VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Modrá Smrt - černá obrazovka a restart

https://forum.viry.cz:443/viewtopic.php?t=136597

Stránka 6 z 7

Re: Modrá Smrt - černá obrazovka a restart

Napsal: 05 dub 2014 22:21
od Novatera
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by R at 2014-04-05 23:26:50 Run:1
Running from C:\Users\R\Desktop\FRST
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
S1 tgabgvnb; No ImagePath
S1 twprlugc; No ImagePath
S1 tzmeppsq; No ImagePath
S1 ufktitac; No ImagePath
S1 scjuwzdg; No ImagePath
S1 nvagnqts; No ImagePath
S1 blmrinyk; No ImagePath
S1 crhazelt; No ImagePath
S1 ehjpujev; No ImagePath
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S1 kpcvdoxk; No ImagePath
C:\Program Files\Enigma Software Group\SpyHunter
CHR Extension: (Ads Removal) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-25]
CHR Extension: (No Name) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod [2014-01-03]
CHR Extension: (Skype Click to Call) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-03-22]
CHR Extension: (Peněženka Google) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
SearchScopes: HKLM - {5F3F9639-E5E6-4C72-92D2-32A40E19016D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKCU - 9665500415544EE59F4093BA1D2C27F8 URL = http://search.yahoo.com/search?fr=chr-g ... =198484&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Run: [1a92553fc3706c469bd5c78793b2aa21] - "C:\Users\R\AppData\Local\Temp\FlashPlayerPlugin_11_9_900_117.exe"
C:\Users\R\AppData\Local\Temp\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\Tasks\ImCleanDisabled
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0C
C:\Program Files\LockHunter
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\R\AppData\Local\SCE
C:\ProgramData\wavav0bdtzbtb43b.bat
C:\ProgramData\wavav0bdtzbtb43b.reg
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
*****************

tgabgvnb => Service deleted successfully.
twprlugc => Service deleted successfully.
tzmeppsq => Service deleted successfully.
ufktitac => Service deleted successfully.
scjuwzdg => Service deleted successfully.
nvagnqts => Service deleted successfully.
blmrinyk => Service deleted successfully.
crhazelt => Service deleted successfully.
ehjpujev => Service deleted successfully.
esgiguard => Service deleted successfully.
kpcvdoxk => Service deleted successfully.
C:\Program Files\Enigma Software Group\SpyHunter => Moved successfully.
C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen => Moved successfully.
C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod => Moved successfully.
C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5F3F9639-E5E6-4C72-92D2-32A40E19016D} => Key deleted successfully.
HKCR\CLSID\{5F3F9639-E5E6-4C72-92D2-32A40E19016D} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\9665500415544EE59F4093BA1D2C27F8 => Key deleted successfully.
HKCR\CLSID\9665500415544EE59F4093BA1D2C27F8 => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-93735815-1299707322-140628041-1000\Software\Microsoft\Windows\CurrentVersion\Run\\1a92553fc3706c469bd5c78793b2aa21 => Value deleted successfully.
"C:\Users\R\AppData\Local\Temp\FlashPlayerPlugin_11_9_900_117.exe" => File/Directory not found.
C:\Windows\Tasks\ImCleanDisabled => Moved successfully.
"C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0C" => File/Directory not found.
C:\Program Files\LockHunter => Moved successfully.
C:\ProgramData\IObit => Moved successfully.
C:\ProgramData\ProductData => Moved successfully.
C:\Users\R\AppData\Local\SCE => Moved successfully.
C:\ProgramData\wavav0bdtzbtb43b.bat => Moved successfully.
C:\ProgramData\wavav0bdtzbtb43b.reg => Moved successfully.
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 => Moved successfully.

==== End of Fixlog ====

Re: Modrá Smrt - černá obrazovka a restart

Napsal: 05 dub 2014 22:26
od motji
Vyčištěte přes ccleaner registry, tempy, restart pc a nový log z Frst.

Re: Modrá Smrt - černá obrazovka a restart

Napsal: 05 dub 2014 22:42
od Novatera
Stále scannuje, mezitím chtěl bych se vás zeptat jestli můžete doporučit antivir Avast free, začal jsem ho nyní používat a zdá se mi lepší než AVGčko free, které jsem měl do teď, je to pouze mé zdání nebo je opravdu lepší a není to takové "Sejto" na Freečkový antivir ?

A ještě bych se zeptal, jestli by jste mi neporadila jak co nejlépe vyčistit počítač od přebytečných složek a souborů - Například Cčko má 900GB hdd z toho je tak 200 Gb věcí o kterých vím = Hry, filmy atd. Ale kam se strácí těch dalších 600 GB je mi záhadou... Jestli třeba není nějaký "čistič", který by mi ukázal kde jaká složka zabírá tolik a tolik místa abych měl to čištění usnadněné, mám teď pár dní volno tak se do toho pustím a dám si ho do pořádku :)

Re: Modrá Smrt - černá obrazovka a restart

Napsal: 05 dub 2014 22:47
od motji
Avast free sama používám, jako free antivir tu doporučujeme :) . Avg tu nemáme rádi :D .
Teď po našem čištění se velikost disku nezmenšila? Přiznám se, že žádný program, který by Vám ukázav velikosti složek neznám, snad jen nějaký total comander :D . Ale na vyčištění tempů by měl stačit ccleaner, a pokud jste zkušenější uživatel, můžete si zapnout skryté soubory a složky a smazat složky od programů, které už máte odinstalované.
Potom, až skončíme s čištěním, vypněte obnovu systému, restart pc, a zase zapnout. Tím se smažou staré body obnovy, mohou Vám také zabírat spoustu místa.

Re: Modrá Smrt - černá obrazovka a restart

Napsal: 05 dub 2014 22:57
od Novatera
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by R (administrator) on R-HP on 05-04-2014 23:37:05
Running from C:\Users\R\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [NeroFilterCheck] - C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-25] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Run: [CreativeTaskScheduler] - C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd)
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: J - J:\LaunchU3.exe -a
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: K - K:\LaunchU3.exe -a
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: L - L:\LaunchU3.exe -a
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: {73eafd82-3873-11e1-afaa-e06995d0fdb8} - J:\launcher.exe
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: {be5fc397-3096-11e1-987d-e06995d0fdb8} - M:\ZTE_Handset_USB_Driver.exe
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: {dcf14671-d57b-11e0-874d-e06995d0fdb8} - K:\LaunchU3.exe -a
HKU\S-1-5-21-93735815-1299707322-140628041-1000\...\MountPoints2: {ff09786f-eb4b-11e0-80f3-e06995d0fdb8} - J:\INSTALL.EXE

==================== Internet (Whitelisted) ====================

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-08-16] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A4748267-3642-46B9-BBD0-D6D8B7A0A1FE}: [NameServer]8.8.8.8,8.8.4.4

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-22]
CHR Extension: (Google Drive) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-22]
CHR Extension: (YouTube) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-22]
CHR Extension: (Google Search) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-22]
CHR Extension: (Gmail) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-22]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\R\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2013-05-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]

==================== Services (Whitelisted) =================

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4390376 2011-07-17] (INCA Internet Co., Ltd.)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-09-01] ()
S2 pr2agqwb; C:\Windows\system32\pr2agqwb.exe [777576 2007-11-14] (Cyanide)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-01-07] (DT Soft Ltd)
S3 dump_wmimmc; No ImagePath
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2014-02-26] (Intel Corporation)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2004-12-31] (INCA Internet Co., Ltd.)
R0 pe3agqwb; C:\Windows\System32\drivers\pe3agqwb.sys [72296 2007-11-14] (Cyanide)
R0 ps7agqwb; C:\Windows\System32\drivers\ps7agqwb.sys [102000 2007-11-14] (Cyanide)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () <===== ATTENTION Necurs Rootkit?
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 cpuz136; \??\C:\Users\R\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-05 23:35 - 2014-04-05 23:35 - 05003552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-05 23:35 - 2014-04-05 23:35 - 00000056 _____ () C:\Windows\setupact.log
2014-04-05 23:35 - 2014-04-05 23:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-05 23:30 - 2014-04-05 23:35 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-05 23:25 - 2014-04-05 23:36 - 00000000 ____D () C:\Users\R\Desktop\FRST
2014-04-05 22:56 - 2014-04-05 22:56 - 00044273 _____ () C:\Users\R\Desktop\Addition.txt
2014-04-05 22:46 - 2014-04-05 23:37 - 00011520 _____ () C:\Users\R\Desktop\FRST.txt
2014-04-05 22:45 - 2014-04-05 23:37 - 00000000 ____D () C:\FRST
2014-04-05 22:45 - 2014-04-05 22:45 - 02157056 _____ (Farbar) C:\Users\R\Desktop\FRST64.exe
2014-04-05 22:23 - 2014-04-05 22:23 - 00000000 ____D () C:\_OTL
2014-04-05 22:00 - 2014-04-05 22:00 - 00000000 ____D () C:\Qoobox
2014-04-05 21:59 - 2014-04-05 21:59 - 05193579 ____R (Swearware) C:\Users\R\Desktop\ComboFix.exe
2014-04-05 21:59 - 2014-04-05 21:59 - 00000000 ____D () C:\Windows\erdnt
2014-04-05 21:57 - 2014-04-05 21:58 - 00003172 _____ () C:\Users\R\Desktop\Rkill.txt
2014-04-05 21:57 - 2014-04-05 21:57 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\R\Desktop\rkill.exe
2014-04-05 21:55 - 2014-04-05 21:55 - 00000512 _____ () C:\PhysicalMBR.bin
2014-04-05 21:53 - 2014-04-05 21:53 - 00602112 _____ (OldTimer Tools) C:\Users\R\Desktop\OTL.exe
2014-04-05 21:08 - 2014-04-05 21:08 - 00014465 _____ () C:\Users\R\Desktop\AdwCleaner[R0].txt
2014-04-05 21:04 - 2014-04-05 21:09 - 00000000 ____D () C:\AdwCleaner
2014-04-05 20:54 - 2014-04-05 20:54 - 01426178 _____ () C:\Users\R\Desktop\AdwCleaner.exe
2014-04-05 20:54 - 2014-04-05 20:54 - 01038974 _____ (Thisisu) C:\Users\R\Desktop\JRT.exe
2014-04-05 15:50 - 2014-04-05 16:31 - 736506338 _____ () C:\Users\R\Desktop\Vrána=1994-Akční-DVD-CZ.avi
2014-04-05 01:05 - 2014-04-05 01:05 - 00165888 _____ () C:\Users\R\Documents\T-Cleaner.exe
2014-04-04 22:28 - 2014-04-04 22:41 - 123185915 _____ () C:\Users\R\Desktop\Duch-=1990-Romantický-DVD-CZ.avi
2014-04-04 22:24 - 2014-04-04 22:28 - 21942207 _____ () C:\Users\R\Desktop\Carrie-(2013)-Novinka-CZ-dabing-Drama-Horor-Mysteriozní-výborná-BDRip-kvalita-.MEMRC123..avi
2014-04-04 21:49 - 2014-04-04 22:08 - 351481856 _____ () C:\Users\R\Desktop\Hannah-Montana-1x01---Lilly,-chces-znat-tajemstvi-.avi
2014-04-03 23:43 - 2014-04-03 23:58 - 286788548 _____ () C:\Users\R\Desktop\Lord-Ryolith-HC-3.4.2014.mp4
2014-04-03 21:12 - 2014-04-03 21:53 - 731565116 _____ () C:\Users\R\Desktop\Deník-princezny.CZ-dab.Mikky.avi
2014-04-03 16:21 - 2014-04-03 16:21 - 00000000 _____ () C:\Users\R\Desktop\fl hc.txt
2014-04-02 17:07 - 2014-04-02 17:08 - 00000000 ____D () C:\Users\R\Desktop\Nová složka (3)
2014-04-01 19:07 - 2014-04-01 19:53 - 828302680 _____ () C:\Users\R\Desktop\Farma-smrti-cz-[natu3].avi
2014-04-01 10:37 - 2014-04-01 10:37 - 00009216 _____ () C:\Users\R\Documents\cc_20140401_103749.reg
2014-04-01 10:08 - 2014-04-05 01:07 - 00000000 _____ () C:\SRStatus2.txt
2014-03-31 23:43 - 2014-03-31 23:43 - 00008585 _____ () C:\Users\R\Desktop\mbam.txt
2014-03-31 23:13 - 2014-04-01 10:44 - 00000115 _____ () C:\Users\R\Desktop\Nový textový dokument.txt
2014-03-31 21:35 - 2014-03-31 21:35 - 00001100 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-31 21:35 - 2014-03-31 21:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-31 21:35 - 2014-03-05 09:32 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-31 21:35 - 2014-03-05 09:32 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-31 21:35 - 2014-03-05 09:32 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 21:34 - 2014-03-31 21:34 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\R\Desktop\mbam-setup-1.75.0.1300.exe
2014-03-31 21:32 - 2014-04-05 23:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-31 21:31 - 2014-03-31 21:31 - 17523520 _____ (Malwarebytes Corporation ) C:\Users\R\Desktop\mbam-setup.exe
2014-03-31 18:35 - 2014-03-31 19:44 - 1248584811 _____ () C:\Users\R\Desktop\NOVÁ-DCERA-CZ-dabing-Thriller-Horor-(2009)-s-KCostnerom.wmv
2014-03-31 16:59 - 2014-03-31 16:59 - 00000000 _____ () C:\Users\R\Desktop\OSType.txt
2014-03-31 12:27 - 2014-04-05 22:04 - 00000000 ___SD () C:\32788R22FWJFW
2014-03-31 03:22 - 2014-03-31 03:24 - 00000000 ____D () C:\Users\R\Desktop\flashka
2014-03-31 03:19 - 2014-03-31 03:27 - 00000000 ____D () C:\Users\R\Desktop\nova
2014-03-30 21:44 - 2014-03-30 21:44 - 00004450 _____ () C:\Users\test\Desktop\RKreport[0]_D_03302014_214412.txt
2014-03-30 21:43 - 2014-03-30 21:43 - 00004360 _____ () C:\Users\test\Desktop\RKreport[0]_S_03302014_214326.txt
2014-03-30 21:33 - 2014-03-30 21:55 - 00000000 ____D () C:\Users\test\Desktop\RK_Quarantine
2014-03-30 21:30 - 2014-03-30 21:31 - 03972608 _____ () C:\Users\test\Downloads\RogueKiller.exe
2014-03-30 20:19 - 2014-03-30 20:20 - 00000000 ____D () C:\Users\R\Desktop\plocha
2014-03-30 20:17 - 2014-03-30 20:17 - 00004466 _____ () C:\Users\test\Documents\cc_20140330_201736.reg
2014-03-30 17:56 - 2014-03-30 17:56 - 00000000 ____D () C:\Users\test\AppData\Roaming\Malwarebytes
2014-03-30 17:55 - 2014-03-30 17:55 - 00000000 ____D () C:\Users\test\AppData\Roaming\AVAST Software
2014-03-30 17:41 - 2014-03-30 17:58 - 3201380352 _____ () C:\Users\R\AppData\Roaming\tmp.tmp
2014-03-30 17:38 - 2014-03-30 17:38 - 00012999 _____ () C:\Users\R\Documents\hijackthis.log
2014-03-30 16:38 - 2014-03-31 21:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-30 16:38 - 2014-03-30 19:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-30 16:38 - 2014-03-30 16:38 - 00000000 ____D () C:\Users\R\AppData\Roaming\Malwarebytes
2014-03-30 01:40 - 2014-03-30 01:40 - 00000000 ____D () C:\Users\R\AppData\Roaming\AVAST Software
2014-03-30 01:38 - 2014-03-30 01:38 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-29 17:29 - 2014-03-29 19:07 - 833394688 _____ () C:\Users\R\Documents\PAN-DOMU---CZ-dvdrip.avi
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\Users\R\AppData\Local\VS Revo Group
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-29 05:36 - 2009-12-30 11:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-03-29 05:33 - 2014-03-29 05:33 - 00000000 ____D () C:\Users\R\AppData\Roaming\Flashmedia
2014-03-29 02:03 - 2014-03-29 02:03 - 00002525 _____ () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk
2014-03-27 17:05 - 2014-04-03 17:09 - 00000000 ____D () C:\Users\R\Desktop\Nová složka (2)
2014-03-19 22:21 - 2014-03-19 22:21 - 02815713 _____ () C:\Users\R\Documents\Bez názvu.wma
2014-03-19 16:30 - 2014-03-19 16:30 - 00000000 ____D () C:\ProgramData\Steam
2014-03-19 16:07 - 2014-03-19 16:07 - 00000000 ____D () C:\Program Files (x86)\Total War Rome II CZ
2014-03-17 05:46 - 2014-03-17 05:46 - 00000000 ____D () C:\Users\R\Documents\LucasArts
2014-03-17 05:46 - 2014-03-17 05:46 - 00000000 ____D () C:\Users\R\AppData\Local\LucasArts
2014-03-17 01:27 - 2014-03-17 01:27 - 00000000 ____D () C:\Program Files (x86)\LucasArts
2014-03-17 00:44 - 2014-04-04 21:39 - 00000000 ____D () C:\Users\R\Desktop\afsafs
2014-03-16 20:16 - 2014-03-16 20:17 - 00000000 ____D () C:\Users\R\Desktop\Maturitní ples 2POA
2014-03-16 18:29 - 2014-03-16 18:35 - 736757760 _____ () C:\Users\R\Documents\KOPACKY-2008-KOMEDIE-CZ-DABING.avi
2014-03-16 15:32 - 2014-03-16 15:37 - 774180380 _____ () C:\Users\R\Documents\Silent-Hill-2006.CZ-dab.avi
2014-03-13 06:01 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 06:01 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 06:01 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 06:01 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 06:01 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 06:01 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 06:01 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 06:01 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 06:01 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 06:01 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 06:01 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 06:01 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 06:01 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 06:01 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 06:01 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 06:01 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 06:01 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 06:01 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 06:01 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 06:01 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 06:01 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 06:01 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 06:01 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 06:01 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 06:01 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 06:01 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 06:01 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 06:01 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 06:01 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 06:01 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 06:01 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 06:01 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 06:01 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 06:01 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 06:01 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 06:01 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 06:01 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 06:01 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 06:01 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 06:01 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 06:01 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 06:01 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 06:01 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 06:01 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 06:00 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 06:00 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 06:00 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 06:00 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-09 23:04 - 2014-03-09 23:04 - 00044752 _____ () C:\Users\R\Downloads\stažený soubor (4).htm
2014-03-09 22:48 - 2014-03-09 22:48 - 00044518 _____ () C:\Users\R\Downloads\stažený soubor (3).htm
2014-03-09 22:48 - 2014-03-09 22:48 - 00044518 _____ () C:\Users\R\Downloads\stažený soubor (2).htm
2014-03-09 22:43 - 2014-03-09 22:43 - 00058450 _____ () C:\Users\R\Downloads\viewforum (4).htm
2014-03-09 22:34 - 2014-03-09 22:34 - 00031929 _____ () C:\Users\R\Downloads\stažený soubor (1).htm
2014-03-09 22:34 - 2014-03-09 22:34 - 00013767 _____ () C:\Users\R\Downloads\forum (1).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00031070 _____ () C:\Users\R\Downloads\viewforum.htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (3).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (2).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (1).htm
2014-03-09 16:06 - 2014-03-09 16:06 - 00042188 _____ () C:\Users\R\Downloads\stažený soubor.htm
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (6).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (5).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (4).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (3).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (2).php
2014-03-09 14:03 - 2014-03-09 14:03 - 00041975 _____ () C:\Users\R\Downloads\index.php
2014-03-09 14:03 - 2014-03-09 14:03 - 00041975 _____ () C:\Users\R\Downloads\index (1).php
2014-03-09 01:16 - 2014-03-09 01:16 - 00956137 _____ () C:\Users\R\Downloads\pc_budik_2012.zip
2014-03-09 01:16 - 2014-03-09 01:16 - 00956137 _____ () C:\Users\R\Downloads\pc_budik_2012 (1).zip
2014-03-07 12:38 - 2014-03-07 12:38 - 00048406 _____ () C:\Users\R\Downloads\viewtopic (1).htm
2014-03-06 20:43 - 2014-03-06 20:43 - 00042627 _____ () C:\Users\R\Downloads\viewtopic.htm
2014-03-06 19:26 - 2014-03-06 19:26 - 00013767 _____ () C:\Users\R\Downloads\forum.htm

==================== One Month Modified Files and Folders =======

2014-04-05 23:37 - 2014-04-05 22:46 - 00011520 _____ () C:\Users\R\Desktop\FRST.txt
2014-04-05 23:37 - 2014-04-05 22:45 - 00000000 ____D () C:\FRST
2014-04-05 23:36 - 2014-04-05 23:25 - 00000000 ____D () C:\Users\R\Desktop\FRST
2014-04-05 23:36 - 2014-03-31 21:32 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 23:36 - 2011-09-19 02:00 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-05 23:36 - 2011-08-16 13:32 - 00000000 ____D () C:\ProgramData\PDFC
2014-04-05 23:35 - 2014-04-05 23:35 - 05003552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-05 23:35 - 2014-04-05 23:35 - 00000056 _____ () C:\Windows\setupact.log
2014-04-05 23:35 - 2014-04-05 23:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-05 23:35 - 2014-04-05 23:30 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-05 23:35 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-05 23:35 - 2009-07-14 06:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-05 23:32 - 2011-08-16 13:04 - 00737120 _____ () C:\Windows\system32\perfh005.dat
2014-04-05 23:32 - 2011-08-16 13:04 - 00166810 _____ () C:\Windows\system32\perfc005.dat
2014-04-05 23:32 - 2009-07-14 07:13 - 01775876 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-05 23:26 - 2013-06-03 22:15 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-05 23:26 - 2011-09-19 02:00 - 00000942 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-05 23:24 - 2012-04-16 19:11 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-05 23:24 - 2012-04-16 19:11 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-04-05 22:56 - 2014-04-05 22:56 - 00044273 _____ () C:\Users\R\Desktop\Addition.txt
2014-04-05 22:45 - 2014-04-05 22:45 - 02157056 _____ (Farbar) C:\Users\R\Desktop\FRST64.exe
2014-04-05 22:39 - 2012-06-25 10:10 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-05 22:26 - 2011-09-02 18:09 - 00000000 ____D () C:\Users\R\AppData\Roaming\Skype
2014-04-05 22:23 - 2014-04-05 22:23 - 00000000 ____D () C:\_OTL
2014-04-05 22:23 - 2013-05-30 12:23 - 00000000 ___RD () C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-05 22:23 - 2011-09-02 18:03 - 00000000 ___RD () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-05 22:04 - 2014-03-31 12:27 - 00000000 ___SD () C:\32788R22FWJFW
2014-04-05 22:00 - 2014-04-05 22:00 - 00000000 ____D () C:\Qoobox
2014-04-05 21:59 - 2014-04-05 21:59 - 05193579 ____R (Swearware) C:\Users\R\Desktop\ComboFix.exe
2014-04-05 21:59 - 2014-04-05 21:59 - 00000000 ____D () C:\Windows\erdnt
2014-04-05 21:58 - 2014-04-05 21:57 - 00003172 _____ () C:\Users\R\Desktop\Rkill.txt
2014-04-05 21:57 - 2014-04-05 21:57 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\R\Desktop\rkill.exe
2014-04-05 21:55 - 2014-04-05 21:55 - 00000512 _____ () C:\PhysicalMBR.bin
2014-04-05 21:53 - 2014-04-05 21:53 - 00602112 _____ (OldTimer Tools) C:\Users\R\Desktop\OTL.exe
2014-04-05 21:09 - 2014-04-05 21:04 - 00000000 ____D () C:\AdwCleaner
2014-04-05 21:09 - 2012-08-15 23:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-05 21:09 - 2011-11-17 17:52 - 00000000 ____D () C:\ProgramData\ICQ
2014-04-05 21:08 - 2014-04-05 21:08 - 00014465 _____ () C:\Users\R\Desktop\AdwCleaner[R0].txt
2014-04-05 20:54 - 2014-04-05 20:54 - 01426178 _____ () C:\Users\R\Desktop\AdwCleaner.exe
2014-04-05 20:54 - 2014-04-05 20:54 - 01038974 _____ (Thisisu) C:\Users\R\Desktop\JRT.exe
2014-04-05 18:27 - 2011-09-09 23:44 - 00000000 ____D () C:\Users\R\AppData\Roaming\TS3Client
2014-04-05 16:31 - 2014-04-05 15:50 - 736506338 _____ () C:\Users\R\Desktop\Vrána=1994-Akční-DVD-CZ.avi
2014-04-05 01:16 - 2014-03-01 19:11 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-04-05 01:09 - 2011-09-21 00:53 - 00000000 ____D () C:\Users\R\AppData\Roaming\Media Player Classic
2014-04-05 01:07 - 2014-04-01 10:08 - 00000000 _____ () C:\SRStatus2.txt
2014-04-05 01:07 - 2011-09-02 17:55 - 00000000 ____D () C:\Users\R
2014-04-05 01:05 - 2014-04-05 01:05 - 00165888 _____ () C:\Users\R\Documents\T-Cleaner.exe
2014-04-05 01:05 - 2012-12-30 17:36 - 00000000 ____D () C:\Users\R\Documents\The KMPlayer
2014-04-04 22:41 - 2014-04-04 22:28 - 123185915 _____ () C:\Users\R\Desktop\Duch-=1990-Romantický-DVD-CZ.avi
2014-04-04 22:28 - 2014-04-04 22:24 - 21942207 _____ () C:\Users\R\Desktop\Carrie-(2013)-Novinka-CZ-dabing-Drama-Horor-Mysteriozní-výborná-BDRip-kvalita-.MEMRC123..avi
2014-04-04 22:08 - 2014-04-04 21:49 - 351481856 _____ () C:\Users\R\Desktop\Hannah-Montana-1x01---Lilly,-chces-znat-tajemstvi-.avi
2014-04-04 21:39 - 2014-03-17 00:44 - 00000000 ____D () C:\Users\R\Desktop\afsafs
2014-04-04 18:32 - 2012-11-10 09:54 - 00000316 _____ () C:\Windows\Tasks\HPCeeScheduleForR.job
2014-04-04 02:45 - 2012-11-10 09:54 - 00003162 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForR
2014-04-04 02:45 - 2011-11-05 15:04 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-04-04 02:45 - 2011-09-10 09:40 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-04-04 02:44 - 2011-09-10 09:33 - 00000000 ____D () C:\Users\R\AppData\Roaming\HP Support Assistant
2014-04-04 02:44 - 2011-09-03 20:41 - 00000000 ____D () C:\Users\R\AppData\Roaming\HpUpdate
2014-04-03 23:58 - 2014-04-03 23:43 - 286788548 _____ () C:\Users\R\Desktop\Lord-Ryolith-HC-3.4.2014.mp4
2014-04-03 21:53 - 2014-04-03 21:12 - 731565116 _____ () C:\Users\R\Desktop\Deník-princezny.CZ-dab.Mikky.avi
2014-04-03 17:17 - 2013-09-22 23:39 - 00000000 ____D () C:\Users\R\AppData\Roaming\Spotify
2014-04-03 17:09 - 2014-03-27 17:05 - 00000000 ____D () C:\Users\R\Desktop\Nová složka (2)
2014-04-03 16:21 - 2014-04-03 16:21 - 00000000 _____ () C:\Users\R\Desktop\fl hc.txt
2014-04-02 17:08 - 2014-04-02 17:07 - 00000000 ____D () C:\Users\R\Desktop\Nová složka (3)
2014-04-02 01:29 - 2013-09-22 23:40 - 00000000 ____D () C:\Users\R\AppData\Local\Spotify
2014-04-01 19:53 - 2014-04-01 19:07 - 828302680 _____ () C:\Users\R\Desktop\Farma-smrti-cz-[natu3].avi
2014-04-01 10:44 - 2014-03-31 23:13 - 00000115 _____ () C:\Users\R\Desktop\Nový textový dokument.txt
2014-04-01 10:37 - 2014-04-01 10:37 - 00009216 _____ () C:\Users\R\Documents\cc_20140401_103749.reg
2014-03-31 23:43 - 2014-03-31 23:43 - 00008585 _____ () C:\Users\R\Desktop\mbam.txt
2014-03-31 21:35 - 2014-03-31 21:35 - 00001100 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-31 21:35 - 2014-03-31 21:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-31 21:34 - 2014-03-31 21:34 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\R\Desktop\mbam-setup-1.75.0.1300.exe
2014-03-31 21:32 - 2014-03-30 16:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-31 21:31 - 2014-03-31 21:31 - 17523520 _____ (Malwarebytes Corporation ) C:\Users\R\Desktop\mbam-setup.exe
2014-03-31 19:44 - 2014-03-31 18:35 - 1248584811 _____ () C:\Users\R\Desktop\NOVÁ-DCERA-CZ-dabing-Thriller-Horor-(2009)-s-KCostnerom.wmv
2014-03-31 16:59 - 2014-03-31 16:59 - 00000000 _____ () C:\Users\R\Desktop\OSType.txt
2014-03-31 03:27 - 2014-03-31 03:19 - 00000000 ____D () C:\Users\R\Desktop\nova
2014-03-31 03:24 - 2014-03-31 03:22 - 00000000 ____D () C:\Users\R\Desktop\flashka
2014-03-31 03:18 - 2011-09-03 22:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-30 22:19 - 2013-04-04 19:22 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-03-30 21:58 - 2014-02-28 22:05 - 00000000 ____D () C:\Users\test\AppData\Roaming\TS3Client
2014-03-30 21:55 - 2014-03-30 21:33 - 00000000 ____D () C:\Users\test\Desktop\RK_Quarantine
2014-03-30 21:44 - 2014-03-30 21:44 - 00004450 _____ () C:\Users\test\Desktop\RKreport[0]_D_03302014_214412.txt
2014-03-30 21:43 - 2014-03-30 21:43 - 00004360 _____ () C:\Users\test\Desktop\RKreport[0]_S_03302014_214326.txt
2014-03-30 21:31 - 2014-03-30 21:30 - 03972608 _____ () C:\Users\test\Downloads\RogueKiller.exe
2014-03-30 21:00 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-30 20:20 - 2014-03-30 20:19 - 00000000 ____D () C:\Users\R\Desktop\plocha
2014-03-30 20:17 - 2014-03-30 20:17 - 00004466 _____ () C:\Users\test\Documents\cc_20140330_201736.reg
2014-03-30 19:38 - 2013-06-04 09:01 - 00000000 ____D () C:\Users\Guest
2014-03-30 19:38 - 2013-05-30 12:23 - 00000000 ____D () C:\Users\test
2014-03-30 19:37 - 2014-02-28 19:49 - 00000000 ____D () C:\Users\test\AppData\Local\Google
2014-03-30 19:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-03-30 19:12 - 2014-03-30 16:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-30 18:34 - 2013-05-30 12:23 - 00000000 ____D () C:\Users\test\AppData\Local\VirtualStore
2014-03-30 17:58 - 2014-03-30 17:41 - 3201380352 _____ () C:\Users\R\AppData\Roaming\tmp.tmp
2014-03-30 17:56 - 2014-03-30 17:56 - 00000000 ____D () C:\Users\test\AppData\Roaming\Malwarebytes
2014-03-30 17:55 - 2014-03-30 17:55 - 00000000 ____D () C:\Users\test\AppData\Roaming\AVAST Software
2014-03-30 17:38 - 2014-03-30 17:38 - 00012999 _____ () C:\Users\R\Documents\hijackthis.log
2014-03-30 16:38 - 2014-03-30 16:38 - 00000000 ____D () C:\Users\R\AppData\Roaming\Malwarebytes
2014-03-30 01:40 - 2014-03-30 01:40 - 00000000 ____D () C:\Users\R\AppData\Roaming\AVAST Software
2014-03-30 01:38 - 2014-03-30 01:38 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-30 01:36 - 2014-01-03 04:10 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-29 19:07 - 2014-03-29 17:29 - 833394688 _____ () C:\Users\R\Documents\PAN-DOMU---CZ-dvdrip.avi
2014-03-29 12:21 - 2011-09-19 02:00 - 00003938 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-29 12:21 - 2011-09-19 02:00 - 00003686 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-29 06:26 - 2012-09-20 21:31 - 00000000 ____D () C:\Program Files (x86)\DesetiPrsty
2014-03-29 06:21 - 2011-09-30 17:55 - 00000000 ____D () C:\Users\R\AppData\Roaming\DAEMON Tools Lite
2014-03-29 06:15 - 2011-11-14 01:48 - 00000000 ____D () C:\Program Files\DivX
2014-03-29 06:15 - 2011-11-14 01:47 - 00000000 ____D () C:\ProgramData\DivX
2014-03-29 06:15 - 2011-11-14 01:47 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-03-29 06:11 - 2012-03-23 21:37 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-29 06:05 - 2012-05-12 20:40 - 00000000 ____D () C:\Users\R\AppData\Roaming\Groovedown
2014-03-29 06:04 - 2012-06-07 12:54 - 00000000 ____D () C:\Users\R\AppData\Roaming\Xilisoft
2014-03-29 06:03 - 2012-06-17 12:28 - 00000000 ____D () C:\Program Files (x86)\URUSoft
2014-03-29 05:59 - 2012-12-22 21:02 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-03-29 05:57 - 2011-09-02 21:31 - 00000000 ____D () C:\Users\R\AppData\Roaming\Ubisoft
2014-03-29 05:57 - 2011-08-16 13:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-29 05:38 - 2012-10-02 00:15 - 00007589 _____ () C:\Users\R\AppData\Local\resmon.resmoncfg
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\Users\R\AppData\Local\VS Revo Group
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-03-29 05:36 - 2014-03-29 05:36 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-29 05:33 - 2014-03-29 05:33 - 00000000 ____D () C:\Users\R\AppData\Roaming\Flashmedia
2014-03-29 05:12 - 2013-02-24 15:32 - 00000000 ____D () C:\Users\R\AppData\Roaming\BitTorrent
2014-03-29 05:11 - 2013-03-10 19:53 - 00000000 ____D () C:\Program Files (x86)\JAM Software
2014-03-29 04:50 - 2013-03-21 22:30 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-29 03:34 - 2011-09-26 15:50 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-03-29 02:03 - 2014-03-29 02:03 - 00002525 _____ () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk
2014-03-29 02:03 - 2011-11-27 21:59 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-03-23 04:04 - 2013-12-20 16:34 - 00000000 ____D () C:\Users\R\AppData\Local\Battle.net
2014-03-23 02:51 - 2013-12-20 16:36 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-03-23 02:48 - 2013-12-20 16:34 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-03-19 22:21 - 2014-03-19 22:21 - 02815713 _____ () C:\Users\R\Documents\Bez názvu.wma
2014-03-19 16:30 - 2014-03-19 16:30 - 00000000 ____D () C:\ProgramData\Steam
2014-03-19 16:07 - 2014-03-19 16:07 - 00000000 ____D () C:\Program Files (x86)\Total War Rome II CZ
2014-03-19 03:04 - 2013-07-12 06:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 03:00 - 2011-09-04 18:58 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-17 20:05 - 2014-03-01 02:39 - 00000000 ____D () C:\Users\test\AppData\Local\CrashDumps
2014-03-17 05:46 - 2014-03-17 05:46 - 00000000 ____D () C:\Users\R\Documents\LucasArts
2014-03-17 05:46 - 2014-03-17 05:46 - 00000000 ____D () C:\Users\R\AppData\Local\LucasArts
2014-03-17 01:27 - 2014-03-17 01:27 - 00000000 ____D () C:\Program Files (x86)\LucasArts
2014-03-16 20:17 - 2014-03-16 20:16 - 00000000 ____D () C:\Users\R\Desktop\Maturitní ples 2POA
2014-03-16 19:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-16 18:35 - 2014-03-16 18:29 - 736757760 _____ () C:\Users\R\Documents\KOPACKY-2008-KOMEDIE-CZ-DABING.avi
2014-03-16 15:37 - 2014-03-16 15:32 - 774180380 _____ () C:\Users\R\Documents\Silent-Hill-2006.CZ-dab.avi
2014-03-15 16:47 - 2013-03-10 17:43 - 00000000 ____D () C:\Windows\Minidump
2014-03-15 10:47 - 2009-07-14 07:08 - 00032586 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-14 23:06 - 2011-09-05 22:42 - 00000000 ____D () C:\Users\R\AppData\Local\CrashDumps
2014-03-13 19:16 - 2011-09-02 18:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-12 05:41 - 2011-08-16 13:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-12 05:39 - 2011-11-02 01:44 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-12 05:39 - 2010-11-21 09:16 - 00000000 ____D () C:\Windows\ShellNew
2014-03-12 05:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-03-11 22:39 - 2012-06-25 10:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 22:39 - 2012-06-25 10:10 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 22:39 - 2011-12-18 13:57 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-09 23:04 - 2014-03-09 23:04 - 00044752 _____ () C:\Users\R\Downloads\stažený soubor (4).htm
2014-03-09 22:48 - 2014-03-09 22:48 - 00044518 _____ () C:\Users\R\Downloads\stažený soubor (3).htm
2014-03-09 22:48 - 2014-03-09 22:48 - 00044518 _____ () C:\Users\R\Downloads\stažený soubor (2).htm
2014-03-09 22:43 - 2014-03-09 22:43 - 00058450 _____ () C:\Users\R\Downloads\viewforum (4).htm
2014-03-09 22:34 - 2014-03-09 22:34 - 00031929 _____ () C:\Users\R\Downloads\stažený soubor (1).htm
2014-03-09 22:34 - 2014-03-09 22:34 - 00013767 _____ () C:\Users\R\Downloads\forum (1).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00031070 _____ () C:\Users\R\Downloads\viewforum.htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (3).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (2).htm
2014-03-09 21:45 - 2014-03-09 21:45 - 00025344 _____ () C:\Users\R\Downloads\viewforum (1).htm
2014-03-09 16:06 - 2014-03-09 16:06 - 00042188 _____ () C:\Users\R\Downloads\stažený soubor.htm
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (6).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (5).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (4).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (3).php
2014-03-09 14:06 - 2014-03-09 14:06 - 00042553 _____ () C:\Users\R\Downloads\index (2).php
2014-03-09 14:03 - 2014-03-09 14:03 - 00041975 _____ () C:\Users\R\Downloads\index.php
2014-03-09 14:03 - 2014-03-09 14:03 - 00041975 _____ () C:\Users\R\Downloads\index (1).php
2014-03-09 01:16 - 2014-03-09 01:16 - 00956137 _____ () C:\Users\R\Downloads\pc_budik_2012.zip
2014-03-09 01:16 - 2014-03-09 01:16 - 00956137 _____ () C:\Users\R\Downloads\pc_budik_2012 (1).zip
2014-03-07 12:38 - 2014-03-07 12:38 - 00048406 _____ () C:\Users\R\Downloads\viewtopic (1).htm
2014-03-06 20:43 - 2014-03-06 20:43 - 00042627 _____ () C:\Users\R\Downloads\viewtopic.htm
2014-03-06 19:26 - 2014-03-06 19:26 - 00013767 _____ () C:\Users\R\Downloads\forum.htm

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-30 05:46

==================== End Of Log ============================

Re: Modrá Smrt - černá obrazovka a restart

Napsal: 05 dub 2014 23:00
od Novatera
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by R at 2014-04-06 00:01:53
Running from C:\Users\R\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Adobe Story (x32 Version: 1.0.571 - Adobe Systems Incorporated) Hidden
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Aktualizace NVIDIA 1.7.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.12 - NVIDIA Corporation)
Assassin's Creed (R) III (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.01 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.3 - EA Digital Illusions CE AB)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)
Call of Duty(R) 2 (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) 2 Patch 1.3 (x32 Version: 1.3 - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.10 - Piriform)
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.1.0.0 - Electronic Arts)
CZShare Manager (HKCU\...\7f4182272b52fd8f) (Version: 0.0.1.35 - CZShare)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Darksiders II (HKLM-x32\...\Darksiders II_is1) (Version: - )
DC Universe Online (HKCU\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)
Dead Space™ 2 (HKLM-x32\...\{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}) (Version: 1.0.941.0 - Electronic Arts)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Fable III (x32 Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
Far Cry 3 v1.01 (HKLM-x32\...\Far Cry 3_is1) (Version: 1.01 - Ubisoft)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Flame Painter 1.2 (HKLM-x32\...\Flame Painter_is1) (Version: 1.1 - Peter Blaskovic)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GamePark (HKLM-x32\...\GameParkClient_is1) (Version: - GamePark)
GamePark klient 2.0.9.0 (HKLM\...\{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1) (Version: 2.0.9.0 - GamePark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Graffiti Studio 2.0 (HKLM-x32\...\Graffiti Studio 2.0_is1) (Version: - Less Rain)
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0002.135 - Rockstar Games Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HeavyLoad V3.2 (HKLM-x32\...\HeavyLoad_is1) (Version: 3.2 - JAM Software)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hitman Absolution (HKLM-x32\...\Hitman Absolution_is1) (Version: - )
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
Hunting Unlimited 2008 (HKLM-x32\...\{C5B6BA27-AAFB-4699-8014-8ACBA8A79679}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ICQ 5.1 (HKLM-x32\...\ICQLite) (Version: - )
ICQ Toolbar (HKLM-x32\...\XTTB00001.XTTB00001Toolbar) (Version: - )
ICQ6 (HKLM-x32\...\{60DE4033-9503-48D1-A483-7846BD217CA9}) (Version: 6.00.0000 - ICQ)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java Auto Updater (x32 Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Java(TM) 7 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Loki (HKLM-x32\...\{A10622B1-95F6-469E-8836-50E27B7398C9}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.7.6.7 - www.leaguereplays.com)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware verze 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)
Max Payne 3 version 1.02 (HKLM-x32\...\{75D84EF7-0D8C-4e70-MAXP3-7B42A5D4E0EB}_is1) (Version: 1.02 - Black_Box)
Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Media Player Classic - Home Cinema v1.5.2.3456 x64 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.5.2.3456 - MPC-HC Team)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Management Objects (HKLM-x32\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files (English) (HKLM-x32\...\{9D6D76A6-4328-49E8-97A7-531A74841DA5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English (HKLM-x32\...\{0C19D563-5F25-4621-BF10-01F741BD283F}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MorphVOX Pro (HKLM-x32\...\{DE289787-7ECA-4BED-9D8C-99FAC407E3D6}) (Version: 4.3.13 - Screaming Bee)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero 6 Demo (HKLM-x32\...\Nero - Burning Rom!UninstallKey) (Version: - )
NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden
NVIDIA Install Application (Version: 2.1002.145.1024 - NVIDIA Corporation) Hidden
NVIDIA Ovladač řídící jednotky 3D Vision 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 285.62 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 296.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.28 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.11.0621 - NVIDIA Corporation) Hidden
NVIDIA Systémový software PhysX 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.7.12 - NVIDIA Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 296.28 (Version: 296.28 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PAYDAY 2 (HKLM-x32\...\PAYDAY 2_is1) (Version: - 505 Games)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoFiltre 7 (HKCU\...\PhotoFiltre 7) (Version: - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
REACTOR (HKLM-x32\...\{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}) (Version: 1.00.0000 - ijji)
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.9.5 - Rockstar Games)
ShiftWindow 1.02 (HKLM-x32\...\ShiftWindow_is1) (Version: - Grismar)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
Smite Closed Beta (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.944.1 - Hi-Rez Studios)
Sniper Elite V2 (HKLM-x32\...\Sniper Elite V2_is1) (Version: - )
Sound Blaster Tactic(3D) Sigma (HKLM-x32\...\{93CFCA51-4484-4211-89EB-39ED3CBDBEB1}) (Version: 1.0 - Creative Technology Limited)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Sql Server Customer Experience Improvement Program (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
SQL Server System CLR Types (HKLM-x32\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
Star Wars: The Force Unleashed 2 (HKLM-x32\...\Star Wars: The Force Unleashed 2_is1) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
The Battle for Middle-earth (tm) (HKLM-x32\...\{3F290582-3F4E-4B96-009C-E0BABAA40C42}) (Version: - )
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.4.0.59 - KMP Media co., Ltd)
Tombraider (HKLM-x32\...\Tombraider_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Total War Rome II CZ version 1.0.0. (HKLM-x32\...\{C2872E18-8799-44A3-B6BD-AC535F1982A6}_is1) (Version: 1.0.0. - )
Trine 2 (HKLM-x32\...\Trine 2_is1) (Version: - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unlocker 1.9.1 (HKLM-x32\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 9.0 (HKLM-x32\...\{6E5AB107-172B-4F17-8ABB-357C59EF1B08}) (Version: 9.0.704 - Sony)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
WebM Media Foundation Components (HKLM-x32\...\webmmf) (Version: 1.0.1.0 - WebM Project)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version: - )
XSplit (HKLM-x32\...\{15C49338-59E5-472E-94F7-D5AE15EE23C9}) (Version: 1.0.1206.0203 - SplitMediaLabs)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points =========================

30-03-2014 16:02:52 Operace obnovení
30-03-2014 18:33:00 Windows Update
04-04-2014 13:10:59 Windows Update
05-04-2014 20:24:59 OTL Restore Point - 4/5/2014 10:24:59 PM

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-04-05 22:24 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {08296921-43E2-490E-AE30-EC0E81798F6F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {084AB0E2-5163-4A6F-AF19-357B91DF0EE4} - System32\Tasks\TunnelBear => C:\Program Files (x86)\TunnelBear\TunnelBear.exe
Task: {0B516FDF-8939-4C7A-8EA6-480066F565D1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-19] (Google Inc.)
Task: {447451A6-CB18-49B8-A0DA-C74F1EB093D0} - System32\Tasks\HP online update program => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08] (Hewlett-Packard)
Task: {5C782F4F-66B4-4806-890B-CD2B31903241} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-12-22] (CyberLink)
Task: {6C210A35-C72B-45B3-9B8E-00936CB6C37E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-19] (Google Inc.)
Task: {716A17C0-7060-4127-A36F-DBE2104B7BA1} - System32\Tasks\HPCeeScheduleForR => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {8E1D4C54-8962-4A82-A649-AFD7068EF0FE} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17] (Sun Microsystems, Inc.)
Task: {9E87C9B5-9A7C-4DA4-A93B-A30AE055B7D5} - System32\Tasks\{3C3FE096-1E8C-45C7-8902-766E635B9F2A} => Chrome.exe http://ui.skype.com/ui/0/5.10.0.116/cs/ ... Error=1603
Task: {A6EFE18D-F22A-460C-8F6C-336FACFC60BC} - System32\Tasks\AdobeAAMUpdater-1.0-R-HP-R => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {D99AD689-4090-4E45-BE12-E33F92CD4F0A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {DE7C07D8-8D0D-4DE8-8B3C-9F81DAE9A532} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {F4083131-E534-4776-933E-BF8F8A6B6BB6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
Task: {F8E8D530-7B3A-4664-9AD3-14FA3BEC1DC6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\NetworkCheck => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_NetworkCheck.exe [2014-03-25] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForR.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2011-09-10 12:17 - 2013-09-01 12:33 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-09-03 11:57 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdvancedSystemCareService7 => 2
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: IMFservice => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: PanService => 2
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk => C:\Windows\pss\GamePark klient 2.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^R^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^R^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk => C:\Windows\pss\Xfire.lnk.Startup
MSCONFIG\startupreg: 1a92553fc3706c469bd5c78793b2aa21 => "C:\Users\R\AppData\Local\Temp\FlashPlayerPlugin_11_9_900_117.exe" ..
MSCONFIG\startupreg: 6ee4f606bfbd1a4c62361754fecafaa2 => "C:\Users\R\AppData\Local\Temp\interrupts.exe" ..
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Advanced SystemCare 7 => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ6\ICQ.exe" silent
MSCONFIG\startupreg: ICQ Lite => "L:\Icq\ICQLite\ICQLite.exe" -minimize
MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: PCSpeedUp => C:\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.lnk
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: SDP => C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\R\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\R\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/05/2014 11:37:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/05/2014 11:30:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/05/2014 11:03:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/05/2014 10:27:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/05/2014 09:12:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/05/2014 09:05:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/05/2014 00:19:03 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 6.1.7601.17514, časové razítko: 0x4ce7abf9
Název chybujícího modulu: AESTAC64.dll, verze: 2.0.64.14, časové razítko: 0x4bb50c00
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000019b3d
ID chybujícího procesu: 0xf5c
Čas spuštění chybující aplikace: 0xAUDIODG.EXE0
Cesta k chybující aplikaci: AUDIODG.EXE1
Cesta k chybujícímu modulu: AUDIODG.EXE2
ID zprávy: AUDIODG.EXE3

Error: (04/05/2014 10:16:05 AM) (Source: ESENT) (User: )
Description: taskhost (2296) WebCacheLocal: Při otevírání souboru protokolu C:\Users\R\AppData\Local\Microsoft\Windows\WebCache\V0100055.log došlo k chybě -1811.

Error: (04/05/2014 10:09:30 AM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota * atributu language v prvku assemblyIdentity je neplatná.

Error: (04/05/2014 10:05:20 AM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"1 se nezdařilo.
Závislé sestavení Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (04/05/2014 11:38:13 PM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (04/05/2014 11:38:13 PM) (Source: Service Control Manager) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (04/05/2014 11:30:38 PM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (04/05/2014 11:30:38 PM) (Source: Service Control Manager) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (04/05/2014 11:03:58 PM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (04/05/2014 11:03:58 PM) (Source: Service Control Manager) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (04/05/2014 10:28:35 PM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (04/05/2014 10:28:35 PM) (Source: Service Control Manager) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1330

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (04/05/2014 10:23:54 PM) (Source: Service Control Manager) (User: )
Description: Služba Creative Audio Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/05/2014 09:57:43 PM) (Source: Service Control Manager) (User: )
Description: Služba Easybits Services for Windows byla neočekávaně ukončena. Tento stav nastal již 1krát.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 41%
Total physical RAM: 4076.32 MB
Available physical RAM: 2385.43 MB
Total Pagefile: 8150.83 MB
Available Pagefile: 6590.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.56 GB) (Free:258.74 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.85 GB) (Free:1.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: D989473B)

Partition: GPT Partition Type.

==================== End Of Log ============================

Re: Modrá Smrt - černá obrazovka a restart

Napsal: 05 dub 2014 23:02
od motji
Ještě si prosím zobrazte skryté a systémové soubory a mrkněte co je v této složce
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

Na to si počkám, pak uklidíme a zítra večer mi ukážete nový log z FRSTu a řeknete, co pc.
Je možné, že jsem smazala složky od nějakých her, omlouvám se, pokud se tak stalo.

Re: Modrá Smrt - černá obrazovka a restart

Napsal: 05 dub 2014 23:07
od Novatera
Obrázek



Netváří se mi to jako složka

Re: Modrá Smrt - černá obrazovka a restart

Napsal: 05 dub 2014 23:14
od motji
Dejte to do raru nebo zipu, uložte někde bokem a originál smažte. Kdyby to někde chybělo, vrátíme to zpět :).
Tak uklidíme :)

:arrow: Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


:arrow: Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir


:arrow: Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech


A zítra večer poprosím o nový log a popis, jak se pc tváří :)
/ a kdyby se Vám chtělo, můžete ze srandy zkusit znovu stahnout a spustit combofix? Pokud by nešel, opět úklid po něm jako teď :) /

A já jdu spát, dobrou noc :)

Re: Modrá Smrt - černá obrazovka a restart

Napsal: 05 dub 2014 23:16
od Novatera
Dobrou noc, zkusím ještě ten Combofix :) Zítra sem dám ty nové logy :).

Re: Modrá Smrt - černá obrazovka a restart

Napsal: 05 dub 2014 23:25
od Novatera
Po restartu na mne vybaflo tohle :

Obrázek

a v pravém dolním rohu :

Obrázek

Nevím co má můj pc zase za náladu ale jsem si jistý že má "Kopie" windowsů 7 ještě před půl hoďkou pravá byla :D

Re: Modrá Smrt - černá obrazovka a restart

Napsal: 05 dub 2014 23:41
od Novatera
Dejte to do raru nebo zipu, uložte někde bokem a originál smažte. Kdyby to někde chybělo, vrátíme to zpět .
Tak uklidíme
Nemohu se dostat do exploreru, píše mi to stále po zapnutí profilu že moje Windows kopie není pravá - Je možné že je to těma dvouma soubory ?


Teď jsem se nějak prokousal na plochu -- vybalil jsem ty 2 soubory z raru a chtěl je tam vrátit ale píše mi to že jsou něčím používány a místo nich se tam vytvořili jiné dva

Re: Modrá Smrt - černá obrazovka a restart

Napsal: 06 dub 2014 02:45
od Novatera
Rád bych se sváma o něco podělil na pobavení.

za 1. Poté co jsem zjistil že mám údajně nelegální windowsi, jsem byl nucen jít na kolena a hledat na svém počítači štítek s kodem. Štítek jsem po 2 a půl hodinách našel a tímto applauduju technikovi z HP, který nalepil štítek na zadní stranu zdroje - Byl to opravdu oříšek jej najít a kdybych se nerozhodl si vyčistit ve 2 ráno počítač od prachu, asi bych ten štítek hledal do teď :D.

za 2. Zadal jsem znovu product key od windowsů a začlo se něco načítat - 30 minut se mi ověřoval ten key, jestli je opravdu pravý a nakonec jsem vyhrál loterii a opravdu jsem si ty čísla a písmena nevymyslel a můj windows je Pravý. Po zadání kodu, se mi sami spustili aktualizace a počítač se restartoval - že je potřeba nahrát nějaký codec, tak oka řekl jsem si a šel jsem na cigaretu.

za 3. Přišel jsem z Cigarety a čučim jak blázen na monitor :shock: , že co tam není ? VŮBEC NIC :lol: :lol: Monitor byl černý, tak jsem si šel udělat kafe a když jsem přišel z kafe koukal jsem na monitor už fakt jak blbec :shock: stím že si ze mě někdo dělá srandu, na monitoru se objevil soubor combofix.txt ( WTF ? :lol: )

za 4. Rád bych upozornil že jsem combofix smazal přesně jak jste řekla a v PC mi po něm nezbyla ani zmínka. Ovšem můj PC si řekl NE! Já mu ho tam vrátím ! :lol: Zatím co jsem byl pryč, se mi na plochu nahrál nový combofix ( a Přísahám že když jsem odcházel tak tam nebyl ) a poté zde proběhl celý process skenerru combofixu bez mého zásahu ( Viz ten návod že se tam muselo něco potvrzovat atd = nic - všechno za mě udělal počítač! )

Takže přikládám Log z combofixu a ve 4 ráno si jdu vítězně lehnout, neboť člověk vyhrál nad strojem ( Který si ze mě ovšem dělá pouze srandu, uplně slyšim jak mu smíchy rachtaj šroubky ! ) :D :D


ComboFix 14-04-05.01 - R 06.04.2014 3:28.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4076.1206 [GMT 2:00]
Spuštěný z: c:\users\R\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\data
c:\users\R\AppData\Local\assembly\tmp
c:\users\R\AppData\Roaming\SQLite3.dll
c:\users\R\AppData\Roaming\system32
c:\users\R\AppData\Roaming\tmp.tmp
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-06 do 2014-04-06 )))))))))))))))))))))))))))))))
.
.
2014-04-06 01:35 . 2014-04-06 01:35 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-04-06 01:35 . 2014-04-06 01:35 -------- d-----w- c:\users\test\AppData\Local\temp
2014-04-05 23:43 . 2014-04-05 23:43 -------- d-----w- c:\programdata\PDFC
2014-04-04 13:11 . 2014-03-17 08:16 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D474AB1-E106-4D6F-97A2-1C17DB723C99}\mpengine.dll
2014-03-31 19:32 . 2014-04-05 23:05 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-03-30 15:56 . 2014-03-30 15:56 -------- d-----w- c:\users\test\AppData\Roaming\Malwarebytes
2014-03-30 15:55 . 2014-03-30 15:55 -------- d-----w- c:\users\test\AppData\Roaming\AVAST Software
2014-03-30 14:38 . 2014-03-30 14:38 -------- d-----w- c:\users\R\AppData\Roaming\Malwarebytes
2014-03-30 14:38 . 2014-03-31 19:32 -------- d-----w- c:\programdata\Malwarebytes
2014-03-30 14:38 . 2014-03-30 17:12 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-03-29 23:40 . 2014-03-29 23:40 -------- d-----w- c:\users\R\AppData\Roaming\AVAST Software
2014-03-29 23:38 . 2014-03-29 23:38 -------- d-----w- c:\program files\AVAST Software
2014-03-29 03:36 . 2014-03-29 03:36 -------- d-----w- c:\users\R\AppData\Local\VS Revo Group
2014-03-29 03:36 . 2014-03-29 03:36 -------- d-----w- c:\programdata\VS Revo Group
2014-03-29 03:33 . 2014-03-29 03:33 -------- d-----w- c:\users\R\AppData\Roaming\Flashmedia
2014-03-19 14:30 . 2014-03-19 14:30 -------- d-----w- c:\users\R\AppData\Roaming\The Creative Assembly
2014-03-19 14:30 . 2014-03-19 14:30 -------- d-----w- c:\programdata\Steam
2014-03-19 14:07 . 2014-03-19 14:07 -------- d-----w- c:\program files (x86)\Total War Rome II CZ
2014-03-17 03:46 . 2014-03-17 03:46 -------- d-----w- c:\users\R\AppData\Local\LucasArts
2014-03-16 23:27 . 2014-03-16 23:27 -------- d-----w- c:\program files (x86)\LucasArts
2014-03-13 04:00 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-13 04:00 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-13 04:00 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-03-13 04:00 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-19 01:00 . 2011-09-04 16:58 90015360 ----a-w- c:\windows\system32\MRT.exe
2014-03-11 20:39 . 2012-06-25 08:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-11 20:39 . 2011-12-18 11:57 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-26 17:06 . 2014-02-26 17:06 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2014-02-26 17:06 . 2014-02-26 17:06 197408 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2014-02-26 17:06 . 2014-02-26 17:06 1515296 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2014-02-26 17:03 . 2014-02-26 17:03 11589272 ----a-w- c:\windows\system32\nvopencl.dll
2014-02-26 17:03 . 2014-02-26 17:03 9690424 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-02-26 17:03 . 2014-02-26 17:03 353504 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-02-26 17:03 . 2014-02-26 17:03 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-02-26 17:03 . 2014-02-26 17:03 892192 ----a-w- c:\windows\system32\NvIFR64.dll
2014-02-26 17:03 . 2014-02-26 17:03 875296 ----a-w- c:\windows\system32\NvFBC64.dll
2014-02-26 17:03 . 2014-02-26 17:03 863520 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-02-26 17:03 . 2014-02-26 17:03 844576 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-02-26 17:03 . 2014-02-26 17:03 1885472 ----a-w- c:\windows\system32\nvdispco6433489.dll
2014-02-26 17:03 . 2014-02-26 17:03 1515296 ----a-w- c:\windows\system32\nvdispgenco6433489.dll
2014-02-26 17:03 . 2014-02-26 17:03 409408 ----a-w- c:\windows\system32\drivers\tixhci.sys
2014-02-26 17:03 . 2014-02-26 17:03 136000 ----a-w- c:\windows\system32\drivers\tihub3.sys
2014-02-26 17:02 . 2014-02-26 17:02 1510176 ----a-w- c:\windows\system32\nvhdagenco64.dll
2014-02-26 17:02 . 2014-02-26 17:02 99800 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2014-02-26 17:02 . 2014-02-26 17:02 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2014-02-26 17:01 . 2014-02-26 17:01 888536 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-02-26 17:01 . 2014-02-26 17:01 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-02-26 17:01 . 2011-08-16 11:11 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-02-13 18:01 . 2014-02-14 01:15 128320 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CreativeTaskScheduler"="c:\program files (x86)\Creative\Shared Files\CTSched.exe" [2006-11-17 53341]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz136;cpuz136;c:\users\R\AppData\Local\Temp\cpuz136\cpuz136_x64.sys;c:\users\R\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 dump_wmimmc;dump_wmimmc; [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys;c:\windows\SYSNATIVE\drivers\XENfiltv.sys [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
R4 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
R4 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys;c:\windows\SYSNATIVE\DRIVERS\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\DRIVERS\tixhci.sys;c:\windows\SYSNATIVE\DRIVERS\tixhci.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-25 20:39]
.
2014-04-04 c:\windows\Tasks\HPCeeScheduleForR.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2010-10-21 37888]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-24 1425408]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
mSearchAssistant =
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{A4748267-3642-46B9-BBD0-D6D8B7A0A1FE}: NameServer = 8.8.8.8,8.8.4.4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-93735815-1299707322-140628041-1000\Software\SecuROM\License information*]
"datasecu"=hex:78,43,3b,60,85,fd,80,bd,fa,e7,31,a7,6a,0a,71,1f,99,94,04,54,9b,
d7,12,ee,6c,09,2c,e6,a8,27,c2,1e,06,2a,3c,98,aa,b0,02,ad,a1,0c,59,e3,26,f3,\
"rkeysecu"=hex:ef,f6,8e,30,bf,9e,88,a8,5d,f0,52,4b,b1,80,3e,f3
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-04-06 03:41:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-04-06 01:41
.
Před spuštěním: Volných bajtů: 490 373 713 920
Po spuštění: Volných bajtů: 489 685 995 520
.
- - End Of File - - ADB9EE8C780C190BC8CCA2933033C07C

Re: Modrá Smrt - černá obrazovka a restart

Napsal: 06 dub 2014 09:42
od motji
:boxed: :boxed: :boxed: :D
Koukám že Vy jste měl opravdu rušnou noc :D :D
A jste si jistý, že jste combofix nespouštěl ani v 1.31hod?, vidím tam totiž ten texťák, co jste asi našel na ploše :D , a ten druhý čas Vám také věřím :D
ComboFix 14-04-05.01 - R 06.04.2014 3:28.1.4 - x64


Tak bud si z nás pc dělá blázny, nebo tam máte někoho kdo pc ovládá, nebo nemohl tam třeba brácha spustit combofix?
Každopádně Vás uklidním, už tam nic nevidím :D , pc máte čisťoučký :D .
Jen mi prozraďte, zda znáte tuto složku
c:\programdata\PDFC

Dále normálně mažeme ještě gamemon, ale ten asi potřebujete ke hrám, tak ho tam nechám.
Znovu combofix odinstalujte, pc pořádně prozkoušejte, a večer mi vložte nový log z Frstu, ať vidím, zda se tam něco neobnovilo.

A máte ode mě bod za trpělivost :thumbsup: :D

Re: Modrá Smrt - černá obrazovka a restart

Napsal: 06 dub 2014 22:39
od Novatera
Dobrý večer, teprve teď jsem přišel po celém dnu domů a jsem vyšťaven, takže si jdu lehnout -- Počítač se mi zdá být v pohodě ( Ť Ď :D ), zítra dopoledne sem hodím log z Frst :)
Všechny časy jsou v UTC+01:00
Stránka 6 z 7

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz