _____ C:\Users\Havlli\Downloads\bsplayer_installer4.exe
2013-09-24 20:15 - 2013-09-24 20:16 - 01110104 _____ (Conduit) C:\Users\Havlli\Downloads\bsplayer266.1075.exe
2013-09-24 19:45 - 2013-09-25 23:34 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-09-24 17:52 - 2013-08-30 09:48 - 00204784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2013-09-24 17:51 - 2013-08-30 09:48 - 00104752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFW.sys
2013-09-24 17:51 - 2013-08-30 09:48 - 00021576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-09-24 17:51 - 2013-07-17 11:17 - 00012112 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys
2013-09-24 17:47 - 2013-09-25 23:37 - 00002003 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-09-24 17:41 - 2013-09-24 17:42 - 00000000 ____D C:\AdwCleaner
2013-09-24 17:40 - 2013-09-24 17:40 - 01042066 _____ C:\Users\Havlli\Downloads\adwcleaner.exe
2013-09-24 17:40 - 2013-09-24 17:40 - 01042066 _____ C:\Users\Havlli\Desktop\adwcleaner.exe
2013-09-24 17:34 - 2013-09-24 17:34 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-09-24 17:34 - 2013-09-24 17:34 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-09-24 17:34 - 2013-09-24 17:34 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-09-24 17:34 - 2013-08-30 09:48 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-09-24 17:34 - 2013-08-30 09:48 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-09-24 17:34 - 2013-08-30 09:48 - 00177864 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-09-24 17:34 - 2013-08-30 09:48 - 00061680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-09-24 17:34 - 2013-08-30 09:48 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-09-24 17:34 - 2013-08-30 09:48 - 00049376 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-09-24 17:34 - 2013-08-30 09:48 - 00029816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-09-24 17:33 - 2013-09-25 23:26 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-24 17:33 - 2013-09-24 17:33 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-24 17:33 - 2013-08-30 09:48 - 00066336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-09-24 17:33 - 2013-08-30 09:47 - 00229648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-09-24 17:33 - 2013-08-30 09:47 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-09-23 22:32 - 2013-09-23 22:46 - 117482200 _____ C:\Users\Havlli\Downloads\avast_free_antivirus_setup.exe
2013-09-23 19:51 - 2013-09-25 23:35 - 00000000 ____D C:\Users\Havlli\Downloads\LOLPBE
2013-09-23 12:57 - 2013-09-23 12:57 - 04327208 _____ (Systweak Inc ) C:\Users\Havlli\Downloads\rcpsetupst_RC1_ZZ_L_1.exe
2013-09-23 12:38 - 2013-09-23 12:38 - 00000000 ____D C:\rsit
2013-09-23 12:38 - 2013-09-23 12:38 - 00000000 ____D C:\Program Files\trend micro
2013-09-23 12:37 - 2013-09-23 12:37 - 00781383 _____ C:\Users\Havlli\Downloads\RSIT.exe
2013-09-23 12:27 - 2013-09-25 23:34 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Bitcoin
2013-09-23 12:26 - 2013-09-25 23:35 - 00000000 ____D C:\Users\Havlli\Downloads\bitcoin-0.8.5-win32
2013-09-22 20:39 - 2013-09-26 12:49 - 00000560 _____ C:\Windows\setupact.log
2013-09-22 20:39 - 2013-09-24 18:02 - 00007450 _____ C:\Windows\PFRO.log
2013-09-22 20:39 - 2013-09-22 20:39 - 00000000 _____ C:\Windows\setuperr.log
2013-09-22 19:30 - 2013-09-22 19:30 - 00000629 _____ C:\Users\Havlli\Documents\Uninstall STAR WARS The Old Republic.log
2013-09-22 19:03 - 2013-09-22 19:03 - 00000000 ____D C:\Users\Havlli\Documents\BFBC2
2013-09-22 15:33 - 2013-09-22 15:34 - 04454952 _____ (Piriform Ltd) C:\Users\Havlli\Downloads\ccsetup405.exe
2013-09-21 17:24 - 2013-09-21 17:24 - 00935724 _____ (TheFreeVPN Inc. ) C:\Users\Havlli\Downloads\TheFreeVPNInstaller.exe
2013-09-21 17:23 - 2013-09-25 23:34 - 00000000 ____D C:\Users\Havlli\.swt
2013-09-21 17:19 - 2013-09-22 19:29 - 00000000 ____D C:\Program Files\Spotflux
2013-09-21 17:18 - 2013-09-21 17:19 - 06097256 _____ C:\Users\Havlli\Downloads\spotflux-latestPC.exe
2013-09-21 16:22 - 2013-09-21 16:23 - 04244331 _____ (Privacy-Pro.com ) C:\Users\Havlli\Downloads\ipanonymizer.exe
2013-09-20 13:12 - 2013-09-25 23:35 - 00000000 ____D C:\Users\Havlli\Downloads\101-cz
2013-09-19 22:03 - 2013-09-19 22:03 - 00000000 ____D C:\Users\Havlli\Documents\RIFT
2013-09-19 21:30 - 2013-09-25 23:34 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\RIFT
2013-09-19 21:30 - 2013-09-25 23:34 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RIFT
2013-09-19 21:30 - 2013-09-19 21:30 - 00000603 _____ C:\Users\Havlli\Desktop\RIFT.lnk
2013-09-19 21:25 - 2013-09-19 21:25 - 19184792 _____ (Trion Worlds Inc.) C:\Users\Havlli\Downloads\RIFT-Install-0-eam1ja.exe
2013-09-19 21:16 - 2013-09-25 23:42 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Raptr
2013-09-19 21:16 - 2013-09-25 23:34 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raptr
2013-09-19 21:16 - 2013-09-19 21:16 - 00000000 ____D C:\Program Files\Raptr
2013-09-19 21:14 - 2013-09-19 21:14 - 00071576 _____ C:\Users\Havlli\Downloads\raptr_installer.exe
2013-09-19 20:56 - 2013-09-19 21:01 - 00042909 _____ C:\Users\Havlli\Downloads\RIFT-Install.exe
2013-09-17 19:08 - 2013-09-17 19:09 - 19146000 _____ (Igor Pavlov) C:\Users\Havlli\Downloads\autobinarycode2.exe
2013-09-16 13:51 - 2013-09-16 13:51 - 00000000 ____D C:\Users\Havlli\Documents\Arktos
2013-09-16 12:05 - 2013-09-25 23:35 - 00000000 ____D C:\Users\Havlli\Downloads\PSeMu3
2013-09-16 11:56 - 2013-09-16 11:56 - 00000748 _____ C:\Users\Public\Desktop\Infestation Survivor Stories.lnk
2013-09-16 11:53 - 2013-09-16 11:54 - 08234912 _____ (OP Productions LLC ) C:\Users\Havlli\Downloads\Infestation_WebSetup.exe
2013-09-15 20:33 - 2013-09-15 20:33 - 00000000 ____D C:\Users\Havlli\Documents\ConvertXtoDVD
2013-09-15 20:30 - 2013-09-25 23:33 - 00000000 ____D C:\ProgramData\VSO
2013-09-15 20:30 - 2013-09-15 20:30 - 00087608 _____ C:\Users\Havlli\AppData\Roaming\inst.exe
2013-09-15 20:30 - 2013-09-15 20:30 - 00047360 _____ (VSO Software) C:\Users\Havlli\AppData\Roaming\pcouffin.sys
2013-09-15 20:30 - 2013-09-15 20:30 - 00007887 _____ C:\Users\Havlli\AppData\Roaming\pcouffin.cat
2013-09-15 20:30 - 2013-09-15 20:30 - 00001186 _____ C:\Users\Havlli\Desktop\ConvertXToDVD 5.lnk
2013-09-15 20:30 - 2013-09-15 20:30 - 00000055 _____ C:\Users\Havlli\AppData\Roaming\pcouffin.log
2013-09-15 20:30 - 2013-09-15 20:30 - 00000000 ____D C:\Program Files\VSO
2013-09-15 19:44 - 2013-09-15 19:44 - 00000000 __RSH C:\MSDOS.SYS
2013-09-15 19:44 - 2013-09-15 19:44 - 00000000 __RSH C:\IO.SYS
2013-09-15 11:45 - 2013-09-25 23:35 - 00000000 ____D C:\Users\Havlli\Downloads\LoLSkins pool party
2013-09-14 13:53 - 2013-09-21 02:07 - 00000000 ____D C:\LOLHT Configs v2
2013-09-14 13:37 - 2013-09-21 12:37 - 00000229 _____ C:\Users\Havlli\Desktop\wAxDx+gR5wI.ini
2013-09-14 13:35 - 2013-09-25 23:35 - 00000000 ____D C:\Users\Havlli\Desktop\applications
2013-09-14 13:06 - 2013-09-16 21:09 - 04512256 _____ C:\Users\Havlli\Desktop\wAxDx+gR5wI.exe
2013-09-11 22:46 - 2013-09-11 22:46 - 00000920 _____ C:\Users\Havlli\Desktop\Play Saints Row IV.lnk
2013-09-10 14:11 - 2013-09-10 14:12 - 06947200 _____ (TeamViewer GmbH) C:\Users\Havlli\Downloads\TeamViewer_Setup (1).exe
2013-09-08 23:32 - 2013-09-08 23:32 - 00000659 _____ C:\Users\Public\Desktop\The Bureau.lnk
2013-09-08 01:47 - 2013-09-08 01:47 - 00159144 _____ (Microsoft Corporation) C:\Users\Havlli\Downloads\WindowsActivationUpdate.exe
2013-09-08 01:41 - 2013-09-25 23:35 - 00000000 ____D C:\Users\Havlli\Downloads\Windows_Loader_v2.2.1
2013-09-06 15:58 - 2013-09-06 15:58 - 00000000 ____D C:\Program Files\AMD AVT
2013-09-06 15:51 - 2013-09-06 15:53 - 94204656 _____ (Advanced Micro Devices, Inc.) C:\Users\Havlli\Downloads\13-4_win7_win8_32_dd_ccc_whql.exe
2013-09-06 14:35 - 2013-09-06 14:35 - 00000724 _____ C:\Users\Havlli\Desktop\Saints Row IV.lnk
2013-09-06 12:57 - 2013-09-06 13:01 - 100925224 _____ (PortableAppZ.blogspot.com) C:\Users\Havlli\Downloads\Photoshop_Portable_13.1.2_Multilingual.exe
2013-09-05 07:12 - 2013-09-05 07:12 - 06947200 _____ (TeamViewer GmbH) C:\Users\Havlli\Downloads\TeamViewer_Setup.exe
2013-08-29 16:23 - 2013-08-29 16:23 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

==================== One Month Modified Files and Folders =======

2013-09-26 12:53 - 2013-09-26 12:53 - 00000000 ____D C:\FRST
2013-09-26 12:52 - 2013-09-26 12:52 - 01089329 _____ (Farbar) C:\Users\Havlli\Downloads\FRST.exe
2013-09-26 12:52 - 2013-09-26 12:52 - 01089329 _____ (Farbar) C:\Users\Havlli\Desktop\FRST.exe
2013-09-26 12:52 - 2013-05-31 18:50 - 01556014 _____ C:\Windows\WindowsUpdate.log
2013-09-26 12:49 - 2013-09-22 20:39 - 00000560 _____ C:\Windows\setupact.log
2013-09-26 12:49 - 2013-03-27 14:57 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-26 12:49 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-26 02:40 - 2009-07-14 06:34 - 00019904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-26 02:40 - 2009-07-14 06:34 - 00019904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-26 02:22 - 2013-03-27 14:57 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-25 23:42 - 2013-09-19 21:16 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Raptr
2013-09-25 23:38 - 2013-09-25 23:38 - 00000000 ____D C:\ProgramData\DAEMON Tools Ultra
2013-09-25 23:38 - 2013-03-27 13:59 - 00000000 ____D C:\Users\Havlli
2013-09-25 23:37 - 2013-09-24 17:47 - 00002003 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-09-25 23:37 - 2013-08-04 19:44 - 00000000 ____D C:\Users\Havlli\Desktop\Beats » That’s Hood_files
2013-09-25 23:37 - 2013-07-01 22:15 - 00000000 ____D C:\Users\Havlli\Downloads\Falling-Skies (1)
2013-09-25 23:37 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\wfp
2013-09-25 23:37 - 2009-07-14 04:04 - 00002577 _____ C:\Windows\system32\config.nt
2013-09-25 23:35 - 2013-09-24 20:29 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\vlc
2013-09-25 23:35 - 2013-09-24 20:22 - 00000000 ____D C:\Users\Havlli\Downloads\102-cz
2013-09-25 23:35 - 2013-09-23 19:51 - 00000000 ____D C:\Users\Havlli\Downloads\LOLPBE
2013-09-25 23:35 - 2013-09-23 12:26 - 00000000 ____D C:\Users\Havlli\Downloads\bitcoin-0.8.5-win32
2013-09-25 23:35 - 2013-09-20 13:12 - 00000000 ____D C:\Users\Havlli\Downloads\101-cz
2013-09-25 23:35 - 2013-09-16 12:05 - 00000000 ____D C:\Users\Havlli\Downloads\PSeMu3
2013-09-25 23:35 - 2013-09-15 11:45 - 00000000 ____D C:\Users\Havlli\Downloads\LoLSkins pool party
2013-09-25 23:35 - 2013-09-14 13:35 - 00000000 ____D C:\Users\Havlli\Desktop\applications
2013-09-25 23:35 - 2013-09-08 01:41 - 00000000 ____D C:\Users\Havlli\Downloads\Windows_Loader_v2.2.1
2013-09-25 23:35 - 2013-08-23 14:35 - 00000000 ____D C:\Users\Havlli\Desktop\Referaly
2013-09-25 23:35 - 2013-08-23 14:34 - 00000000 ____D C:\Users\Havlli\Downloads\DisgustingAccCreator(2)
2013-09-25 23:35 - 2013-08-23 14:22 - 00000000 ____D C:\Users\Havlli\Downloads\Fulcrum Account Creator v.1.1.1.exe
2013-09-25 23:35 - 2013-08-23 14:16 - 00000000 ____D C:\Users\Havlli\Downloads\Fulcrum Bot v1.5
2013-09-25 23:35 - 2013-08-23 09:53 - 00000000 ____D C:\Users\Havlli\Downloads\zikenzieslolbot
2013-09-25 23:35 - 2013-08-23 09:27 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\VMware
2013-09-25 23:35 - 2013-08-04 22:25 - 00000000 ____D C:\Users\Havlli\Downloads\01W0
2013-09-25 23:35 - 2013-07-30 00:26 - 00000000 ____D C:\Users\Havlli\Downloads\Oblivion(0000221538)
2013-09-25 23:35 - 2013-07-29 23:40 - 00000000 ____D C:\Users\Havlli\Downloads\Falling.Skies.S03E09
2013-09-25 23:35 - 2013-07-17 00:39 - 00000000 ____D C:\Users\Havlli\Downloads\falling-skies-03x07-cz-asap
2013-09-25 23:35 - 2013-07-15 20:09 - 00000000 ____D C:\Users\Havlli\Downloads\Under-the-Dome-1x03
2013-09-25 23:35 - 2013-07-09 05:19 - 00000000 ____D C:\Users\Havlli\Downloads\Falling.Skies.S03E06
2013-09-25 23:35 - 2013-06-25 00:14 - 00000000 ____D C:\Users\Havlli\Downloads\Falling-Skies
2013-09-25 23:35 - 2013-06-09 15:29 - 00000000 ____D C:\Users\Havlli\Downloads\Moja-Rec---Dobri-chlapci-Vol.-3-(2011)-KKM_2008
2013-09-25 23:35 - 2013-06-09 13:18 - 00000000 ____D C:\Users\Havlli\Downloads\buldozer.by.guthix
2013-09-25 23:35 - 2013-06-09 12:31 - 00000000 ____D C:\Users\Havlli\Downloads\Matheus_-_Pred_prvnim_infarktem_2013_
2013-09-25 23:35 - 2013-06-05 11:59 - 00000000 ____D C:\Users\Havlli\Desktop\639PRO-C.fix4
2013-09-25 23:35 - 2013-05-30 17:01 - 00000000 ____D C:\Users\Havlli\Downloads\LoL Generator
2013-09-25 23:35 - 2013-05-28 21:10 - 00000000 ____D C:\Users\Havlli\Desktop\dota2bot_hack
2013-09-25 23:35 - 2013-05-26 13:05 - 00000000 ____D C:\Users\Havlli\Downloads\07x13-nightmare-in-silver-cz
2013-09-25 23:35 - 2013-05-25 14:47 - 00000000 ____D C:\Users\Havlli\Downloads\stronghold3_plus2_trainer
2013-09-25 23:35 - 2013-05-25 13:50 - 00000000 ____D C:\Users\Havlli\Downloads\DOCTOR-WHO-S07E12-The-Crimson-Horror-FoV-720p-
2013-09-25 23:35 - 2013-05-24 13:26 - 00000000 ____D C:\Users\Havlli\Downloads\GOESP_[www.unknowncheats.me]_
2013-09-25 23:35 - 2013-05-23 23:16 - 00000000 ____D C:\Users\Havlli\Downloads\DOCTOR-WHO-S07E11-Journey-to-the-Centre-of-the-TARDIS
2013-09-25 23:35 - 2013-05-21 14:24 - 00000000 ____D C:\Users\Havlli\Downloads\DOCTOR-WHO-S07E08-The-Rings-of-Akhaten-FoV-720p-
2013-09-25 23:35 - 2013-05-15 07:27 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\WinAVI
2013-09-25 23:35 - 2013-05-12 12:41 - 00000000 ____D C:\Users\Havlli\Desktop\SOH COD4 V5.4
2013-09-25 23:35 - 2013-05-11 15:45 - 00000000 ____D C:\Users\Havlli\Downloads\Star-Wars-The-Force-Unleashed-2-cestina-(100%-fukční)
2013-09-25 23:35 - 2013-05-11 00:09 - 00000000 ____D C:\Users\Havlli\Downloads\knandm
2013-09-25 23:35 - 2013-05-10 23:54 - 00000000 ____D C:\Users\Havlli\Desktop\ladder
2013-09-25 23:35 - 2013-05-10 21:55 - 00000000 ____D C:\Users\Havlli\Downloads\Borderlands2_Cz_v1.3_incl_All_DLC
2013-09-25 23:35 - 2013-05-09 20:29 - 00000000 ____D C:\Users\Havlli\Downloads\Vladimir 518 - Flashback Mixtape (2013)
2013-09-25 23:35 - 2013-05-09 13:14 - 00000000 ____D C:\Users\Havlli\Downloads\PCI_Install_XP_2K_5719_10202010
2013-09-25 23:35 - 2013-05-04 20:09 - 00000000 ____D C:\Users\hedev
2013-09-25 23:35 - 2013-05-04 17:33 - 00000000 ____D C:\Users\Havlli\Downloads\OTTD-portable
2013-09-25 23:35 - 2013-05-04 15:36 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\TZAC2
2013-09-25 23:35 - 2013-05-03 15:26 - 00000000 ____D C:\Users\Havlli\Desktop\Foxit Advanced PDF Editor v3.0.5 Incl Crack [TorDigger]
2013-09-25 23:35 - 2013-05-03 15:00 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Wondershare
2013-09-25 23:35 - 2013-04-30 18:00 - 00000000 ____D C:\Users\Havlli\Downloads\DIR.LAN.Fix.V2-Royalgamer06
2013-09-25 23:35 - 2013-04-29 23:45 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Tunngle
2013-09-25 23:35 - 2013-04-29 23:44 - 00000000 ____D C:\Users\Havlli\Downloads\DEADISLRIPT-LAN-Fix
2013-09-25 23:35 - 2013-04-29 13:47 - 00000000 ____D C:\Users\Havlli\Downloads\Optical Flares- thesilentmotion
2013-09-25 23:35 - 2013-04-28 01:04 - 00000000 ____D C:\Users\Havlli\Desktop\Magic Bullet Looks 1.4.3.mpkg
2013-09-25 23:35 - 2013-04-28 01:02 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Sony
2013-09-25 23:35 - 2013-04-27 22:32 - 00000000 ____D C:\Users\Havlli\Desktop\Firy
2013-09-25 23:35 - 2013-04-26 15:35 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\TeamViewer
2013-09-25 23:35 - 2013-04-25 20:00 - 00000000 ____D C:\Users\Havlli\Downloads\GE Money CZ – Internet Banka_files
2013-09-25 23:35 - 2013-04-22 03:15 - 00000000 ____D C:\Users\Havlli\Desktop\Studio Furious
2013-09-25 23:35 - 2013-04-21 23:26 - 00000000 ____D C:\Users\Havlli\Desktop\Adobe CS4
2013-09-25 23:35 - 2013-04-18 14:03 - 00000000 ____D C:\Users\Havlli\Downloads\codplayer
2013-09-25 23:35 - 2013-04-03 12:13 - 00000000 ____D C:\Users\Havlli\Downloads\Subs
2013-09-25 23:35 - 2013-03-30 14:38 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Skype
2013-09-25 23:35 - 2013-03-30 02:56 - 00000000 ____D C:\Users\Havlli\Downloads\cmdat1
2013-09-25 23:35 - 2013-03-29 01:55 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-09-25 23:35 - 2013-03-29 01:26 - 00000000 ____D C:\Users\Havlli\Desktop\PHPPROBID_v6.11_Nulled
2013-09-25 23:35 - 2013-03-28 14:20 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Wargaming.net
2013-09-25 23:35 - 2013-03-27 16:08 - 00000000 ____D C:\Users\Havlli\Desktop\WTF
2013-09-25 23:35 - 2013-03-27 16:05 - 00000000 ____D C:\Users\Havlli\Downloads\EnableOrDisableDEP
2013-09-25 23:35 - 2013-03-27 15:35 - 00000000 ____D C:\Users\Havlli\Downloads\DisableDEP
2013-09-25 23:35 - 2013-03-27 14:57 - 00000000 ____D C:\Users\Havlli\Downloads\Directextract
2013-09-25 23:35 - 2009-07-14 09:48 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-09-25 23:35 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Libraries
2013-09-25 23:35 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-09-25 23:35 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-25 23:35 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-25 23:35 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-25 23:35 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-25 23:34 - 2013-09-24 19:45 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-09-25 23:34 - 2013-09-23 12:27 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Bitcoin
2013-09-25 23:34 - 2013-09-21 17:23 - 00000000 ____D C:\Users\Havlli\.swt
2013-09-25 23:34 - 2013-09-19 21:30 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\RIFT
2013-09-25 23:34 - 2013-09-19 21:30 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RIFT
2013-09-25 23:34 - 2013-09-19 21:16 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raptr
2013-09-25 23:34 - 2013-07-29 15:57 - 00000000 ____D C:\Users\Havlli\AppData\Local\Apps\2.0
2013-09-25 23:34 - 2013-07-25 06:35 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Infinite Crisis
2013-09-25 23:34 - 2013-07-19 12:44 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Opera Software
2013-09-25 23:34 - 2013-06-02 21:17 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Digiarty
2013-09-25 23:34 - 2013-05-27 22:19 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\COMODO
2013-09-25 23:34 - 2013-05-11 12:01 - 00000000 ____D C:\Users\Havlli\.dvdcss
2013-09-25 23:34 - 2013-05-11 12:00 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\dvdcss
2013-09-25 23:34 - 2013-05-01 12:44 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-25 23:34 - 2013-04-25 20:49 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\GHISLER
2013-09-25 23:34 - 2013-04-21 23:17 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Seznam.cz
2013-09-25 23:34 - 2013-04-11 09:01 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\DAEMON Tools Ultra
2013-09-25 23:34 - 2013-04-05 22:42 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\OBS
2013-09-25 23:34 - 2013-04-05 13:09 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Orbit
2013-09-25 23:34 - 2013-03-31 23:07 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\mIRC
2013-09-25 23:34 - 2013-03-30 02:59 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\BSplayer
2013-09-25 23:34 - 2013-03-29 01:09 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Malwarebytes
2013-09-25 23:34 - 2013-03-28 11:43 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\OpenOffice.org
2013-09-25 23:34 - 2013-03-27 15:35 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-25 23:34 - 2013-03-27 13:59 - 00000000 ___RD C:\Users\Havlli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-25 23:34 - 2013-03-27 13:59 - 00000000 ___RD C:\Users\Havlli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-25 23:34 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2013-09-25 23:33 - 2013-09-15 20:30 - 00000000 ____D C:\ProgramData\VSO
2013-09-25 23:33 - 2013-08-23 09:20 - 00000000 ____D C:\ProgramData\VMware
2013-09-25 23:33 - 2013-07-25 06:35 - 00000000 ____D C:\ProgramData\Turbine
2013-09-25 23:33 - 2013-05-27 22:18 - 00000000 ____D C:\ProgramData\COMODO
2013-09-25 23:33 - 2013-05-26 20:43 - 00000000 ____D C:\ProgramData\Steam
2013-09-25 23:33 - 2013-05-13 11:37 - 00000000 ____D C:\ProgramData\Echobit
2013-09-25 23:33 - 2013-05-07 16:57 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-25 23:33 - 2013-05-03 15:00 - 00000000 ____D C:\ProgramData\PDFEditor
2013-09-25 23:33 - 2013-04-30 18:01 - 00000000 ____D C:\ProgramData\3DMGAME
2013-09-25 23:33 - 2013-04-29 22:29 - 00000000 ____D C:\ProgramData\RELOADED
2013-09-25 23:33 - 2013-04-27 22:35 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-25 23:33 - 2013-04-21 23:34 - 00000000 ____D C:\ProgramData\FLEXnet
2013-09-25 23:33 - 2013-04-15 22:45 - 00000000 ____D C:\ProgramData\TERA
2013-09-25 23:33 - 2013-03-30 14:38 - 00000000 ____D C:\ProgramData\Skype
2013-09-25 23:33 - 2013-03-29 01:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-25 23:33 - 2013-03-29 01:03 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-09-25 23:33 - 2013-03-28 13:26 - 00000000 ___HD C:\ProgramData\CanonBJ
2013-09-25 23:33 - 2013-03-27 14:54 - 00000000 ____D C:\ProgramData\Adobe
2013-09-25 23:30 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2013-09-25 23:29 - 2013-05-10 21:14 - 00000000 ____D C:\Users\Havlli\Downloads\Knights_and-Merchants-The_Peasants_Rebellion_(_Rytiri_a_Kupci_)_EN+CZ_for_Windows_7
2013-09-25 23:27 - 2013-03-27 14:24 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Macromedia
2013-09-25 23:27 - 2013-03-27 14:24 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\Adobe
2013-09-25 23:26 - 2013-09-24 17:33 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-25 15:16 - 2013-05-03 13:32 - 00000000 ____D C:\Poker
2013-09-25 12:53 - 2013-09-25 12:53 - 00000000 ____D C:\Users\Havlli\AppData\Roaming\ATI
2013-09-25 12:53 - 2013-09-25 12:53 - 00000000 ____D C:\ProgramData\ATI
2013-09-25 12:39 - 2013-03-27 14:29 - 00000000 ____D C:\ProgramData\AMD
2013-09-25 12:38 - 2013-09-25 12:38 - 00000000 ____D C:\_OTL
2013-09-24 22:29 - 2013-09-24 22:28 - 00602112 _____ (OldTimer Tools) C:\Users\Havlli\Desktop\OTL.exe
2013-09-24 20:28 - 2013-09-24 20:28 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-24 20:28 - 2013-09-24 20:28 - 00000000 ____D C:\Program Files\VideoLAN
2013-09-24 20:26 - 2013-09-24 20:26 - 23003252 _____ C:\Users\Havlli\Downloads\vlc-2.0.8-win32.exe
2013-09-24 20:18 - 2013-09-24 20:18 - 00001080 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk
2013-09-24 20:17 - 2013-09-24 20:16 - 10511384 _____ C:\Users\Havlli\Downloads\bsplayer_installer4.exe
2013-09-24 20:16 - 2013-09-24 20:15 - 01110104 _____ (Conduit) C:\Users\Havlli\Downloads\bsplayer266.1075.exe
2013-09-24 18:02 - 2013-09-22 20:39 - 00007450 _____ C:\Windows\PFRO.log
2013-09-24 17:42 - 2013-09-24 17:41 - 00000000 ____D C:\AdwCleaner
2013-09-24 17:40 - 2013-09-24 17:40 - 01042066 _____ C:\Users\Havlli\Downloads\adwcleaner.exe
2013-09-24 17:40 - 2013-09-24 17:40 - 01042066 _____ C:\Users\Havlli\Desktop\adwcleaner.exe
2013-09-24 17:34 - 2013-09-24 17:34 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-09-24 17:34 - 2013-09-24 17:34 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-09-24 17:34 - 2013-09-24 17:34 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-09-24 17:33 - 2013-09-24 17:33 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-24 15:14 - 2013-03-29 01:03 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-09-23 22:46 - 2013-09-23 22:32 - 117482200 _____ C:\Users\Havlli\Downloads\avast_free_antivirus_setup.exe
2013-09-23 20:11 - 2012-08-22 21:48 - 00000000 ____D C:\Riot Games
2013-09-23 19:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-23 12:57 - 2013-09-23 12:57 - 04327208 _____ (Systweak Inc ) C:\Users\Havlli\Downloads\rcpsetupst_RC1_ZZ_L_1.exe
2013-09-23 12:38 - 2013-09-23 12:38 - 00000000 ____D C:\rsit
2013-09-23 12:38 - 2013-09-23 12:38 - 00000000 ____D C:\Program Files\trend micro
2013-09-23 12:37 - 2013-09-23 12:37 - 00781383 _____ C:\Users\Havlli\Downloads\RSIT.exe
2013-09-22 20:39 - 2013-09-22 20:39 - 00000000 _____ C:\Windows\setuperr.log
2013-09-22 20:39 - 2009-07-14 06:33 - 02364576 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-22 19:42 - 2013-03-28 12:48 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-09-22 19:41 - 2013-03-28 12:48 - 00000000 ____D C:\Program Files\Adobe
2013-09-22 19:39 - 2013-04-26 16:14 - 00000000 ____D C:\Program Files\CCleaner
2013-09-22 19:38 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-09-22 19:37 - 2013-03-27 14:02 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-09-22 19:36 - 2013-05-15 07:26 - 00000000 ____D C:\Program Files\WinAVI
2013-09-22 19:36 - 2013-05-11 23:00 - 00000000 ____D C:\Program Files\War Thunder
2013-09-22 19:33 - 2013-02-26 12:44 - 00000000 ____D C:\totalcmd
2013-09-22 19:31 - 2013-03-27 14:02 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-09-22 19:30 - 2013-09-22 19:30 - 00000629 _____ C:\Users\Havlli\Documents\Uninstall STAR WARS The Old Republic.log
2013-09-22 19:30 - 2013-03-27 14:37 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-09-22 19:30 - 2009-07-14 09:49 - 00000000 ____D C:\Windows\ShellNew
2013-09-22 19:30 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\MSBuild
2013-09-22 19:29 - 2013-09-21 17:19 - 00000000 ____D C:\Program Files\Spotflux
2013-09-22 19:28 - 2013-06-06 10:07 - 00000000 ____D C:\Program Files\Sony Ericsson
2013-09-22 19:28 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\System
2013-09-22 19:28 - 2009-07-14 04:04 - 00000387 _____ C:\Windows\win.ini
2013-09-22 19:26 - 2013-04-22 14:51 - 00000000 ____D C:\Program Files\QuickTime
2013-09-22 19:25 - 2013-07-19 12:43 - 00000000 ____D C:\Program Files\Opera
2013-09-22 19:21 - 2013-02-10 13:53 - 00000000 ____D C:\Ubisoft
2013-09-22 19:19 - 2013-05-04 12:50 - 00000000 ____D C:\Program Files\Full Tilt Poker
2013-09-22 19:18 - 2013-05-15 07:42 - 00000000 ____D C:\Program Files\Freemake
2013-09-22 19:18 - 2013-04-21 19:40 - 00000000 ____D C:\Fraps
2013-09-22 19:17 - 2013-03-27 17:58 - 00000000 ____D C:\Users\Havlli\Documents\My Games
2013-09-22 19:04 - 2013-08-22 13:06 - 00000000 ____D C:\Program Files\Canon
2013-09-22 19:04 - 2013-06-12 21:45 - 00000000 ____D C:\Program Files\Origin Games
2013-09-22 19:03 - 2013-09-22 19:03 - 00000000 ____D C:\Users\Havlli\Documents\BFBC2
2013-09-22 19:03 - 2013-03-27 16:33 - 00139128 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2013-09-22 19:03 - 2013-03-27 16:29 - 00215128 _____ C:\Windows\system32\PnkBstrB.xtr
2013-09-22 19:03 - 2013-03-27 16:29 - 00215128 _____ C:\Windows\system32\PnkBstrB.exe
2013-09-22 16:46 - 2013-05-08 13:06 - 00000000 ____D C:\Windows\Minidump
2013-09-22 15:34 - 2013-09-22 15:33 - 04454952 _____ (Piriform Ltd) C:\Users\Havlli\Downloads\ccsetup405.exe
2013-09-22 11:12 - 2009-07-14 06:53 - 00032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-21 17:24 - 2013-09-21 17:24 - 00935724 _____ (TheFreeVPN Inc. ) C:\Users\Havlli\Downloads\TheFreeVPNInstaller.exe
2013-09-21 17:19 - 2013-09-21 17:18 - 06097256 _____ C:\Users\Havlli\Downloads\spotflux-latestPC.exe
2013-09-21 16:23 - 2013-09-21 16:22 - 04244331 _____ (Privacy-Pro.com ) C:\Users\Havlli\Downloads\ipanonymizer.exe
2013-09-21 12:37 - 2013-09-14 13:37 - 00000229 _____ C:\Users\Havlli\Desktop\wAxDx+gR5wI.ini
2013-09-21 02:07 - 2013-09-14 13:53 - 00000000 ____D C:\LOLHT Configs v2
2013-09-20 03:46 - 2013-03-29 01:28 - 00002369 _____ C:\Users\Havlli\Documents\11 - Litvínov (beat. Maybe If I Were Perfect).txt
2013-09-19 22:03 - 2013-09-19 22:03 - 00000000 ____D C:\Users\Havlli\Documents\RIFT
2013-09-19 21:30 - 2013-09-19 21:30 - 00000603 _____ C:\Users\Havlli\Desktop\RIFT.lnk
2013-09-19 21:25 - 2013-09-19 21:25 - 19184792 _____ (Trion Worlds Inc.) C:\Users\Havlli\Downloads\RIFT-Install-0-eam1ja.exe
2013-09-19 21:25 - 2013-03-27 14:57 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-19 21:16 - 2013-09-19 21:16 - 00000000 ____D C:\Program Files\Raptr
2013-09-19 21:14 - 2013-09-19 21:14 - 00071576 _____ C:\Users\Havlli\Downloads\raptr_installer.exe
2013-09-19 21:01 - 2013-09-19 20:56 - 00042909 _____ C:\Users\Havlli\Downloads\RIFT-Install.exe
2013-09-18 01:30 - 2013-03-29 01:28 - 00001087 _____ C:\Users\Havlli\Documents\20 - Through all the pain.txt
2013-09-17 19:09 - 2013-09-17 19:08 - 19146000 _____ (Igor Pavlov) C:\Users\Havlli\Downloads\autobinarycode2.exe
2013-09-16 21:09 - 2013-09-14 13:06 - 04512256 _____ C:\Users\Havlli\Desktop\wAxDx+gR5wI.exe
2013-09-16 13:52 - 2013-03-27 16:29 - 00291128 _____ C:\Windows\system32\PnkBstrB.ex0
2013-09-16 13:51 - 2013-09-16 13:51 - 00000000 ____D C:\Users\Havlli\Documents\Arktos
2013-09-16 13:51 - 2013-06-13 21:29 - 00138904 _____ C:\Users\Havlli\AppData\Roaming\PnkBstrK.sys
2013-09-16 13:50 - 2013-03-27 16:29 - 00076888 _____ C:\Windows\system32\PnkBstrA.exe
2013-09-16 11:56 - 2013-09-16 11:56 - 00000748 _____ C:\Users\Public\Desktop\Infestation Survivor Stories.lnk
2013-09-16 11:54 - 2013-09-16 11:53 - 08234912 _____ (OP Productions LLC ) C:\Users\Havlli\Downloads\Infestation_WebSetup.exe
2013-09-15 20:33 - 2013-09-15 20:33 - 00000000 ____D C:\Users\Havlli\Documents\ConvertXtoDVD
2013-09-15 20:30 - 2013-09-15 20:30 - 00087608 _____ C:\Users\Havlli\AppData\Roaming\inst.exe
2013-09-15 20:30 - 2013-09-15 20:30 - 00047360 _____ (VSO Software) C:\Users\Havlli\AppData\Roaming\pcouffin.sys
2013-09-15 20:30 - 2013-09-15 20:30 - 00007887 _____ C:\Users\Havlli\AppData\Roaming\pcouffin.cat
2013-09-15 20:30 - 2013-09-15 20:30 - 00001186 _____ C:\Users\Havlli\Desktop\ConvertXToDVD 5.lnk
2013-09-15 20:30 - 2013-09-15 20:30 - 00000055 _____ C:\Users\Havlli\AppData\Roaming\pcouffin.log
2013-09-15 20:30 - 2013-09-15 20:30 - 00000000 ____D C:\Program Files\VSO
2013-09-15 19:44 - 2013-09-15 19:44 - 00000000 __RSH C:\MSDOS.SYS
2013-09-15 19:44 - 2013-09-15 19:44 - 00000000 __RSH C:\IO.SYS
2013-09-13 18:16 - 2013-03-27 14:09 - 00783066 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-11 22:46 - 2013-09-11 22:46 - 00000920 _____ C:\Users\Havlli\Desktop\Play Saints Row IV.lnk
2013-09-10 14:12 - 2013-09-10 14:11 - 06947200 _____ (TeamViewer GmbH) C:\Users\Havlli\Downloads\TeamViewer_Setup (1).exe
2013-09-10 12:56 - 2013-03-30 14:38 - 00000000 ___RD C:\Program Files\Skype
2013-09-08 23:32 - 2013-09-08 23:32 - 00000659 _____ C:\Users\Public\Desktop\The Bureau.lnk
2013-09-08 01:47 - 2013-09-08 01:47 - 00159144 _____ (Microsoft Corporation) C:\Users\Havlli\Downloads\WindowsActivationUpdate.exe
2013-09-06 15:58 - 2013-09-06 15:58 - 00000000 ____D C:\Program Files\AMD AVT
2013-09-06 15:58 - 2013-03-27 14:28 - 00000000 ____D C:\Program Files\ATI Technologies
2013-09-06 15:53 - 2013-09-06 15:51 - 94204656 _____ (Advanced Micro Devices, Inc.) C:\Users\Havlli\Downloads\13-4_win7_win8_32_dd_ccc_whql.exe
2013-09-06 14:35 - 2013-09-06 14:35 - 00000724 _____ C:\Users\Havlli\Desktop\Saints Row IV.lnk
2013-09-06 13:01 - 2013-09-06 12:57 - 100925224 _____ (PortableAppZ.blogspot.com) C:\Users\Havlli\Downloads\Photoshop_Portable_13.1.2_Multilingual.exe
2013-09-05 07:12 - 2013-09-05 07:12 - 06947200 _____ (TeamViewer GmbH) C:\Users\Havlli\Downloads\TeamViewer_Setup.exe
2013-08-31 10:46 - 2013-03-29 01:28 - 00006300 _____ C:\Users\Havlli\Documents\Nový objekt - Textový dokument.txt
2013-08-30 09:48 - 2013-09-24 17:52 - 00204784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2013-08-30 09:48 - 2013-09-24 17:51 - 00104752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFW.sys
2013-08-30 09:48 - 2013-09-24 17:51 - 00021576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-08-30 09:48 - 2013-09-24 17:34 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-09-24 17:34 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-09-24 17:34 - 00177864 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-09-24 17:34 - 00061680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2013-09-24 17:34 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-09-24 17:34 - 00049376 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-09-24 17:34 - 00029816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-30 09:48 - 2013-09-24 17:33 - 00066336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-30 09:47 - 2013-09-24 17:33 - 00229648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-30 09:47 - 2013-09-24 17:33 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-29 16:23 - 2013-08-29 16:23 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-08-27 03:23 - 2013-08-26 18:10 - 00000015 _____ C:\inuse.txt

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-04-24 08:55

==================== End Of Log ============================

#25 Příspěvek od **vyosek** » 26 zář 2013 20:02

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [DAEMON Tools Ultra Agent] - C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [3088448 2013-03-06] (Disc Soft Ltd)
MountPoints2: F - F:\FalloutLauncher.exe
MountPoints2: G - G:\setup.exe
MountPoints2: {19241a3c-b6e8-11e2-882c-902b34264ec1} - I:\SETUP.EXE

SearchScopes: HKLM - DefaultScope value is missing.

S3 aswArKrn; \??\C:\Windows\TEMP\aswArKrn.sys [x]
S3 ATP; system32\DRIVERS\cmdatp.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 TMUVSPFLEP; \??\C:\Windows\system32\drivers\OQBLNIFWT.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [x]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [x]
S3 vtany; \??\C:\Windows\vtany.sys [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]

Hosts:
CMD: shutdown /r /f /t 2
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Havlli · #26 Příspěvek od **Havlli** » 27 zář 2013 11:18

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-09-2013
Ran by Havlli at 2013-09-27 12:13:17 Run:1
Running from C:\Users\Havlli\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKCU\...\Run: [DAEMON Tools Ultra Agent] - C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [3088448 2013-03-06] (Disc Soft Ltd)
MountPoints2: F - F:\FalloutLauncher.exe
MountPoints2: G - G:\setup.exe
MountPoints2: {19241a3c-b6e8-11e2-882c-902b34264ec1} - I:\SETUP.EXE

SearchScopes: HKLM - DefaultScope value is missing.

S3 aswArKrn; \??\C:\Windows\TEMP\aswArKrn.sys [x]
S3 ATP; system32\DRIVERS\cmdatp.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 TMUVSPFLEP; \??\C:\Windows\system32\drivers\OQBLNIFWT.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [x]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [x]
S3 vtany; \??\C:\Windows\vtany.sys [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]

Hosts:
CMD: shutdown /r /f /t 2
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Ultra Agent => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => Key deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{19241a3c-b6e8-11e2-882c-902b34264ec1} => Key deleted successfully.
HKCR\CLSID\{19241a3c-b6e8-11e2-882c-902b34264ec1} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
aswArKrn => Service deleted successfully.
ATP => Service deleted successfully.
Synth3dVsc => Service deleted successfully.
TMUVSPFLEP => Service deleted successfully.
tsusbhub => Service deleted successfully.
VGPU => Service deleted successfully.
vmci => Service deleted successfully.
VMnetAdapter => Service deleted successfully.
vtany => Service deleted successfully.
xhunter1 => Service deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

==== End of Fixlog ====

#27 Příspěvek od **vyosek** » 27 zář 2013 11:24

Jak se chova PC

Havlli · #28 Příspěvek od **Havlli** » 27 zář 2013 12:32

PC jede v pohodě, jen občasné vypadávaní internetu, bohužel ale asi zapříčiněno mým ISP.

#29 Příspěvek od **vyosek** » 27 zář 2013 12:45

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Zkuste se obratit na ISP, proc to muze padat

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

Možná nákaza, nestabilní net

Re: Možná nákaza, nestabilní net

Re: Možná nákaza, nestabilní net

Re: Možná nákaza, nestabilní net

Re: Možná nákaza, nestabilní net

Re: Možná nákaza, nestabilní net

Re: Možná nákaza, nestabilní net

Re: Možná nákaza, nestabilní net

Re: Možná nákaza, nestabilní net

Re: Možná nákaza, nestabilní net

Re: Možná nákaza, nestabilní net

Re: Možná nákaza, nestabilní net

Re: Možná nákaza, nestabilní net

Re: Možná nákaza, nestabilní net

Re: Možná nákaza, nestabilní net