Nelze nic stahovat + prohlížeč padá

Zpráva

JoeFreemaN · #1 Příspěvek od **JoeFreemaN** » 20 bře 2014 17:20

Zdravím všechny a prosím o pomoc,
nemohu sem bohužel dát ani výpis LOGu protože mi žádný prohlížeč nedovolí cokoliv stáhnout, když kliknu na stažení odkazu http://images.malwareremoval.com/random/RSIT.exe tak prohlížeč jen zahlásí - chyba při načítání stránky a nic se dál neotevře a stahování nezačne (zkouším to se všemi dostupnými prohlížeči) nejdou dokonce ani shlédnout některá streamová videa (stream not found...)

Bohužel sem tedy nemůžu dát ani Log - nemáte pro mě radu jak stáhnou nebo co dělat? Už sem zoufalý, předem děkuji

JoeFreemaN · #2 Příspěvek od **JoeFreemaN** » 20 bře 2014 17:29

Ještě mě napadlo udělat to v nouzovém režimu a to zafungovalo, zde tedy posílám výpis, problém popsán výše.
Prosím o kontorlu, mnohokrát děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Pepéé at 2014-03-20 17:30:18
Microsoft Windows 7 Ultimate
System drive C: has 27 GB (9%) free of 305 GB
Total RAM: 3327 MB (71% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce82429d80c0a8.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce4e2a4c168789.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Pepéé\AppData\Roaming\Mozilla\Firefox\Profiles\7x4aqeu6.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Programy\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Programy\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Pepéé\AppData\Roaming\Mozilla\Firefox\Profiles\7x4aqeu6.default\searchplugins\
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"C-Media Mixer"=Mixer.exe /startup []
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"RemoteControl11"=C:\Programy\PowerDVD11\PowerDVD11\PDVD11Serv.exe [2011-08-24 230696]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-10-23 5074384]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-02-05 2234144]
"ShadowPlay"=C:\Windows\system32\nvspcap.dll [2014-02-05 1048152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe [2006-06-26 497200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe [2006-06-26 614960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Programy\Winamp\winampa.exe [2009-07-01 37888]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

C:\Users\Pepéé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Stardock ObjectDock.lnk - C:\Programy\Stardock\ObjectDock\ObjectDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.xvid"=xvid.dll
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"vidc.dvsd"=pdvcodec.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-03-20 17:30:19 ----D---- C:\Program Files\trend micro
2014-03-20 17:30:18 ----D---- C:\rsit
2014-03-20 17:27:46 ----A---- C:\Windows\ntbtlog.txt
2014-03-20 17:09:58 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-03-01 12:41:05 ----HD---- C:\Program Files\Common Files\EAInstaller
2014-03-01 12:40:43 ----D---- C:\ProgramData\Package Cache
2014-02-24 09:45:32 ----A---- C:\Windows\system32\nvspcap.dll
2014-02-24 09:44:48 ----D---- C:\Program Files\AGEIA Technologies
2014-02-24 09:44:06 ----A---- C:\Windows\system32\nvStreaming.exe
2014-02-24 09:37:46 ----A---- C:\Windows\system32\nvaudcap32v.dll
2014-02-24 09:37:46 ----A---- C:\Windows\system32\drivers\nvvad32v.sys
2014-02-24 09:37:45 ----A---- C:\Windows\system32\nvopencl.dll
2014-02-24 09:37:45 ----A---- C:\Windows\system32\nvoglv32.dll
2014-02-24 09:37:45 ----A---- C:\Windows\system32\nvoglshim32.dll
2014-02-24 09:37:45 ----A---- C:\Windows\system32\nvinit.dll
2014-02-24 09:37:45 ----A---- C:\Windows\system32\NvIFR.dll
2014-02-24 09:37:45 ----A---- C:\Windows\system32\nvhdap32.dll
2014-02-24 09:37:45 ----A---- C:\Windows\system32\nvhdagenco3220103.dll
2014-02-24 09:37:45 ----A---- C:\Windows\system32\NvFBC.dll
2014-02-24 09:37:45 ----A---- C:\Windows\system32\nvdispgenco3233489.dll
2014-02-24 09:37:45 ----A---- C:\Windows\system32\nvdispco3233489.dll
2014-02-24 09:37:45 ----A---- C:\Windows\system32\nvcuvid.dll
2014-02-24 09:37:45 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-02-24 09:37:45 ----A---- C:\Windows\system32\nvcuda.dll
2014-02-24 09:37:45 ----A---- C:\Windows\system32\nvcompiler.dll
2014-02-24 09:37:45 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-02-24 09:37:45 ----A---- C:\Windows\system32\drivers\nvhda32v.sys

======List of files/folders modified in the last 1 month======

2014-03-20 17:30:19 ----RD---- C:\Program Files
2014-03-20 17:27:46 ----D---- C:\Windows
2014-03-20 17:26:42 ----D---- C:\Windows\Temp
2014-03-20 17:26:42 ----D---- C:\Windows\system32\config
2014-03-20 17:24:10 ----D---- C:\Windows\Prefetch
2014-03-20 17:14:28 ----D---- C:\Windows\System32
2014-03-20 17:14:28 ----D---- C:\Windows\inf
2014-03-20 17:14:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-03-20 17:10:15 ----D---- C:\Windows\system32\LogFiles
2014-03-20 17:10:04 ----D---- C:\ProgramData\NVIDIA
2014-03-20 17:09:56 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-03-20 13:29:51 ----D---- C:\Programy
2014-03-20 13:22:43 ----D---- C:\Users\Pepéé\AppData\Roaming\Winamp
2014-03-20 13:22:43 ----D---- C:\Users\Pepéé\AppData\Roaming\DAEMON Tools Lite
2014-03-20 13:22:42 ----D---- C:\Users\Pepéé\AppData\Roaming\Skype
2014-03-20 13:22:34 ----D---- C:\Windows\Logs
2014-03-16 21:24:28 ----D---- C:\Windows\system32\catroot2
2014-03-15 11:24:06 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-03-06 21:29:17 ----SHD---- C:\System Volume Information
2014-03-05 21:37:17 ----D---- C:\Windows\system32\drivers
2014-03-05 21:26:35 ----SHD---- C:\Windows\Installer
2014-03-01 12:41:05 ----D---- C:\Program Files\Common Files
2014-03-01 12:40:43 ----HD---- C:\ProgramData
2014-03-01 12:39:49 ----RSD---- C:\Windows\assembly
2014-03-01 12:27:09 ----D---- C:\Hry
2014-02-24 10:00:12 ----D---- C:\Windows\Microsoft.NET
2014-02-24 09:46:29 ----D---- C:\ProgramData\NVIDIA Corporation
2014-02-24 09:45:32 ----D---- C:\Program Files\NVIDIA Corporation
2014-02-24 09:44:33 ----D---- C:\Windows\system32\DriverStore
2014-02-24 09:44:33 ----D---- C:\Windows\system32\catroot
2014-02-24 09:39:55 ----D---- C:\Windows\system32\cs-CZ
2014-02-24 09:38:01 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 46056]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-10-08 53224]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-04-06 691696]
S1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-10-08 170656]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-10-08 121216]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-03-25 278984]
S2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-10-08 149568]
S2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
S2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-03-25 25416]
S2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 50704]
S2 ntk_PowerDVD;ntk_PowerDVD; \??\C:\Programy\PowerDVD11\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [2011-08-24 71664]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 103440]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys []
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
S3 cmpci;C-Media PCI Audio Driver (WDM); C:\Windows\system32\drivers\cmaudio.sys [2002-07-16 379726]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-10-28 87064]
S3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-12-21 33120]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2013-10-30 37344]
S3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-19 20992]
S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2006-06-26 1587632]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2006-06-26 1952816]
S3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\drivers\LVPr2Mon.sys [2006-06-26 23472]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lvusbsta.sys [2006-06-22 38960]
S3 monfilt;monfilt; C:\Windows\system32\drivers\monfilt.sys [2008-02-14 1389056]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2013-11-28 162592]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2013-12-27 34080]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2006-06-22 293808]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 Rockusb;Driver for Rockusb Device; C:\Windows\system32\DRIVERS\rockusb.sys [2013-03-12 46160]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-10-28 182680]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2008-12-19 993280]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD; C:\Programy\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-08-24 83240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service; C:\Programy\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-08-26 75048]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service; C:\Programy\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-08-26 292136]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-10-23 1329304]
S2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2013-10-30 233472]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-11 136176]
S2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2006-06-26 99888]
S2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-02-05 15904544]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-02-08 664864]
S2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-10-10 66872]
S2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-02-08 411936]
S2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-15 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-11 136176]
S3 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-20 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#3 Příspěvek od **vyosek** » 20 bře 2014 18:54

Zdravim

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze

JoeFreemaN · #4 Příspěvek od **JoeFreemaN** » 20 bře 2014 20:41

To nevím, takto jsem PC už koupil, ale test ověření pravosti proběhl úspěšně... prosím nějaká rada k mému problému? Do dneška vše v pořádku

#5 Příspěvek od **vyosek** » 20 bře 2014 20:56

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

JoeFreemaN · #6 Příspěvek od **JoeFreemaN** » 20 bře 2014 21:25

OTL logfile created on: 20.3.2014 21:12:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pepéé\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 69,11% Memory free
6,50 Gb Paging File | 5,40 Gb Available in Paging File | 83,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 26,38 Gb Free Space | 8,85% Space Free | Partition Type: NTFS

Computer Name: PEPÉÉ-PC | User Name: Pepéé | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.03.20 21:08:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pepéé\Desktop\OTL.exe
PRC - [2014.03.20 13:29:46 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Programy\Mozilla Firefox\firefox.exe
PRC - [2014.02.08 18:11:48 | 000,941,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2014.02.08 18:11:47 | 001,819,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2014.02.08 17:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014.02.05 10:32:47 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.02.05 10:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014.02.05 10:32:31 | 015,904,544 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
PRC - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.10.30 04:16:32 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2012.10.23 17:38:32 | 001,329,304 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET Smart Security\ekrn.exe
PRC - [2012.10.23 17:38:22 | 005,074,384 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET Smart Security\egui.exe
PRC - [2011.08.26 07:00:22 | 000,292,136 | ---- | M] (CyberLink) -- C:\Programy\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
PRC - [2011.08.26 07:00:19 | 000,075,048 | ---- | M] (CyberLink) -- C:\Programy\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
PRC - [2011.08.24 02:13:45 | 000,230,696 | ---- | M] (CyberLink Corp.) -- C:\Programy\PowerDVD11\PowerDVD11\PDVD11Serv.exe
PRC - [2011.08.24 02:13:43 | 000,083,240 | ---- | M] () -- C:\Programy\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.08.18 01:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.08.18 01:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2007.04.25 18:02:30 | 003,444,008 | ---- | M] (Stardock) -- C:\Programy\Stardock\ObjectDock\ObjectDock.exe
PRC - [2007.02.04 11:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
PRC - [2006.06.26 09:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
PRC - [2002.07.12 09:33:12 | 001,581,056 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\Windows\mixer.exe

========== Modules (No Company Name) ==========

MOD - [2014.03.20 13:29:45 | 003,642,480 | ---- | M] () -- C:\Programy\Mozilla Firefox\mozjs.dll
MOD - [2008.10.11 21:18:46 | 000,319,488 | ---- | M] () -- C:\Programy\WinRAR\rarlng.dll
MOD - [2008.09.16 19:18:06 | 000,132,608 | ---- | M] () -- C:\Programy\WinRAR\RarExt.dll
MOD - [2007.04.24 18:25:46 | 000,112,400 | ---- | M] () -- C:\Programy\Stardock\ObjectDock\DockShellHook.dll
MOD - [2007.04.21 12:47:52 | 000,059,592 | ---- | M] () -- C:\Programy\Stardock\ObjectDock\zlib.dll
MOD - [2007.04.19 13:23:48 | 000,095,944 | ---- | M] () -- C:\Programy\Stardock\ObjectDock\CrashRpt.dll
MOD - [2002.11.19 13:11:40 | 000,139,264 | ---- | M] () -- C:\Program Files\Common Files\Stardock\ODimg.dll
MOD - [2002.03.13 18:46:32 | 000,118,784 | ---- | M] () -- C:\Programy\Stardock\ObjectDock\ODimg.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- %CommonProgramFiles%\msado210.tlb -- (LanmanServer)
SRV - [2014.03.20 13:29:46 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.03.15 11:24:09 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.02.08 17:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.02.05 10:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.02.05 10:32:31 | 015,904,544 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.30 04:16:32 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2012.10.23 17:38:32 | 001,329,304 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\Eset\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2011.08.26 07:00:22 | 000,292,136 | ---- | M] (CyberLink) [Auto | Running] -- C:\Programy\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe -- (CyberLink PowerDVD 11.0 Service)
SRV - [2011.08.26 07:00:19 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- C:\Programy\PowerDVD11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 11.0 Monitor Service)
SRV - [2011.08.24 02:13:43 | 000,083,240 | ---- | M] () [Auto | Running] -- C:\Programy\PowerDVD11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe -- (CLHNServiceForPowerDVD)
SRV - [2009.08.18 01:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.05.31 15:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 15:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.04.13 07:49:00 | 000,101,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2006.06.26 09:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwrchid.sys -- (btwrchid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwavdt.sys -- (btwavdt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwaudio.sys -- (btwaudio)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a78xdpgx)
DRV - [2014.02.08 19:27:20 | 010,180,896 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013.12.27 19:42:24 | 000,034,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2013.11.28 14:38:19 | 000,162,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2013.10.30 04:16:30 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2013.10.28 01:12:12 | 000,182,680 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013.10.28 01:12:12 | 000,087,064 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013.03.12 09:03:14 | 000,046,160 | ---- | M] (Fuzhou Rockchip Electronics Co,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rockusb.sys -- (Rockusb)
DRV - [2012.10.08 08:21:08 | 000,149,568 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2012.10.08 08:21:08 | 000,121,216 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2012.10.08 08:21:08 | 000,053,224 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2012.10.08 08:21:08 | 000,046,056 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2012.10.08 08:21:06 | 000,170,656 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2011.09.01 22:51:24 | 000,077,296 | ---- | M] (CyberLink Corp.) [2011/12/24 00:05:02] [Kernel | Auto | Running] -- C:\Programy\PowerDVD11\PowerDVD11\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312})
DRV - [2011.08.24 02:13:44 | 000,071,664 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Programy\PowerDVD11\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys -- (ntk_PowerDVD)
DRV - [2010.12.21 12:47:38 | 000,033,120 | ---- | M] (ESET) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010.04.06 14:24:44 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010.03.25 22:15:50 | 000,278,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.03.25 22:15:49 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.01.27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009.08.18 02:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.24 07:48:00 | 000,103,440 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2008.12.19 04:39:30 | 000,993,280 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008.02.14 07:12:00 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\monfilt.sys -- (monfilt)
DRV - [2008.01.19 04:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2006.06.26 09:33:40 | 000,023,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2006.06.26 09:33:36 | 001,952,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2006.06.26 09:33:28 | 001,587,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2006.06.22 23:29:46 | 000,038,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2006.06.22 23:29:30 | 000,293,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928)
DRV - [2002.07.16 03:58:12 | 000,379,726 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmaudio.sys -- (cmpci)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-18618759-2446081156-1231606446-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-18618759-2446081156-1231606446-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 34 CC BE 27 F0 3E CA 01 [binary data]
IE - HKU\S-1-5-21-18618759-2446081156-1231606446-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-18618759-2446081156-1231606446-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-18618759-2446081156-1231606446-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-18618759-2446081156-1231606446-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... &ch_id=osd
IE - HKU\S-1-5-21-18618759-2446081156-1231606446-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Programy\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Programy\Mozilla Firefox\plugins [2014.03.20 13:29:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012.12.26 11:24:31 | 000,000,000 | ---D | M]

[2009.10.11 14:33:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pepéé\AppData\Roaming\mozilla\Extensions
[2013.09.27 14:07:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pepéé\AppData\Roaming\mozilla\Firefox\Profiles\7x4aqeu6.default\extensions
[2012.12.21 17:18:05 | 000,036,139 | ---- | M] () (No name found) -- C:\Users\Pepéé\AppData\Roaming\mozilla\firefox\profiles\7x4aqeu6.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2014.03.09 21:58:10 | 000,001,056 | ---- | M] () -- C:\Users\Pepéé\AppData\Roaming\mozilla\firefox\profiles\7x4aqeu6.default\searchplugins\icqplugin.xml

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKU\S-1-5-21-18618759-2446081156-1231606446-1001\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [C-Media Mixer] C:\Windows\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl11] C:\Programy\PowerDVD11\PowerDVD11\PDVD11Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Pepéé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Programy\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Pepéé\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.255.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C9FDF2B-A850-4156-9877-CF5E3CBDDCC7}: DhcpNameServer = 192.168.255.129
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{9186019b-aae4-11de-b2c5-001966ef4143}\Shell - "" = AutoRun
O33 - MountPoints2\{9186019b-aae4-11de-b2c5-001966ef4143}\Shell\AutoRun\command - "" = E:\OriginInstaller.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: lanmanserver - %CommonProgramFiles%\msado210.tlb File not found
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\Windows\System32\pdvcodec.dll (Matsushita Electric Industrial Co., Ltd.)
Drivers32: VIDC.I420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.xvid - C:\Windows\System32\xvid.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2014.03.20 21:08:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pepéé\Desktop\OTL.exe
[2014.03.20 17:30:19 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.03.20 17:30:18 | 000,000,000 | ---D | C] -- C:\rsit
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2014.03.20 21:14:05 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.03.20 21:08:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pepéé\Desktop\OTL.exe
[2014.03.20 20:57:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce4e2a4c168789.job
[2014.03.20 20:47:08 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.03.20 20:47:08 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.03.20 20:46:19 | 000,668,960 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.03.20 20:46:19 | 000,654,354 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.03.20 20:46:19 | 000,140,592 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.03.20 20:46:19 | 000,121,226 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.03.20 20:42:03 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce82429d80c0a8.job
[2014.03.20 20:41:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.03.20 20:41:53 | 2616,696,832 | -HS- | M] () -- C:\hiberfil.sys
[2014.03.20 17:29:38 | 000,781,383 | ---- | M] () -- C:\Users\Pepéé\Desktop\RSIT.exe
[2014.03.20 17:24:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.03.20 17:10:13 | 000,407,560 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014.03.20 13:23:09 | 000,208,340 | ---- | M] () -- C:\Users\Pepéé\Documents\cc_20140320_132303.reg
[2014.03.15 11:24:06 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014.03.15 11:24:06 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.03.20 21:14:05 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.03.20 17:29:34 | 000,781,383 | ---- | C] () -- C:\Users\Pepéé\Desktop\RSIT.exe
[2014.03.20 17:09:58 | 000,407,560 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2014.03.20 13:23:05 | 000,208,340 | ---- | C] () -- C:\Users\Pepéé\Documents\cc_20140320_132303.reg
[2014.01.17 16:01:15 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2014.01.17 16:01:15 | 000,037,344 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2012.12.01 11:50:18 | 003,573,739 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012.11.28 14:17:18 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.11.28 14:17:18 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.11.28 14:17:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.11.28 14:17:18 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.11.13 15:32:56 | 000,034,308 | ---- | C] () -- C:\ProgramData\mazuki.dll
[2011.07.19 20:51:55 | 000,000,012 | ---- | C] () -- C:\ProgramData\ReminderNextRun
[2010.11.07 11:32:35 | 000,001,016 | ---- | C] () -- C:\Users\Pepéé\AppData\Local\SRDownloader.nast
[2010.11.07 11:31:54 | 000,090,721 | ---- | C] () -- C:\Users\Pepéé\AppData\Local\SRDownloader.err
[2010.08.11 21:33:15 | 000,005,120 | ---- | C] () -- C:\Users\Pepéé\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.10 12:47:10 | 000,022,328 | ---- | C] () -- C:\Users\Pepéé\AppData\Roaming\PnkBstrK.sys

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.12.19 22:31:41 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Ashampoo
[2010.10.13 22:06:09 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\BlackBean
[2010.03.12 21:18:39 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Canon
[2014.03.20 13:22:43 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\DAEMON Tools Lite
[2011.08.07 12:47:29 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\DVDVideoSoft
[2011.08.07 12:47:24 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.07.27 15:18:27 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\ESET
[2012.10.07 09:59:23 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\FreeScreenToVideo
[2011.10.27 23:33:18 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\GetRightToGo
[2010.02.07 22:20:28 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\HDRsoft
[2013.05.09 21:40:28 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\ICQ
[2009.11.27 12:09:11 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\IMSIDesign
[2012.01.08 23:11:40 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Mirillis
[2011.10.28 09:08:42 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\mkvtoolnix
[2012.08.27 13:09:47 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\MOVAVI
[2010.02.14 11:51:37 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Red Alert 3
[2010.03.03 10:04:56 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Red Alert 3 Uprising
[2012.04.15 09:43:11 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Rovio
[2014.01.18 10:47:41 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Samsung
[2009.10.12 12:59:45 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\ScanSoft
[2013.12.28 12:06:59 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Ubisoft
[2012.11.10 01:53:14 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\uTorrent
[2010.04.18 09:36:48 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\VitySoft
[2011.01.15 15:49:37 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,032,576 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.10.07 09:39:51 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.05.11 10:31:21 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce4e2a4c168789.job
[2013.07.16 17:36:26 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce82429d80c0a8.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\System32\drivers\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2773a640f0a0a25d12ec3c76da8d620e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2773a640f0a0a25d12ec3c76da8d620e\*.tmp -> ]
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.06.29 23:10:47 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Adobe
[2012.01.12 21:23:57 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Apple Computer
[2011.12.19 22:31:41 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Ashampoo
[2009.09.26 19:44:44 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\ATI
[2010.10.13 22:06:09 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\BlackBean
[2010.03.12 21:18:39 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Canon
[2011.12.24 00:06:59 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\CyberLink
[2014.03.20 13:22:43 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\DAEMON Tools Lite
[2012.01.08 23:22:55 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\DivX
[2011.08.07 12:47:29 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\DVDVideoSoft
[2011.08.07 12:47:24 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.07.27 15:18:27 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\ESET
[2012.10.07 09:59:23 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\FreeScreenToVideo
[2011.10.27 23:33:18 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\GetRightToGo
[2010.02.07 22:20:28 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\HDRsoft
[2013.05.09 21:40:28 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\ICQ
[2009.09.26 18:23:03 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Identities
[2009.11.27 12:09:11 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\IMSIDesign
[2013.12.28 12:06:18 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\InstallShield
[2009.09.26 22:38:49 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Macromedia
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Media Center Programs
[2013.07.01 21:12:03 | 000,000,000 | --SD | M] -- C:\Users\Pepéé\AppData\Roaming\Microsoft
[2012.01.08 23:11:40 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Mirillis
[2011.10.28 09:08:42 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\mkvtoolnix
[2012.08.27 13:09:47 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\MOVAVI
[2009.10.11 14:33:52 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Mozilla
[2011.01.16 11:59:51 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Nero
[2012.04.15 09:43:11 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\NVIDIA
[2010.02.14 11:51:37 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Red Alert 3
[2010.03.03 10:04:56 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Red Alert 3 Uprising
[2012.04.15 09:43:11 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Rovio
[2014.01.18 10:47:41 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Samsung
[2009.10.12 12:59:45 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\ScanSoft
[2009.10.10 10:50:21 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\SecuROM
[2014.03.20 13:22:42 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Skype
[2011.11.20 00:01:55 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\skypePM
[2013.12.28 12:06:59 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Ubisoft
[2012.11.10 01:53:14 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\uTorrent
[2010.04.18 09:36:48 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\VitySoft
[2014.03.20 13:22:43 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Winamp
[2009.10.02 11:03:39 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\WinRAR
[2011.01.15 15:49:37 | 000,000,000 | ---D | M] -- C:\Users\Pepéé\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2011.06.02 21:34:51 | 000,010,134 | R--- | M] () -- C:\Users\Pepéé\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2014.03.20 21:24:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.03.20 20:42:03 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce82429d80c0a8.job
[2014.03.20 20:57:00 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce4e2a4c168789.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.04.06 14:24:44 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.03.20 20:47:08 | 000,014,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.03.20 20:47:08 | 000,014,016 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.03.20 17:10:13 | 000,407,560 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2014.03.20 20:46:19 | 000,140,592 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2014.03.20 20:46:19 | 000,121,226 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2014.03.20 20:46:19 | 000,668,960 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2014.03.20 20:46:19 | 000,654,354 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2014.03.20 20:46:19 | 001,583,754 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.07.14 02:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.03.20 21:14:05 | 000,000,512 | ---- | M] () MD5=BF19C07286F3AB4E3277F3BD81592F6C -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.12.28 22:53:16 | 004,435,166 | ---- | M] () -- \crack\Crack - codmw3.rar
[2011.12.28 22:53:16 | 004,435,166 | ---- | M] () -- \Hry\CODMW3 - instalační\Proper CRACK!!!\Crack\Crack - codmw3.rar
[2010.05.12 09:09:18 | 007,038,437 | ---- | M] () -- \Users\Pepéé\Desktop\MP3\Eminem_-_I_Am_Marshall_(2010)\19_Eminem_-_Crack_A_Bottle.mp3

< *keygen* /s >
[2009.05.07 06:05:28 | 000,219,648 | ---- | M] () -- \Programy-instalačky\Ashampoo Burning Studio 9.05\KeyGen.exe
[2008.12.01 15:58:50 | 000,287,232 | ---- | M] () -- \Programy-instalačky\Ashampoo Photo Commander 7.10\KGN\AshampooPhotoCommanderKeygen.exe
[2007.09.08 09:18:14 | 000,055,296 | ---- | M] () -- \Programy-instalačky\Divx 7.2\Keygens\Keygen DFX.exe
[2008.11.15 10:02:40 | 000,081,920 | ---- | M] () -- \Programy-instalačky\Divx 7.2\Keygens\Keygen_FFF.exe
[2007.09.24 00:34:06 | 000,167,936 | ---- | M] () -- \Programy-instalačky\Photomatix Pro 3.2.9\x64\VIRILITY\keygen.exe
[2007.09.24 00:34:06 | 000,167,936 | ---- | M] () -- \Programy-instalačky\Photomatix Pro 3.2.9\x86\VIRILITY\keygen.exe
[2009.05.07 06:05:28 | 000,219,648 | ---- | M] () -- \Programy-instalačky\programy instalačky\Ashampoo Burning Studio 9.05\KeyGen.exe
[2008.03.21 08:54:14 | 000,082,432 | ---- | M] () -- \Programy-instalačky\Slysoft\CloneDVD2\CloneDVD 2.9.1.9 - Final\SND\CloneDVD2Keygen.exe
[2009.08.04 18:36:00 | 000,133,120 | ---- | M] () -- \Programy-instalačky\Turbo CAD Pro_instalační\Keygen\TC-16_keygen.exe
[2007.04.18 04:30:34 | 000,388,608 | ---- | M] () -- \Programy-instalačky\WinZIP\keygen.exe
[2008.09.11 15:56:42 | 000,069,632 | ---- | M] () -- \Programy-instalačky\WinZIP\Winzip.12.4.07.Pro\keygen.exe
[2011.11.13 15:31:17 | 104,698,799 | ---- | M] () -- \Users\Pepéé\Downloads\Ashampoo Burning Studio 10.0.11+Keygen.rar

< *loader* /s >
[2013.11.14 18:57:21 | 000,434,176 | ---- | M] () -- \Hry\Assassin's Creed IV Black Flag\uplay_r1_loader.dll
[2008.02.17 23:02:54 | 000,253,691 | ---- | M] () -- \Hry\Audiosurf\engine\Preloader.cgr
[2008.02.17 23:02:44 | 000,000,878 | ---- | M] () -- \Hry\Audiosurf\engine\Preloader_config.xml
[2008.02.17 23:02:26 | 000,016,384 | ---- | M] () -- \Hry\Audiosurf\engine\channels\FileLoader.dll
[2009.09.08 17:34:52 | 000,169,384 | ---- | M] () -- \Hry\Counter-Strike 1.6 ZCP\cstrike\models\qloader.mdl
[2009.09.08 17:36:32 | 000,352,548 | ---- | M] () -- \Hry\Counter-Strike 1.6 ZCP\valve\models\loader.mdl
[2009.09.08 17:37:28 | 000,012,764 | ---- | M] () -- \Hry\Counter-Strike 1.6 ZCP\valve\sound\ambience\loader_hydra1.wav
[2009.09.08 17:37:42 | 000,012,164 | ---- | M] () -- \Hry\Counter-Strike 1.6 ZCP\valve\sound\ambience\loader_step1.wav
[2010.03.28 11:59:14 | 000,000,236 | ---- | M] () -- \Hry\Download\1\BestPornHere\BEST CASH FOR UPLOADERS.url
[2010.08.24 09:53:04 | 000,071,008 | ---- | M] () -- \Hry\Mafia II\pc\PhysXLoader.dll
[2014.02.05 10:31:23 | 001,169,184 | ---- | M] () -- \NVIDIA\DisplayDriver\334.89\Win8_WinVista_Win7\International\GFExperience\ExtensionLoader.dll
[2004.02.03 09:27:56 | 000,113,664 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2011.07.29 17:25:44 | 002,817,664 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\Dll\DVSVideoDownloader.dll
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.02.05 23:27:16 | 000,000,015 | ---- | M] () -- \Program Files\Eset\TNod User & Password Finder\Licenses Downloader.bat
[2011.04.24 00:58:40 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.04.24 00:58:40 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.04.24 00:58:40 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.04.24 00:59:34 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\icq_profile\preloader.html
[2011.04.24 00:59:36 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\profile_forms\preloader.html
[2011.04.24 00:59:36 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\profile_lightboxs\preloader.html
[2014.02.05 10:31:23 | 001,169,184 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{C0064272-D168-4DDE-AD3D-F6EE833E943A}\ExtensionLoader.dll
[2014.02.05 10:31:23 | 001,169,184 | ---- | M] () -- \Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.12.20 01:37:56 | 000,065,344 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.12.20 01:37:44 | 000,073,536 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012.02.27 22:58:46 | 000,008,787 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\images\loaderLargeBlue.gif
[2012.02.27 22:58:46 | 000,008,787 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\images\loaderLargeGrey.gif
[2012.02.27 22:58:46 | 000,001,737 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\images\loaderSmallBlue.gif
[2012.02.27 22:58:46 | 000,001,737 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\images\loaderSmallGold.gif
[2009.10.03 23:30:32 | 000,002,262 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2011.07.29 17:31:50 | 000,042,144 | ---- | M] () -- \Programy\Free YouTube to MP3 Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2011.08.24 02:13:45 | 000,000,035 | ---- | M] () -- \Programy\PowerDVD11\PowerDVD11\ComLoader.ini
[2011.08.25 06:13:36 | 000,124,200 | ---- | M] () -- \Programy\PowerDVD11\PowerDVD11\Common\Koan\pyloader.dll
[2011.08.24 02:13:34 | 000,002,830 | ---- | M] () -- \Programy\PowerDVD11\PowerDVD11\Customizations\Generic\Style\Cascade\Media\Standard\SlideBar\ProgressLoader.png
[2011.08.19 11:03:38 | 000,028,126 | ---- | M] () -- \Programy\PowerDVD11\PowerDVD11\Movie\PK\subsys\PyImpLoader\PyImpLoader.kc
[2011.08.19 11:03:38 | 000,120,104 | ---- | M] () -- \Programy\PowerDVD11\PowerDVD11\Movie\PK\subsys\PyImpLoader\_PyImpLoader.pyd
[2011.08.12 08:26:27 | 000,012,088 | ---- | M] () -- \Programy\PowerDVD11\PowerDVD11\Movie\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2011.08.12 08:26:28 | 000,002,692 | ---- | M] () -- \Programy\PowerDVD11\PowerDVD11\Movie\PowerDVD Cinema\Presentation\Common\D3D9Loader.kc
[2011.08.16 11:03:40 | 000,012,022 | ---- | M] () -- \Programy\PowerDVD11\PowerDVD11\Movie\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2011.08.24 02:13:48 | 000,001,731 | ---- | M] () -- \Programy\PowerDVD11\PowerDVD11\System\FlvLoader.swf
[2011.08.24 02:13:48 | 000,001,949 | ---- | M] () -- \Programy\PowerDVD11\PowerDVD11\System\KernelCtrl\D3D9Loader.kc
[2011.08.24 02:13:49 | 000,056,487 | ---- | M] () -- \Programy\PowerDVD11\PowerDVD11\System\KernelCtrl\ImageLoader2.kc
[2011.08.24 02:13:50 | 000,004,045 | ---- | M] () -- \Programy\PowerDVD11\PowerDVD11\Widget\langloader.kc
[2011.08.24 02:13:50 | 000,014,262 | ---- | M] () -- \Programy\PowerDVD11\PowerDVD11\Widget\layoutloader.kc
[2008.06.20 18:13:32 | 000,044,032 | ---- | M] () -- \Programy\WinRAR\RarExtLoader.exe
[2009.08.01 13:14:32 | 010,787,373 | ---- | M] () -- \Programy-instalačky\7Loader v1.2.exe
[2009.09.03 21:24:11 | 003,258,368 | ---- | M] () -- \Programy-instalačky\YoutubeDownloaderSetup_1.1.msi
[2009.10.03 23:30:32 | 000,002,262 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2011.12.19 22:16:09 | 000,090,721 | ---- | M] () -- \Users\Pepéé\AppData\Local\SRDownloader.err
[2013.08.21 21:37:00 | 000,001,016 | ---- | M] () -- \Users\Pepéé\AppData\Local\SRDownloader.nast
[2011.10.27 23:33:18 | 000,000,000 | ---- | M] () -- \Users\Pepéé\AppData\Roaming\GetRightToGo\Brothersoftdownloader_for_MKVExtractGUI_2.data
[2012.10.12 22:19:20 | 000,005,434 | ---- | M] () -- \Users\Pepéé\AppData\Roaming\uTorrent\Amateri_Cz_1430MB.zip_downloader_98842.exe.torrent
[2011.12.19 22:16:29 | 000,904,192 | ---- | M] () -- \Users\Pepéé\Desktop\SRDownloader.exe
[2013.11.14 07:36:23 | 000,419,232 | ---- | M] () -- \Users\Pepéé\Desktop\Assassins.Creed.IV.Black\Assassin's Creed IV Black Flag\uplay_r1_loader.dll
[2013.11.14 18:57:21 | 000,434,176 | ---- | M] () -- \Users\Pepéé\Desktop\Assassins.Creed.IV.Black\Creck\uplay_r1_loader.dll
[2009.08.01 13:14:32 | 010,787,373 | ---- | M] () -- \Users\Pepéé\Desktop\Důležité vypálit!!!\Aktivace Windows 7\7Loader v1.2.exe
[2009.11.26 22:09:43 | 014,004,224 | ---- | M] () -- \Users\Pepéé\Desktop\MP3\Dave Darell - Freeloader (Original Mix).mp3
[2011.10.27 23:32:49 | 000,367,936 | ---- | M] () -- \Users\Pepéé\Downloads\Brothersoftdownloader_for_MKVExtractGUI_2.exe
[2011.10.19 21:21:23 | 000,903,680 | ---- | M] () -- \Users\Pepéé\Downloads\SRDownloader.exe
[2009.09.28 08:21:47 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[4 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2009.10.20 13:13:17 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.10.20 13:13:17 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winload.exe_75835076
[2009.10.20 13:13:18 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:99671BE2
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:FD34FE88

< End of report >

JoeFreemaN · #7 Příspěvek od **JoeFreemaN** » 20 bře 2014 21:26

OTL Extras logfile created on: 20.3.2014 21:12:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pepéé\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 69,11% Memory free
6,50 Gb Paging File | 5,40 Gb Available in Paging File | 83,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 26,38 Gb Free Space | 8,85% Space Free | Partition Type: NTFS

Computer Name: PEPÉÉ-PC | User Name: Pepéé | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-18618759-2446081156-1231606446-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programy\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0246E412-5212-4C72-8080-24AE07393FBE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0A40D965-319A-4893-A76A-84E3840EC11A}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{0E786742-F68B-426E-96FA-AD71EB1397EA}" = rport=139 | protocol=6 | dir=out | app=system |
"{1B67030A-6FE9-4AAB-BFBC-9FA29687A177}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{22B30901-0AE6-4A5E-AF2E-3A34A22C6BE0}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{27346FCA-24FE-46B2-8523-8CA804AAA023}" = lport=139 | protocol=6 | dir=in | app=system |
"{280B9949-AD50-415F-8339-485C9B692A32}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{2CCC6DB9-C251-4CCE-A4AA-BAD8C52F9FC2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2F7F2BEB-7E02-432A-AD08-32829F8318E6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3DC19989-4392-487D-83E9-66C0B86F042C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4A8C39BB-CDF0-4EF1-9024-E2AA75D652FA}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4FAA4E67-6CDB-4F95-9F30-1BF3C064E3CA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{53E6824F-D537-4BEC-8ED9-7614785CBF41}" = lport=445 | protocol=6 | dir=in | app=system |
"{5EB34497-32C2-4B13-A9AA-AF8E8F0F2476}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{62A975BD-0C24-41C0-9079-93F58691862F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6330C1B9-2582-4C95-B548-EA07E9D3CD63}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8341EC34-D271-4606-9871-53896ADA9610}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{8473922B-AD10-4AF1-B853-B3BA7D1C7930}" = lport=137 | protocol=17 | dir=in | app=system |
"{8958530A-45BE-438A-8B43-032D7ADC8C55}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8AD9D285-B422-4CAE-9F1E-099190AC2010}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{8DA1C85E-4916-4752-8DDC-7296841159DF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8F090DE3-ADEB-4F87-B397-72640006ADF9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{968E05EB-B53E-4210-92EB-5F541F23F47F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9DD2CD5D-ED95-4B00-976A-20F9D51DC392}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A460CB5E-0459-41B3-8FC0-939363F19613}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{A605347D-46E7-4C1C-A04D-F7CD2F32725A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A77A5406-6D03-4469-9ECF-F107CA705349}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA5E6A89-5789-4994-B1B5-2505EE7A5F21}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{AB5B12C2-2614-45A9-AB8F-6B7F5E45C384}" = rport=138 | protocol=17 | dir=out | app=system |
"{BB7EE8C2-CE17-4EA4-8ADC-DC9F6E2B1569}" = rport=137 | protocol=17 | dir=out | app=system |
"{BBDCAD6A-F392-4FE5-A6AB-6CE809E17CC1}" = lport=138 | protocol=17 | dir=in | app=system |
"{C52B732A-051F-4C3E-9EDC-2EB44EDEA769}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{D00C71DB-84B6-4AE7-BD8C-F4C147E3B67F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F37AFBB1-73FA-425A-8467-872A6EFB6E17}" = rport=445 | protocol=6 | dir=out | app=system |
"{F51845FD-C1C1-41B1-B308-5A81B4B08391}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FEFBE095-76D0-40FF-8C6F-50EF60D49DB8}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0005846A-FAC3-4915-9F2B-AA2218BABF06}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{02BBD005-2EA1-4F7A-9042-1584FB403D83}" = dir=in | app=c:\programy\powerdvd11\powerdvd11\pdvd11serv.exe |
"{02BD8789-C6AD-42A3-BE8F-3120C5207458}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{03AD32FE-90B4-4A6E-878E-1430A6D4884E}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{04A7AD8C-94C0-4733-A129-BDAB2C1AAFE4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1188995B-69AC-4A59-8BEF-9A4EDA52A559}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{11C76F79-D3F6-4E62-9FFF-AA2840B69064}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{143777DE-89F6-448B-96D4-279DFAF2CB00}" = protocol=17 | dir=in | app=c:\programy\utorrent\utorrent.exe |
"{1E1C5A7A-22B3-43F7-A49F-8E5C5F80708D}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{2C781E6A-6807-4C6E-B214-05AE5CA7195B}" = dir=in | app=c:\programy\powerdvd11\powerdvd11\movie\powerdvd cinema\powerdvdcinema11.exe |
"{32C108C7-A903-42EE-8797-3F83AA3AF601}" = dir=in | app=c:\programy\powerdvd11\powerdvd11\powerdvd11.exe |
"{39A2C350-1EA3-4087-9018-40CC6AC574E5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4B8CD9C9-1031-46C8-817C-20B64FD8A7A0}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{51E95D23-D13F-4816-A37B-097C8EC1D77C}" = protocol=17 | dir=in | app=c:\hry\need for speed rivals\nfs14_x86.exe |
"{585A259E-5818-49AF-9316-62C46A6F80F2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B922186-9089-40B9-BB75-F3BAF5F502D6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5F0410FC-3C0F-41F9-8258-2764D7E3A3C9}" = protocol=6 | dir=out | app=system |
"{6613B3E7-9409-4C4C-A2AC-DD98E89F7C50}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{69575DFF-8CDE-4516-8815-A441C20B2998}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{6CD5ED34-B528-4CC4-965E-CE03F5BC76E9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6D554AEE-7F5A-461E-91F5-5F34AC19CCE9}" = protocol=6 | dir=in | app=c:\programy\utorrent\utorrent.exe |
"{6E0FB730-7199-41F0-8DB0-E0022E36518F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{7527AB7F-A8BC-4920-98A9-25F6DC07BF97}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{79B29DB6-049B-4E14-B9D7-25BC670BDE5F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{90DA7E7A-AA53-4EE7-8A05-6D0F7F72D1D5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{921987F2-E867-405B-9BB3-ECEBC18F81A4}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9241E089-AE35-4304-9BDC-4EB58C821487}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{971945A5-CFBF-4C7E-A5ED-D60A3A44DE27}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9ABB74D1-5A13-4096-B4FB-B530FA3695B0}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{AAEA022B-AB21-4FCA-B18E-AD5F4A5EB3B5}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{B186BBD2-0302-4A94-993E-8BA953C38C48}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BB2AE2AB-B36C-42A7-AEE7-DC150BB2E7FA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CBC9BE4C-3683-46E3-91EB-74E5F05BD84B}" = dir=in | app=c:\programy\powerdvd11\powerdvd11\common\mediaserver\clmsserverforpdvd11.exe |
"{CE214070-F6EC-4956-A996-4EA92ABA0422}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CE7AAB55-7F8E-428F-95AB-66D9D66EE207}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{D02FFF67-ADAE-4F2E-BC6E-B48993053F29}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{D273496C-5207-452F-90FD-E2EB7912F10C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D283836B-0BAC-4946-B0C7-1ACA32A25F6A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D5F8FF9F-498A-48A2-B7FA-F888CB6B1D1B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D86455E3-018B-4D7E-8846-F35AA105472D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E01A08BD-A95D-4D28-A4B9-356F879447A3}" = protocol=6 | dir=in | app=c:\hry\need for speed rivals\nfs14_x86.exe |
"{ECA57501-1511-41FE-B886-3D65118D3D41}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ED4E7D79-F9F0-4A72-BAB8-541F1DFC1499}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EE099B9E-56A6-4198-A510-A3840923D344}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{FDA50988-FF97-45E9-A73A-C20735D9AE1D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"TCP Query User{0832AB98-53D6-4F9F-94DC-C255EBB8B91F}C:\hry\counter-strike 1.6 zcp\hlds.exe" = protocol=6 | dir=in | app=c:\hry\counter-strike 1.6 zcp\hlds.exe |
"TCP Query User{1361F5DA-9681-4C80-A271-80296A0955BA}C:\programy\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\programy\mozilla firefox\firefox.exe |
"TCP Query User{34A2AB81-0CD7-4B04-836B-7D3E0691C9DC}C:\programy\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\programy\mozilla firefox\plugin-container.exe |
"TCP Query User{3781F7E9-7636-42D9-B20C-E6D3EA8B5052}C:\hry\counter-strike 1.6 zcp\hl.exe" = protocol=6 | dir=in | app=c:\hry\counter-strike 1.6 zcp\hl.exe |
"TCP Query User{413C8BBF-0D09-4EC3-B52C-5AAD4946482A}C:\hry\counter-strike 1.6 zcp\hltv.exe" = protocol=6 | dir=in | app=c:\hry\counter-strike 1.6 zcp\hltv.exe |
"TCP Query User{E6D10433-D09E-4D51-A955-D8F1EF19714F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{05DB16EB-78CD-4D7C-8E83-B56201E7E394}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{1238BAB5-1593-4C05-A187-374429094445}C:\hry\counter-strike 1.6 zcp\hl.exe" = protocol=17 | dir=in | app=c:\hry\counter-strike 1.6 zcp\hl.exe |
"UDP Query User{6940D6AC-1440-4461-91F0-7B421555385C}C:\hry\counter-strike 1.6 zcp\hltv.exe" = protocol=17 | dir=in | app=c:\hry\counter-strike 1.6 zcp\hltv.exe |
"UDP Query User{8CE8D6C1-D1CB-44F8-A643-5C6B75070716}C:\hry\counter-strike 1.6 zcp\hlds.exe" = protocol=17 | dir=in | app=c:\hry\counter-strike 1.6 zcp\hlds.exe |
"UDP Query User{EACCAF82-EAD2-4C00-AD8E-5C53461F4EFC}C:\programy\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\programy\mozilla firefox\firefox.exe |
"UDP Query User{FBCC9D6F-74AA-4773-8125-B26360D23709}C:\programy\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\programy\mozilla firefox\plugin-container.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series" = Canon MP520 series
"{186D44B3-1D3D-48B7-A487-DAD35CD06E5E}" = ESET Smart Security
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}" = Angry Birds Space
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6D316D67-DA52-4659-9C98-F479963534D6}" = Audiosurf
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum zařízení Windows Mobile
"{912F394B-117F-415C-9C0F-2C2018F85CE6}" = TurboCAD Professional 16
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6CB9620-444F-4B8B-B088-C2BD3FD0A587}_is1" = Counter-Strike 1.6 V42 No-Steam
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E0A32336-AA27-4053-99B2-C3380B7B95AC}" = Need for Speed™ Rivals
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{EC42ED6A-751D-45C0-A4F9-8CD00E4690FC}" = Logitech QuickCam
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Ashampoo Burning Studio 11_is1" = Ashampoo Burning Studio 11 v.11.0.2
"Audacity_is1" = Audacity 1.2.2
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DXTXTRA" = Microsoft DirectX Transform optional components
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.6.727
"InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3
"InstallShield_{E03B44A3-9237-4B55-B7A5-DB1DD46920D3}" = Wolfenstein(TM) 1.1 Patch
"InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"Mafia II_is1" = Mafia II DLC Joe's Adventures
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Mozilla Firefox 28.0 (x86 cs)" = Mozilla Firefox 28.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ObjectDock" = ObjectDock
"OpenAL" = OpenAL
"PCI Audio Applications" = PCI Audio Applications
"PCI Audio Driver" = PCI Audio Driver
"PhotomatixPro3x32_is1" = Photomatix Pro version 3.2.9
"PunkBusterSvc" = PunkBuster Services
"Registrace uživatele zařízení Canon MP520 series" = Registrace uživatele zařízení Canon MP520 series
"Rockstar Games Social Club" = Rockstar Games Social Club
"SMPlayer" = SMPlayer 0.8.5
"Sniper Ghost Warrior 2 CZ_is1" = Sniper Ghost Warrior 2 CZ verze 1.04
"Super Mario All-Stars_is1" = Super Mario All-Stars
"TNod" = TNod User & Password Finder
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR
"Xvid CZ 1.01_is1" = Xvid CZ 1.01
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-18618759-2446081156-1231606446-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"7f4182272b52fd8f" = CZShare Manager
"MyFreeCodec" = MyFreeCodec

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 14.8.2011 6:24:43 | Computer Name = Pepéé-PC | Source = VSS | ID = 8194
Description =

Error - 14.8.2011 12:00:26 | Computer Name = Pepéé-PC | Source = VSS | ID = 8194
Description =

Error - 14.8.2011 12:07:33 | Computer Name = Pepéé-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IDriver.exe, verze: 8.1.0.293, časové razítko:
0x3e667b48 Název chybujícího modulu: GrooveUtil.DLL, verze: 12.0.4518.1014, časové
razítko: 0x4541b310 Kód výjimky: 0xc0000005 Posun chyby: 0x000349db ID chybujícího
procesu: 0xf04 Čas spuštění chybující aplikace: 0x01cc5a9b426b1514 Cesta k chybující
aplikaci: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe
Cesta
k chybujícímu modulu: C:\PROGRA~1\MICROS~2\Office12\GrooveUtil.DLL ID zprávy: 844d2eff-c68f-11e0-83fa-001966ef4143

Error - 14.8.2011 12:08:50 | Computer Name = Pepéé-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IDriver.exe, verze: 8.1.0.293, časové razítko:
0x3e667b48 Název chybujícího modulu: GrooveUtil.DLL, verze: 12.0.4518.1014, časové
razítko: 0x4541b310 Kód výjimky: 0xc0000005 Posun chyby: 0x000349db ID chybujícího
procesu: 0x1560 Čas spuštění chybující aplikace: 0x01cc5a9c5c5462e0 Cesta k chybující
aplikaci: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe
Cesta
k chybujícímu modulu: C:\PROGRA~1\MICROS~2\Office12\GrooveUtil.DLL ID zprávy: b24a974f-c68f-11e0-83fa-001966ef4143

Error - 24.8.2011 3:30:41 | Computer Name = Pepéé-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ChromEd.exe, verze: 2.10.0.1, časové razítko:
0x44d08d68 Název chybujícího modulu: ChromEd.exe, verze: 2.10.0.1, časové razítko:
0x44d08d68 Kód výjimky: 0xc0000005 Posun chyby: 0x00090dc2 ID chybujícího procesu:
0x13c Čas spuštění chybující aplikace: 0x01cc622fb4dd4685 Cesta k chybující aplikaci:
C:\Program Files\Ubisoft\Techland\Call of Juarez\ChromEd.exe Cesta k chybujícímu
modulu: C:\Program Files\Ubisoft\Techland\Call of Juarez\ChromEd.exe ID zprávy:
f80261c4-ce22-11e0-a524-001966ef4143

Error - 30.8.2011 16:44:18 | Computer Name = Pepéé-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: wmplayer.exe, verze: 12.0.7600.16415, časové
razítko: 0x4a98ae4b Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385,
časové razítko: 0x4a5bdadb Kód výjimky: 0xc0000374 Posun chyby: 0x000c283b ID chybujícího
procesu: 0x910 Čas spuštění chybující aplikace: 0x01cc675594d8b7e7 Cesta k chybující
aplikaci: C:\Program Files\Windows Media Player\wmplayer.exe Cesta k chybujícímu
modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: d413929d-d348-11e0-8791-001966ef4143

Error - 4.9.2011 4:53:50 | Computer Name = Pepéé-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: wmplayer.exe, verze: 12.0.7600.16415, časové
razítko: 0x4a98ae4b Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385,
časové razítko: 0x4a5bdadb Kód výjimky: 0xc0000374 Posun chyby: 0x000c283b ID chybujícího
procesu: 0x122c Čas spuštění chybující aplikace: 0x01cc6ae029a22fc2 Cesta k chybující
aplikaci: C:\Program Files\Windows Media Player\wmplayer.exe Cesta k chybujícímu
modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 6856559b-d6d3-11e0-987b-001966ef4143

Error - 25.9.2011 16:03:03 | Computer Name = Pepéé-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: TNODUP.exe, verze: 1.4.1.0, časové razítko:
0x4dc495a5 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x30322070 ID chybujícího procesu: 0x93c Čas spuštění
chybující aplikace: 0x01cc7bbc8ee673fc Cesta k chybující aplikaci: C:\Program Files\TNod
User & Password Finder\TNODUP.exe Cesta k chybujícímu modulu: unknown ID zprávy:
5fd5a461-e7b1-11e0-b301-001966ef4143

Error - 6.10.2011 11:47:55 | Computer Name = Pepéé-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: wmplayer.exe, verze: 12.0.7600.16415, časové
razítko: 0x4a98ae4b Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385,
časové razítko: 0x4a5bdadb Kód výjimky: 0xc0000374 Posun chyby: 0x000c283b ID chybujícího
procesu: 0xc94 Čas spuštění chybující aplikace: 0x01cc843f4a990490 Cesta k chybující
aplikaci: C:\Program Files\Windows Media Player\wmplayer.exe Cesta k chybujícímu
modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 8e44ae86-f032-11e0-b23d-001966ef4143

Error - 20.10.2011 17:33:43 | Computer Name = Pepéé-PC | Source = VSS | ID = 8194
Description =

[ Media Center Events ]
Error - 2.1.2011 6:55:22 | Computer Name = Pepéé-PC | Source = MCUpdate | ID = 0
Description = 11:55:22 - Chyba při připojování k Internetu 11:55:22 - Nelze kontaktovat
server..

Error - 2.1.2011 6:55:30 | Computer Name = Pepéé-PC | Source = MCUpdate | ID = 0
Description = 11:55:27 - Chyba při připojování k Internetu 11:55:27 - Nelze kontaktovat
server..

Error - 2.1.2011 7:55:38 | Computer Name = Pepéé-PC | Source = MCUpdate | ID = 0
Description = 12:55:38 - Chyba při připojování k Internetu 12:55:38 - Nelze kontaktovat
server..

Error - 2.1.2011 7:55:48 | Computer Name = Pepéé-PC | Source = MCUpdate | ID = 0
Description = 12:55:43 - Chyba při připojování k Internetu 12:55:43 - Nelze kontaktovat
server..

Error - 2.1.2011 8:56:04 | Computer Name = Pepéé-PC | Source = MCUpdate | ID = 0
Description = 13:56:03 - Chyba při připojování k Internetu 13:56:04 - Nelze kontaktovat
server..

Error - 2.1.2011 8:56:23 | Computer Name = Pepéé-PC | Source = MCUpdate | ID = 0
Description = 13:56:09 - Chyba při připojování k Internetu 13:56:09 - Nelze kontaktovat
server..

Error - 3.1.2011 5:39:43 | Computer Name = Pepéé-PC | Source = MCUpdate | ID = 0
Description = 10:39:43 - Chyba při připojování k Internetu 10:39:43 - Nelze kontaktovat
server..

[ OSession Events ]
Error - 21.3.2011 10:07:08 | Computer Name = Pepéé-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 33
seconds with 0 seconds of active time. This session ended with a crash.

Error - 21.3.2011 10:09:06 | Computer Name = Pepéé-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 114
seconds with 60 seconds of active time. This session ended with a crash.

Error - 21.3.2011 10:09:17 | Computer Name = Pepéé-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.

Error - 21.3.2011 10:09:27 | Computer Name = Pepéé-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.

Error - 21.3.2011 10:09:33 | Computer Name = Pepéé-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 21.3.2011 10:29:53 | Computer Name = Pepéé-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 851
seconds with 60 seconds of active time. This session ended with a crash.

Error - 21.3.2011 10:30:08 | Computer Name = Pepéé-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 21.3.2011 16:37:45 | Computer Name = Pepéé-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 21.3.2011 16:37:54 | Computer Name = Pepéé-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 21.3.2011 17:11:49 | Computer Name = Pepéé-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 784
seconds with 780 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 20.3.2014 15:43:01 | Computer Name = Pepéé-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%126

Error - 20.3.2014 15:43:01 | Computer Name = Pepéé-PC | Source = Service Control Manager | ID = 7023
Description = Služba Server byla ukončena s následující chybou: %%126

Error - 20.3.2014 15:43:01 | Computer Name = Pepéé-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%126

Error - 20.3.2014 15:43:01 | Computer Name = Pepéé-PC | Source = Service Control Manager | ID = 7023
Description = Služba Server byla ukončena s následující chybou: %%126

Error - 20.3.2014 15:43:01 | Computer Name = Pepéé-PC | Source = Service Control Manager | ID = 7001
Description = Služba Prohledávání počítačů závisí na službě Server, která neuspěla
při spuštění v důsledku následující chyby: %%126

Error - 20.3.2014 15:43:01 | Computer Name = Pepéé-PC | Source = Service Control Manager | ID = 7023
Description = Služba Server byla ukončena s následující chybou: %%126

Error - 20.3.2014 15:43:13 | Computer Name = Pepéé-PC | Source = Service Control Manager | ID = 7001
Description = Služba Naslouchací proces domácí skupiny závisí na službě Server,
která neuspěla při spuštění v důsledku následující chyby: %%126

Error - 20.3.2014 15:43:13 | Computer Name = Pepéé-PC | Source = Service Control Manager | ID = 7023
Description = Služba Server byla ukončena s následující chybou: %%126

Error - 20.3.2014 15:43:13 | Computer Name = Pepéé-PC | Source = Service Control Manager | ID = 7001
Description = Služba Naslouchací proces domácí skupiny závisí na službě Server,
která neuspěla při spuštění v důsledku následující chyby: %%126

Error - 20.3.2014 15:43:13 | Computer Name = Pepéé-PC | Source = Service Control Manager | ID = 7023
Description = Služba Server byla ukončena s následující chybou: %%126

< End of report >

#8 Příspěvek od **vyosek** » 20 bře 2014 21:28

Je mi lito, ale nelegalnimi systemy navic jeste s nelegalnimi zabezpecenim (antivir) tu pomoc neposkytujeme - takto hovori pravidla fora a charta mezinarodni aliance, jejiz jsme cleny...

V PC jsou jak nelegalni Windows, tak nelegalni ESET...

Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.)

VIRY.CZ

Nelze nic stahovat + prohlížeč padá

Nelze nic stahovat + prohlížeč padá

Re: Nelze nic stahovat + prohlížeč padá

Re: Nelze nic stahovat + prohlížeč padá

Re: Nelze nic stahovat + prohlížeč padá

Re: Nelze nic stahovat + prohlížeč padá

Re: Nelze nic stahovat + prohlížeč padá

Re: Nelze nic stahovat + prohlížeč padá

Re: Nelze nic stahovat + prohlížeč padá