Počítač se vypíná do minuty....pro Motji

Zpráva

WarrunCz · #1 Příspěvek od **WarrunCz** » 05 říj 2013 19:51

Podle návodu z http://forum.viry.cz/viewtopic.php?f=13 ... 6&start=15
(stáhl OTL na plochu zaškrtl "Pro všechny uživatele" a dal "prohledat"
tak tu mám tyto dva logy:

Extras:

OTL Extras logfile created on: 5.10.2013 19:04:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jirka\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,96 Gb Total Physical Memory | 6,41 Gb Available Physical Memory | 80,46% Memory free
15,92 Gb Paging File | 14,35 Gb Available in Paging File | 90,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 292,87 Gb Total Space | 105,85 Gb Free Space | 36,14% Space Free | Partition Type: NTFS
Drive D: | 638,54 Gb Total Space | 240,84 Gb Free Space | 37,72% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 117,15 Gb Free Space | 39,30% Space Free | Partition Type: NTFS

Computer Name: JIRKA-PC | User Name: Jirka | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-2557346633-3743950059-13786957-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithRMP] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithRMP] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{046C6C63-9AF7-4003-8C70-E4D3697A0CA8}" = rport=445 | protocol=6 | dir=out | app=system |
"{125501FF-EE27-4DC4-BF12-DA58EA91AE0B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1DDC100F-3354-4920-9EAA-19DDFA26D8C0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3EA57759-C190-4CCB-A10F-B0ED6E0BAE28}" = rport=137 | protocol=17 | dir=out | app=system |
"{525FD76D-F152-4A09-B3CC-884C3DD28D02}" = rport=139 | protocol=6 | dir=out | app=system |
"{55A54AF1-D8C9-46E8-9362-24001BF50784}" = lport=138 | protocol=17 | dir=in | app=system |
"{5CFA2DED-C588-4FD9-8D3C-5F5F451AF248}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5E9CE217-F575-4BB2-AB01-A2BE0C35D20A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6DDB1DF8-8405-476F-B64B-97D1D62FB486}" = lport=139 | protocol=6 | dir=in | app=system |
"{79A34279-22A7-4403-AD6A-1BE64B812CB9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8DAA8AE2-DECA-42A7-BFC1-973BF3AAF43F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{94EB491A-3254-43D9-BB8A-1DDDEE4BFD5D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9CDC8D24-80A9-4F8A-87A4-55A6DD6BBC4B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B7E3A85F-8CA2-4868-8359-C0B4FA7A4FA3}" = lport=445 | protocol=6 | dir=in | app=system |
"{C2038715-71CC-4530-BECD-07D7A50539E1}" = rport=138 | protocol=17 | dir=out | app=system |
"{CFBF1DB6-88C7-4878-85A3-DFD97C30B366}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D9E0A3A0-7086-4E07-8D53-5582AA39F87E}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{E1C6988A-9587-4CC5-9503-C3B21E7E3A3B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E5DC9BF7-DD2C-412D-BDA4-940240D3FF23}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E720BD96-CCDC-4321-A2A3-6633D407F4F1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E8322CC9-2119-43A4-8780-BEE2D1170082}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F73C6C18-4A9B-4870-892C-1F0670524E55}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{F8F7386C-CDA5-44E4-BF76-44CF8B84DBE3}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00753C3D-345D-4FF7-AF2A-7D74D3A6C232}" = protocol=17 | dir=in | app=d:\games\star wars-the old republic\launcher.exe |
"{01D47BB1-E2A0-4856-8CCE-E006E36D10D5}" = protocol=17 | dir=in | app=d:\steamgame\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{022624BA-8884-454E-88A7-53DCF0482153}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\source sdk base 2007\hl2.exe |
"{033ACC77-AC0F-473C-85FC-A54B0748C14A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0450ACCB-BD7A-427E-8831-66DC61C81F94}" = protocol=17 | dir=in | app=d:\origingames\battlefield 3\bf3.exe |
"{0563BED6-CDFA-4CB9-82BC-801BEBB50949}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{05770CD0-F7C8-429F-A488-85C00A68C402}" = protocol=17 | dir=in | app=d:\origingames\crysis 2 maximum edition\bin32\crysis2.exe |
"{0CCB320C-F3FB-4C55-A528-B4F9A791C081}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{0E687EEF-5F08-483D-BD31-D108059E51E0}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{0FB3D6DE-575B-4360-975B-AF34619D10FF}" = protocol=17 | dir=in | app=d:\origingames\battlefield 4 beta\bf4.exe |
"{1048564E-675F-47BF-9418-1090A4016BCD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{159F6E1E-A5AF-42A6-BD83-37C5724A1149}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{160B3C9C-2CF2-444E-B477-2A0B9C73F303}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 3 blood dragon\bin\fc3_blooddragon.exe |
"{191C6B14-003F-42A9-8A0E-6247AA4A755B}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1ACF58DE-6368-446F-9095-E4D66EAF23FD}" = protocol=17 | dir=in | app=d:\games\ubisoft\james cameron's avatar - the game\bin\avatarlauncher.exe |
"{1B17CD7B-C812-4838-866E-A3E81A7254F1}" = protocol=6 | dir=in | app=d:\origingames\battlefield 4 beta\bf4.exe |
"{22AC8F5C-1BFA-4BAC-9580-FD3FD1796983}" = protocol=17 | dir=in | app=c:\users\jirka\appdata\roaming\utorrent\utorrent.exe |
"{294044C4-5779-4755-8A46-FBE7987D0D22}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{2ABD1F87-42F7-48B0-B572-343B6665BACF}" = protocol=6 | dir=in | app=d:\origingames\crysis 2 maximum edition\bin32\crysis2.exe |
"{2ACC1852-9BD3-49C5-8E57-376C68004774}" = protocol=17 | dir=in | app=d:\steamgame\steamapps\common\alien swarm\swarm.exe |
"{3184E6C5-A74D-43D6-A930-190B8BF676DB}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{3563BF84-4DC8-4ED4-BFB2-7B9A1BFDF553}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{3955A1BD-0F0D-418F-AFB5-A2DD2E4550EF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{3AA18D5A-F329-4A4D-94E0-98F456022B8D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{3D2C94C1-0BD5-49B7-A3D7-47C6102255D8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4309F20C-D4CF-4615-8469-2283ED6ADC4C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{46CFF0ED-D1B6-44E5-A227-9B687D6B9767}" = protocol=6 | dir=in | app=d:\steamgame\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe |
"{4A9C31F8-BA2F-4CB0-963F-E95D001EB7FF}" = protocol=6 | dir=in | app=d:\games\star wars-the old republic\launcher.exe |
"{4BAC2978-8E2D-424A-BDE1-EA7B52A499AB}" = protocol=6 | dir=in | app=d:\origingames\burnout paradise\burnoutparadise.exe |
"{50C980B1-9DAC-440D-A0B0-94FEAEE5A1A5}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{52E30FC7-EAE6-4555-801C-C5F1D07CAA87}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{583D81C4-F063-4DBC-B8D0-E240ABFBC671}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{58E69DB9-4694-42A5-ADD1-63399581D570}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5B9F4754-482E-43F5-9713-6C6B5A2961A3}" = dir=out | app=%userprofile%\desktop\starmade.exe |
"{61758729-F928-414A-AD56-F3B018168EFA}" = protocol=6 | dir=in | app=d:\origingames\dead space 3\deadspace3.exe |
"{6544A556-5067-41AC-9058-D38A5FDC4E96}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{65F19DA9-8E5F-421A-AC74-4CC0C1D58AB0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{674CA4E6-4764-4063-B430-667EA13F3567}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{6775F9C3-37FA-43A9-861F-545AA78FFFB7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{681322D5-1142-4584-894C-0759322CB2A3}" = protocol=6 | dir=in | app=d:\steamgame\steamapps\common\apb reloaded\binaries\apb.exe |
"{6974AECF-E519-4E1F-BFBA-A45825990106}" = dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe |
"{6BA88CD5-A036-47DF-88AF-B5C651D8A7FF}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe |
"{6C739E2A-A7C6-44D4-910F-D483803928D3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\source sdk base 2007\hl2.exe |
"{6E295F3B-57B4-4A95-A493-6934C1A836F5}" = protocol=6 | dir=out | app=system |
"{70CB113D-0D12-4B15-B677-0D85F4CE9DA0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7377D86A-6E72-4217-954A-391E9646CF7E}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{7565CF05-4AFE-43C4-9CFA-DE59DBF5A84A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{75696591-5D3F-4CB9-8976-E190CD56F9C9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe |
"{76405E1E-3F20-47C8-BDB6-7132804B8863}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{82DDC41D-7DD5-4378-BCC9-BB1E3D0E76D3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{8686BE45-25D4-4D1F-BF2B-264DE8B97BDF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{87DA9C36-5B5A-4C44-8254-E84D9AF6E7C2}" = protocol=17 | dir=in | app=d:\origingames\dead space 3\deadspace3.exe |
"{87F0498D-5738-4413-B200-6D6A1839D28F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{88175503-B6E9-4CBB-846C-FDC6284405A6}" = protocol=6 | dir=in | app=d:\games\iam alive\src\system\iamalive_game.exe |
"{8968E860-909B-494B-BD3E-A760FC17BCA7}" = protocol=6 | dir=in | app=d:\origingames\battlefield 3\bf3.exe |
"{8B4233B9-E0E1-4A03-815A-5E0422168FFB}" = protocol=6 | dir=in | app=d:\games\payday 2\payday2_win32_release.exe |
"{8C41DBCE-B119-4DC4-A1A3-F929AF8C810C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8FA72299-9B0A-40A8-8D73-0936392ABDEF}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{951CDAC3-638B-481A-AA0A-CE5F347006AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9586F9FE-7AD6-4EFD-9CC7-D9FAD565060A}" = protocol=17 | dir=in | app=d:\origingames\burnout paradise\burnoutparadise.exe |
"{967B5C2B-0229-4591-989F-CFE26E7C6879}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 3 blood dragon\bin\fc3_blooddragon.exe |
"{9795B3BC-3D7D-4EE5-A93E-C88DC6FCB89E}" = protocol=17 | dir=in | app=d:\origingames\deadspace\dead space.exe |
"{9C5BB5C1-AB50-489D-BBF6-F79E3DE54692}" = dir=in | app=%userprofile%\desktop\starmade.exe |
"{9DB135B7-E8A8-4816-B862-9404A76844F5}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A00D8C27-118B-4B23-8750-42287CE3CDF0}" = protocol=6 | dir=in | app=d:\origingames\deadspace\dead space.exe |
"{A145C24A-841D-4F18-9AD8-B4FEC1D0C26E}" = protocol=17 | dir=in | app=d:\games\iam alive\src\system\iamalive_game.exe |
"{A18EC774-9EFF-4C25-BC4E-3ACF7232051B}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{A1D81388-B385-4898-BB38-B2446470332D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A2FFEC3B-EDAC-412B-A20F-F165EFA70D76}" = protocol=6 | dir=in | app=d:\games\star wars-the old republic\launcher.exe |
"{AA06175B-124D-4622-B196-01B2FF179DB7}" = protocol=17 | dir=in | app=d:\steamgame\steamapps\common\apb reloaded\binaries\apb.exe |
"{AA0D6D2A-F2F3-4934-9403-5ED294C91592}" = protocol=6 | dir=in | app=d:\games\ubisoft\james cameron's avatar - the game\bin\avatarlauncher.exe |
"{B654A5DE-C10F-49C5-8B24-4722ED71E7C0}" = protocol=6 | dir=in | app=d:\steamgame\steamapps\common\alien swarm\swarm.exe |
"{B9227467-DF85-4ED4-A4FF-3234E0E04C96}" = protocol=17 | dir=in | app=d:\games\star wars-the old republic\launcher.exe |
"{BB430CF3-0201-42AC-AEE0-C8C9AAC2072E}" = protocol=6 | dir=in | app=c:\users\jirka\appdata\roaming\utorrent\utorrent.exe |
"{C4548144-9089-442F-8845-365074C06B9F}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 3 blood dragon\bin\fc3bdupdater.exe |
"{C89974DA-743A-4173-B11F-7E23137F0AF2}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{C985AC02-7E59-4186-8032-EE1249C10298}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CC83C6F9-1CDD-4609-8A46-70C5533E8D25}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 3 blood dragon\bin\fc3bdupdater.exe |
"{CC912CF3-B5BD-4F2E-AC66-8986FAFDEF91}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CE285E8E-6C7C-44FE-A383-B104AD2061A7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{CFEA7CED-B745-4569-BACD-8AFBAF702D39}" = protocol=17 | dir=in | app=d:\games\iam alive\iamalive_launcher.exe |
"{D00C2FAA-7948-4F8D-BB42-314BBCC1FBAB}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{D217FA0D-C846-4E54-8633-A20E81970A02}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D56C9BDF-1BBA-4072-BA32-2F12066B4215}" = protocol=6 | dir=in | app=d:\origingames\burnout paradise\burnoutconfigtool.exe |
"{D68F87EC-14C8-46B6-831B-51F6D062FDDA}" = protocol=17 | dir=in | app=d:\steamgame\steamapps\common\dota 2 beta\dota.exe |
"{D69DA359-93FE-48D6-9073-00A652FD0EE4}" = protocol=6 | dir=in | app=d:\steamgame\steamapps\common\dota 2 beta\dota.exe |
"{D71402F9-F7F6-41EC-87E4-A4ED7C238FCD}" = protocol=17 | dir=in | app=d:\origingames\burnout paradise\burnoutconfigtool.exe |
"{D8EE4E72-EFB2-4D23-98EC-C60632E2630F}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{DA7A5E03-2782-4A19-8645-D9B364722CA6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DBCE8A36-5ABF-415C-8386-8E78C7B07EEA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DD6C3227-6596-4A41-B647-2B86E9051A41}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{DEB3F890-192B-4AB0-AA01-D2AABE86289B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\source sdk base 2007\hl2.exe |
"{E3332CA9-3DAA-4070-A7BF-1A4C10417EF2}" = protocol=17 | dir=in | app=d:\origingames\burnout paradise\burnoutlauncher.exe |
"{E490A429-F772-47EE-856E-DFB738AE63DA}" = protocol=17 | dir=in | app=d:\games\ubisoft\james cameron's avatar - the game\bin\avatar.exe |
"{E4E4336F-CDB1-41E0-8EF1-AF428371559F}" = protocol=6 | dir=in | app=d:\origingames\burnout paradise\burnoutlauncher.exe |
"{E5FD67EE-960A-49D2-AA31-66B8BF7577DE}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{EE8F16B7-1405-46B1-9D63-13DB9FF83E5E}" = protocol=6 | dir=in | app=d:\games\iam alive\iamalive_launcher.exe |
"{EFF2A08D-0F3F-40CC-A122-584682AC31CA}" = protocol=6 | dir=in | app=d:\games\ubisoft\james cameron's avatar - the game\bin\avatar.exe |
"{F083F155-B05B-43D7-A024-0CDCADFF16EF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F2248A02-63E3-411D-B851-201654A12D5A}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{F6DB9D2A-EB26-4354-825C-F927C1E45D9A}" = protocol=17 | dir=in | app=d:\games\payday 2\payday2_win32_release.exe |
"{FBA60BA4-CE05-4173-A440-B3F07463C2E2}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{FD7A5F2E-FA0E-4963-A138-229693F556A9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\source sdk base 2007\hl2.exe |
"{FEE3635A-A8AB-4883-8194-D55BC5221477}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"TCP Query User{0C1345C6-DB43-4715-8B10-FB76EE1839AD}D:\games\far cry 3 blood dragon\bin\fc3_blooddragon.exe" = protocol=6 | dir=in | app=d:\games\far cry 3 blood dragon\bin\fc3_blooddragon.exe |
"TCP Query User{10AB529D-F9C4-4177-8221-C6402802D48B}D:\games\saints row iv\saintsrowiv.exe" = protocol=6 | dir=in | app=d:\games\saints row iv\saintsrowiv.exe |
"TCP Query User{12D623BC-056C-4FAF-96A4-621A15796186}C:\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe" = protocol=6 | dir=in | app=c:\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe |
"TCP Query User{136DB778-3965-45F9-B51A-323F1EE52AD3}D:\games\saints row the third\saintsrowthethird_dx11.exe" = protocol=6 | dir=in | app=d:\games\saints row the third\saintsrowthethird_dx11.exe |
"TCP Query User{27057C94-9345-4E2D-9CC2-49E93800ADF1}C:\Program Files\Java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{29B6593D-09B4-489B-9DD1-A8A80F9C24CF}C:\users\jirka\desktop\moje věci\instalace (hry & programy)\cube world + crack [cz]\server.exe" = protocol=6 | dir=in | app=c:\users\jirka\desktop\moje věci\instalace (hry & programy)\cube world + crack [cz]\server.exe |
"TCP Query User{2BE42041-1C56-4449-BEF4-0ECA36B9A93E}D:\steamgame\steamapps\common\dota 2 beta\dota.exe" = protocol=6 | dir=in | app=d:\steamgame\steamapps\common\dota 2 beta\dota.exe |
"TCP Query User{3B7B4FC9-BF46-4FE2-A892-FC3BE6E7BC95}C:\program files (x86)\steam\steamapps\warruncze\zombie panic! source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\warruncze\zombie panic! source\hl2.exe |
"TCP Query User{40B54739-722E-4F5E-9727-A59E2C4D0D9E}D:\origingames\deadspace\dead space.exe" = protocol=6 | dir=in | app=d:\origingames\deadspace\dead space.exe |
"TCP Query User{4CC6F57A-B360-41A9-8E07-9A615B9E8681}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{5DB1B639-EBAC-4BE3-9594-CCA64E8E50ED}D:\steamgame\steamapps\common\garrysmod\hl2.exe" = protocol=6 | dir=in | app=d:\steamgame\steamapps\common\garrysmod\hl2.exe |
"TCP Query User{6C3D972C-499B-45BC-ABB2-874EB2186837}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{96E72F11-6868-488B-B393-3E56E76DF6A1}D:\steamgame\steamapps\common\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=d:\steamgame\steamapps\common\team fortress 2\hl2.exe |
"TCP Query User{97879889-87B2-4768-A461-D5CD518300A7}D:\steamgame\steamapps\common\alien swarm\swarm.exe" = protocol=6 | dir=in | app=d:\steamgame\steamapps\common\alien swarm\swarm.exe |
"TCP Query User{97CED84E-7CF7-45F3-BB66-0F6DFB299297}D:\origingames\crysis 2 maximum edition\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\origingames\crysis 2 maximum edition\bin32\crysis2.exe |
"TCP Query User{991072A3-5921-488B-850D-19F9F5256C84}D:\games\far cry 3\bin\farcry3.exe" = protocol=6 | dir=in | app=d:\games\far cry 3\bin\farcry3.exe |
"TCP Query User{BAB86601-344E-4C32-8480-89349307177D}D:\steamgame\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe" = protocol=6 | dir=in | app=d:\steamgame\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"TCP Query User{BEEDA8FF-1610-4F87-A7D0-147B387F20A2}D:\games\payday 2\payday2_win32_release.exe" = protocol=6 | dir=in | app=d:\games\payday 2\payday2_win32_release.exe |
"TCP Query User{C921C05A-24C7-4256-B37D-4A384F5A83C8}D:\steamgame\steamapps\common\cry of fear\cof.exe" = protocol=6 | dir=in | app=d:\steamgame\steamapps\common\cry of fear\cof.exe |
"TCP Query User{E1BA2128-3619-4BB5-8D3D-6C546C4BDECE}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{EC1E14C7-B8B2-4CAD-AB61-0DD4255CD5A1}D:\games\outlastoutlast\binaries\win64\olgame.exe" = protocol=6 | dir=in | app=d:\games\outlastoutlast\binaries\win64\olgame.exe |
"TCP Query User{ECCB9536-C163-4678-A61F-89D3440ECF44}D:\steamgame\steamapps\common\dead island\deadislandgame.exe" = protocol=6 | dir=in | app=d:\steamgame\steamapps\common\dead island\deadislandgame.exe |
"TCP Query User{F16DBFBD-185E-4ADD-B126-03D0CCD667AE}C:\hry\dead island riptide\deadislandgame_x86_rwdi.exe" = protocol=6 | dir=in | app=c:\hry\dead island riptide\deadislandgame_x86_rwdi.exe |
"TCP Query User{F1928866-E4A8-42C4-9174-B75DD31BAF8D}D:\games\dishonored\binaries\win32\dishonored.exe" = protocol=6 | dir=in | app=d:\games\dishonored\binaries\win32\dishonored.exe |
"UDP Query User{01B16925-9031-44D7-B71C-E9A9AAE780B7}D:\games\far cry 3\bin\farcry3.exe" = protocol=17 | dir=in | app=d:\games\far cry 3\bin\farcry3.exe |
"UDP Query User{077D2647-1C42-4DE0-9B79-AA60C4A4AE59}C:\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe" = protocol=17 | dir=in | app=c:\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe |
"UDP Query User{0C41D126-7114-4933-BDB3-B31B4898E23F}D:\origingames\deadspace\dead space.exe" = protocol=17 | dir=in | app=d:\origingames\deadspace\dead space.exe |
"UDP Query User{1ECCD554-4899-4CF7-921D-BDA58AA9462B}D:\games\saints row the third\saintsrowthethird_dx11.exe" = protocol=17 | dir=in | app=d:\games\saints row the third\saintsrowthethird_dx11.exe |
"UDP Query User{32DB7C5B-7390-4F4D-B043-458BA591B223}D:\steamgame\steamapps\common\cry of fear\cof.exe" = protocol=17 | dir=in | app=d:\steamgame\steamapps\common\cry of fear\cof.exe |
"UDP Query User{36449BE4-5E78-4AFD-A015-ABAA3DBC6C77}C:\Program Files\Java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{3789764B-801A-48D4-A64F-BD4C77541CC3}D:\games\dishonored\binaries\win32\dishonored.exe" = protocol=17 | dir=in | app=d:\games\dishonored\binaries\win32\dishonored.exe |
"UDP Query User{47FA6B23-423D-4284-AECA-71A68312DCFA}D:\steamgame\steamapps\common\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=d:\steamgame\steamapps\common\team fortress 2\hl2.exe |
"UDP Query User{4DEDCEC7-713D-42EA-8A72-7B13A19745CF}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{53585B4A-3CDD-4073-AD13-C73A81F96A39}C:\hry\dead island riptide\deadislandgame_x86_rwdi.exe" = protocol=17 | dir=in | app=c:\hry\dead island riptide\deadislandgame_x86_rwdi.exe |
"UDP Query User{5971BC41-7527-4299-9F13-17CF9D5927E7}D:\games\far cry 3 blood dragon\bin\fc3_blooddragon.exe" = protocol=17 | dir=in | app=d:\games\far cry 3 blood dragon\bin\fc3_blooddragon.exe |
"UDP Query User{68CAF58B-E0B0-4AF3-BB86-2B27A067F2C8}C:\program files (x86)\steam\steamapps\warruncze\zombie panic! source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\warruncze\zombie panic! source\hl2.exe |
"UDP Query User{94992060-3C50-4B5A-8FC9-F7894BEB1B92}D:\steamgame\steamapps\common\dead island\deadislandgame.exe" = protocol=17 | dir=in | app=d:\steamgame\steamapps\common\dead island\deadislandgame.exe |
"UDP Query User{96AA71DD-604B-496B-8DF1-6B44F3720ADE}D:\origingames\crysis 2 maximum edition\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\origingames\crysis 2 maximum edition\bin32\crysis2.exe |
"UDP Query User{99AAB253-9816-4449-8D29-26D67824AEA4}D:\steamgame\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe" = protocol=17 | dir=in | app=d:\steamgame\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"UDP Query User{9C9BEF10-5B24-4D65-8FD8-A961A2EBB4AF}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{A0BDF026-2358-47D4-87C9-BA982D67E03A}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{AF3366B0-B1EC-4EA8-B5BC-F3E79809B571}D:\games\payday 2\payday2_win32_release.exe" = protocol=17 | dir=in | app=d:\games\payday 2\payday2_win32_release.exe |
"UDP Query User{B72FFCB7-2257-4C83-8938-582403D07E7B}D:\games\saints row iv\saintsrowiv.exe" = protocol=17 | dir=in | app=d:\games\saints row iv\saintsrowiv.exe |
"UDP Query User{C0B758FC-A2FB-44F8-A59F-3E224D487F37}D:\steamgame\steamapps\common\alien swarm\swarm.exe" = protocol=17 | dir=in | app=d:\steamgame\steamapps\common\alien swarm\swarm.exe |
"UDP Query User{E25D7F91-A724-4083-91A3-8AAB26131BCB}D:\steamgame\steamapps\common\garrysmod\hl2.exe" = protocol=17 | dir=in | app=d:\steamgame\steamapps\common\garrysmod\hl2.exe |
"UDP Query User{E93EFB88-EF43-49AF-88B7-394EA606ADF0}D:\games\outlastoutlast\binaries\win64\olgame.exe" = protocol=17 | dir=in | app=d:\games\outlastoutlast\binaries\win64\olgame.exe |
"UDP Query User{E9648005-255D-4B7D-A9C7-E9C24DE987C6}C:\users\jirka\desktop\moje věci\instalace (hry & programy)\cube world + crack [cz]\server.exe" = protocol=17 | dir=in | app=c:\users\jirka\desktop\moje věci\instalace (hry & programy)\cube world + crack [cz]\server.exe |
"UDP Query User{F42812BD-8FE0-4D6E-8BAF-151A391E42B2}D:\steamgame\steamapps\common\dota 2 beta\dota.exe" = protocol=17 | dir=in | app=d:\steamgame\steamapps\common\dota 2 beta\dota.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E8670B8-3965-4930-ADA6-570348B67153}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{13417784-A359-3CDD-8DE1-B7108707D647}" = Visual Studio 2012 Prerequisites - ENU Language Pack
"{13D558FE-A863-402C-B115-160007277033}" = Microsoft SQL Server 2012 Express LocalDB
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2248B5A7-FBFD-3C23-3E77-F26F49FCF6CD}" = ccc-utility64
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{27EF252D-800C-ED42-9904-459FE0046225}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{2B997E80-3BEC-3222-9114-98DBE1182B2E}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{36E619BC-A234-4EC3-849B-779A7C865A45}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{3FA063D7-EDC1-AFA8-54AF-0563C7DEE070}" = Windows App Certification Kit Native Components
"{4701DEDE-1888-49E0-BAE5-857875924CA2}" = Microsoft SQL Server System CLR Types (x64)
"{49D665A2-4C2A-476E-9AB8-FCC425F526FC}" = Microsoft SQL Server 2012 Native Client
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{572E796D-C52B-3797-A685-2FB6F895D4BE}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{5FB4C443-6BD6-1514-2717-3827D65AE6FB}" = Windows Software Development Kit DirectX x64 Remote
"{61862D7C-CDBC-48D5-8AE1-3B8BD1E23BC5}" = Visual Studio 2012 Prerequisites
"{628BA046-3B9D-6E4E-CFDA-3E00177989E6}" = AMD Drag and Drop Transcoding
"{633AB014-DDE6-403E-A302-8920CC32C543}" = Microsoft Visual Studio 2012 Performance Collection Tools
"{68A48EF1-DF03-394F-AF40-1E4FE42BB8DD}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6F07A6C2-9068-3673-A120-DC10012468C6}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{751B0A43-3B58-12DE-2F5E-987F7C177FB1}" = AMD Accelerated Video Transcoding
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{78909610-D229-459C-A936-25D92283D3FD}" = Microsoft SQL Server Compact 4.0 SP1 x64 ENU
"{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}" = IIS 8.0 Express
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}" = Microsoft SQL Server 2012 Command Line Utilities
"{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb" = IIS Express Application Compatibility Database for x64
"{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}" = Microsoft Web Deploy 3.0
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service
"{D4DEB532-1003-D978-B678-D08A430CE548}" = AMD Catalyst Install Manager
"{D9F3D00D-E946-3B3D-A4A6-93D5020DB9F7}" = Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727
"{E2B8249D-895C-4685-8C83-00F3B1A13028}" = Microsoft Web Platform Installer 4.0
"{F1949145-EB64-4DE7-9D81-E6D27937146C}" = Microsoft System CLR Types for SQL Server 2012 (x64)
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{FA0A244E-F3C2-4589-B42A-3D522DE79A42}" = Microsoft SQL Server 2012 Management Objects (x64)
"{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb" = IIS Express Application Compatibility Database for x86
"{FE74AC04-F248-4641-B3A9-89C6AA4339CD}" = Microsoft Visual Studio 2012 Performance Collection Tools - ENU
"Creative VF0770" = Live! Cam Sync HD VF0770 Driver (1.00.02.00)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00EC8ABC-3C5A-40F8-A8CB-E7DCD5ABFA05}" = Microsoft NuGet - Visual Studio 2012
"{02213A81-CB13-7262-5ABE-1FFA2C75559F}" = Windows App Certification Kit x64
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A1A1D48-DB23-443A-BC7B-49255D138020}" = Entity Framework Designer for Visual Studio 2012 - enu
"{0BCC836F-0B28-4090-B58A-64883BAA3B2F}" = WCF Data Services 5.0 (for OData v3) Primary Components
"{0F1436F8-902B-5134-3613-32CB0A84883E}" = CCC Help Polish
"{148878BD-A2A5-4CF1-A103-2BA632F41953}" = WCF Data Services Tools for Microsoft Visual Studio 2012
"{1690CE56-2231-4E59-9006-A0876D949EA8}" = Tools for .Net 3.5
"{16DD6E8B-E10B-4B6D-BC2D-B2BF631094F2}" = Microsoft Visual Studio 2012 Preparation
"{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}" = Microsoft Silverlight 4 SDK
"{1948E039-EC79-4591-951D-9867A8C14C90}" = Microsoft .NET Framework 4.5 SDK
"{1B9BBB23-65CB-3AEE-BFC6-633E7CA299FD}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU
"{1C163D33-33B3-33EB-A617-0D4D852BE8E1}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727
"{1DB43E5A-2F24-4F51-92B0-A2C0EBF5C742}" = Microsoft Report Viewer Add-On for Visual Studio 2012
"{1F8E06E2-BA93-40DC-B183-E024CBD853A8}" = Microsoft Visual C++ 2012 Compilers
"{20fc1ec7-3058-48d4-80f8-e1cfd52391c7}" = Microsoft Visual Studio Professional 2012
"{23176E97-26CB-C72A-19EB-BFB21AC1D15A}" = Windows Software Development Kit DirectX x86 Remote
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{29F259D7-C517-3EED-84B4-237573CFD39C}" = Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries
"{2C0CC01A-DDBC-3AED-AF18-E741242FD727}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
"{2C76E3DA-BA76-4FAD-B1B1-72B46D639028}" = PreEmptive Analytics Visual Studio Components
"{2C82E097-694E-44ea-A947-2750679469CF}" = The Sims™ 2
"{2F6CE32A-018D-4656-895B-9E5E20D7740A}" = Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{330E5D98-20D2-4CA4-AE51-FCB8AA80F634}" = Microsoft Visual Studio 2012 Devenv
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{372D17F6-A54E-4A01-B264-1314890FFE61}" = Dotfuscator and Analytics Community Edition
"{38FC6E9A-F719-431A-A83D-4C86D5FD6555}" = Microsoft Visual Studio 2012 Shell (Minimum) Resources
"{3A523AF9-D32F-4C85-8388-0335731F3405}" = WCF RIA Services V1.0 SP2
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B12.1025.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E9DFA00-AE49-D44F-AF6D-2FCD4D62EC4F}" = CCC Help Russian
"{3FD5C4BA-C621-298E-65E1-3C9889850313}" = CCC Help French
"{42F61556-29ED-8122-F39E-6F04EA5FF279}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.1121.1
"{46FBF49D-FEA1-5AF5-7C03-D7285BCD02EF}" = CCC Help Greek
"{477EA3EC-5894-8C12-2050-CAAD2FFDA493}" = CCC Help English
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{52B1448F-B22F-5888-61FC-9EB0978F901C}" = Catalyst Control Center Localization All
"{532DBCC8-9468-435C-AEF6-30B7F50735A2}" = Blend for Visual Studio 2012 ENU resources
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57D782D7-49FD-48DE-AB47-A690A1519A2D}" = Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools
"{57F20F04-014D-453F-B6A3-AE9485C4DFAB}" = Blend for Visual Studio 2012
"{59D87F40-6C4B-4F80-A42B-FAA0E6EAFAB6}" = Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools
"{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{5D7BD461-6826-9B86-4D08-89C6AAA27CC7}" = CCC Help Turkish
"{5E8550AD-6C16-45FB-4DF3-FED15B175DB0}" = CCC Help Dutch
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{60D5EF2A-4E0C-2C30-38F6-59C26E134F4A}" = Windows Software Development Kit
"{62952508-8C6F-4D31-9802-099FC67B41C3}" = I Am Alive
"{63026099-C53A-765A-3188-7A6D327BD650}" = CCC Help Spanish
"{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}" = Microsoft ASP.NET Web Pages
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{654DCA89-32D7-4CE0-D45A-40805711726C}" = CCC Help Swedish
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6D6D43E5-218C-4B05-92D3-2240810F4760}" = Microsoft SQL Server 2012 T-SQL Language Service
"{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{6F066545-40A2-4C38-A8F7-78581CC5C442}" = Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools
"{6F18F9D2-FF95-B5D7-4930-8097B38437D2}" = CCC Help Norwegian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{731C183B-86A0-3442-BE55-68A7C92581E9}" = Microsoft Visual C++ 2012 Extended Libraries
"{7437A4B9-314F-3B8F-827B-22909146E471}" = Microsoft LightSwitch for Visual Studio 2012 Core
"{7451FD2D-1A23-4E67-92CD-8EDDD1846917}" = AVG PC TuneUp Language Pack (de-DE)
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{790E9425-8570-493F-9AE7-81AFC9E46930}" = Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00)
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR(tm): THE GAME
"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{80B6AC7C-B97E-573A-83C0-764AE4836147}" = CCC Help Hungarian
"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{847CAE64-4CD2-4B2D-AF00-978FF5431029}" = Nero 7 Ultra Edition
"{89B4532E-19CE-4FA9-9692-10BFD5A38532}" = Visual Studio Extensions for Windows Library for JavaScript
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUS_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUS_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0405-1000-0000000FF1CE}_Office14.PROPLUS_{AB90513B-B892-41B5-8F8B-1D356A449652}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUS_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUS_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUS_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9169C939-ED01-446A-BD0C-29873BAF4E48}" = Prerequisites for SSDT
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{93489CA8-6656-33A0-A5AC-E0EDEDB17C3E}" = Microsoft Visual Studio Professional 2012
"{942CC691-5B98-42A3-8BC5-A246BA69D983}" = Microsoft ASP.NET MVC 4 Runtime
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99A016E1-0840-43AE-8434-A18CEDFA833B}" = LogMeIn Hamachi
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A044FD78-A618-A2C3-6BE1-493F0DEC11EB}" = CCC Help German
"{A071F478-73E0-4143-AE55-4DD6BABD74F5}" = Far Cry 3 Blood Dragon
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A1BB7D32-018E-ABBD-E6CC-1F5B550CAE20}" = CCC Help Portuguese
"{A3A6D5EA-B6B5-3C05-BDA8-EAB99C09CDDC}" = Microsoft Visual Studio 2012 SharePoint Developer Tools
"{A4366F69-CE22-4DB7-9C8C-46A5845AF997}" = Microsoft Visual C++ 2012 Compilers - ENU Resources
"{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}" = Microsoft SQL Server System CLR Types
"{A667118C-FF91-2ADD-8F31-7440F9E34823}" = CCC Help Czech
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.5 - Czech
"{AD1AEE2A-D9C0-3FAC-8D6B-B5E07B47257B}" = Microsoft Visual C++ 2012 Core Libraries
"{B1465D1D-6427-4CA1-AE29-8B699209E663}" = Microsoft Visual Studio 2012 Devenv Resources
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B5DA9D49-9BD8-0F2F-52FC-C7E66BC8D944}" = LocalESPCui for en-us
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6EFE631-7B05-2119-43D2-B3028C19AAC5}" = CCC Help Italian
"{B9524F8B-B927-6DFC-6AE1-A70B720054E6}" = Catalyst Control Center InstallProxy
"{B96FCD4F-6EDD-4258-8A6D-0FCEA8445E3E}" = Microsoft Web Developer Tools - Visual Studio 2012
"{B9F35D86-242E-3FA4-B9F8-A982E0DF918D}" = Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack
"{BAD0254F-9BDB-3D14-A5AC-9C0EF51F3D09}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - enu
"{BDBE5D2A-AAB7-77BD-7A0E-5006665CE7C6}" = LocalESPC
"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C2872E18-8799-44A3-B6BD-AC535F1982A6}_is1" = Outlast version 1.0.0.
"{C2D4CD4A-AE20-40B3-8726-8ED1C03E8C15}" = Google Drive
"{C4757EB4-D705-12A9-FCB8-EDFAEE190C90}" = CCC Help Chinese Standard
"{C4CAD994-6EA2-3121-8352-DA593150B322}" = Microsoft Portable Library Multi-Targeting Pack
"{C72D7008-266D-4DD8-BF3C-296B736127F6}" = Mafia
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"{C812D34C-977E-CB4A-8AE0-3AEDD31B83FD}" = CCC Help Japanese
"{C81452EB-CBCF-B8EB-3124-48C5B3D506B0}" = Windows Runtime Intellisense Content - en-us
"{CA980191-C880-46B2-87B8-A2C71656AD3F}" = IObit Apps Toolbar v7.6
"{CFAB3721-549D-4827-A4E8-7F90192114AB}" = Battlefield 4™ Beta
"{CFB6425C-903A-1905-1CF3-93902CEFFEBC}" = CCC Help Chinese Traditional
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFFDC0EC-6924-3347-B047-13339EDBEC28}" = Microsoft Visual Studio Professional 2012 - ENU
"{D0FAADCA-5006-995B-105F-AA74C449EC9F}" = CCC Help Thai
"{D11F66FF-82B3-DDB8-1146-525370552BE1}" = Windows Software Development Kit for Windows Store Apps
"{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}" = AVG PC TuneUp
"{D26625B4-9B77-885C-D371-C841EC9C252B}" = CCC Help Finnish
"{D4329609-4102-4F8C-B83F-7FE024EEA314}" = Dead Space™ 3
"{D48C13A9-21B1-A0E4-277C-C1B770DF45CB}" = CCC Help Danish
"{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}" = Microsoft SQL Server 2012 Management Objects
"{DBE19556-18D2-D43B-479A-FC1E3202D560}" = CCC Help Korean
"{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}" = Microsoft ASP.NET MVC 3
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E0272F7D-99D8-D8AA-83B9-C55A3470F1D1}" = Catalyst Control Center
"{E1FBB3D4-ADB0-4949-B101-855DA061C735}" = Microsoft Silverlight 5 SDK
"{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}" = Microsoft System CLR Types for SQL Server 2012
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E4ADE757-7FE9-322D-9CAE-C77D77A2D2BF}" = Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU
"{E4C33F5B-1B2F-466E-957E-B274F08151A0}" = Microsoft Web Deploy dbSqlPackage Provider - enu
"{E818AE7C-244B-4A50-9C86-C0E4A8B69159}" = Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.174
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA804794-2CCB-4301-954F-2C2894698876}" = Microsoft SQL Server Data Tools - enu (11.1.20627.00)
"{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{FBBC8076-BB21-4E06-9FA0-309AEF6E35EE}" = Microsoft ASP.NET Web Pages 2 Runtime
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"Amnesia - A Machine for Pigs_is1" = Amnesia - A Machine for Pigs verzia 1.0
"AstrumNival Allods" = Allods Online 4.0.02.43
"avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"Bioshock 2 CZ 1.00" = Bioshock 2 CZ 1.00
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Counter-Strike: Source" = Counter-Strike: Source
"Creative Live! Central 2" = Creative Live! Central 3
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Crossfire Europe" = Crossfire Europe
"DAEMON Tools Lite" = DAEMON Tools Lite
"Deadpool_is1" = Deadpool
"Dishonored_is1" = Dishonored v1.0u2
"ESN Sonar-0.70.4" = ESN Sonar
"Far Cry 3_is1" = Far Cry 3 v1.01
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"Hitman Absolution_is1" = Hitman Absolution v1.0.446.0
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.1121.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"League of Legends 3.0.1" = League of Legends
"LogMeIn Hamachi" = LogMeIn Hamachi
"Metro Last Light_is1" = Metro Last Light
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Minecraft1.6.2" = Minecraft1.6.2
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 12.16.1860" = Opera 12.16
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Rich Media Player" = Rich Media Player
"Saints Row The Third_is1" = Saints Row The Third
"Smart Defrag 2_is1" = Smart Defrag 2
"Steam App 113200" = The Binding of Isaac
"Steam App 113400" = APB Reloaded
"Steam App 17480" = Command and Conquer: Red Alert 3
"Steam App 17500" = Zombie Panic Source
"Steam App 203160" = Tomb Raider
"Steam App 35720" = Trine 2
"Steam App 4000" = Garry's Mod
"Steam App 440" = Team Fortress 2
"Steam App 4500" = S.T.A.L.K.E.R.: Shadow of Chernobyl
"Steam App 570" = Dota 2
"Steam App 630" = Alien Swarm
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8870" = BioShock Infinite
"Steam App 91310" = Dead Island
"SysInfo" = Creative System Information
"The KMPlayer" = The KMPlayer (remove only)
"U2FpbnRzUm93SVY=_is1" = Saints Row IV
"Uplay" = Uplay
"WinRAR archiver" = WinRAR 4.01 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2557346633-3743950059-13786957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 26.9.2013 16:12:40 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Game.exe, verze: 1.0.0.0, časové razítko:
0x72454562 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00000000 ID chybujícího procesu: 0x103c Čas spuštění
chybující aplikace: 0x01cebaf4b621dc5f Cesta k chybující aplikaci: D:\Games\Cenega
Czech\Mafia\Game.exe Cesta k chybujícímu modulu: unknown ID zprávy: fe686535-26e7-11e3-8efa-94de80777c5c

Error - 28.9.2013 11:46:16 | Computer Name = Jirka-PC | Source = PandoraService.exe | ID = 0
Description =

Error - 30.9.2013 12:18:40 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Game.exe, verze: 1.0.0.0, časové razítko:
0x72454562 Název chybujícího modulu: LS3DF.dll, verze: 0.0.0.0, časové razítko:
0x3ef851b2 Kód výjimky: 0xc0000005 Posun chyby: 0x0005ac2e ID chybujícího procesu:
0x15d0 Čas spuštění chybující aplikace: 0x01cebdeeabb0d01f Cesta k chybující aplikaci:
D:\Games\Mafia\Game.exe Cesta k chybujícímu modulu: D:\Games\Mafia\LS3DF.dll ID zprávy:
f727cb6f-29eb-11e3-8e5c-94de80777c5c

Error - 30.9.2013 12:18:43 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Game.exe, verze: 1.0.0.0, časové razítko:
0x72454562 Název chybujícího modulu: LS3DF.dll, verze: 0.0.0.0, časové razítko:
0x3ef851b2 Kód výjimky: 0xc0000005 Posun chyby: 0x0005ac4b ID chybujícího procesu:
0x15d0 Čas spuštění chybující aplikace: 0x01cebdeeabb0d01f Cesta k chybující aplikaci:
D:\Games\Mafia\Game.exe Cesta k chybujícímu modulu: D:\Games\Mafia\LS3DF.dll ID zprávy:
f923a2de-29eb-11e3-8e5c-94de80777c5c

Error - 1.10.2013 13:26:30 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: bf4.exe, verze: 1.0.0.0, časové razítko:
0x5242fdca Název chybujícího modulu: bf4.exe, verze: 1.0.0.0, časové razítko: 0x5242fdca
Kód
výjimky: 0xc0000005 Posun chyby: 0x000000000075202e ID chybujícího procesu: 0x1bcc
Čas
spuštění chybující aplikace: 0x01cebec7e4a6e58d Cesta k chybující aplikaci: D:\OriginGames\Battlefield
4 Beta\bf4.exe Cesta k chybujícímu modulu: D:\OriginGames\Battlefield 4 Beta\bf4.exe
ID
zprávy: 9b655317-2abe-11e3-8eba-94de80777c5c

Error - 2.10.2013 14:38:09 | Computer Name = Jirka-PC | Source = Application Hang | ID = 1002
Description = Program KMPlayer.exe verze 3.7.0.109 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
161c Čas spuštění: 01cebf9d94d6c214 Čas ukončení: 4 Cesta k aplikaci: C:\PROGRA~2\THEKMP~1\KMPlayer.exe

ID
hlášení:

Error - 3.10.2013 15:42:45 | Computer Name = Jirka-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: StikyNot.exe, verze: 6.1.7600.16385, časové
razítko: 0x4a5bca01 Název chybujícího modulu: StikyNot.exe, verze: 6.1.7600.16385,
časové razítko: 0x4a5bca01 Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000009f5c
ID
chybujícího procesu: 0x10c4 Čas spuštění chybující aplikace: 0x01cec0581d99e95b Cesta
k chybující aplikaci: C:\Windows\System32\StikyNot.exe Cesta k chybujícímu modulu:
C:\Windows\System32\StikyNot.exe ID zprávy: f9758c58-2c63-11e3-8874-94de80777c5c

Error - 5.10.2013 12:32:10 | Computer Name = Jirka-PC | Source = PandoraService.exe | ID = 0
Description =

Error - 5.10.2013 12:37:44 | Computer Name = Jirka-PC | Source = PandoraService.exe | ID = 0
Description =

Error - 5.10.2013 12:55:51 | Computer Name = Jirka-PC | Source = PandoraService.exe | ID = 0
Description =

[ System Events ]
Error - 5.10.2013 13:03:45 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 5.10.2013 13:03:45 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 5.10.2013 13:03:53 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 5.10.2013 13:03:53 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 5.10.2013 13:03:53 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 5.10.2013 13:08:51 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 5.10.2013 13:08:51 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 5.10.2013 13:08:51 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 5.10.2013 13:10:59 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

Error - 5.10.2013 13:10:59 | Computer Name = Jirka-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%1068

< End of report >

WarrunCz · #2 Příspěvek od **WarrunCz** » 05 říj 2013 19:53

OTL:

OTL logfile created on: 5.10.2013 19:04:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jirka\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,96 Gb Total Physical Memory | 6,41 Gb Available Physical Memory | 80,46% Memory free
15,92 Gb Paging File | 14,35 Gb Available in Paging File | 90,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 292,87 Gb Total Space | 105,85 Gb Free Space | 36,14% Space Free | Partition Type: NTFS
Drive D: | 638,54 Gb Total Space | 240,84 Gb Free Space | 37,72% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 117,15 Gb Free Space | 39,30% Space Free | Partition Type: NTFS

Computer Name: JIRKA-PC | User Name: Jirka | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.10.05 19:02:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTL.exe
PRC - [2013.10.03 08:03:07 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

========== Modules (No Company Name) ==========

MOD - [2013.10.03 08:03:05 | 000,415,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\ppgooglenaclpluginchrome.dll
MOD - [2013.10.03 08:03:03 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\pdf.dll
MOD - [2013.10.03 08:02:09 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\ffmpegsumo.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

========== Services (SafeList) ==========

SRV:64bit: - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013.02.15 23:05:32 | 000,240,640 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.04.20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2013.10.01 15:51:14 | 002,746,704 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013.09.30 01:59:32 | 000,076,888 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.09.28 02:35:00 | 000,565,672 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.09.23 16:57:12 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.09.02 13:00:36 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013.06.21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.04.18 16:58:08 | 000,574,272 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2013.02.04 18:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.09.28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) [Auto | Stopped] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2012.07.25 18:58:26 | 000,126,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2012.07.25 18:13:16 | 000,139,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2012.07.17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.06.25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.02.01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.08.30 15:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.10.05 12:23:35 | 000,314,016 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2013.10.05 12:23:34 | 000,043,680 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2013.08.30 09:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.08.30 09:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.08.30 09:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.08.30 09:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.08.30 09:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.08.30 09:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.08.30 09:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.08.30 09:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.07.09 02:10:08 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.07.09 02:10:08 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013.06.30 18:36:01 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.06.30 09:33:32 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013.05.22 18:49:32 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2013.02.15 23:57:18 | 011,638,272 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.02.15 22:38:14 | 000,578,560 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.02.14 13:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.10.25 09:01:20 | 000,022,680 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2012.07.19 11:14:28 | 000,110,744 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2012.07.02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.06.01 17:32:38 | 000,379,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\V0770Vid.sys -- (V0770Vid)
DRV:64bit: - [2012.05.20 18:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.05.20 18:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.05.20 18:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.02.01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.12.02 12:38:08 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011.09.05 10:28:16 | 000,178,176 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2013.10.05 18:33:03 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2013.10.05 18:32:56 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2013.06.29 21:56:36 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2012.07.13 16:13:14 | 000,070,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys -- (VSPerfDrv110)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2557346633-3743950059-13786957-1000\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-2557346633-3743950059-13786957-1000\..\SearchScopes,DefaultScope = {9007AD32-C043-477C-8C30-6F60BFFD60EC}
IE - HKU\S-1-5-21-2557346633-3743950059-13786957-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-2557346633-3743950059-13786957-1000\..\SearchScopes\{9007AD32-C043-477C-8C30-6F60BFFD60EC}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-2557346633-3743950059-13786957-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@IObit.com/np_Asc_Plugin: C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll (IObit)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@richmediaplayer.com/nppluginrichmediaplayer: C:\Program Files (x86)\Mozilla Firefox\plugins\nppluginrichmediaplayer.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jirka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3DF4B26D-DB19-45DF-962A-6719D071245B}: C:\Users\Jirka\AppData\Local\Rich Media Player\BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}

[2013.03.12 10:27:46 | 000,093,976 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - Extension: YouTube = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: Skype Click to Call = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.12.0.13601_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_1\
CHR - Extension: Chrome In-App Payments service = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {FEB703F7-E7B2-4AB0-9566-87658AC70095} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [Live! Central 3] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [V0770Mon.exe] C:\Windows\V0770Mon.exe (Creative Technology Ltd.)
O4 - HKU\.DEFAULT..\Run: [Advanced SystemCare 6] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe (IObit)
O4 - HKU\S-1-5-18..\Run: [Advanced SystemCare 6] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe (IObit)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2557346633-3743950059-13786957-1000..\Run: [Advanced SystemCare 6] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-2557346633-3743950059-13786957-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-2557346633-3743950059-13786957-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2557346633-3743950059-13786957-1000..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-2557346633-3743950059-13786957-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-2557346633-3743950059-13786957-1000..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-21-2557346633-3743950059-13786957-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows.lnk = C:\Windows\SysWOW64\shutdown.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2557346633-3743950059-13786957-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - Reg Error: Key error. File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD57C826-BA1A-499F-8B86-B2FF3338AE13}: DhcpNameServer = 172.16.10.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{337c5512-e0ef-11e2-a325-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{337c5512-e0ef-11e2-a325-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Run.exe
O33 - MountPoints2\{ab97d54c-e0f5-11e2-a842-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ab97d54c-e0f5-11e2-a842-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084

========== Files/Folders - Created Within 30 Days ==========

[2013.10.05 19:02:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTL.exe
[2013.10.05 15:46:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Win down
[2013.10.03 19:02:16 | 000,000,000 | ---D | C] -- C:\Users\Jirka\Desktop\Žena v Černém
[2013.10.03 18:46:40 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\LogMeIn
[2013.10.03 18:46:40 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2013.10.02 19:58:21 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2013.10.02 19:58:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013.10.02 19:58:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013.10.01 18:44:50 | 000,000,000 | ---D | C] -- C:\Users\Jirka\Documents\Battlefield 4
[2013.09.30 01:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4™ Beta
[2013.09.28 18:14:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013.09.28 16:47:56 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\ftblauncher
[2013.09.28 15:48:19 | 000,000,000 | ---D | C] -- C:\Users\Jirka\.minecraft
[2013.09.26 18:02:55 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\fltk.org
[2013.09.26 18:02:55 | 000,000,000 | ---D | C] -- C:\ProgramData\fltk.org
[2013.09.26 17:09:01 | 000,000,000 | ---D | C] -- C:\Users\Jirka\Documents\Amnesia
[2013.09.26 14:43:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
[2013.09.25 16:46:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.09.25 16:42:16 | 001,034,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.09.25 16:42:16 | 000,916,456 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.09.25 16:42:16 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.09.25 16:42:12 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.09.25 16:42:12 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.09.25 16:42:12 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.09.25 16:42:06 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.09.25 16:03:50 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\Introversion
[2013.09.25 15:44:36 | 000,032,600 | ---- | C] (IObit) -- C:\Windows\SysNative\SmartDefragBootTime.exe
[2013.09.20 15:42:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013.09.13 15:58:08 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.09.13 15:58:07 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.09.13 15:58:07 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.09.13 15:58:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.09.13 15:58:07 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.09.13 15:58:07 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.09.13 15:58:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.09.13 15:58:06 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.09.13 15:58:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.09.13 15:58:06 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.09.13 15:58:06 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.09.13 15:58:05 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.09.13 15:58:05 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.09.13 15:58:05 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.09.13 15:58:04 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.09.13 15:46:38 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2013.09.13 15:46:35 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.09.13 15:46:35 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.09.13 15:46:35 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.09.13 15:46:35 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.09.13 15:46:35 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.09.13 15:46:35 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.09.13 15:46:34 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.09.13 15:46:34 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.09.13 15:46:34 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.09.13 15:46:34 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.09.13 15:46:34 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.09.13 15:46:34 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.09.13 15:46:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.09.13 15:46:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.09.13 15:46:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.09.13 15:46:34 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.09.13 15:46:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.09.13 15:46:34 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.09.13 15:46:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.09.13 15:46:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.13 15:46:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.13 15:46:34 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.13 15:46:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.13 15:46:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.13 15:46:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.09.13 15:46:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.09.13 15:46:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.09.13 15:46:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.13 15:46:34 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.09.13 15:46:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.09.13 15:46:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.09.13 15:46:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.09.13 15:46:33 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.09.13 15:46:33 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2013.09.13 15:46:33 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.09.13 15:46:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.13 15:46:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.09.13 15:46:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.09.13 15:46:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.13 15:46:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.09.13 15:46:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.13 15:46:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.13 15:46:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.13 15:46:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.13 15:46:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.13 15:46:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.13 15:46:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.09.13 15:46:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.09.13 15:46:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.13 15:46:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.13 15:46:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.09.13 15:46:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.09.13 15:46:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.09.13 15:46:09 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.09.13 15:30:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.09.13 15:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.09.13 15:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.09.12 20:45:02 | 000,000,000 | ---D | C] -- C:\Users\Jirka\Documents\Battlefield 3
[2013.09.12 20:43:47 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\ESN
[2013.09.12 20:43:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2013.09.12 17:18:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PANDORATV
[2013.09.12 17:18:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PANDORA.TV
[2013.09.12 17:18:44 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[2013.09.12 17:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The KMPlayer
[2013.09.11 14:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Apps Toolbar
[2013.09.11 14:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2013.09.10 16:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
[2013.09.09 18:04:48 | 000,000,000 | ---D | C] -- C:\Users\Jirka\Documents\Visual Studio 2012
[2013.09.09 18:03:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK
[2013.09.09 18:03:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 4 SDK
[2013.09.09 18:02:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2013.09.09 18:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Verifier
[2013.09.09 18:02:13 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2013.09.09 18:02:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows App Certification Kit
[2013.09.09 18:01:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
[2013.09.09 18:01:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft
[2013.09.09 18:01:36 | 000,000,000 | ---D | C] -- C:\ProgramData\PreEmptive Solutions
[2013.09.09 18:00:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2013.09.09 18:00:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Web Tools
[2013.09.09 18:00:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2013.09.09 17:59:50 | 000,000,000 | ---D | C] -- C:\Program Files\IIS Express
[2013.09.09 17:59:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IIS Express
[2013.09.09 17:59:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NuGet
[2013.09.09 17:59:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WCF Data Services
[2013.09.09 17:59:35 | 000,000,000 | ---D | C] -- C:\Program Files\IIS
[2013.09.09 17:59:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IIS
[2013.09.09 17:58:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Kits
[2013.09.09 17:56:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTML Help Workshop
[2013.09.09 17:56:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Help Viewer
[2013.09.09 17:56:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033
[2013.09.09 17:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2013.09.09 17:56:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2013.09.09 17:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules
[2013.09.09 17:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
[2013.09.09 17:53:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 11.0
[2013.09.09 17:53:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\1033
[2013.09.09 17:53:48 | 000,000,000 | ---D | C] -- C:\Windows\symbols
[2013.09.09 17:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 11.0
[2013.09.09 17:53:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2013.09.09 17:40:14 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2013.09.09 17:40:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013.09.07 15:22:15 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\PAYDAY 2
[2013.09.05 21:13:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Absolution

========== Files - Modified Within 30 Days ==========

[2013.10.05 19:02:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jirka\Desktop\OTL.exe
[2013.10.05 19:01:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.10.05 19:01:29 | 2116,947,967 | -HS- | M] () -- C:\hiberfil.sys
[2013.10.05 19:00:18 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.10.05 18:59:55 | 000,000,200 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013.10.05 18:57:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.10.05 18:45:09 | 000,019,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.10.05 18:45:09 | 000,019,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.10.05 18:33:03 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2013.10.05 18:33:03 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2013.10.05 18:32:56 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2013.10.05 18:10:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.10.05 14:06:39 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\spu_storage.bin
[2013.10.05 12:23:35 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2013.10.05 12:23:34 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2013.10.05 12:15:21 | 000,027,346 | ---- | M] () -- C:\Users\Jirka\Desktop\Matika.jpg
[2013.10.05 00:11:32 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.10.02 19:58:14 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2013.10.01 20:29:20 | 719,550,464 | R--- | M] () -- C:\Users\Jirka\Desktop\Pirati Ze Sillicon Valley CZ.avi
[2013.10.01 20:08:23 | 010,696,140 | ---- | M] () -- C:\Users\Jirka\Desktop\ProleteR April Showers.mp3
[2013.09.30 17:10:01 | 186,257,876 | ---- | M] () -- C:\Users\Jirka\Desktop\Cosa_Nostra_mod.rar
[2013.09.30 16:56:40 | 056,080,141 | ---- | M] () -- C:\Users\Jirka\Desktop\watershadermod.rar
[2013.09.30 16:54:57 | 040,050,995 | ---- | M] () -- C:\Users\Jirka\Desktop\The Lost Heaven 1932 v1.2.rar
[2013.09.30 16:50:15 | 034,143,756 | ---- | M] () -- C:\Users\Jirka\Desktop\ride_to_hell.rar
[2013.09.30 16:45:56 | 015,528,285 | ---- | M] () -- C:\Users\Jirka\Desktop\J.M.Pack.rar
[2013.09.30 16:44:48 | 000,001,198 | ---- | M] () -- C:\Users\Jirka\Desktop\savegame_autos.zip
[2013.09.30 16:42:16 | 007,347,568 | ---- | M] () -- C:\Users\Jirka\Desktop\The_Mafia_TreeS_project_v3.0.rar
[2013.09.30 16:42:00 | 017,031,804 | ---- | M] () -- C:\Users\Jirka\Desktop\shooting_rooms_mod.rar
[2013.09.30 16:40:06 | 005,450,727 | ---- | M] () -- C:\Users\Jirka\Desktop\NaDr_road.rar
[2013.09.30 01:59:37 | 000,281,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.09.30 01:59:33 | 000,281,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.09.30 01:59:32 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.09.28 20:51:04 | 000,290,184 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.09.28 18:15:00 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013.09.28 16:50:50 | 004,929,628 | ---- | M] () -- C:\Users\Jirka\Desktop\=3.gif
[2013.09.28 15:10:50 | 001,584,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.09.28 15:10:50 | 000,668,866 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.09.28 15:10:50 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.09.28 15:10:50 | 000,141,526 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.09.28 15:10:50 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.09.28 00:13:03 | 000,009,216 | ---- | M] () -- C:\Users\Jirka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.09.26 16:55:18 | 000,000,020 | ---- | M] () -- C:\Windows\level.ini
[2013.09.25 16:42:07 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.09.25 16:42:07 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.09.25 16:42:07 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.09.25 16:42:07 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.09.25 16:42:07 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.09.25 16:42:07 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.09.25 15:44:25 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2013.09.23 16:57:11 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.09.23 16:57:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.09.19 15:58:17 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013.09.18 18:38:08 | 001,559,268 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.09.14 14:50:55 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.09.13 22:22:37 | 000,419,056 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.09.09 17:44:04 | 000,001,200 | ---- | M] () -- C:\Users\Public\Desktop\Uninstaller.lnk
[2013.09.09 17:44:04 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 6.lnk
[2013.09.07 16:45:40 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

========== Files Created - No Company Name ==========

[2013.10.05 15:46:41 | 000,002,510 | ---- | C] () -- C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows.lnk
[2013.10.05 12:23:35 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2013.10.05 12:23:34 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2013.10.05 12:15:20 | 000,027,346 | ---- | C] () -- C:\Users\Jirka\Desktop\Matika.jpg
[2013.10.01 20:07:49 | 010,696,140 | ---- | C] () -- C:\Users\Jirka\Desktop\ProleteR April Showers.mp3
[2013.09.30 16:44:48 | 000,001,198 | ---- | C] () -- C:\Users\Jirka\Desktop\savegame_autos.zip
[2013.09.30 16:41:48 | 034,143,756 | ---- | C] () -- C:\Users\Jirka\Desktop\ride_to_hell.rar
[2013.09.30 16:41:46 | 040,050,995 | ---- | C] () -- C:\Users\Jirka\Desktop\The Lost Heaven 1932 v1.2.rar
[2013.09.30 16:41:43 | 186,257,876 | ---- | C] () -- C:\Users\Jirka\Desktop\Cosa_Nostra_mod.rar
[2013.09.30 16:41:40 | 056,080,141 | ---- | C] () -- C:\Users\Jirka\Desktop\watershadermod.rar
[2013.09.30 16:40:13 | 015,528,285 | ---- | C] () -- C:\Users\Jirka\Desktop\J.M.Pack.rar
[2013.09.30 16:40:06 | 007,347,568 | ---- | C] () -- C:\Users\Jirka\Desktop\The_Mafia_TreeS_project_v3.0.rar
[2013.09.30 16:39:04 | 005,450,727 | ---- | C] () -- C:\Users\Jirka\Desktop\NaDr_road.rar
[2013.09.30 16:38:29 | 017,031,804 | ---- | C] () -- C:\Users\Jirka\Desktop\shooting_rooms_mod.rar
[2013.09.30 16:26:52 | 719,550,464 | R--- | C] () -- C:\Users\Jirka\Desktop\Pirati Ze Sillicon Valley CZ.avi
[2013.09.28 18:14:43 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2013.09.28 18:14:43 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013.09.28 16:50:50 | 004,929,628 | ---- | C] () -- C:\Users\Jirka\Desktop\=3.gif
[2013.09.26 15:05:39 | 000,000,020 | ---- | C] () -- C:\Windows\level.ini
[2013.09.25 15:44:26 | 000,017,720 | ---- | C] () -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys
[2013.09.09 18:00:05 | 000,002,059 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Web Platform Installer.lnk
[2013.08.23 20:42:34 | 000,009,216 | ---- | C] () -- C:\Users\Jirka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.08.12 17:34:31 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2013.08.10 18:03:55 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2013.07.22 22:21:06 | 000,005,120 | ---- | C] () -- C:\Windows\SysWow64\BReWErS.dll
[2013.07.18 20:40:52 | 000,281,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.07.18 20:40:39 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.06.30 21:43:28 | 000,007,605 | ---- | C] () -- C:\Users\Jirka\AppData\Local\Resmon.ResmonCfg
[2013.06.29 22:00:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.06.29 21:59:02 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.06.29 21:59:02 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.06.29 21:59:02 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013.06.29 21:54:58 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2013.06.29 21:47:53 | 001,559,268 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.06.29 21:44:03 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2013.06.29 21:27:59 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012.11.27 00:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.04.20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\eventlog.dll /s /md5 >

< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< %SYSTEMDRIVE%\sceclt.dll /s /md5 >

< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >

< %SYSTEMDRIVE%\logevent.dll /s /md5 >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >
[2012.02.01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) MD5=D1753C06EE17E29352B065EACF3F10D0 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_amd64_neutral_4b6764daf5ce9174\iaStor.sys

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

< %SYSTEMDRIVE%\viamraid.sys /s /md5 >

< %SYSTEMDRIVE%\nvata.sys /s /md5 >

< End of report >

#3 Příspěvek od **motji** » 05 říj 2013 20:38

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

WarrunCz · #4 Příspěvek od **WarrunCz** » 05 říj 2013 21:04

Tady je log
ComboFix 13-10-04.02 - Jirka 05.10.2013 22:10:38.2.4 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8153.6226 [GMT 2:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-05 do 2013-10-05 )))))))))))))))))))))))))))))))
.
.
2013-10-05 20:12 . 2013-10-05 20:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-05 16:54 . 2013-10-05 16:54 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3A31D2D5-432E-4A48-8D91-1ACBC9B9E823}\offreg.dll
2013-10-05 13:46 . 2013-10-05 16:22 -------- d-----w- c:\program files (x86)\Win down
2013-10-05 10:23 . 2013-10-05 10:23 314016 ----a-w- c:\windows\system32\drivers\atksgt.sys
2013-10-05 10:23 . 2013-10-05 10:23 43680 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2013-10-04 14:07 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3A31D2D5-432E-4A48-8D91-1ACBC9B9E823}\mpengine.dll
2013-10-03 16:46 . 2013-10-03 16:46 -------- d-----w- c:\users\Jirka\AppData\Local\LogMeIn
2013-10-03 16:46 . 2013-10-03 16:46 -------- d-----w- c:\programdata\LogMeIn
2013-10-02 17:58 . 2009-03-18 16:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2013-10-02 17:58 . 2013-10-02 17:58 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-09-28 14:47 . 2013-09-28 15:13 -------- d-----w- c:\users\Jirka\AppData\Roaming\ftblauncher
2013-09-28 13:48 . 2013-09-28 13:48 -------- d-----w- c:\users\Jirka\.minecraft
2013-09-26 16:02 . 2013-09-26 16:02 -------- d-----w- c:\users\Jirka\AppData\Roaming\fltk.org
2013-09-26 16:02 . 2013-09-26 16:02 -------- d-----w- c:\programdata\fltk.org
2013-09-26 12:41 . 2013-09-26 12:41 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2013-09-26 12:41 . 2002-12-05 12:12 692224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2013-09-26 12:41 . 2002-12-05 12:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2013-09-26 12:41 . 2002-12-02 13:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-09-26 12:41 . 2002-12-02 11:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2013-09-26 12:41 . 2002-12-02 11:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2013-09-26 12:41 . 2013-09-26 12:41 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2013-09-25 14:42 . 2013-09-25 14:42 916456 ----a-w- c:\windows\system32\deployJava1.dll
2013-09-25 14:42 . 2013-09-25 14:42 289768 ----a-w- c:\windows\system32\javaws.exe
2013-09-25 14:42 . 2013-09-25 14:42 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-09-25 14:42 . 2013-09-25 14:42 189416 ----a-w- c:\windows\system32\javaw.exe
2013-09-25 14:42 . 2013-09-25 14:42 188904 ----a-w- c:\windows\system32\java.exe
2013-09-25 14:42 . 2013-09-25 14:42 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-09-25 14:42 . 2013-09-25 14:42 -------- d-----w- c:\program files\Java
2013-09-25 14:03 . 2013-09-25 14:03 -------- d-----w- c:\users\Jirka\AppData\Local\Introversion
2013-09-25 13:44 . 2013-05-22 16:49 32600 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-09-25 13:44 . 2013-05-22 16:49 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-09-20 13:42 . 2013-09-20 13:42 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-09-13 13:29 . 2013-09-13 13:29 -------- d-----w- c:\program files\Microsoft Silverlight
2013-09-13 13:29 . 2013-09-13 13:29 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-09-12 18:43 . 2013-09-12 18:43 -------- d-----w- c:\users\Jirka\AppData\Local\ESN
2013-09-12 18:43 . 2013-09-29 23:59 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2013-09-12 15:18 . 2013-09-12 15:18 -------- d-----w- c:\program files (x86)\PANDORA.TV
2013-09-12 15:18 . 2013-10-05 14:09 -------- d-----w- c:\program files (x86)\The KMPlayer
2013-09-11 12:32 . 2013-09-11 12:32 -------- d-----w- c:\program files (x86)\IObit Apps Toolbar
2013-09-11 12:32 . 2013-09-11 12:32 -------- d-----w- c:\program files (x86)\Application Updater
2013-09-09 16:05 . 2013-09-09 19:40 2477216 ----a-w- c:\programdata\Microsoft\VisualStudio\11.0\1033\ResourceCache.dll
2013-09-09 16:02 . 2013-09-09 16:02 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-09-09 16:02 . 2013-09-09 16:02 -------- d-----w- c:\program files (x86)\Application Verifier
2013-09-09 16:02 . 2013-09-09 16:02 -------- d-----w- c:\program files\Application Verifier
2013-09-09 16:02 . 2013-09-09 16:02 -------- d-----w- c:\programdata\Windows App Certification Kit
2013-09-09 16:01 . 2013-09-09 16:01 -------- d-----w- c:\program files (x86)\Common Files\Microsoft
2013-09-09 16:01 . 2013-09-09 16:01 -------- d-----w- c:\programdata\PreEmptive Solutions
2013-09-09 16:00 . 2013-09-09 16:00 -------- d-----w- c:\program files (x86)\Microsoft ASP.NET
2013-09-09 16:00 . 2013-09-09 16:00 -------- d-----w- c:\program files (x86)\Microsoft Web Tools
2013-09-09 16:00 . 2013-09-09 16:00 -------- d-----w- c:\program files\Microsoft
2013-09-09 15:59 . 2013-09-09 15:59 -------- d-----w- c:\program files\IIS Express
2013-09-09 15:59 . 2013-09-09 15:59 -------- d-----w- c:\program files (x86)\IIS Express
2013-09-09 15:59 . 2013-09-09 15:59 -------- d-----w- c:\program files (x86)\NuGet
2013-09-09 15:59 . 2013-09-09 15:59 -------- d-----w- c:\program files (x86)\Microsoft WCF Data Services
2013-09-09 15:59 . 2013-09-09 15:59 -------- d-----w- c:\program files\IIS
2013-09-09 15:59 . 2013-09-09 15:59 -------- d-----w- c:\program files (x86)\IIS
2013-09-09 15:58 . 2013-09-09 15:58 -------- d-----w- c:\program files (x86)\Windows Kits
2013-09-09 15:56 . 2013-09-09 15:56 -------- d-----w- c:\program files (x86)\HTML Help Workshop
2013-09-09 15:56 . 2013-09-09 15:56 -------- d-----w- c:\program files (x86)\Microsoft Help Viewer
2013-09-09 15:56 . 2013-09-09 15:57 -------- d-----w- c:\windows\SysWow64\1033
2013-09-09 15:56 . 2013-09-09 16:02 -------- d-----w- c:\program files\Microsoft SQL Server
2013-09-09 15:56 . 2013-09-09 16:02 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2013-09-09 15:54 . 2013-09-09 15:55 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
2013-09-09 15:53 . 2013-09-09 16:04 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 11.0
2013-09-09 15:53 . 2013-09-09 15:56 -------- d-----w- c:\windows\system32\1033
2013-09-09 15:53 . 2013-09-09 15:53 -------- d-----w- c:\windows\symbols
2013-09-09 15:53 . 2013-09-09 16:04 -------- d-----w- c:\program files (x86)\Microsoft SDKs
2013-09-09 15:53 . 2013-09-09 15:53 -------- d-----w- c:\program files\Microsoft Visual Studio 11.0
2013-09-09 15:40 . 2013-09-29 23:59 -------- d-----w- c:\programdata\Package Cache
2013-09-09 15:40 . 2013-09-09 15:40 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2013-09-07 13:22 . 2013-09-07 13:28 -------- d-----w- c:\users\Jirka\AppData\Local\PAYDAY 2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-05 16:33 . 2013-06-29 19:54 30528 ----a-w- c:\windows\GVTDrv64.sys
2013-10-05 16:32 . 2013-06-29 19:54 25640 ----a-w- c:\windows\gdrv.sys
2013-10-05 12:06 . 2013-06-29 20:00 65536 ----a-w- c:\windows\system32\spu_storage.bin
2013-09-29 23:59 . 2013-07-18 18:40 281872 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-09-29 23:59 . 2013-07-18 18:40 281872 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-09-29 23:59 . 2013-07-18 18:40 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-09-28 18:51 . 2013-07-18 18:40 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-09-23 14:57 . 2013-06-30 07:10 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-23 14:57 . 2013-06-30 07:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-13 13:56 . 2013-06-30 19:47 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-30 09:24 . 2013-08-30 09:24 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-08-30 07:48 . 2013-06-30 07:09 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2013-06-30 07:09 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-06-30 07:09 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2013-06-30 07:09 204880 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-06-30 07:09 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-06-30 07:09 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-06-30 07:09 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2013-06-30 07:09 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2013-06-30 07:09 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2013-06-30 07:09 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-07 02:22 . 2013-06-30 07:04 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-02 01:48 . 2013-09-13 13:46 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-14 17:58 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 17:58 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-14 17:58 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 17:58 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-14 17:58 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-14 17:58 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-14 17:58 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-14 17:58 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-14 17:58 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-14 17:58 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-14 17:58 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-14 17:58 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 17:58 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-14 17:58 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-09 00:10 . 2013-07-09 00:10 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2013-07-09 00:10 . 2013-07-09 00:10 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2013-07-09 00:10 . 2013-07-09 00:10 5773824 ----a-w- c:\windows\system32\mstscax.dll
2013-07-09 00:10 . 2013-07-09 00:10 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2013-07-09 00:10 . 2013-07-09 00:10 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-07-09 00:10 . 2013-07-09 00:10 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2013-07-09 00:10 . 2013-07-09 00:10 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-07-09 00:10 . 2013-07-09 00:10 43520 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2013-07-09 00:10 . 2013-07-09 00:10 384000 ----a-w- c:\windows\system32\wksprt.exe
2013-07-09 00:10 . 2013-07-09 00:10 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-07-09 00:10 . 2013-07-09 00:10 322560 ----a-w- c:\windows\system32\aaclient.dll
2013-07-09 00:10 . 2013-07-09 00:10 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2013-07-09 00:10 . 2013-07-09 00:10 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-07-09 00:10 . 2013-07-09 00:10 243200 ----a-w- c:\windows\system32\rdpudd.dll
2013-07-09 00:10 . 2013-07-09 00:10 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2013-07-09 00:10 . 2013-07-09 00:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2013-07-09 00:10 . 2013-07-09 00:10 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2013-07-09 00:10 . 2013-07-09 00:10 18432 ----a-w- c:\windows\system32\wksprtPS.dll
2013-07-09 00:10 . 2013-07-09 00:10 16896 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2013-07-09 00:10 . 2013-07-09 00:10 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2013-07-09 00:10 . 2013-07-09 00:10 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-07-09 00:10 . 2013-07-09 00:10 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-07-09 00:10 . 2013-07-09 00:10 1123840 ----a-w- c:\windows\system32\mstsc.exe
2013-07-09 00:10 . 2013-07-09 00:10 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2013-07-09 00:09 . 2013-07-09 00:09 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-07-09 00:09 . 2013-07-09 00:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-07-09 00:09 . 2013-07-09 00:09 340992 ----a-w- c:\windows\system32\schannel.dll
2013-07-09 00:09 . 2013-07-09 00:09 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-07-09 00:09 . 2013-07-09 00:09 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-07-09 00:09 . 2013-07-09 00:09 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-07-09 00:09 . 2013-07-09 00:09 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-07-09 00:07 . 2013-07-09 00:07 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-07-09 00:07 . 2013-07-09 00:07 366592 ----a-w- c:\windows\system32\qdvd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"= "c:\program files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll" [2013-09-02 1357120]
.
[HKEY_CLASSES_ROOT\clsid\{03eb0e9c-7a91-4381-a220-9b52b641cdb1}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
2013-09-02 11:03 1357120 ----a-w- c:\program files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"= "c:\program files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll" [2013-09-02 1357120]
.
[HKEY_CLASSES_ROOT\clsid\{03eb0e9c-7a91-4381-a220-9b52b641cdb1}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-10-05 1813928]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-05-29 449248]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-10-01 3551576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-02-15 642656]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"Live! Central 3"="c:\program files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe" [2012-07-24 461312]
"V0770Mon.exe"="c:\windows\V0770Mon.exe" [2012-06-01 32884]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2013-09-02 1360192]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-10-01 2345296]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R0 aswRvrt;aswRvrt; [x]
R0 aswVmm;aswVmm; [x]
R1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
R3 V0770Vid;Live! Cam Sync HD VF0770 Driver;c:\windows\system32\DRIVERS\V0770Vid.sys;c:\windows\SYSNATIVE\DRIVERS\V0770Vid.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-04 22:10 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-30 14:57]
.
2013-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-29 19:45]
.
2013-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-29 19:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)
BHO-{FEB703F7-E7B2-4AB0-9566-87658AC70095} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-AstrumNival Allods - c:\gpotato.eu\Allods Online\uninst.exe
AddRemove-Bioshock 2 CZ 1.00 - d:\games\Bioshock 2 CZ\Uninstall.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Counter-Strike: Source - d:\games\Counter-Strike Source\Uninst.exe
AddRemove-Crossfire Europe - c:\users\Jirka\Crossfire Europe\uninst.exe
AddRemove-Dishonored_is1 - d:\games\Dishonored\unins000.exe
AddRemove-Metro Last Light_is1 - d:\games\THQ\Metro Last Light\unins000.exe
AddRemove-Minecraft1.6.2 - c:\users\Jirka\AppData\Roaming\.minecraft\minecraft launcher\Uninstall.exe
AddRemove-Rich Media Player - c:\users\Jirka\AppData\Local\Rich Media Player\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2557346633-3743950059-13786957-1000\Software\SecuROM\License information*]
"datasecu"=hex:4b,85,c6,4e,9b,6a,47,32,f1,23,74,33,4a,13,4f,55,4c,8e,f1,36,01,
61,f8,8f,9e,c2,67,fb,83,19,81,42,39,17,11,d8,e4,fa,a6,fa,1e,99,50,a6,63,3e,\
"rkeysecu"=hex:d3,b9,e4,82,3b,83,c3,69,36,c0,c3,84,d8,44,3a,5e
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-10-05 22:14:02
ComboFix-quarantined-files.txt 2013-10-05 20:14
ComboFix2.txt 2013-10-05 20:01
.
Před spuštěním: Volných bajtů: 113 049 608 192
Po spuštění: Volných bajtů: 112 977 965 056
.
- - End Of File - - 0F973EC7CDEBC4CCCEFA6A9E8EE392EF

#5 Příspěvek od **motji** » 05 říj 2013 21:24

Proč jsi combofix spouštěl 2x? Poprosím ještě o tento log ComboFix2.txt1. je to s pc lepší?

WarrunCz · #6 Příspěvek od **WarrunCz** » 05 říj 2013 21:28

ten co jsem napsal je ten druhej,já to neměl na ploše.... udělal jsem tam jen zástupce.... ale to jsem zjistil až pozdě...moc se omlouvám ten první je tady -

Kód: Vybrat vše

ComboFix 13-10-04.02 - Jirka 05.10.2013  21:56:56.1.4 - x64 NETWORK
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.420.1029.18.8153.6524 [GMT 2:00]
Spuštěný z: c:\users\Jirka\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Vytvořen nový Bod Obnovení
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\cflog\EPLog.txt
C:\prefs.js
c:\users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\windows.lnk
c:\windows\iun6002.exe
c:\windows\SysWow64\BReWErS.dll
c:\windows\SysWow64\frapsvid.dll
.
.
(((((((((((((((((((((((((   Soubory vytvořené od 2013-09-05 do 2013-10-05  )))))))))))))))))))))))))))))))
.
.
2013-10-05 20:00 . 2013-10-05 20:00	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-10-05 16:54 . 2013-10-05 16:54	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{3A31D2D5-432E-4A48-8D91-1ACBC9B9E823}\offreg.dll
2013-10-05 13:46 . 2013-10-05 16:22	--------	d-----w-	c:\program files (x86)\Win down
2013-10-05 10:23 . 2013-10-05 10:23	314016	----a-w-	c:\windows\system32\drivers\atksgt.sys
2013-10-05 10:23 . 2013-10-05 10:23	43680	----a-w-	c:\windows\system32\drivers\lirsgt.sys
2013-10-04 14:07 . 2013-09-05 05:32	9694160	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{3A31D2D5-432E-4A48-8D91-1ACBC9B9E823}\mpengine.dll
2013-10-03 16:46 . 2013-10-03 16:46	--------	d-----w-	c:\users\Jirka\AppData\Local\LogMeIn
2013-10-03 16:46 . 2013-10-03 16:46	--------	d-----w-	c:\programdata\LogMeIn
2013-10-02 17:58 . 2009-03-18 16:35	33856	---ha-w-	c:\windows\system32\hamachi.sys
2013-10-02 17:58 . 2013-10-02 17:58	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2013-09-28 14:47 . 2013-09-28 15:13	--------	d-----w-	c:\users\Jirka\AppData\Roaming\ftblauncher
2013-09-28 13:48 . 2013-09-28 13:48	--------	d-----w-	c:\users\Jirka\.minecraft
2013-09-26 16:02 . 2013-09-26 16:02	--------	d-----w-	c:\users\Jirka\AppData\Roaming\fltk.org
2013-09-26 16:02 . 2013-09-26 16:02	--------	d-----w-	c:\programdata\fltk.org
2013-09-26 12:41 . 2013-09-26 12:41	163972	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2013-09-26 12:41 . 2002-12-05 12:12	692224	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2013-09-26 12:41 . 2002-12-05 12:10	155648	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2013-09-26 12:41 . 2002-12-02 13:22	5632	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-09-26 12:41 . 2002-12-02 11:33	57344	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2013-09-26 12:41 . 2002-12-02 11:33	237568	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2013-09-26 12:41 . 2013-09-26 12:41	282756	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2013-09-25 14:42 . 2013-09-25 14:42	916456	----a-w-	c:\windows\system32\deployJava1.dll
2013-09-25 14:42 . 2013-09-25 14:42	289768	----a-w-	c:\windows\system32\javaws.exe
2013-09-25 14:42 . 2013-09-25 14:42	1034216	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-09-25 14:42 . 2013-09-25 14:42	189416	----a-w-	c:\windows\system32\javaw.exe
2013-09-25 14:42 . 2013-09-25 14:42	188904	----a-w-	c:\windows\system32\java.exe
2013-09-25 14:42 . 2013-09-25 14:42	108008	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-09-25 14:42 . 2013-09-25 14:42	--------	d-----w-	c:\program files\Java
2013-09-25 14:03 . 2013-09-25 14:03	--------	d-----w-	c:\users\Jirka\AppData\Local\Introversion
2013-09-25 13:44 . 2013-05-22 16:49	32600	----a-w-	c:\windows\system32\SmartDefragBootTime.exe
2013-09-25 13:44 . 2013-05-22 16:49	17720	----a-w-	c:\windows\system32\drivers\SmartDefragDriver.sys
2013-09-20 13:42 . 2013-09-20 13:42	--------	d-----w-	c:\program files (x86)\NVIDIA Corporation
2013-09-13 13:29 . 2013-09-13 13:29	--------	d-----w-	c:\program files\Microsoft Silverlight
2013-09-13 13:29 . 2013-09-13 13:29	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2013-09-12 18:43 . 2013-09-12 18:43	--------	d-----w-	c:\users\Jirka\AppData\Local\ESN
2013-09-12 18:43 . 2013-09-29 23:59	--------	d-----w-	c:\program files (x86)\Battlelog Web Plugins
2013-09-12 15:18 . 2013-09-12 15:18	--------	d-----w-	c:\program files (x86)\PANDORA.TV
2013-09-12 15:18 . 2013-10-05 14:09	--------	d-----w-	c:\program files (x86)\The KMPlayer
2013-09-11 12:32 . 2013-09-11 12:32	--------	d-----w-	c:\program files (x86)\IObit Apps Toolbar
2013-09-11 12:32 . 2013-09-11 12:32	--------	d-----w-	c:\program files (x86)\Application Updater
2013-09-09 16:05 . 2013-09-09 19:40	2477216	----a-w-	c:\programdata\Microsoft\VisualStudio\11.0\1033\ResourceCache.dll
2013-09-09 16:02 . 2013-09-09 16:02	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2013-09-09 16:02 . 2013-09-09 16:02	--------	d-----w-	c:\program files (x86)\Application Verifier
2013-09-09 16:02 . 2013-09-09 16:02	--------	d-----w-	c:\program files\Application Verifier
2013-09-09 16:02 . 2013-09-09 16:02	--------	d-----w-	c:\programdata\Windows App Certification Kit
2013-09-09 16:01 . 2013-09-09 16:01	--------	d-----w-	c:\program files (x86)\Common Files\Microsoft
2013-09-09 16:01 . 2013-09-09 16:01	--------	d-----w-	c:\programdata\PreEmptive Solutions
2013-09-09 16:00 . 2013-09-09 16:00	--------	d-----w-	c:\program files (x86)\Microsoft ASP.NET
2013-09-09 16:00 . 2013-09-09 16:00	--------	d-----w-	c:\program files (x86)\Microsoft Web Tools
2013-09-09 16:00 . 2013-09-09 16:00	--------	d-----w-	c:\program files\Microsoft
2013-09-09 15:59 . 2013-09-09 15:59	--------	d-----w-	c:\program files\IIS Express
2013-09-09 15:59 . 2013-09-09 15:59	--------	d-----w-	c:\program files (x86)\IIS Express
2013-09-09 15:59 . 2013-09-09 15:59	--------	d-----w-	c:\program files (x86)\NuGet
2013-09-09 15:59 . 2013-09-09 15:59	--------	d-----w-	c:\program files (x86)\Microsoft WCF Data Services
2013-09-09 15:59 . 2013-09-09 15:59	--------	d-----w-	c:\program files\IIS
2013-09-09 15:59 . 2013-09-09 15:59	--------	d-----w-	c:\program files (x86)\IIS
2013-09-09 15:58 . 2013-09-09 15:58	--------	d-----w-	c:\program files (x86)\Windows Kits
2013-09-09 15:56 . 2013-09-09 15:56	--------	d-----w-	c:\program files (x86)\HTML Help Workshop
2013-09-09 15:56 . 2013-09-09 15:56	--------	d-----w-	c:\program files (x86)\Microsoft Help Viewer
2013-09-09 15:56 . 2013-09-09 15:57	--------	d-----w-	c:\windows\SysWow64\1033
2013-09-09 15:56 . 2013-09-09 16:02	--------	d-----w-	c:\program files\Microsoft SQL Server
2013-09-09 15:56 . 2013-09-09 16:02	--------	d-----w-	c:\program files (x86)\Microsoft SQL Server
2013-09-09 15:54 . 2013-09-09 15:55	--------	d-----w-	c:\program files (x86)\Common Files\Merge Modules
2013-09-09 15:53 . 2013-09-09 16:04	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 11.0
2013-09-09 15:53 . 2013-09-09 15:56	--------	d-----w-	c:\windows\system32\1033
2013-09-09 15:53 . 2013-09-09 15:53	--------	d-----w-	c:\windows\symbols
2013-09-09 15:53 . 2013-09-09 16:04	--------	d-----w-	c:\program files (x86)\Microsoft SDKs
2013-09-09 15:53 . 2013-09-09 15:53	--------	d-----w-	c:\program files\Microsoft Visual Studio 11.0
2013-09-09 15:40 . 2013-09-29 23:59	--------	d-----w-	c:\programdata\Package Cache
2013-09-09 15:40 . 2013-09-09 15:40	--------	d-----w-	c:\programdata\regid.1991-06.com.microsoft
2013-09-07 13:22 . 2013-09-07 13:28	--------	d-----w-	c:\users\Jirka\AppData\Local\PAYDAY 2
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-05 16:33 . 2013-06-29 19:54	30528	----a-w-	c:\windows\GVTDrv64.sys
2013-10-05 16:32 . 2013-06-29 19:54	25640	----a-w-	c:\windows\gdrv.sys
2013-10-05 12:06 . 2013-06-29 20:00	65536	----a-w-	c:\windows\system32\spu_storage.bin
2013-09-29 23:59 . 2013-07-18 18:40	281872	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-09-29 23:59 . 2013-07-18 18:40	281872	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-09-29 23:59 . 2013-07-18 18:40	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-09-28 18:51 . 2013-07-18 18:40	290184	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-09-23 14:57 . 2013-06-30 07:10	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-23 14:57 . 2013-06-30 07:10	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-13 13:56 . 2013-06-30 19:47	79143768	----a-w-	c:\windows\system32\MRT.exe
2013-08-30 09:24 . 2013-08-30 09:24	178800	----a-w-	c:\windows\SysWow64\CmdLineExt_x64.dll
2013-08-30 07:48 . 2013-06-30 07:09	72016	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2013-06-30 07:09	64288	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-06-30 07:09	378944	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2013-06-30 07:09	204880	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-06-30 07:09	1030952	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-06-30 07:09	65336	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-06-30 07:09	33400	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2013-06-30 07:09	80816	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2013-06-30 07:09	41664	----a-w-	c:\windows\avastSS.scr
2013-08-30 07:47 . 2013-06-30 07:09	287840	----a-w-	c:\windows\system32\aswBoot.exe
2013-08-07 02:22 . 2013-06-30 07:04	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-08-02 01:48 . 2013-09-13 13:46	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-14 17:58	1888768	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 17:58	1620992	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-14 17:58	2048	----a-w-	c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 17:58	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-14 17:58	224256	----a-w-	c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-14 17:58	1217024	----a-w-	c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-14 17:58	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-14 17:58	1472512	----a-w-	c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-14 17:58	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-14 17:58	663552	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-14 17:58	175104	----a-w-	c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-14 17:58	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 17:58	1166848	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-14 17:58	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-07-09 00:10 . 2013-07-09 00:10	62976	----a-w-	c:\windows\system32\TSWbPrxy.exe
2013-07-09 00:10 . 2013-07-09 00:10	57856	----a-w-	c:\windows\system32\drivers\TsUsbFlt.sys
2013-07-09 00:10 . 2013-07-09 00:10	5773824	----a-w-	c:\windows\system32\mstscax.dll
2013-07-09 00:10 . 2013-07-09 00:10	54272	----a-w-	c:\windows\system32\MsRdpWebAccess.dll
2013-07-09 00:10 . 2013-07-09 00:10	4916224	----a-w-	c:\windows\SysWow64\mstscax.dll
2013-07-09 00:10 . 2013-07-09 00:10	46592	----a-w-	c:\windows\SysWow64\MsRdpWebAccess.dll
2013-07-09 00:10 . 2013-07-09 00:10	44032	----a-w-	c:\windows\system32\tsgqec.dll
2013-07-09 00:10 . 2013-07-09 00:10	43520	----a-w-	c:\windows\system32\TsUsbGDCoInstaller.dll
2013-07-09 00:10 . 2013-07-09 00:10	384000	----a-w-	c:\windows\system32\wksprt.exe
2013-07-09 00:10 . 2013-07-09 00:10	37376	----a-w-	c:\windows\SysWow64\tsgqec.dll
2013-07-09 00:10 . 2013-07-09 00:10	322560	----a-w-	c:\windows\system32\aaclient.dll
2013-07-09 00:10 . 2013-07-09 00:10	3174912	----a-w-	c:\windows\system32\rdpcorets.dll
2013-07-09 00:10 . 2013-07-09 00:10	269312	----a-w-	c:\windows\SysWow64\aaclient.dll
2013-07-09 00:10 . 2013-07-09 00:10	243200	----a-w-	c:\windows\system32\rdpudd.dll
2013-07-09 00:10 . 2013-07-09 00:10	228864	----a-w-	c:\windows\system32\rdpendp_winip.dll
2013-07-09 00:10 . 2013-07-09 00:10	19456	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2013-07-09 00:10 . 2013-07-09 00:10	192000	----a-w-	c:\windows\SysWow64\rdpendp_winip.dll
2013-07-09 00:10 . 2013-07-09 00:10	18432	----a-w-	c:\windows\system32\wksprtPS.dll
2013-07-09 00:10 . 2013-07-09 00:10	16896	----a-w-	c:\windows\SysWow64\wksprtPS.dll
2013-07-09 00:10 . 2013-07-09 00:10	15360	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2013-07-09 00:10 . 2013-07-09 00:10	13312	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-07-09 00:10 . 2013-07-09 00:10	13312	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-07-09 00:10 . 2013-07-09 00:10	1123840	----a-w-	c:\windows\system32\mstsc.exe
2013-07-09 00:10 . 2013-07-09 00:10	1048064	----a-w-	c:\windows\SysWow64\mstsc.exe
2013-07-09 00:09 . 2013-07-09 00:09	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2013-07-09 00:09 . 2013-07-09 00:09	458712	----a-w-	c:\windows\system32\drivers\cng.sys
2013-07-09 00:09 . 2013-07-09 00:09	340992	----a-w-	c:\windows\system32\schannel.dll
2013-07-09 00:09 . 2013-07-09 00:09	247808	----a-w-	c:\windows\SysWow64\schannel.dll
2013-07-09 00:09 . 2013-07-09 00:09	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2013-07-09 00:09 . 2013-07-09 00:09	154480	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2013-07-09 00:09 . 2013-07-09 00:09	1448448	----a-w-	c:\windows\system32\lsasrv.dll
2013-07-09 00:07 . 2013-07-09 00:07	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2013-07-09 00:07 . 2013-07-09 00:07	366592	----a-w-	c:\windows\system32\qdvd.dll
.
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"= "c:\program files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll" [2013-09-02 1357120]
.
[HKEY_CLASSES_ROOT\clsid\{03eb0e9c-7a91-4381-a220-9b52b641cdb1}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
2013-09-02 11:03	1357120	----a-w-	c:\program files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"= "c:\program files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll" [2013-09-02 1357120]
.
[HKEY_CLASSES_ROOT\clsid\{03eb0e9c-7a91-4381-a220-9b52b641cdb1}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-10-05 1813928]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-05-29 449248]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-10-01 3551576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-02-15 642656]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"Live! Central 3"="c:\program files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe" [2012-07-24 461312]
"V0770Mon.exe"="c:\windows\V0770Mon.exe" [2012-06-01 32884]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2013-09-02 1360192]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-10-01 2345296]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R0 aswRvrt;aswRvrt; [x]
R0 aswVmm;aswVmm; [x]
R1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
R3 V0770Vid;Live! Cam Sync HD VF0770 Driver;c:\windows\system32\DRIVERS\V0770Vid.sys;c:\windows\SYSNATIVE\DRIVERS\V0770Vid.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-04 22:10	1185744	----a-w-	c:\program files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-30 14:57]
.
2013-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-29 19:45]
.
2013-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-29 19:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47	133840	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 14:11	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 14:11	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 14:11	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 14:11	778704	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)
BHO-{FEB703F7-E7B2-4AB0-9566-87658AC70095} - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-AstrumNival Allods - c:\gpotato.eu\Allods Online\uninst.exe
AddRemove-Bioshock 2 CZ 1.00 - d:\games\Bioshock 2 CZ\Uninstall.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Counter-Strike: Source - d:\games\Counter-Strike Source\Uninst.exe
AddRemove-Crossfire Europe - c:\users\Jirka\Crossfire Europe\uninst.exe
AddRemove-Dishonored_is1 - d:\games\Dishonored\unins000.exe
AddRemove-Metro Last Light_is1 - d:\games\THQ\Metro Last Light\unins000.exe
AddRemove-Minecraft1.6.2 - c:\users\Jirka\AppData\Roaming\.minecraft\minecraft launcher\Uninstall.exe
AddRemove-Rich Media Player - c:\users\Jirka\AppData\Local\Rich Media Player\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2557346633-3743950059-13786957-1000\Software\SecuROM\License information*]
"datasecu"=hex:4b,85,c6,4e,9b,6a,47,32,f1,23,74,33,4a,13,4f,55,4c,8e,f1,36,01,
   61,f8,8f,9e,c2,67,fb,83,19,81,42,39,17,11,d8,e4,fa,a6,fa,1e,99,50,a6,63,3e,\
"rkeysecu"=hex:d3,b9,e4,82,3b,83,c3,69,36,c0,c3,84,d8,44,3a,5e
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-10-05  22:01:49
ComboFix-quarantined-files.txt  2013-10-05 20:01
.
Před spuštěním: Volných bajtů: 113 381 363 712
Po spuštění: Volných bajtů: 112 985 591 808
.
- - End Of File - - D536358AF08730139ED717F6E461AB1F

WarrunCz · #7 Příspěvek od **WarrunCz** » 05 říj 2013 21:37

jinak,teď už můžu pustit pc normálním způsobem?
já sem furt to nouzáku,čekám na tvé příkazy a pokyny =)

#8 Příspěvek od **motji** » 05 říj 2013 21:40

Jak to s pc vypadá?
nedávej mi prosím logy do code, špatně se to čte. Díky

.
No zkus, at víme, jeslti se stále vypíná.

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Driver::
X6va012

File::
c:\windows\SysWOW64\Drivers\X6va012

Folder::
c:\program files (x86)\Common Files\Spigot
c:\program files (x86)\IObit Apps Toolbar

Registry::
[-HKEY_CLASSES_ROOT\clsid\{03eb0e9c-7a91-4381-a220-9b52b641cdb1}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SearchSettings"=-
[-HKEY_CLASSES_ROOT\clsid\{03eb0e9c-7a91-4381-a220-9b52b641cdb1}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"=-

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek

-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

WarrunCz · #9 Příspěvek od **WarrunCz** » 05 říj 2013 22:04

Vše funguje jak má,zatím to tak vypadá

a tady ten log :

ComboFix 13-10-04.02 - Jirka 05.10.2013 22:51:57.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8153.5414 [GMT 2:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jirka\Desktop\CFScript.txt.txt
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\SysWOW64\Drivers\X6va012"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Spigot
c:\program files (x86)\Common Files\Spigot\GC\coupons_2.4.crx
c:\program files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx
c:\program files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx
c:\program files (x86)\Common Files\Spigot\GC\saebay_1.0.crx
c:\program files (x86)\Common Files\Spigot\Search Settings\baidu_ff.xml
c:\program files (x86)\Common Files\Spigot\Search Settings\baidu_ie.xml
c:\program files (x86)\Common Files\Spigot\Search Settings\config.ini
c:\program files (x86)\Common Files\Spigot\Search Settings\Lang\res1031.ini
c:\program files (x86)\Common Files\Spigot\Search Settings\Lang\res1033.ini
c:\program files (x86)\Common Files\Spigot\Search Settings\Lang\res1034.ini
c:\program files (x86)\Common Files\Spigot\Search Settings\Lang\res1036.ini
c:\program files (x86)\Common Files\Spigot\Search Settings\Lang\res1040.ini
c:\program files (x86)\Common Files\Spigot\Search Settings\searchcom_ff.xml
c:\program files (x86)\Common Files\Spigot\Search Settings\searchcom_ie.xml
c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe
c:\program files (x86)\Common Files\Spigot\Search Settings\wth166.dll
c:\program files (x86)\Common Files\Spigot\Search Settings\wthx166.dll
c:\program files (x86)\Common Files\Spigot\Search Settings\yahoo_ff.xml
c:\program files (x86)\Common Files\Spigot\Search Settings\yahoo_ie.xml
c:\program files (x86)\Common Files\Spigot\Search Settings\yandex_ff.xml
c:\program files (x86)\Common Files\Spigot\Search Settings\yandex_ie.xml
c:\program files (x86)\IObit Apps Toolbar
c:\program files (x86)\IObit Apps Toolbar\IE\7.6\config.ini
c:\program files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll
c:\program files (x86)\IObit Apps Toolbar\Res\amazon.gif
c:\program files (x86)\IObit Apps Toolbar\Res\ebay.gif
c:\program files (x86)\IObit Apps Toolbar\Res\facebook.gif
c:\program files (x86)\IObit Apps Toolbar\Res\googleplus.gif
c:\program files (x86)\IObit Apps Toolbar\Res\icon_settings.gif
c:\program files (x86)\IObit Apps Toolbar\Res\iobit-toolbar-logo-hover.gif
c:\program files (x86)\IObit Apps Toolbar\Res\iobit-toolbar-logo.gif
c:\program files (x86)\IObit Apps Toolbar\Res\Lang\Res1031.ini
c:\program files (x86)\IObit Apps Toolbar\Res\Lang\Res1033.ini
c:\program files (x86)\IObit Apps Toolbar\Res\Lang\Res1034.ini
c:\program files (x86)\IObit Apps Toolbar\Res\Lang\Res1036.ini
c:\program files (x86)\IObit Apps Toolbar\Res\Lang\Res1040.ini
c:\program files (x86)\IObit Apps Toolbar\Res\radio-close.gif
c:\program files (x86)\IObit Apps Toolbar\Res\radio-minimize.gif
c:\program files (x86)\IObit Apps Toolbar\Res\radiobeta.gif
c:\program files (x86)\IObit Apps Toolbar\Res\search-button-hover.gif
c:\program files (x86)\IObit Apps Toolbar\Res\search-button.gif
c:\program files (x86)\IObit Apps Toolbar\Res\search-chevron-hover.gif
c:\program files (x86)\IObit Apps Toolbar\Res\search-chevron.gif
c:\program files (x86)\IObit Apps Toolbar\Res\search_amazon.gif
c:\program files (x86)\IObit Apps Toolbar\Res\search_baidu.gif
c:\program files (x86)\IObit Apps Toolbar\Res\search_ebay.gif
c:\program files (x86)\IObit Apps Toolbar\Res\search_yahoo.gif
c:\program files (x86)\IObit Apps Toolbar\Res\search_yandex.gif
c:\program files (x86)\IObit Apps Toolbar\Res\toolbar-icon.gif
c:\program files (x86)\IObit Apps Toolbar\Res\twitter.gif
c:\program files (x86)\IObit Apps Toolbar\Res\widgets.xml
c:\program files (x86)\IObit Apps Toolbar\WidgiHelper.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_X6VA012
-------\Service_X6va012
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-05 do 2013-10-05 )))))))))))))))))))))))))))))))
.
.
2013-10-05 20:55 . 2013-10-05 20:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-05 16:54 . 2013-10-05 16:54 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3A31D2D5-432E-4A48-8D91-1ACBC9B9E823}\offreg.dll
2013-10-05 13:46 . 2013-10-05 16:22 -------- d-----w- c:\program files (x86)\Win down
2013-10-05 10:23 . 2013-10-05 10:23 314016 ----a-w- c:\windows\system32\drivers\atksgt.sys
2013-10-05 10:23 . 2013-10-05 10:23 43680 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2013-10-04 14:07 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3A31D2D5-432E-4A48-8D91-1ACBC9B9E823}\mpengine.dll
2013-10-03 16:46 . 2013-10-03 16:46 -------- d-----w- c:\users\Jirka\AppData\Local\LogMeIn
2013-10-03 16:46 . 2013-10-03 16:46 -------- d-----w- c:\programdata\LogMeIn
2013-10-02 17:58 . 2009-03-18 16:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2013-10-02 17:58 . 2013-10-02 17:58 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-09-28 14:47 . 2013-09-28 15:13 -------- d-----w- c:\users\Jirka\AppData\Roaming\ftblauncher
2013-09-28 13:48 . 2013-09-28 13:48 -------- d-----w- c:\users\Jirka\.minecraft
2013-09-26 16:02 . 2013-09-26 16:02 -------- d-----w- c:\users\Jirka\AppData\Roaming\fltk.org
2013-09-26 16:02 . 2013-09-26 16:02 -------- d-----w- c:\programdata\fltk.org
2013-09-26 12:41 . 2013-09-26 12:41 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2013-09-26 12:41 . 2002-12-05 12:12 692224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2013-09-26 12:41 . 2002-12-05 12:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2013-09-26 12:41 . 2002-12-02 13:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-09-26 12:41 . 2002-12-02 11:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2013-09-26 12:41 . 2002-12-02 11:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2013-09-26 12:41 . 2013-09-26 12:41 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2013-09-25 14:42 . 2013-09-25 14:42 916456 ----a-w- c:\windows\system32\deployJava1.dll
2013-09-25 14:42 . 2013-09-25 14:42 289768 ----a-w- c:\windows\system32\javaws.exe
2013-09-25 14:42 . 2013-09-25 14:42 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-09-25 14:42 . 2013-09-25 14:42 189416 ----a-w- c:\windows\system32\javaw.exe
2013-09-25 14:42 . 2013-09-25 14:42 188904 ----a-w- c:\windows\system32\java.exe
2013-09-25 14:42 . 2013-09-25 14:42 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-09-25 14:42 . 2013-09-25 14:42 -------- d-----w- c:\program files\Java
2013-09-25 14:03 . 2013-09-25 14:03 -------- d-----w- c:\users\Jirka\AppData\Local\Introversion
2013-09-25 13:44 . 2013-05-22 16:49 32600 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2013-09-25 13:44 . 2013-05-22 16:49 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-09-20 13:42 . 2013-09-20 13:42 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-09-13 13:29 . 2013-09-13 13:29 -------- d-----w- c:\program files\Microsoft Silverlight
2013-09-13 13:29 . 2013-09-13 13:29 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-09-12 18:43 . 2013-09-12 18:43 -------- d-----w- c:\users\Jirka\AppData\Local\ESN
2013-09-12 18:43 . 2013-09-29 23:59 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2013-09-12 15:18 . 2013-09-12 15:18 -------- d-----w- c:\program files (x86)\PANDORA.TV
2013-09-12 15:18 . 2013-10-05 14:09 -------- d-----w- c:\program files (x86)\The KMPlayer
2013-09-11 12:32 . 2013-09-11 12:32 -------- d-----w- c:\program files (x86)\Application Updater
2013-09-09 16:05 . 2013-09-09 19:40 2477216 ----a-w- c:\programdata\Microsoft\VisualStudio\11.0\1033\ResourceCache.dll
2013-09-09 16:02 . 2013-09-09 16:02 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-09-09 16:02 . 2013-09-09 16:02 -------- d-----w- c:\program files (x86)\Application Verifier
2013-09-09 16:02 . 2013-09-09 16:02 -------- d-----w- c:\program files\Application Verifier
2013-09-09 16:02 . 2013-09-09 16:02 -------- d-----w- c:\programdata\Windows App Certification Kit
2013-09-09 16:01 . 2013-09-09 16:01 -------- d-----w- c:\program files (x86)\Common Files\Microsoft
2013-09-09 16:01 . 2013-09-09 16:01 -------- d-----w- c:\programdata\PreEmptive Solutions
2013-09-09 16:00 . 2013-09-09 16:00 -------- d-----w- c:\program files (x86)\Microsoft ASP.NET
2013-09-09 16:00 . 2013-09-09 16:00 -------- d-----w- c:\program files (x86)\Microsoft Web Tools
2013-09-09 16:00 . 2013-09-09 16:00 -------- d-----w- c:\program files\Microsoft
2013-09-09 15:59 . 2013-09-09 15:59 -------- d-----w- c:\program files\IIS Express
2013-09-09 15:59 . 2013-09-09 15:59 -------- d-----w- c:\program files (x86)\IIS Express
2013-09-09 15:59 . 2013-09-09 15:59 -------- d-----w- c:\program files (x86)\NuGet
2013-09-09 15:59 . 2013-09-09 15:59 -------- d-----w- c:\program files (x86)\Microsoft WCF Data Services
2013-09-09 15:59 . 2013-09-09 15:59 -------- d-----w- c:\program files\IIS
2013-09-09 15:59 . 2013-09-09 15:59 -------- d-----w- c:\program files (x86)\IIS
2013-09-09 15:58 . 2013-09-09 15:58 -------- d-----w- c:\program files (x86)\Windows Kits
2013-09-09 15:56 . 2013-09-09 15:56 -------- d-----w- c:\program files (x86)\HTML Help Workshop
2013-09-09 15:56 . 2013-09-09 15:56 -------- d-----w- c:\program files (x86)\Microsoft Help Viewer
2013-09-09 15:56 . 2013-09-09 15:57 -------- d-----w- c:\windows\SysWow64\1033
2013-09-09 15:56 . 2013-09-09 16:02 -------- d-----w- c:\program files\Microsoft SQL Server
2013-09-09 15:56 . 2013-09-09 16:02 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2013-09-09 15:54 . 2013-09-09 15:55 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
2013-09-09 15:53 . 2013-09-09 16:04 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 11.0
2013-09-09 15:53 . 2013-09-09 15:56 -------- d-----w- c:\windows\system32\1033
2013-09-09 15:53 . 2013-09-09 15:53 -------- d-----w- c:\windows\symbols
2013-09-09 15:53 . 2013-09-09 16:04 -------- d-----w- c:\program files (x86)\Microsoft SDKs
2013-09-09 15:53 . 2013-09-09 15:53 -------- d-----w- c:\program files\Microsoft Visual Studio 11.0
2013-09-09 15:40 . 2013-09-29 23:59 -------- d-----w- c:\programdata\Package Cache
2013-09-09 15:40 . 2013-09-09 15:40 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2013-09-07 13:22 . 2013-09-07 13:28 -------- d-----w- c:\users\Jirka\AppData\Local\PAYDAY 2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-05 16:33 . 2013-06-29 19:54 30528 ----a-w- c:\windows\GVTDrv64.sys
2013-10-05 16:32 . 2013-06-29 19:54 25640 ----a-w- c:\windows\gdrv.sys
2013-10-05 12:06 . 2013-06-29 20:00 65536 ----a-w- c:\windows\system32\spu_storage.bin
2013-09-29 23:59 . 2013-07-18 18:40 281872 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-09-29 23:59 . 2013-07-18 18:40 281872 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-09-29 23:59 . 2013-07-18 18:40 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-09-28 18:51 . 2013-07-18 18:40 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-09-23 14:57 . 2013-06-30 07:10 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-23 14:57 . 2013-06-30 07:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-13 13:56 . 2013-06-30 19:47 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-30 09:24 . 2013-08-30 09:24 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-08-30 07:48 . 2013-06-30 07:09 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2013-06-30 07:09 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-06-30 07:09 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2013-06-30 07:09 204880 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-06-30 07:09 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-06-30 07:09 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-06-30 07:09 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2013-06-30 07:09 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2013-06-30 07:09 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2013-06-30 07:09 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-07 02:22 . 2013-06-30 07:04 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-02 01:48 . 2013-09-13 13:46 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-14 17:58 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 17:58 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-14 17:58 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 17:58 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-14 17:58 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-14 17:58 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-14 17:58 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-14 17:58 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-14 17:58 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-14 17:58 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-14 17:58 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-14 17:58 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 17:58 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-14 17:58 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-09 00:10 . 2013-07-09 00:10 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2013-07-09 00:10 . 2013-07-09 00:10 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2013-07-09 00:10 . 2013-07-09 00:10 5773824 ----a-w- c:\windows\system32\mstscax.dll
2013-07-09 00:10 . 2013-07-09 00:10 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2013-07-09 00:10 . 2013-07-09 00:10 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-07-09 00:10 . 2013-07-09 00:10 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2013-07-09 00:10 . 2013-07-09 00:10 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-07-09 00:10 . 2013-07-09 00:10 43520 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2013-07-09 00:10 . 2013-07-09 00:10 384000 ----a-w- c:\windows\system32\wksprt.exe
2013-07-09 00:10 . 2013-07-09 00:10 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-07-09 00:10 . 2013-07-09 00:10 322560 ----a-w- c:\windows\system32\aaclient.dll
2013-07-09 00:10 . 2013-07-09 00:10 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2013-07-09 00:10 . 2013-07-09 00:10 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-07-09 00:10 . 2013-07-09 00:10 243200 ----a-w- c:\windows\system32\rdpudd.dll
2013-07-09 00:10 . 2013-07-09 00:10 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2013-07-09 00:10 . 2013-07-09 00:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2013-07-09 00:10 . 2013-07-09 00:10 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2013-07-09 00:10 . 2013-07-09 00:10 18432 ----a-w- c:\windows\system32\wksprtPS.dll
2013-07-09 00:10 . 2013-07-09 00:10 16896 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2013-07-09 00:10 . 2013-07-09 00:10 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2013-07-09 00:10 . 2013-07-09 00:10 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-07-09 00:10 . 2013-07-09 00:10 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-07-09 00:10 . 2013-07-09 00:10 1123840 ----a-w- c:\windows\system32\mstsc.exe
2013-07-09 00:10 . 2013-07-09 00:10 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2013-07-09 00:09 . 2013-07-09 00:09 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-07-09 00:09 . 2013-07-09 00:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-07-09 00:09 . 2013-07-09 00:09 340992 ----a-w- c:\windows\system32\schannel.dll
2013-07-09 00:09 . 2013-07-09 00:09 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-07-09 00:09 . 2013-07-09 00:09 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-07-09 00:09 . 2013-07-09 00:09 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-07-09 00:09 . 2013-07-09 00:09 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-07-09 00:07 . 2013-07-09 00:07 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-07-09 00:07 . 2013-07-09 00:07 366592 ----a-w- c:\windows\system32\qdvd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-10-05 1813928]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-05-29 449248]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-10-01 3551576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-02-15 642656]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"Live! Central 3"="c:\program files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe" [2012-07-24 461312]
"V0770Mon.exe"="c:\windows\V0770Mon.exe" [2012-06-01 32884]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-10-01 2345296]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 V0770Vid;Live! Cam Sync HD VF0770 Driver;c:\windows\system32\DRIVERS\V0770Vid.sys;c:\windows\SYSNATIVE\DRIVERS\V0770Vid.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-04 22:10 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-30 14:57]
.
2013-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-29 19:45]
.
2013-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-29 19:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} -
TCP: DhcpNameServer = 172.16.10.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{03EB0E9C-7A91-4381-A220-9B52B641CDB1} - c:\program files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll
BHO-{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)
BHO-{FEB703F7-E7B2-4AB0-9566-87658AC70095} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-AstrumNival Allods - c:\gpotato.eu\Allods Online\uninst.exe
AddRemove-Bioshock 2 CZ 1.00 - d:\games\Bioshock 2 CZ\Uninstall.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Counter-Strike: Source - d:\games\Counter-Strike Source\Uninst.exe
AddRemove-Crossfire Europe - c:\users\Jirka\Crossfire Europe\uninst.exe
AddRemove-Dishonored_is1 - d:\games\Dishonored\unins000.exe
AddRemove-Metro Last Light_is1 - d:\games\THQ\Metro Last Light\unins000.exe
AddRemove-Minecraft1.6.2 - c:\users\Jirka\AppData\Roaming\.minecraft\minecraft launcher\Uninstall.exe
AddRemove-Rich Media Player - c:\users\Jirka\AppData\Local\Rich Media Player\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2557346633-3743950059-13786957-1000\Software\SecuROM\License information*]
"datasecu"=hex:4b,85,c6,4e,9b,6a,47,32,f1,23,74,33,4a,13,4f,55,4c,8e,f1,36,01,
61,f8,8f,9e,c2,67,fb,83,19,81,42,39,17,11,d8,e4,fa,a6,fa,1e,99,50,a6,63,3e,\
"rkeysecu"=hex:d3,b9,e4,82,3b,83,c3,69,36,c0,c3,84,d8,44,3a,5e
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\PANDORA.TV\PanService\PanProcess.exe
c:\program files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
c:\program files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
c:\program files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2013-10-05 23:02:32 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-05 21:02
.
Před spuštěním: Volných bajtů: 120 101 347 328
Po spuštění: Volných bajtů: 119 649 579 008
.
- - End Of File - - B7EC4AC3A546755ED5B10C10977E6997

#10 Příspěvek od **motji** » 05 říj 2013 22:09

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

***********

Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

***********

stahněte Ccleaner http://forum.viry.cz/viewtopic.php?f=46&t=7478
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

***********

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech

***********

Odzkoušej a zítra dej vědět, jak to vypadá

Dobrou

WarrunCz · #11 Příspěvek od **WarrunCz** » 05 říj 2013 22:11

Dobrou a moc dík za rady a tvůj čas

WarrunCz · #12 Příspěvek od **WarrunCz** » 06 říj 2013 11:59

Vše šlape jak má =)

#13 Příspěvek od **motji** » 06 říj 2013 15:59

Tak to jsem ráda. kdyby se objevily problémy, ozvi se

VIRY.CZ

Počítač se vypíná do minuty....pro Motji

Počítač se vypíná do minuty....pro Motji

Re: Počítač se vypíná do minuty....pro Motji

Re: Počítač se vypíná do minuty....pro Motji

Re: Počítač se vypíná do minuty....pro Motji

Re: Počítač se vypíná do minuty....pro Motji

Re: Počítač se vypíná do minuty....pro Motji

Re: Počítač se vypíná do minuty....pro Motji

Re: Počítač se vypíná do minuty....pro Motji

Re: Počítač se vypíná do minuty....pro Motji

Re: Počítač se vypíná do minuty....pro Motji

Re: Počítač se vypíná do minuty....pro Motji

Re: Počítač se vypíná do minuty....pro Motji

Re: Počítač se vypíná do minuty....pro Motji