Procesor nejde pod 30% vytiženosti při připojeném internetu.

[Banny]

Dobrý den, mám takový problém, procesor mi nejde při klidném stavu pod 30% vytíženosti. Při větším využití procesoru, jde nad 80%. Posílám log, jestli tam náhodou není nějaká havěť. Děkuji! Banny.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Mirek at 2013-07-24 14:16:18
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 60 GB (60%) free of 100 GB
Total RAM: 4087 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:17:49, on 24.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Users\Mirek\AppData\Roaming\HoolappForAndroid\Hoolapp.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Windows\inf\msbaktw\msbaktw.exe
C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeVideoToMp3.exe
C:\Windows\SysWOW64\jmdp\stij.exe
C:\Program Files (x86)\Vertex Wireless\VW100 Connection Manager\Connection Manager.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\trend micro\Mirek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://seznam.cz/?clid=2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.b1.org/?bsrc=hmior&chid=c167991
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.61010009&ptr=100&st=12&barid={5E932925-D5D8-11E2-8246-00241DDEB629}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files (x86)\Funmoods\1.8.11.0\bh\escort.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SearchNewTab - {9BC1E98C-7328-74B4-22E0-ECE42D2D4E8E} - C:\ProgramData\SearchNewTab\51bc713cb1b02.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files (x86)\Funmoods\1.8.11.0\escorTlbr.dll
O3 - Toolbar: Mp3Tube Toolbar - {46897C77-E7A6-4c33-BFFB-E9C2E2718942} - "C:\Program Files (x86)\Mp3Tube Toolbar\mp3tubetb.DLL" (file missing)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Hoolapp Android] "C:\Users\Mirek\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A138DC2F-D34E-4478-A8E7-69C41286C375}: NameServer = 78.136.128.4 78.136.128.12
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll c:\progra~2\websea~1\sprote~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mp3Tube Toolbar Updater Service (Mp3Tube Toolbar Service) - Mp3Tube - C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11067 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
taskeng.exe {60DC5182-670A-49AD-9E06-EB23925E11E2}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\system32\dmwu.exe
"C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2276
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\schtasks.exe" /create /tn "AdobeFlashPlayerUpdate" /ru "SYSTEM" /sc hourly /mo 1 /tr "C:\Windows\SysWOW64\FlashPlayerUpdateService.exe /w" /st 00:00:00
\??\C:\Windows\system32\conhost.exe "-18303934910854833-1414809925-7043162641010599095-947037971-1448691986-1700295810
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:2240
C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe /schedule /profile "c:\programdata\bettersoft\optimizerpro\3036567561.ini"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" /PROTECT
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Users\Mirek\AppData\Roaming\HoolappForAndroid\Hoolapp.exe" /Minimized
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
C:\Windows\inf\msbaktw\msbaktw.exe -o stratum+tcp://mint.bitminter.com:3333 -u humbo_humbobo -p humbra
\??\C:\Windows\system32\conhost.exe "11938308882123181176-19890897611372990091-166558889522166034866610335-1290794568
"C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeVideoToMp3.exe" 27b9b1e9edda28915fbadc5fcaf232bb
"C:\Windows\SysWOW64\jmdp\stij.exe"
"C:\Program Files (x86)\Vertex Wireless\VW100 Connection Manager\Connection Manager.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Internet Explorer\iexplore.exe" -startmediumtab -Embedding
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4020 CREDAT:209921 /prefetch:2
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Users\Mirek\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\schedule!3036567561.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-05 551840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14 6307960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-05 209824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}]
Funmoods Helper Object - C:\Program Files (x86)\Funmoods\1.8.11.0\bh\escort.dll [2013-03-20 249296]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-19 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9BC1E98C-7328-74B4-22E0-ECE42D2D4E8E}]
SearchNewTab - C:\ProgramData\SearchNewTab\51bc713cb1b02.dll [2013-06-15 118272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-19 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2013-03-18 1310480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - Funmoods Toolbar - C:\Program Files (x86)\Funmoods\1.8.11.0\escorTlbr.dll [2013-03-20 321488]
{46897C77-E7A6-4c33-BFFB-E9C2E2718942} - Mp3Tube Toolbar - C:\Program Files (x86)\Mp3Tube Toolbar\mp3tubetb.DLL [2011-04-29 1070592]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2013-03-18 1310480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Hoolapp Android"=C:\Users\Mirek\AppData\Roaming\HOOLAP~1\Hoolapp.exe [2013-01-18 1209392]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]
"NtVdmSrv"=C:\Windows\inf\ntvdm.vbe [2013-06-20 1219]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-07-24 14:16:18 ----D---- C:\rsit
2013-07-24 14:16:18 ----D---- C:\Program Files\trend micro
2013-07-23 17:43:37 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-07-23 17:40:09 ----N---- C:\bootsqm.dat
2013-07-23 16:10:50 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2013-07-23 16:10:50 ----A---- C:\Windows\system32\TURegOpt.exe
2013-07-23 16:10:50 ----A---- C:\Windows\system32\authuitu.dll
2013-07-23 16:10:37 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-22 16:14:10 ----D---- C:\ProgramData\FarmFrenzy_Vikings
2013-07-19 10:18:29 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-07-19 10:18:26 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-07-19 10:18:26 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-07-19 10:18:26 ----A---- C:\Windows\SYSWOW64\java.exe
2013-07-19 10:18:20 ----D---- C:\Program Files (x86)\Java
2013-07-14 12:47:04 ----D---- C:\Windows\system32\MRT
2013-07-13 07:06:33 ----D---- C:\ProgramData\Farm Fishes
2013-07-12 14:46:00 ----D---- C:\Users\Mirek\AppData\Roaming\B1Toolbar
2013-07-12 01:39:11 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-12 01:39:10 ----A---- C:\Windows\system32\ieui.dll
2013-07-12 01:39:09 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-12 01:39:09 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-12 01:39:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-12 01:39:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-12 01:39:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-12 01:39:09 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-12 01:39:09 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-12 01:39:09 ----A---- C:\Windows\system32\iesetup.dll
2013-07-12 01:39:09 ----A---- C:\Windows\system32\iernonce.dll
2013-07-12 01:39:09 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-12 01:39:08 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-12 01:39:08 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-12 01:39:08 ----A---- C:\Windows\system32\iertutil.dll
2013-07-12 01:39:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-12 01:39:07 ----A---- C:\Windows\system32\jscript9.dll
2013-07-12 01:39:07 ----A---- C:\Windows\system32\jscript.dll
2013-07-12 01:39:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-12 01:39:06 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-12 01:39:05 ----A---- C:\Windows\system32\urlmon.dll
2013-07-12 01:39:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-12 01:39:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-12 01:39:04 ----A---- C:\Windows\system32\wininet.dll
2013-07-12 01:39:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-12 01:39:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-12 01:39:02 ----A---- C:\Windows\system32\ieframe.dll
2013-07-12 01:39:01 ----A---- C:\Windows\system32\mshtml.dll
2013-07-12 01:38:59 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-11 15:41:42 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-11 15:41:42 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-11 15:41:42 ----A---- C:\Windows\system32\qedit.dll
2013-07-11 15:41:41 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-11 15:41:23 ----A---- C:\Windows\system32\win32k.sys
2013-07-11 15:41:05 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-11 15:41:05 ----A---- C:\Windows\system32\DWrite.dll
2013-07-08 11:48:16 ----D---- C:\ProgramData\pwd
2013-07-04 08:53:23 ----D---- C:\ProgramData\Package Cache
2013-07-02 19:33:14 ----D---- C:\ProgramData\Meridian93
2013-07-02 19:05:21 ----D---- C:\Users\Mirek\AppData\Roaming\Meridian93
2013-06-30 17:20:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerUpdateService.exe
2013-06-30 17:20:14 ----D---- C:\Users\Mirek\AppData\Roaming\File Scout
2013-06-27 07:25:39 ----D---- C:\Windows\Minidump
2013-06-26 13:41:48 ----D---- C:\Windows\system32\world_the_end
2013-06-26 13:41:48 ----D---- C:\Windows\system32\world_nether
2013-06-26 13:41:48 ----D---- C:\Windows\system32\world
2013-06-26 13:41:47 ----D---- C:\Windows\system32\plugins
2013-06-26 13:41:47 ----A---- C:\Windows\system32\white-list.txt
2013-06-26 13:41:47 ----A---- C:\Windows\system32\ops.txt
2013-06-26 13:41:47 ----A---- C:\Windows\system32\banned-players.txt
2013-06-26 13:41:47 ----A---- C:\Windows\system32\banned-ips.txt

======List of files/folders modified in the last 1 month======

2013-07-24 14:16:18 ----RD---- C:\Program Files
2013-07-24 14:15:53 ----D---- C:\Users\Mirek\AppData\Roaming\Skype
2013-07-24 14:11:00 ----D---- C:\Windows\Temp
2013-07-24 11:00:55 ----SD---- C:\Users\Mirek\AppData\Roaming\Microsoft
2013-07-24 11:00:54 ----SD---- C:\ProgramData\Microsoft
2013-07-24 10:51:26 ----D---- C:\Windows\SysWOW64
2013-07-24 10:51:26 ----D---- C:\Windows
2013-07-24 07:08:36 ----D---- C:\Windows\system32\config
2013-07-24 06:51:49 ----D---- C:\Windows\System32
2013-07-24 06:51:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-24 06:45:49 ----D---- C:\Windows\system32\Tasks
2013-07-24 06:45:41 ----D---- C:\ProgramData\NVIDIA
2013-07-23 17:28:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-07-23 17:26:31 ----SHD---- C:\System Volume Information
2013-07-23 17:25:06 ----D---- C:\Program Files (x86)\Audacity
2013-07-23 17:19:59 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-23 17:19:57 ----D---- C:\Windows\Panther
2013-07-23 17:19:57 ----D---- C:\Windows\Logs
2013-07-23 17:19:57 ----D---- C:\Windows\inf
2013-07-23 17:19:57 ----D---- C:\Windows\debug
2013-07-23 16:10:53 ----SHD---- C:\Windows\Installer
2013-07-23 16:10:37 ----RD---- C:\Program Files (x86)
2013-07-23 15:55:24 ----D---- C:\Users\Mirek\AppData\Roaming\thejoyoffarming
2013-07-23 15:51:59 ----D---- C:\Windows\Prefetch
2013-07-22 16:14:10 ----HD---- C:\ProgramData
2013-07-22 16:13:43 ----AD---- C:\ProgramData\TEMP
2013-07-19 21:11:00 ----D---- C:\Windows\system32\catroot
2013-07-19 10:18:34 ----D---- C:\Program Files (x86)\Common Files
2013-07-19 10:18:21 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-07-19 10:18:21 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-07-19 09:56:11 ----D---- C:\Program Files\Microsoft Security Client
2013-07-19 09:56:03 ----D---- C:\Windows\system32\drivers
2013-07-19 09:56:02 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-07-19 09:18:30 ----D---- C:\Windows\Tasks
2013-07-19 09:18:30 ----D---- C:\Windows\system32\wfp
2013-07-19 09:18:30 ----D---- C:\Windows\system32\DriverStore
2013-07-19 09:18:30 ----D---- C:\Windows\system32\catroot2
2013-07-19 09:18:29 ----D---- C:\Windows\system32\wbem
2013-07-19 09:18:29 ----D---- C:\Windows\system32\CodeIntegrity
2013-07-19 09:18:29 ----D---- C:\Windows\AppCompat
2013-07-19 09:18:27 ----D---- C:\Windows\registration
2013-07-19 09:17:26 ----D---- C:\Windows\system32\LogFiles
2013-07-14 13:23:51 ----D---- C:\Program Files (x86)\Sanny Builder 3
2013-07-14 12:54:47 ----D---- C:\ProgramData\Skype
2013-07-14 12:54:46 ----RD---- C:\Program Files (x86)\Skype
2013-07-12 12:20:25 ----RSD---- C:\Windows\assembly
2013-07-12 12:20:25 ----D---- C:\Windows\Microsoft.NET
2013-07-12 10:05:48 ----D---- C:\Windows\winsxs
2013-07-12 10:04:51 ----D---- C:\Program Files\Windows Defender
2013-07-12 10:04:51 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-12 10:04:51 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-12 10:04:50 ----D---- C:\Program Files\Internet Explorer
2013-07-12 10:04:48 ----D---- C:\Program Files\Windows Journal
2013-07-12 10:04:42 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-12 10:04:41 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 01:39:58 ----D---- C:\ProgramData\Microsoft Help
2013-07-08 23:03:01 ----D---- C:\Program Files (x86)\Mumble
2013-07-07 22:22:32 ----D---- C:\Users\Mirek\AppData\Roaming\Wargaming.net
2013-07-05 13:37:14 ----D---- C:\Windows\SYSWOW64\directx
2013-07-04 15:20:53 ----D---- C:\Users\Mirek\AppData\Roaming\.minecraft
2013-06-28 15:06:39 ----SHD---- C:\$Recycle.Bin
2013-06-28 15:06:34 ----RD---- C:\Users
2013-06-26 22:20:40 ----D---- C:\ProgramData\FarmFrenzy-PizzaParty
2013-06-26 20:28:21 ----D---- C:\Program Files (x86)\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-15 283200]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-11-16 11880]
R3 vwmfbus;Vertex Wireless Composite Device driver (WDM); C:\Windows\system32\DRIVERS\vwmfbus.sys [2009-11-11 127488]
R3 vwmfdiag;Vertex Wireless Diagnostic Monitor Port Driver (WDM); C:\Windows\system32\DRIVERS\vwmfdiag.sys [2009-11-11 128512]
R3 vwmfmdfl;~Vertex Wireless CDC Modem Filter~; C:\Windows\system32\DRIVERS\vwmfmdfl.sys [2009-11-11 18944]
R3 vwmfmdm;Vertex Wireless CDC Modem Driver; C:\Windows\system32\DRIVERS\vwmfmdm.sys [2009-11-11 161280]
R3 vwmfserd;Vertex Wireless Device Management Port Driver (WDM); C:\Windows\system32\DRIVERS\vwmfserd.sys [2009-11-11 128512]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28 163328]
R2 BrowserProtect;BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-06-03 3085264]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-14 2466304]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
R2 IBUpdaterService;IBUpdaterService; C:\Windows\system32\dmwu.exe [2013-05-16 1277744]
R2 Mp3Tube Toolbar Service;Mp3Tube Toolbar Updater Service; C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeSvc.exe [2011-04-29 227840]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-24 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2013-05-24 107832]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-01-31 2402080]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-19 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-19 116648]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-07-10 559016]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-17 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[vyosek]

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Prohledat
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

[Banny]

Dobrý den, a děkuji že jste se mě ujal.
Zde je log z JRT.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.2 (07.22.2013:2)
OS: Windows 7 Home Premium x64
Ran by Mirek on st 24.07.2013 at 15:02:32,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sweetim
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{09c554c3-109b-483c-a06b-f14172f1a947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{4e1e9d45-8bf9-4139-915c-9f83cc3d5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{b12e99ed-69bd-437c-86be-c862b9e5444d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{c26644c4-2a12-4ca6-8f2e-0ede6cf018f3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{d7ee8177-d51e-4f89-92b6-83ea2ec40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{ea28b360-05e0-4f93-8150-02891f1d8d3c}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.funmoodsesrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.funmoodsesrvc.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\f
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoods.dskbnd
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoods.dskbnd.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoods.funmoodshlpr
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoods.funmoodshlpr.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoodsapp.appcore
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoodsapp.appcore.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{23c70bca-6e23-4a65-ad2e-1389062074f1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{23d8eef7-0e13-4000-b9c4-6603c1e912d1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{295cacb4-51f5-46fd-914e-c72baae1b672}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{2ce5c4b9-6dbe-4528-96fa-c9ff38ef1762}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{31e3bc75-2a09-4cff-9c92-8d0ed8d1dc0f}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{34c1fdf7-02c1-4f23-b393-f48b16e071d1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{54291324-7a3d-4f11-b707-3fb6a2c97bd9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{59c63f11-d4e5-46e7-9b8a-ee158dca83a8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{5da22cbd-0029-4a09-b757-cf0fafc488ed}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{77a6e7d4-4a83-4a9b-a2a0-ef3b125dc29d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{c0585b2f-74d7-4734-88de-6c150c5d4036}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{ca17d76b-f91d-4659-a7fd-a9f7ed375cdd}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{d8242e89-2f81-484a-ae5b-ba8cad5b7347}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{ef0588d6-1621-4a75-b8be-f4bc34794136}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sim-packages
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetim_urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{4e1e9d45-8bf9-4139-915c-9f83cc3d5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{d7ee8177-d51e-4f89-92b6-83ea2ec40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{e2343056-cc08-46ac-b898-bfc7acf4e755}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\funmoods
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installcore
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wnlt
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\putlockerdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\putlockerdownloader_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\putlockerdownloader_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\app paths\sweetim.exe
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\datamngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5BAFCFFE-DAA6-4EC9-A57B-5772E63E39B9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{839A5A6A-12EE-4D7F-AA87-787F9E56F8E4}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\bettersoft"
Failed to delete: [Folder] "C:\ProgramData\browserprotect"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\Users\Mirek\AppData\Roaming\b1toolbar"
Successfully deleted: [Folder] "C:\Users\Mirek\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\Mirek\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Mirek\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\Mirek\AppData\Roaming\funmoods"
Successfully deleted: [Folder] "C:\Users\Mirek\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Mirek\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\Mirek\appdata\local\b1e"
Successfully deleted: [Folder] "C:\Users\Mirek\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Mirek\appdata\locallow\mp3tube toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\funmoods"
Failed to delete: [Folder] "C:\Program Files (x86)\mp3tube toolbar"
Failed to delete: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetpacks bundle uninstaller"
Successfully deleted: [Folder] "C:\Program Files (x86)\websearch"
Successfully deleted: [Folder] "C:\Windows\syswow64\arfc"
Failed to delete: [Folder] "C:\Windows\syswow64\jmdp"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\extensioninstallforcelist [Blacklisted Policy]
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 24.07.2013 at 15:14:06,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Banny]

A zde log z AdwCleaner.

# AdwCleaner v2.306 - Log vytvooen 24/07/2013 v 15:16:54
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Mirek - MIREK-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Mirek\Desktop\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****

Nalezeno : BrowserProtect
Nalezeno : IBUpdaterService
Nalezeno : Mp3Tube Toolbar Service

***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\Mp3Tube Toolbar
Složka Nalezeno : C:\Program Files (x86)\PutLockerDownloader
Složka Nalezeno : C:\Program Files (x86)\SweetIM
Složka Nalezeno : C:\ProgramData\BrowserProtect
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab
Složka Nalezeno : C:\ProgramData\SearchNewTab
Složka Nalezeno : C:\ProgramData\ssafe saveu
Složka Nalezeno : C:\Users\Mirek\AppData\Local\Mail.Ru
Složka Nalezeno : C:\Users\Mirek\AppData\Local\PutLockerDownloader
Složka Nalezeno : C:\Users\Mirek\AppData\LocalLow\SearchNewTab
Složka Nalezeno : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Složka Nalezeno : C:\Windows\SysWOW64\jmdp
Složka Nalezeno : C:\Windows\SysWOW64\WNLT
Soubor Nalezeno : C:\Users\Mirek\AppData\Roaming\BabMaint.exe

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{46897C77-E7A6-4C33-BFFB-E9C2E2718942}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{46897C77-E7A6-4C33-BFFB-E9C2E2718942}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Mp3Tube
Klíe Nalezeno : HKCU\Software\DataMngr
Klíe Nalezeno : HKCU\Software\DataMngr_Toolbar
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{46897C77-E7A6-4C33-BFFB-E9C2E2718942}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9BC1E98C-7328-74B4-22E0-ECE42D2D4E8E}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{46897C77-E7A6-4C33-BFFB-E9C2E2718942}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9BC1E98C-7328-74B4-22E0-ECE42D2D4E8E}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\WNLT
Klíe Nalezeno : HKCU\Software\5f53d98abd6ee813
Klíe Nalezeno : HKCU\Software\aebcabaaefefeebfccsacfsfdsf
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\FB6D58DD787439A4995AF3C00FEA8843
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\FB6D58DD787439A4995AF3C00FEA8843
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\Software\DataMngr
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\Software\Mp3Tube
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\5f53d98abd6ee813
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{46897C77-E7A6-4C33-BFFB-E9C2E2718942}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9BC1E98C-7328-74B4-22E0-ECE42D2D4E8E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9BC1E98C-7328-74B4-22E0-ECE42D2D4E8E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Homepage Protection Service
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IspAssistant-Mp3Tube
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mp3Tube Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro
Klíe Nalezeno : HKU\S-1-5-21-2804951617-1283590814-551735116-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16635

[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www2.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=4E7C00241DDEB629
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://searchfunmoods.com/?f=1&a=ironpub12&cd=2XzuyEtN2Y1L1QzutDtDtByEtC0D0D0E0ByCtBzyzy0ByE0BtN0D0Tzu0CyEyEyEtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1L1C1F1G1E2Y1StCtB&cr=427776559&ir=

*************************

AdwCleaner[R1].txt - [12050 octets] - [24/07/2013 15:16:54]

########## EOF - C:\AdwCleaner[R1].txt - [12111 octets] ##########

[vyosek]

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Smazat
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

[Banny]

tady je.

# AdwCleaner v2.306 - Log vytvooen 24/07/2013 v 15:28:48
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Mirek - MIREK-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Mirek\Desktop\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****

Zastaveno & vymazáno : BrowserProtect
Zastaveno & vymazáno : IBUpdaterService
Zastaveno & vymazáno : Mp3Tube Toolbar Service

***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files (x86)\Mp3Tube Toolbar
Složka Vymazáno : C:\Program Files (x86)\PutLockerDownloader
Složka Vymazáno : C:\Program Files (x86)\SweetIM
Složka Vymazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab
Složka Vymazáno : C:\ProgramData\SearchNewTab
Složka Vymazáno : C:\ProgramData\ssafe saveu
Složka Vymazáno : C:\Users\Mirek\AppData\Local\Mail.Ru
Složka Vymazáno : C:\Users\Mirek\AppData\Local\PutLockerDownloader
Složka Vymazáno : C:\Users\Mirek\AppData\LocalLow\SearchNewTab
Složka Vymazáno : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Složka Vymazáno : C:\Windows\SysWOW64\jmdp
Složka Vymazáno : C:\Windows\SysWOW64\WNLT
Soubor Vymazáno : C:\Users\Mirek\AppData\Roaming\BabMaint.exe
Vymazáno poi restartu : C:\ProgramData\BrowserProtect

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{46897C77-E7A6-4C33-BFFB-E9C2E2718942}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{46897C77-E7A6-4C33-BFFB-E9C2E2718942}]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Mp3Tube
Klíe Vymazáno : HKCU\Software\DataMngr
Klíe Vymazáno : HKCU\Software\DataMngr_Toolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{46897C77-E7A6-4C33-BFFB-E9C2E2718942}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9BC1E98C-7328-74B4-22E0-ECE42D2D4E8E}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{46897C77-E7A6-4C33-BFFB-E9C2E2718942}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9BC1E98C-7328-74B4-22E0-ECE42D2D4E8E}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\WNLT
Klíe Vymazáno : HKCU\Software\5f53d98abd6ee813
Klíe Vymazáno : HKCU\Software\aebcabaaefefeebfccsacfsfdsf
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\FB6D58DD787439A4995AF3C00FEA8843
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\FB6D58DD787439A4995AF3C00FEA8843
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\Software\DataMngr
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKLM\Software\Mp3Tube
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\5f53d98abd6ee813
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{46897C77-E7A6-4C33-BFFB-E9C2E2718942}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9BC1E98C-7328-74B4-22E0-ECE42D2D4E8E}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9BC1E98C-7328-74B4-22E0-ECE42D2D4E8E}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Homepage Protection Service
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IspAssistant-Mp3Tube
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mp3Tube Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro
Klíe Vymazáno : HKU\S-1-5-21-2804951617-1283590814-551735116-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16635

Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://searchfunmoods.com/?f=1&a=ironpub12&cd=2XzuyEtN2Y1L1QzutDtDtByEtC0D0D0E0ByCtBzyzy0ByE0BtN0D0Tzu0CyEyEyEtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1L1C1F1G1E2Y1StCtB&cr=427776559&ir= --> hxxp://www.google.com

*************************

AdwCleaner[R1].txt - [12127 octets] - [24/07/2013 15:16:54]
AdwCleaner[S1].txt - [11907 octets] - [24/07/2013 15:28:48]

########## EOF - C:\AdwCleaner[S1].txt - [11968 octets] ##########

[vyosek]

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

[Banny]

Otl log.

OTL logfile created on: 24.7.2013 15:41:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mirek\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,99 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 57,78% Memory free
7,98 Gb Paging File | 6,10 Gb Available in Paging File | 76,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 58,69 Gb Free Space | 60,15% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 185,20 Gb Free Space | 50,31% Space Free | Partition Type: NTFS

Computer Name: MIREK-PC | User Name: Mirek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Processes (SafeList) ==========

PRC - [2013.07.24 15:37:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mirek\Desktop\OTL.exe
PRC - [2013.07.12 20:49:47 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.06.07 13:45:00 | 000,568,334 | --S- | M] () -- C:\Windows\inf\msbaktw\msbaktw.exe
PRC - [2013.05.28 15:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
PRC - [2013.05.24 18:24:35 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2013.05.24 18:24:26 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.05.14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.01.18 21:29:28 | 001,209,392 | ---- | M] () -- C:\Users\Mirek\AppData\Roaming\HoolappForAndroid\Hoolapp.exe
PRC - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.05.20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.05.20 11:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.11.21 05:23:51 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe
PRC - [2009.12.17 16:46:22 | 016,733,696 | ---- | M] (Vertex Wireless) -- C:\Program Files (x86)\Vertex Wireless\VW100 Connection Manager\Connection Manager.exe


========== Modules (No Company Name) ==========

MOD - [2013.07.12 20:49:44 | 000,396,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013.07.12 20:49:43 | 013,599,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
MOD - [2013.07.12 20:49:42 | 004,052,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013.07.12 20:48:52 | 000,601,552 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\libglesv2.dll
MOD - [2013.07.12 20:48:51 | 000,123,344 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\libegl.dll
MOD - [2013.07.12 20:48:49 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2013.07.12 12:15:10 | 000,492,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\11c176470524e1843fbbcc571cd0aa88\IAStorUtil.ni.dll
MOD - [2013.07.12 12:15:10 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\22d36f517c7545fdb65ccddae680a3eb\IAStorCommon.ni.dll
MOD - [2013.07.12 10:13:18 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\89fe719039385377f6b5ad8d0070aa6b\System.Runtime.Remoting.ni.dll
MOD - [2013.07.12 10:12:54 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
MOD - [2013.07.12 10:12:48 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
MOD - [2013.07.12 10:12:38 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll
MOD - [2013.07.12 10:12:34 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
MOD - [2013.07.12 10:12:31 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
MOD - [2013.07.12 10:12:30 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
MOD - [2013.07.12 10:12:25 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013.06.07 13:45:00 | 000,568,334 | --S- | M] () -- C:\Windows\inf\msbaktw\msbaktw.exe
MOD - [2013.06.07 13:45:00 | 000,279,955 | --S- | M] () -- C:\Windows\inf\msbaktw\libidn-11.dll
MOD - [2013.06.07 13:45:00 | 000,084,992 | --S- | M] () -- C:\Windows\inf\msbaktw\zlib1.dll
MOD - [2013.01.18 21:29:28 | 001,209,392 | ---- | M] () -- C:\Users\Mirek\AppData\Roaming\HoolappForAndroid\Hoolapp.exe
MOD - [2011.04.12 10:34:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 04:00:59 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.12.17 16:46:16 | 000,411,136 | ---- | M] () -- C:\Program Files (x86)\Vertex Wireless\VW100 Connection Manager\VW_COM.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013.06.20 20:33:08 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013.06.20 20:33:08 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.07.10 03:56:22 | 000,559,016 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.06.21 10:57:12 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.28 15:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.24 18:24:35 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2013.05.24 18:24:26 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.05.14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.26 00:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.01.31 10:35:50 | 002,402,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.12.14 11:08:50 | 002,466,304 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.05.20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.06.18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013.03.15 22:59:41 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.09.29 11:30:34 | 000,646,248 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.05.20 10:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.11.11 14:09:50 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwmfmdm.sys -- (vwmfmdm)
DRV:64bit: - [2009.11.11 14:09:50 | 000,128,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwmfserd.sys -- (vwmfserd)
DRV:64bit: - [2009.11.11 14:09:50 | 000,128,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwmfdiag.sys -- (vwmfdiag)
DRV:64bit: - [2009.11.11 14:09:50 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwmfbus.sys -- (vwmfbus)
DRV:64bit: - [2009.11.11 14:09:50 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwmfmdfl.sys -- (vwmfmdfl)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2012.11.16 16:51:26 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://seznam.cz/?clid=2
IE - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://seznam.cz/?clid=2
IE - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\..\SearchScopes\{25D7039D-DC01-4329-903E-549DEF259237}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
IE - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\..\SearchScopes\{4D56C806-31FA-48A0-A611-B2AC03D52D12}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)


[2013.04.30 18:57:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mirek\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2013.04.11 17:54:38 | 000,199,543 | ---- | M] () (No name found) -- C:\Users\Mirek\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\putlockerdownloader3@putlockerdownloader.com.xpi

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2804951617-1283590814-551735116-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-2804951617-1283590814-551735116-1000..\Run: [Hoolapp Android] C:\Users\Mirek\AppData\Roaming\HoolappForAndroid\Hoolapp.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A138DC2F-D34E-4478-A8E7-69C41286C375}: NameServer = 78.136.128.4 78.136.128.12
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{09564204-8c7e-11e2-91af-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{09564204-8c7e-11e2-91af-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{caeb315f-8d88-11e2-8763-00241ddeb629}\Shell - "" = AutoRun
O33 - MountPoints2\{caeb315f-8d88-11e2-8763-00241ddeb629}\Shell\AutoRun\command - "" = H:\VW100_Modem_Installation.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: vidc.tsc2 - C:\Windows\SysWOW64\tsc2_codec64.dll (TechSmith Corporation)
Drivers32:64bit: vidc.tscc - C:\Windows\SysWOW64\tsccvid64.dll (TechSmith Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.tsc2 - C:\Windows\SysWOW64\tsc2_codec32.dll (TechSmith Corporation)
Drivers32: vidc.tscc - C:\Windows\SysWOW64\tsccvid.dll (TechSmith Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 14 Days ==========

[2013.07.24 15:37:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mirek\Desktop\OTL.exe
[2013.07.24 15:02:28 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.07.24 14:59:35 | 000,560,934 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Mirek\Desktop\JRT.exe
[2013.07.24 14:16:18 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.07.24 14:16:18 | 000,000,000 | ---D | C] -- C:\rsit
[2013.07.23 16:10:50 | 000,035,104 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2013.07.23 16:10:50 | 000,026,400 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2013.07.23 16:10:50 | 000,021,792 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2013.07.23 16:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013.07.23 16:10:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2013.07.22 16:14:10 | 000,000,000 | ---D | C] -- C:\ProgramData\FarmFrenzy_Vikings
[2013.07.19 10:18:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.07.19 10:18:29 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.07.19 10:18:26 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.07.19 10:18:26 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.07.19 10:18:26 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.07.19 10:18:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.07.14 13:25:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTA San Andreas
[2013.07.14 12:47:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013.07.14 12:21:58 | 000,000,000 | ---D | C] -- C:\Users\Mirek\Desktop\Slozky
[2013.07.13 07:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Farm Fishes
[2013.07.12 18:59:49 | 000,000,000 | ---D | C] -- C:\Users\Mirek\Documents\SCANIA Truck Driving Simulator
[2013.07.12 18:58:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCANIA Truck Driving Simulator
[2013.07.12 01:39:11 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.07.12 01:39:10 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.07.12 01:39:09 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.07.12 01:39:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.07.12 01:39:09 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.07.12 01:39:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.07.12 01:39:09 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.07.12 01:39:09 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.07.12 01:39:09 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.07.12 01:39:09 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.07.12 01:39:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.07.12 01:39:08 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.07.12 01:39:07 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.07.12 01:39:07 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.07.12 01:39:07 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.07.11 15:41:42 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.07.11 15:41:42 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013.07.11 15:41:42 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013.07.11 15:41:41 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.07.11 15:41:05 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2013.07.24 15:42:25 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.07.24 15:40:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.24 15:39:12 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.24 15:39:12 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.24 15:37:59 | 001,423,446 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.07.24 15:37:59 | 000,914,252 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.24 15:37:59 | 000,395,976 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.07.24 15:37:59 | 000,369,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.24 15:37:59 | 000,006,436 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.24 15:37:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mirek\Desktop\OTL.exe
[2013.07.24 15:32:11 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.24 15:32:10 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\schedule!3036567561.job
[2013.07.24 15:31:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.24 15:31:53 | 3214,528,512 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.24 15:29:14 | 000,000,097 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.07.24 15:11:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.24 15:00:36 | 000,666,633 | ---- | M] () -- C:\Users\Mirek\Desktop\adwcleaner.exe
[2013.07.24 14:59:54 | 000,560,934 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Mirek\Desktop\JRT.exe
[2013.07.24 14:15:18 | 000,935,175 | ---- | M] () -- C:\Users\Mirek\Desktop\RSITx64.exe
[2013.07.23 17:43:45 | 000,341,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.23 17:40:09 | 000,003,408 | ---- | M] () -- C:\bootsqm.dat
[2013.07.23 12:17:20 | 000,201,802 | ---- | M] () -- C:\Windows\SysWow64\poclbm130302GeForce GTS 250v1w256l4.bin
[2013.07.23 12:17:13 | 000,000,000 | ---- | M] () -- C:\Users\Mirek\regbcm
[2013.07.19 10:18:23 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.07.19 10:18:22 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.07.19 10:18:22 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.07.19 10:18:21 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.07.19 10:18:21 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.07.19 10:18:21 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.07.19 09:56:20 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.07.24 15:42:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.07.24 15:29:05 | 000,000,097 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.07.24 15:00:00 | 000,666,633 | ---- | C] () -- C:\Users\Mirek\Desktop\adwcleaner.exe
[2013.07.24 14:14:55 | 000,935,175 | ---- | C] () -- C:\Users\Mirek\Desktop\RSITx64.exe
[2013.07.23 17:43:37 | 000,341,112 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.23 17:40:09 | 000,003,408 | ---- | C] () -- C:\bootsqm.dat
[2013.07.23 16:10:48 | 000,002,223 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013.07.23 12:17:20 | 000,201,802 | ---- | C] () -- C:\Windows\SysWow64\poclbm130302GeForce GTS 250v1w256l4.bin
[2013.07.23 12:17:13 | 000,000,000 | ---- | C] () -- C:\Users\Mirek\regbcm
[2013.05.21 18:45:15 | 000,071,680 | ---- | C] () -- C:\ProgramData\2D47.exe
[2013.05.21 18:30:14 | 000,071,680 | ---- | C] () -- C:\ProgramData\706E.exe
[2013.04.27 15:39:10 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.04.27 15:39:08 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.04.27 15:39:08 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.03.14 11:23:47 | 001,563,524 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.07.04 15:20:53 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\.minecraft
[2013.04.06 13:24:03 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Artogon
[2013.06.21 14:55:34 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Audacity
[2013.03.16 08:48:11 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\BeachPartyCraze
[2013.04.01 00:49:13 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\DAEMON Tools Lite
[2013.05.25 11:08:35 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\ERS Game Studios
[2013.04.15 17:14:32 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Farm Mania
[2013.05.05 07:38:08 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Farm Mania 2
[2013.05.18 15:29:05 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Farm Mania 2.1
[2013.03.20 00:10:49 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\HoolappForAndroid
[2013.04.10 16:02:27 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Kalypso Media
[2013.07.02 19:05:21 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Meridian93
[2013.06.15 21:05:12 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Mumble
[2013.06.16 19:28:06 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Opera
[2013.03.20 00:10:52 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Pivot StickFigure Animator Packages
[2013.06.22 11:44:05 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Seznam.cz
[2013.05.31 19:03:52 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\TechSmith
[2013.07.23 15:55:24 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\thejoyoffarming
[2013.04.18 17:21:33 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Tropico 4
[2013.06.02 16:51:09 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\TS3Client
[2013.03.15 23:02:22 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\TuneUp Software
[2013.07.07 22:22:32 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Wargaming.net

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,524 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.03.15 22:00:28 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.06.15 15:02:33 | 000,000,416 | -H-- | C] () -- C:\Windows\Tasks\schedule!3036567561.job
[2013.06.19 18:22:51 | 000,000,946 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.19 18:22:51 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.05.08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.05.08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.07.04 15:20:53 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\.minecraft
[2013.03.14 10:16:01 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Adobe
[2013.04.06 13:24:03 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Artogon
[2013.06.21 14:55:34 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Audacity
[2013.03.16 08:48:11 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\BeachPartyCraze
[2013.04.01 00:49:13 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\DAEMON Tools Lite
[2013.05.25 11:08:35 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\ERS Game Studios
[2013.05.14 18:49:56 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\ESTsoft
[2013.04.15 17:14:32 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Farm Mania
[2013.05.05 07:38:08 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Farm Mania 2
[2013.05.18 15:29:05 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Farm Mania 2.1
[2013.03.20 00:10:49 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\HoolappForAndroid
[2013.03.14 09:29:40 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Identities
[2013.03.14 10:03:27 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\InstallShield
[2013.03.14 10:06:32 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Intel Corporation
[2013.04.10 16:02:27 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Kalypso Media
[2013.03.15 22:00:40 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Macromedia
[2011.04.12 10:45:23 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Media Center Programs
[2013.07.02 19:05:21 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Meridian93
[2013.07.24 11:00:55 | 000,000,000 | --SD | M] -- C:\Users\Mirek\AppData\Roaming\Microsoft
[2013.04.30 18:57:51 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Mozilla
[2013.06.15 21:05:12 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Mumble
[2013.05.08 13:56:46 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\NVIDIA
[2013.06.16 19:28:06 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Opera
[2013.03.20 00:10:52 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Pivot StickFigure Animator Packages
[2013.05.24 18:27:14 | 000,000,000 | RH-D | M] -- C:\Users\Mirek\AppData\Roaming\SecuROM
[2013.06.22 11:44:05 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Seznam.cz
[2013.07.24 15:33:34 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Skype
[2013.05.31 19:03:52 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\TechSmith
[2013.07.23 15:55:24 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\thejoyoffarming
[2013.04.18 17:21:33 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Tropico 4
[2013.06.02 16:51:09 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\TS3Client
[2013.03.15 23:02:22 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\TuneUp Software
[2013.07.07 22:22:32 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\Wargaming.net
[2013.04.10 15:43:38 | 000,000,000 | ---D | M] -- C:\Users\Mirek\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2013.01.18 21:29:28 | 001,209,392 | ---- | M] () -- C:\Users\Mirek\AppData\Roaming\HoolappForAndroid\Hoolapp.exe
[2013.01.18 21:30:48 | 000,100,912 | ---- | M] () -- C:\Users\Mirek\AppData\Roaming\HoolappForAndroid\UpdateProc\UpdateTask.exe
[2013.01.30 15:45:44 | 001,114,624 | ---- | M] () -- C:\Users\Mirek\AppData\Roaming\Pivot StickFigure Animator Packages\uninstaller.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.07.24 15:11:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.07.24 15:32:11 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.07.24 15:40:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.07.24 15:32:10 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\schedule!3036567561.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.07.23 12:17:20 | 000,201,802 | ---- | M] () -- C:\Windows\system32\poclbm130302GeForce GTS 250v1w256l4.bin

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.21 05:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)
"Hoolapp Android" = "C:\Users\Mirek\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized -- [2013.01.18 21:29:28 | 001,209,392 | ---- | M] ()
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013.03.14 10:23:30 | 003,672,640 | ---- | M] (Disc Soft Ltd)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.06.12 02:23:57 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.07.12 20:49:47 | 000,846,288 | ---- | M] (Google Inc.) MD5=CB037F03178E31BA2985ADD15879CA56 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.07.24 15:42:25 | 000,000,512 | ---- | M] () MD5=3EEC1D3B02C1A6FE4B2D43B5C6FB00E0 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.05.03 19:38:36 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.05.03 19:39:16 | 000,063,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012.05.21 05:03:06 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012.05.21 05:03:06 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2012.12.09 23:27:18 | 000,002,223 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_azul_preloader.swf
[2012.12.09 23:27:18 | 000,001,841 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_black_outline_preloader.swf
[2012.12.09 23:27:18 | 000,001,810 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_black_preloader.swf
[2012.12.09 23:27:18 | 000,002,173 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_blue_preloader.swf
[2012.12.09 23:27:18 | 000,028,899 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_branded_large_preloader.swf
[2012.12.09 23:27:18 | 000,017,183 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_branded_small_preloader.swf
[2012.12.09 23:27:18 | 000,002,140 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_gray_grad_preloader.swf
[2012.12.09 23:27:18 | 000,001,845 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_white_preloader.swf
[2012.12.09 23:27:18 | 000,002,278 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_azul_preloader.swf
[2012.12.09 23:27:18 | 000,001,899 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_black_outline_preloader.swf
[2012.12.09 23:27:18 | 000,001,863 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_black_preloader.swf
[2012.12.09 23:27:18 | 000,002,227 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_blue_preloader.swf
[2012.12.09 23:27:18 | 000,028,967 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_branded_large_preloader.swf
[2012.12.09 23:27:18 | 000,017,248 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_branded_small_preloader.swf
[2012.12.09 23:27:18 | 000,002,204 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_gray_grad_preloader.swf
[2012.12.09 23:27:18 | 000,001,899 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_white_preloader.swf
[2012.12.09 23:27:18 | 000,236,529 | ---- | M] () -- \Program Files (x86)\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\preloaders_src.zip
[2012.06.09 20:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.01.23 11:31:10 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.01.23 11:31:10 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.01.23 11:31:10 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.01.23 11:31:10 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.01.23 11:31:10 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.01.23 11:31:10 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.07.14 15:07:05 | 000,004,504 | ---- | M] () -- \Users\Mirek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cflheckfmhopnialghigdlggahiomebp\10.16.4.512_0\js\chromeBackstageLoader.js
[2013.07.14 15:07:05 | 000,003,100 | ---- | M] () -- \Users\Mirek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cflheckfmhopnialghigdlggahiomebp\10.16.4.512_0\js\pluginLoader.js
[2013.07.14 15:07:04 | 000,000,847 | ---- | M] () -- \Users\Mirek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cflheckfmhopnialghigdlggahiomebp\10.16.4.512_0\tb\al\ac\img\ajax-loader.gif
[2013.07.14 15:07:04 | 000,001,135 | ---- | M] () -- \Users\Mirek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cflheckfmhopnialghigdlggahiomebp\10.16.4.512_0\tb\al\ac\img\loader-icon.png
[2013.07.14 15:07:04 | 000,003,208 | ---- | M] () -- \Users\Mirek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cflheckfmhopnialghigdlggahiomebp\10.16.4.512_0\tb\al\ui\gf\img\loader.gif
[2013.07.14 15:07:02 | 000,001,849 | ---- | M] () -- \Users\Mirek\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cflheckfmhopnialghigdlggahiomebp\10.16.4.512_0\tb\al\wa\TWITTER\resources\ajax-loader.gif
[2013.03.15 23:00:06 | 000,057,728 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2013.03.15 23:00:07 | 000,057,728 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2013.03.15 23:00:07 | 000,057,728 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2013.03.15 23:00:07 | 000,057,728 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2013.03.15 23:00:07 | 000,057,728 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2013.03.15 23:00:07 | 000,061,770 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2013.03.15 23:00:07 | 000,061,770 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2013.07.15 18:20:21 | 000,009,427 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3H7TQMZ8\ajax-loader[1].gif
[2013.07.14 12:29:27 | 000,000,673 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3H7TQMZ8\loader.white[2].gif
[2013.07.21 16:02:38 | 000,002,415 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\57YRY4ID\loader[1].gif
[2013.07.23 17:34:28 | 000,001,511 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DXVL7ACH\AdLoader[1].htm
[2013.07.14 09:12:18 | 000,109,448 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LTOBFSVJ\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[1].js
[2013.07.14 09:12:18 | 000,001,511 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MRXL3M3F\AdLoader[1].htm
[2013.07.20 23:22:21 | 000,086,577 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MRXL3M3F\file-uploader[1].swf
[2013.07.16 17:01:43 | 000,000,673 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MRXL3M3F\loader.white[1].gif
[2013.07.14 20:14:37 | 000,005,818 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MRXL3M3F\loader[1].gif
[2013.07.23 17:34:29 | 000,109,448 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N5X6RQWQ\AdLoader-b3e321cab5fbc3c4ed10b513bb467bae.min[1].js
[2013.07.23 06:30:18 | 000,000,433 | ---- | M] () -- \Users\Mirek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SS7CBBUN\loader-vflff1Mjj[1].gif
[2012.12.11 16:05:00 | 000,000,148 | ---- | M] () -- \Users\Mirek\AppData\Local\Temp\ish162350\loader.bmp.Mask
[2012.12.18 17:52:00 | 000,000,629 | ---- | M] () -- \Users\Mirek\AppData\Local\Temp\ish162350\images\loader-close.png
[2012.12.18 12:31:22 | 000,052,517 | ---- | M] () -- \Users\Mirek\AppData\Local\Temp\ish162350\images\preloader.gif
[2012.12.11 16:05:00 | 000,000,148 | ---- | M] () -- \Users\Mirek\AppData\Local\Temp\ish28844\loader.bmp.Mask
[2012.12.18 17:52:00 | 000,000,629 | ---- | M] () -- \Users\Mirek\AppData\Local\Temp\ish28844\images\loader-close.png
[2012.12.18 12:31:22 | 000,052,517 | ---- | M] () -- \Users\Mirek\AppData\Local\Temp\ish28844\images\preloader.gif
[2012.12.11 16:05:00 | 000,000,148 | ---- | M] () -- \Users\Mirek\AppData\Local\Temp\ish37097\loader.bmp.Mask
[2012.12.18 17:52:00 | 000,000,629 | ---- | M] () -- \Users\Mirek\AppData\Local\Temp\ish37097\images\loader-close.png
[2012.12.18 12:31:22 | 000,052,517 | ---- | M] () -- \Users\Mirek\AppData\Local\Temp\ish37097\images\preloader.gif
[2012.12.11 16:05:00 | 000,000,148 | ---- | M] () -- \Users\Mirek\AppData\Local\Temp\ish54272\loader.bmp.Mask
[2012.12.18 17:52:00 | 000,000,629 | ---- | M] () -- \Users\Mirek\AppData\Local\Temp\ish54272\images\loader-close.png
[2012.12.18 12:31:22 | 000,052,517 | ---- | M] () -- \Users\Mirek\AppData\Local\Temp\ish54272\images\preloader.gif
[2013.04.11 17:54:38 | 000,199,543 | ---- | M] () -- \Users\Mirek\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\putlockerdownloader3@putlockerdownloader.com.xpi
[2013.04.02 20:13:51 | 000,002,122 | ---- | M] () -- \Users\Mirek\Desktop\Programy\MP3 Downloader.lnk
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.03.14 10:21:27 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.03.14 10:21:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.03.14 10:21:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.03.14 10:21:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.04.12 10:34:35 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.04.12 10:34:35 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.04.12 10:34:35 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.04.12 10:34:35 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.04.12 10:34:35 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2013.03.14 10:52:02 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.03.14 10:52:02 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.03.14 10:52:02 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.03.14 10:52:02 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.03.14 10:52:02 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.04.12 10:33:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.03.14 10:21:27 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.03.14 10:21:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.03.14 10:21:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.03.14 10:21:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:BACB6B6C

< End of report >

[Banny]

Extras log.

OTL Extras logfile created on: 24.7.2013 15:41:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mirek\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,99 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 57,78% Memory free
7,98 Gb Paging File | 6,10 Gb Available in Paging File | 76,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 58,69 Gb Free Space | 60,15% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 185,20 Gb Free Space | 50,31% Space Free | Partition Type: NTFS

Computer Name: MIREK-PC | User Name: Mirek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-2804951617-1283590814-551735116-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Mirek\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Mirek\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2A4F8290-C966-4129-AFFE-D89B4AAF6BD4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{60CD6DD9-E1AD-4AD5-87B3-8CCDFC6D4FE3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{D10FE5E8-C6D0-448B-9B71-C0CBB7D1E916}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03214715-9A2A-4839-ABDB-194A07FC3F46}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{0770E4A8-76FD-404C-B010-4C046BB368FE}" = protocol=17 | dir=in | app=d:\hry\farcry 2\far cry 2\bin\fc2editor.exe |
"{10E7ADD1-86CB-441D-9515-5E1D2C975995}" = protocol=6 | dir=in | app=d:\hry\battle of the immortals\battle of the immortals\battle of the immortals_en\launcher.exe |
"{188FA570-A579-49CC-8D1B-479E4502D54A}" = protocol=17 | dir=in | app=d:\hry\farcry 2\far cry 2\bin\fc2launcher.exe |
"{190F5D38-DB6D-4F9A-B7CC-5D97E5E2AEF0}" = protocol=6 | dir=in | app=d:\hry\gta 4\grand theft auto iv\gtaiv.exe |
"{1A8FEE5F-9609-45E0-B87A-7DEB4FCF9933}" = protocol=17 | dir=in | app=d:\hry\battle of the immortals\battle of the immortals\battle of the immortals_en\launcher.exe |
"{1F2950C5-5AF7-409F-AB33-C0BD2227A75D}" = protocol=17 | dir=in | app=d:\hry\gta 4\rockstar games social club\rgsclauncher.exe |
"{22F06E72-9BC2-44BA-A670-FB0DEA10A79E}" = protocol=6 | dir=in | app=d:\hry\gta 4\rockstar games social club\rgsclauncher.exe |
"{26B2E047-8401-42BC-AB33-9797B7BFBA1D}" = protocol=6 | dir=in | app=d:\hry\gta 4\grand theft auto iv\launchgtaiv.exe |
"{29000B68-F4B3-4698-BA38-846BDC0400C8}" = protocol=17 | dir=in | app=d:\hry\gta 4\grand theft auto iv\gtaiv.exe |
"{3CE60C25-FD25-445B-B8CC-604A4E5C609E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3FB7A3CC-8247-4CE3-8DDF-EEF13D97B891}" = protocol=6 | dir=in | app=c:\users\mirek\desktop\hry\magic launcher.exe |
"{41CB9785-B703-452D-ADDA-92D55AEFDAC2}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{46412B04-D439-4203-B20A-9468506765E6}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{47106028-81A8-45C8-B0E5-CD25A93B2329}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{4A6B3BC7-C502-4EE7-AF30-1133954586BA}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{54F46D2B-7ADB-464E-87A5-DB17D1D19917}" = protocol=17 | dir=in | app=c:\users\mirek\desktop\hry\magic launcher.exe |
"{59970514-2174-4374-8927-EFBBD53F86DD}" = protocol=17 | dir=in | app=d:\hry\farcry 2\far cry 2\bin\farcry2.exe |
"{749E6FF2-A08A-4D29-95DC-5F03CBF44ED8}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{809C2F00-064C-4687-919D-E8E507FA079C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{86CE7428-10FD-4C2A-A57B-5DFA001538CA}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{890788FE-CED9-411A-BBD7-7BD3F7D18484}" = protocol=6 | dir=in | app=c:\program files (x86)\logmein hamachi\hamachi-2-ui.exe |
"{89B7EEE3-4968-47FE-AC67-0130ABC27F78}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8B8205E3-D393-409D-A3ED-59787F6952D8}" = protocol=6 | dir=in | app=d:\hry\farcry 2\far cry 2\bin\fc2launcher.exe |
"{8BDC549B-DF60-479E-B9F6-367E1A824780}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9AEF71E0-19E0-424E-A5D4-4F7280CCAFD1}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{A1210460-C33D-4B51-AAAA-BAC0E4C004C2}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{B3142E8F-F252-4C35-8342-074536AB2AFA}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B5FC31CE-B9AA-412B-9F7F-F9B5FC45B50E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{BBEE456B-ED1A-4C3F-A531-27B4166EE21E}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{C53FD99B-EB98-4E12-89BF-B71AFCB64FD5}" = protocol=6 | dir=in | app=d:\hry\farcry 2\far cry 2\bin\fc2editor.exe |
"{C7AAC952-9581-4730-84C6-73FF87AB8619}" = protocol=17 | dir=in | app=c:\program files (x86)\logmein hamachi\hamachi-2-ui.exe |
"{C8202835-2DAD-4A53-9987-CD5653A7CFCD}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{C84D5F85-08E4-4952-8F87-A0CCC99D3022}" = protocol=6 | dir=in | app=d:\hry\farcry 2\far cry 2\bin\farcry2.exe |
"{D8F2DAC7-7250-4F3B-B5B2-FE8FF91E4E27}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DBA11092-567E-42EB-B89B-FCECAD702AF7}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{DF332D47-0072-487B-8AAF-B12C949C9F75}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E8046734-EF6E-48C1-B04E-42DEB519D95F}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{E93A5FB8-2F2D-446F-923F-DE7B88D785DF}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{EC013D48-F042-4118-997C-0B30969E2B8F}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{EFD3070B-250B-4E75-8C58-259E4F07E6EF}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{F14A4844-02EE-4D4D-8323-CC5277E8B4DB}" = protocol=17 | dir=in | app=d:\hry\gta 4\grand theft auto iv\launchgtaiv.exe |
"{F870964F-D267-488F-9E6F-D61FBB577CA3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{09803685-5F4E-4450-9230-C45B682ECD00}D:\hry\gta 4\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\hry\gta 4\grand theft auto iv\gtaiv.exe |
"TCP Query User{104E9FB2-EEC1-49EA-80C3-1AE91C34DCBF}D:\hry\saints row the third\saintsrowthethird.exe" = protocol=6 | dir=in | app=d:\hry\saints row the third\saintsrowthethird.exe |
"TCP Query User{265AF92C-DD87-4A99-8ECC-72A2ABAFD60A}D:\hry\counter-strike 1.6\csko.exe" = protocol=6 | dir=in | app=d:\hry\counter-strike 1.6\csko.exe |
"TCP Query User{3413F832-C54E-4ACB-B47E-8783607BDA1F}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{41432255-A70F-4C37-B28A-AD1718C385C5}D:\hry\operation flashpoint\operationflashpoint\operationflashpoint.exe" = protocol=6 | dir=in | app=d:\hry\operation flashpoint\operationflashpoint\operationflashpoint.exe |
"TCP Query User{55421BA4-4EDC-43FA-985C-41C09E2AB8A8}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{56DFD80B-31CA-44CB-B05B-4C2C22CC66FB}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{8A9985EF-56A0-47B7-933E-FF5579EBFC24}D:\hry\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\hry\crysis 2\bin32\crysis2.exe |
"TCP Query User{AC36673A-1252-4EBD-AF3E-050D2C62CC4D}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{B4DEF291-DA08-4749-9D53-7029D8118D96}D:\hry\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=d:\hry\counter-strike 1.6\hl.exe |
"TCP Query User{BB82B41B-C03A-422D-9C2A-FFA1EEA4B795}D:\hry\battle of the immortals\battle of the immortals\battle of the immortals_en\launcher.exe" = protocol=6 | dir=in | app=d:\hry\battle of the immortals\battle of the immortals\battle of the immortals_en\launcher.exe |
"TCP Query User{D70A9DE8-53B1-424A-B980-EF85C3A204DB}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{E2D5DCFF-4FC6-4DF7-A997-3FEB5A18AF1E}D:\hry\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\hry\world_of_tanks\worldoftanks.exe |
"TCP Query User{E88568F8-D576-4A17-B904-7DAB826987B4}D:\hry\world_of_warplanes\wowplauncher.exe" = protocol=6 | dir=in | app=d:\hry\world_of_warplanes\wowplauncher.exe |
"TCP Query User{EDB4A74B-0C6D-4C49-969D-946EFF72D028}D:\hry\borderlands goty\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=d:\hry\borderlands goty\gearbox software\borderlands\binaries\borderlands.exe |
"TCP Query User{F0397AAB-508E-4489-8B24-827B99A0D8FF}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{026D1BEB-7181-4CF8-A99F-C1C262480F05}D:\hry\borderlands goty\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=d:\hry\borderlands goty\gearbox software\borderlands\binaries\borderlands.exe |
"UDP Query User{29997C7F-AB3B-4BCB-9F83-7BA76B1A604D}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{37072DD0-DF5C-40CA-8473-765DA34888DF}D:\hry\world_of_warplanes\wowplauncher.exe" = protocol=17 | dir=in | app=d:\hry\world_of_warplanes\wowplauncher.exe |
"UDP Query User{39B10FDE-F395-49D7-977D-F8F8EF9C5EC7}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{5E700772-CBBE-4357-BA44-3A5944C32A7B}D:\hry\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=d:\hry\counter-strike 1.6\hl.exe |
"UDP Query User{691B23BF-A158-4178-A41A-81E23797093E}D:\hry\battle of the immortals\battle of the immortals\battle of the immortals_en\launcher.exe" = protocol=17 | dir=in | app=d:\hry\battle of the immortals\battle of the immortals\battle of the immortals_en\launcher.exe |
"UDP Query User{82949B5A-41B8-4992-8034-84708FD3675A}D:\hry\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\hry\world_of_tanks\worldoftanks.exe |
"UDP Query User{85292CE2-52DE-4DE2-BFD4-EB9CD5BBF496}D:\hry\operation flashpoint\operationflashpoint\operationflashpoint.exe" = protocol=17 | dir=in | app=d:\hry\operation flashpoint\operationflashpoint\operationflashpoint.exe |
"UDP Query User{AD550D30-3FD7-405B-9507-03D146DC68BB}D:\hry\gta 4\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\hry\gta 4\grand theft auto iv\gtaiv.exe |
"UDP Query User{C5B983C4-2E8F-4A2C-979C-325787C1F3DE}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{C908CADF-6C1D-4CE6-959E-C863CEFA1D2C}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{E389EE46-6C76-490D-A36E-A4008BF0BA2D}D:\hry\saints row the third\saintsrowthethird.exe" = protocol=17 | dir=in | app=d:\hry\saints row the third\saintsrowthethird.exe |
"UDP Query User{E4696AD1-3624-41B3-804B-FCC277BAB0FA}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{F0B7657F-8137-4CF5-923E-7A628DFC0A37}D:\hry\counter-strike 1.6\csko.exe" = protocol=17 | dir=in | app=d:\hry\counter-strike 1.6\csko.exe |
"UDP Query User{F1B53CDD-3D2A-4688-9E70-DD8ABCC2838C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{F8283F5A-597D-4CF6-A4DD-145732F813B2}D:\hry\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\hry\crysis 2\bin32\crysis2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{27726449-83B8-428D-92DE-101346C1E15C}" = Microsoft Security Client
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{1760F404-9A2B-4CD5-9A5C-7F9DCC627741}" = MechWarrior Online
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1" = World of Warplanes
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{477AB6F3-0907-4E90-ABC2-9525CC6AA356}" = Beowulf TM
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{652B48CA-165B-4671-9415-2B477B20CE82}_is1" = Emergency 4
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8B531332-0D5D-4B3B-A22C-8330DEA695A7}" = LogMeIn Hamachi
"{8D13EC59-1F8D-4988-8523-D5E8C2724C1D}" = Beowulf TM
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A035950F-15BA-41C0-9D8F-165FC0536012}" = Movie Maker
"{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}" = Fotogalerie
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) MUI
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DB93E2C2-851F-44B2-B09C-351D2C624AE1}" = Camtasia Studio 8
"{E0363CCC-3535-4BAA-9F2C-200F548675D6}" = TuneUp Utilities Language Pack (cs-CZ)
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18F981B-401C-4D90-BC57-D8903564D558}" = Windows Live UX Platform Language Pack
"{EB91007A-0110-42A6-B869-2709955A9B2A}" = Photo Common
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{ffbbd184-8eba-469f-bb26-ea4e1f6bfd4c}" = MechWarrior Online
"{Kniha prani}_is1" = Kniha přání v1.0
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALUpdate_is1" = ALTools Update
"ALZip_is1" = ALZip 8.51
"aTube Catcher" = aTube Catcher
"Counter-Strike: Source" = Counter-Strike: Source
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"GTA San Andreas_is1" = GTA San Andreas
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"LAME_is1" = LAME v3.99.3 (for Windows)
"LogMeIn Hamachi" = LogMeIn Hamachi
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Pivot Stickfigure Animator_is1" = Pivot Stickfigure Animator version 2.2.7
"PunkBusterSvc" = PunkBuster Services
"Saints Row The Third_is1" = Saints Row The Third
"SCANIA Truck Driving Simulator" = SCANIA Truck Driving Simulator 1.0.0
"SP_4e24eecb" = Search Assistant WebSearch 1.74
"spinogriz ladnoed" = spinogriz ladnoed
"Steam App 440" = Team Fortress 2
"TeamViewer 8" = TeamViewer 8
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"VW100 Connection Manager" = Odinstalovat U:fonův 3G mobilní internet
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2804951617-1283590814-551735116-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Counter-Strike 1.6_is1" = Counter-Strike 1.6 v42
"Hoolapp For Android" = Hoolapp For Android
"Pivot StickFigure Animator Packages" = Pivot StickFigure Animator Packages

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 24.7.2013 9:25:21 | Computer Name = mirek-pc | Source = WinMgmt | ID = 10
Description =

Error - 24.7.2013 9:28:38 | Computer Name = mirek-pc | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 24.7.2013 9:28:38 | Computer Name = mirek-pc | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 24.7.2013 9:28:38 | Computer Name = mirek-pc | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error - 24.7.2013 9:33:46 | Computer Name = mirek-pc | Source = WinMgmt | ID = 10
Description =

Error - 24.7.2013 9:37:56 | Computer Name = mirek-pc | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 24.7.2013 9:37:56 | Computer Name = mirek-pc | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 24.7.2013 9:37:56 | Computer Name = mirek-pc | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

[ System Events ]
Error - 24.7.2013 9:23:40 | Computer Name = mirek-pc | Source = Service Control Manager | ID = 7000
Description = Služba Mp3Tube Toolbar Updater Service neuspěla při spuštění v důsledku
následující chyby: %%2

Error - 24.7.2013 9:25:45 | Computer Name = mirek-pc | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 24.7.2013 9:25:45 | Computer Name = mirek-pc | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 24.7.2013 9:34:10 | Computer Name = mirek-pc | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 24.7.2013 9:34:10 | Computer Name = mirek-pc | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069


< End of report >

[vyosek]

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://seznam.cz/?clid=2
  IE - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\..\SearchScopes,DefaultScope =
  IE - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
  IE - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\..\SearchScopes\{25D7039D-DC01-4329-903E-549DEF259237}: "URL" = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
  IE - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\..\SearchScopes\{4D56C806-31FA-48A0-A611-B2AC03D52D12}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
  O4 - HKU\S-1-5-21-2804951617-1283590814-551735116-1000..\Run: [Hoolapp Android] C:\Users\Mirek\AppData\Roaming\HoolappForAndroid\Hoolapp.exe ()
  O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
  O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
  O1364bit: - gopher Prefix: missing
  O13 - gopher Prefix: missing
  O15 - HKU\S-1-5-21-2804951617-1283590814-551735116-1000\..Trusted Domains: localhost ([]http in Internet)
  O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
  O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
  O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
  O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - File not found
  O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  O33 - MountPoints2\{09564204-8c7e-11e2-91af-806e6f6e6963}\Shell - "" = AutoRun
  O33 - MountPoints2\{caeb315f-8d88-11e2-8763-00241ddeb629}\Shell - "" = AutoRun
  O33 - MountPoints2\F\Shell - "" = AutoRun
  [2013.07.24 14:59:54 | 000,560,934 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Mirek\Desktop\JRT.exe
  [2013.07.23 12:17:13 | 000,000,000 | ---- | C] () -- C:\Users\Mirek\regbcm
  [2013.05.21 18:45:15 | 000,071,680 | ---- | C] () -- C:\ProgramData\2D47.exe
  [2013.05.21 18:30:14 | 000,071,680 | ---- | C] () -- C:\ProgramData\706E.exe
  [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  [2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
  [1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
  [2013.07.24 15:11:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
  [2013.07.24 15:32:11 | 000,000,946 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  [2013.07.24 15:40:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  [2013.07.24 15:32:10 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\schedule!3036567561.job
  @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:BACB6B6C
  
  :reg
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "Hoolapp Android"=-
  "DAEMON Tools Lite"=-
  [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
  "SweetIM"=-
  "NtVdmSrv"=-
  
  :files
  C:\Windows\inf\
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Banny]

Tady je log.

All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-2804951617-1283590814-551735116-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Before| /E : value set successfully!
HKEY_USERS\S-1-5-21-2804951617-1283590814-551735116-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2804951617-1283590814-551735116-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2804951617-1283590814-551735116-1000\Software\Microsoft\Internet Explorer\SearchScopes\{25D7039D-DC01-4329-903E-549DEF259237}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25D7039D-DC01-4329-903E-549DEF259237}\ not found.
Registry key HKEY_USERS\S-1-5-21-2804951617-1283590814-551735116-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4D56C806-31FA-48A0-A611-B2AC03D52D12}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D56C806-31FA-48A0-A611-B2AC03D52D12}\ not found.
Registry value HKEY_USERS\S-1-5-21-2804951617-1283590814-551735116-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Hoolapp Android deleted successfully.
C:\Users\Mirek\AppData\Roaming\HoolappForAndroid\Hoolapp.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2804951617-1283590814-551735116-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{09564204-8c7e-11e2-91af-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09564204-8c7e-11e2-91af-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{caeb315f-8d88-11e2-8763-00241ddeb629}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{caeb315f-8d88-11e2-8763-00241ddeb629}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
C:\Users\Mirek\Desktop\JRT.exe moved successfully.
C:\Users\Mirek\regbcm moved successfully.
File C:\ProgramData\2D47.exe not found.
File C:\ProgramData\706E.exe not found.
C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4643.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP13ED.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4E7D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5FFA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEBB6.tmp folder deleted successfully.
C:\Windows\Installer\MSICE03.tmp- folder deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\schedule!3036567561.job moved successfully.
ADS C:\ProgramData\TEMP:BACB6B6C deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Hoolapp Android not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SweetIM not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\NtVdmSrv deleted successfully.
========== FILES ==========
C:\Windows\inf\wsearchidxpi\0409 folder moved successfully.
C:\Windows\inf\wsearchidxpi\0405 folder moved successfully.
C:\Windows\inf\wsearchidxpi\0000 folder moved successfully.
Folder move failed. C:\Windows\inf\wsearchidxpi scheduled to be moved on reboot.
C:\Windows\inf\WmiApRpl\0009 folder moved successfully.
C:\Windows\inf\WmiApRpl\0005 folder moved successfully.
C:\Windows\inf\WmiApRpl folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0816 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0804 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0416 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0404 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\001F folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\001D folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0019 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0015 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0014 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0013 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0012 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0011 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0010 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\000E folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\000D folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\000C folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\000B folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\000A folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0009 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0008 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0007 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0006 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0005 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0\0001 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 4.0.0.0 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 3.0.0.0\0405 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 3.0.0.0\0000 folder moved successfully.
C:\Windows\inf\Windows Workflow Foundation 3.0.0.0 folder moved successfully.
C:\Windows\inf\usbhub\0409 folder moved successfully.
C:\Windows\inf\usbhub\0405 folder moved successfully.
C:\Windows\inf\usbhub\0000 folder moved successfully.
Folder move failed. C:\Windows\inf\usbhub scheduled to be moved on reboot.
C:\Windows\inf\UGTHRSVC\0409 folder moved successfully.
C:\Windows\inf\UGTHRSVC\0405 folder moved successfully.
C:\Windows\inf\UGTHRSVC\0000 folder moved successfully.
Folder move failed. C:\Windows\inf\UGTHRSVC scheduled to be moved on reboot.
C:\Windows\inf\UGatherer\0409 folder moved successfully.
C:\Windows\inf\UGatherer\0405 folder moved successfully.
C:\Windows\inf\UGatherer\0000 folder moved successfully.
Folder move failed. C:\Windows\inf\UGatherer scheduled to be moved on reboot.
C:\Windows\inf\TermService\0405 folder moved successfully.
C:\Windows\inf\TermService\0000 folder moved successfully.
Folder move failed. C:\Windows\inf\TermService scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\TAPISRV\0405 scheduled to be moved on reboot.
C:\Windows\inf\TAPISRV\0000 folder moved successfully.
Folder move failed. C:\Windows\inf\TAPISRV scheduled to be moved on reboot.
C:\Windows\inf\SMSvcHost 4.0.0.0\0816 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\0804 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\0416 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\0404 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\001F folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\001D folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\0019 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\0015 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\0014 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\0013 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\0012 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\0011 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\0010 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\000E folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\000D folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\000C folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\000B folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\000A folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\0009 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\0008 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\0007 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\0006 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\0005 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0\0001 folder moved successfully.
C:\Windows\inf\SMSvcHost 4.0.0.0 folder moved successfully.
C:\Windows\inf\SMSvcHost 3.0.0.0\0405 folder moved successfully.
C:\Windows\inf\SMSvcHost 3.0.0.0\0000 folder moved successfully.
C:\Windows\inf\SMSvcHost 3.0.0.0 folder moved successfully.
C:\Windows\inf\ServiceModelService 3.0.0.0\0405 folder moved successfully.
C:\Windows\inf\ServiceModelService 3.0.0.0\0000 folder moved successfully.
C:\Windows\inf\ServiceModelService 3.0.0.0 folder moved successfully.
C:\Windows\inf\ServiceModelOperation 3.0.0.0\0405 folder moved successfully.
C:\Windows\inf\ServiceModelOperation 3.0.0.0\0000 folder moved successfully.
C:\Windows\inf\ServiceModelOperation 3.0.0.0 folder moved successfully.
C:\Windows\inf\ServiceModelEndpoint 3.0.0.0\0405 folder moved successfully.
C:\Windows\inf\ServiceModelEndpoint 3.0.0.0\0000 folder moved successfully.
C:\Windows\inf\ServiceModelEndpoint 3.0.0.0 folder moved successfully.
C:\Windows\inf\RemoteAccess\0409 folder moved successfully.
C:\Windows\inf\RemoteAccess\0405 folder moved successfully.
C:\Windows\inf\RemoteAccess\0000 folder moved successfully.
Folder move failed. C:\Windows\inf\RemoteAccess scheduled to be moved on reboot.
C:\Windows\inf\rdyboost\0405 folder moved successfully.
C:\Windows\inf\rdyboost\0000 folder moved successfully.
Folder move failed. C:\Windows\inf\rdyboost scheduled to be moved on reboot.
C:\Windows\inf\PNRPSvc\0409 folder moved successfully.
C:\Windows\inf\PNRPSvc\0405 folder moved successfully.
C:\Windows\inf\PNRPSvc\0000 folder moved successfully.
C:\Windows\inf\PNRPSvc folder moved successfully.
C:\Windows\inf\PERFLIB\0405 folder moved successfully.
C:\Windows\inf\PERFLIB\0000 folder moved successfully.
C:\Windows\inf\PERFLIB folder moved successfully.
C:\Windows\inf\Outlook\0009 folder moved successfully.
C:\Windows\inf\Outlook\0005 folder moved successfully.
C:\Windows\inf\Outlook folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0816 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0804 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0416 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0404 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\001F folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\001D folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0019 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0015 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0014 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0013 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0012 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0011 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0010 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\000E folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\000D folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\000C folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\000B folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\000A folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0009 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0008 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0007 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0006 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0005 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0\0001 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 4.0.0.0 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 3.0.0.0\0405 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 3.0.0.0\0000 folder moved successfully.
C:\Windows\inf\MSDTC Bridge 3.0.0.0 folder moved successfully.
C:\Windows\inf\MSDTC\0405 folder moved successfully.
C:\Windows\inf\MSDTC\0000 folder moved successfully.
Folder move failed. C:\Windows\inf\MSDTC scheduled to be moved on reboot.
C:\Windows\inf\msbaktw\bitstreams folder moved successfully.
C:\Windows\inf\msbaktw folder moved successfully.
C:\Windows\inf\ESENT\0405 folder moved successfully.
C:\Windows\inf\ESENT\0000 folder moved successfully.
Folder move failed. C:\Windows\inf\ESENT scheduled to be moved on reboot.
C:\Windows\inf\en-US folder moved successfully.
C:\Windows\inf\cs-CZ folder moved successfully.
C:\Windows\inf\BITS\0405 folder moved successfully.
C:\Windows\inf\BITS\0000 folder moved successfully.
Folder move failed. C:\Windows\inf\BITS scheduled to be moved on reboot.
C:\Windows\inf\aspnet_state\0816 folder moved successfully.
C:\Windows\inf\aspnet_state\0804 folder moved successfully.
C:\Windows\inf\aspnet_state\0416 folder moved successfully.
C:\Windows\inf\aspnet_state\0404 folder moved successfully.
C:\Windows\inf\aspnet_state\001F folder moved successfully.
C:\Windows\inf\aspnet_state\001D folder moved successfully.
C:\Windows\inf\aspnet_state\0019 folder moved successfully.
C:\Windows\inf\aspnet_state\0015 folder moved successfully.
C:\Windows\inf\aspnet_state\0014 folder moved successfully.
C:\Windows\inf\aspnet_state\0013 folder moved successfully.
C:\Windows\inf\aspnet_state\0012 folder moved successfully.
C:\Windows\inf\aspnet_state\0011 folder moved successfully.
C:\Windows\inf\aspnet_state\0010 folder moved successfully.
C:\Windows\inf\aspnet_state\000E folder moved successfully.
C:\Windows\inf\aspnet_state\000D folder moved successfully.
C:\Windows\inf\aspnet_state\000C folder moved successfully.
C:\Windows\inf\aspnet_state\000B folder moved successfully.
C:\Windows\inf\aspnet_state\000A folder moved successfully.
C:\Windows\inf\aspnet_state\0009 folder moved successfully.
C:\Windows\inf\aspnet_state\0008 folder moved successfully.
C:\Windows\inf\aspnet_state\0007 folder moved successfully.
C:\Windows\inf\aspnet_state\0006 folder moved successfully.
C:\Windows\inf\aspnet_state\0005 folder moved successfully.
C:\Windows\inf\aspnet_state\0001 folder moved successfully.
C:\Windows\inf\aspnet_state\0000 folder moved successfully.
C:\Windows\inf\aspnet_state folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0816 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0804 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0416 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0404 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\001F folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\001D folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0019 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0015 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0014 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0013 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0012 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0011 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0010 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\000E folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\000D folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\000C folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\000B folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\000A folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0009 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0008 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0007 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0006 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0005 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0001 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319\0000 folder moved successfully.
C:\Windows\inf\ASP.NET_4.0.30319 folder moved successfully.
C:\Windows\inf\ASP.NET\0816 folder moved successfully.
C:\Windows\inf\ASP.NET\0804 folder moved successfully.
C:\Windows\inf\ASP.NET\0416 folder moved successfully.
C:\Windows\inf\ASP.NET\0404 folder moved successfully.
C:\Windows\inf\ASP.NET\001F folder moved successfully.
C:\Windows\inf\ASP.NET\001D folder moved successfully.
C:\Windows\inf\ASP.NET\0019 folder moved successfully.
C:\Windows\inf\ASP.NET\0015 folder moved successfully.
C:\Windows\inf\ASP.NET\0014 folder moved successfully.
C:\Windows\inf\ASP.NET\0013 folder moved successfully.
C:\Windows\inf\ASP.NET\0012 folder moved successfully.
C:\Windows\inf\ASP.NET\0011 folder moved successfully.
C:\Windows\inf\ASP.NET\0010 folder moved successfully.
C:\Windows\inf\ASP.NET\000E folder moved successfully.
C:\Windows\inf\ASP.NET\000D folder moved successfully.
C:\Windows\inf\ASP.NET\000C folder moved successfully.
C:\Windows\inf\ASP.NET\000B folder moved successfully.
C:\Windows\inf\ASP.NET\000A folder moved successfully.
C:\Windows\inf\ASP.NET\0009 folder moved successfully.
C:\Windows\inf\ASP.NET\0008 folder moved successfully.
C:\Windows\inf\ASP.NET\0007 folder moved successfully.
C:\Windows\inf\ASP.NET\0006 folder moved successfully.
C:\Windows\inf\ASP.NET\0005 folder moved successfully.
C:\Windows\inf\ASP.NET\0001 folder moved successfully.
C:\Windows\inf\ASP.NET\0000 folder moved successfully.
C:\Windows\inf\ASP.NET folder moved successfully.
C:\Windows\inf\.NETFramework\0405 folder moved successfully.
C:\Windows\inf\.NETFramework\0000 folder moved successfully.
Folder move failed. C:\Windows\inf\.NETFramework scheduled to be moved on reboot.
C:\Windows\inf\.NET Memory Cache 4.0\0009 folder moved successfully.
C:\Windows\inf\.NET Memory Cache 4.0 folder moved successfully.
C:\Windows\inf\.NET Data Provider for SqlServer\0405 folder moved successfully.
C:\Windows\inf\.NET Data Provider for SqlServer\0000 folder moved successfully.
Folder move failed. C:\Windows\inf\.NET Data Provider for SqlServer scheduled to be moved on reboot.
C:\Windows\inf\.NET Data Provider for Oracle\0405 folder moved successfully.
C:\Windows\inf\.NET Data Provider for Oracle\0000 folder moved successfully.
Folder move failed. C:\Windows\inf\.NET Data Provider for Oracle scheduled to be moved on reboot.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0816 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0804 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0416 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0404 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\001F folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\001D folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0019 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0015 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0014 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0013 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0012 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0011 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0010 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\000E folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\000D folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\000C folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\000B folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\000A folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0009 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0008 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0007 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0006 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0005 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0004 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0\0001 folder moved successfully.
C:\Windows\inf\.NET CLR Networking 4.0.0.0 folder moved successfully.
C:\Windows\inf\.NET CLR Networking\0405 folder moved successfully.
C:\Windows\inf\.NET CLR Networking\0000 folder moved successfully.
Folder move failed. C:\Windows\inf\.NET CLR Networking scheduled to be moved on reboot.
C:\Windows\inf\.NET CLR Data\0405 folder moved successfully.
C:\Windows\inf\.NET CLR Data\0000 folder moved successfully.
Folder move failed. C:\Windows\inf\.NET CLR Data scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf scheduled to be moved on reboot.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: david
->Temp folder emptied: 35451 bytes
->Temporary Internet Files folder emptied: 128 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: hedev
->Temp folder emptied: 43164427 bytes

User: Mirek
->Temp folder emptied: 109280567 bytes
->Temporary Internet Files folder emptied: 307228064 bytes
->Java cache emptied: 180411 bytes
->Flash cache emptied: 4062 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1896953 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 950786 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 441,00 mb


[EMPTYFLASH]

User: All Users

User: david

User: Default

User: Default User

User: hedev

User: Mirek
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: david

User: Default

User: Default User

User: hedev

User: Mirek
->Java cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 07242013_162848

Files\Folders moved on Reboot...
Folder move failed. C:\Windows\inf\wsearchidxpi scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\usbhub scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\UGTHRSVC scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\UGatherer scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\TermService scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\TAPISRV\0405 scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\TAPISRV\0405 scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\TAPISRV scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\RemoteAccess scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\rdyboost scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\MSDTC scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\ESENT scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\BITS scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\.NETFramework scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\.NET Data Provider for SqlServer scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\.NET Data Provider for Oracle scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\.NET CLR Networking scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\.NET CLR Data scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\wsearchidxpi scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\usbhub scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\UGTHRSVC scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\UGatherer scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\TermService scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\TAPISRV\0405 scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\TAPISRV scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\RemoteAccess scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\rdyboost scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\MSDTC scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\ESENT scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\BITS scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\.NETFramework scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\.NET Data Provider for SqlServer scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\.NET Data Provider for Oracle scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\.NET CLR Networking scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf\.NET CLR Data scheduled to be moved on reboot.
Folder move failed. C:\Windows\inf scheduled to be moved on reboot.
C:\Users\Mirek\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Mirek\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[vyosek]

Jak se chova PC

[Banny]

Počítač se chová mnohem lépe, CPU se ve klidu drží na 1-10%, Akorát využití Ramek je stále vysoké. (30-50%) Dalo by se s tím něco dělat?

[vyosek]

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Dejte novy log z RSIT

[Banny]

Vše kromě TFC proběhlo v pořádku. Vše jsem udělal podle návodu, ale TFC na mě vyhodil pouze adresář
"Knihovny", neresetoval se pc, prostě jako bych tuto utilitu nepoužil. Tady je log z RSIT.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Mirek at 2013-07-24 18:20:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 60 GB (60%) free of 100 GB
Total RAM: 4087 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:20:41, on 24.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Vertex Wireless\VW100 Connection Manager\Connection Manager.exe
C:\Users\Mirek\Desktop\ccsetup403.exe
C:\Program Files\trend micro\Mirek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://seznam.cz/?clid=2
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A138DC2F-D34E-4478-A8E7-69C41286C375}: NameServer = 78.136.128.4 78.136.128.12
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7979 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
taskeng.exe {245F7564-CC88-43E2-8611-5C96AE5F92C6}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2220
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:2128
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\schtasks.exe" /create /tn "AdobeFlashPlayerUpdate" /ru "SYSTEM" /sc hourly /mo 1 /tr "C:\Windows\SysWOW64\FlashPlayerUpdateService.exe /w" /st 00:00:00
\??\C:\Windows\system32\conhost.exe "1715768446884519637-1414700700-267977397462991517-1566524077-977427111-620361804
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Windows\system32\schtasks.exe" /create /tn "AdobeFlashPlayerUpdate" /ru "SYSTEM" /sc hourly /mo 1 /tr "C:\Windows\SysWOW64\FlashPlayerUpdateService.exe /w" /st 00:00:00
\??\C:\Windows\system32\conhost.exe "-171114222-8619087353366139281531962442243481797443339366-676840015726018987
"C:\Program Files (x86)\Vertex Wireless\VW100 Connection Manager\Connection Manager.exe"
"C:\Users\Mirek\Desktop\ccsetup403.exe" /L=1029
C:\Windows\system32\msiexec.exe /V
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Mirek\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-05 551840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-05 209824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-19 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-19 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-07-24 18:20:38 ----D---- C:\rsit
2013-07-24 18:10:47 ----D---- C:\Program Files\CCleaner
2013-07-24 16:28:48 ----D---- C:\_OTL
2013-07-24 15:29:05 ----A---- C:\Windows\DeleteOnReboot.bat
2013-07-24 15:28:48 ----A---- C:\AdwCleaner[S1].txt
2013-07-24 15:16:54 ----A---- C:\AdwCleaner[R1].txt
2013-07-24 15:02:28 ----D---- C:\Windows\ERUNT
2013-07-24 14:16:18 ----D---- C:\Program Files\trend micro
2013-07-23 17:43:37 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-07-23 17:40:09 ----N---- C:\bootsqm.dat
2013-07-23 16:10:50 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2013-07-23 16:10:50 ----A---- C:\Windows\system32\TURegOpt.exe
2013-07-23 16:10:50 ----A---- C:\Windows\system32\authuitu.dll
2013-07-23 16:10:37 ----D---- C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-22 16:14:10 ----D---- C:\ProgramData\FarmFrenzy_Vikings
2013-07-19 10:18:29 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-07-19 10:18:26 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-07-19 10:18:26 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-07-19 10:18:26 ----A---- C:\Windows\SYSWOW64\java.exe
2013-07-19 10:18:20 ----D---- C:\Program Files (x86)\Java
2013-07-14 12:47:04 ----D---- C:\Windows\system32\MRT
2013-07-13 07:06:33 ----D---- C:\ProgramData\Farm Fishes
2013-07-12 01:39:11 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-07-12 01:39:10 ----A---- C:\Windows\system32\ieui.dll
2013-07-12 01:39:09 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-07-12 01:39:09 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-07-12 01:39:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-07-12 01:39:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-07-12 01:39:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-07-12 01:39:09 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-12 01:39:09 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-12 01:39:09 ----A---- C:\Windows\system32\iesetup.dll
2013-07-12 01:39:09 ----A---- C:\Windows\system32\iernonce.dll
2013-07-12 01:39:09 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-12 01:39:08 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-07-12 01:39:08 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-12 01:39:08 ----A---- C:\Windows\system32\iertutil.dll
2013-07-12 01:39:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-07-12 01:39:07 ----A---- C:\Windows\system32\jscript9.dll
2013-07-12 01:39:07 ----A---- C:\Windows\system32\jscript.dll
2013-07-12 01:39:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-07-12 01:39:06 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-07-12 01:39:05 ----A---- C:\Windows\system32\urlmon.dll
2013-07-12 01:39:04 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-07-12 01:39:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-07-12 01:39:04 ----A---- C:\Windows\system32\wininet.dll
2013-07-12 01:39:04 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-12 01:39:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-07-12 01:39:02 ----A---- C:\Windows\system32\ieframe.dll
2013-07-12 01:39:01 ----A---- C:\Windows\system32\mshtml.dll
2013-07-12 01:38:59 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-07-11 15:41:42 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-07-11 15:41:42 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-11 15:41:42 ----A---- C:\Windows\system32\qedit.dll
2013-07-11 15:41:41 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-07-11 15:41:23 ----A---- C:\Windows\system32\win32k.sys
2013-07-11 15:41:05 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-07-11 15:41:05 ----A---- C:\Windows\system32\DWrite.dll
2013-07-08 11:48:16 ----D---- C:\ProgramData\pwd
2013-07-04 08:53:23 ----D---- C:\ProgramData\Package Cache
2013-07-02 19:33:14 ----D---- C:\ProgramData\Meridian93
2013-07-02 19:05:21 ----D---- C:\Users\Mirek\AppData\Roaming\Meridian93
2013-06-30 17:20:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerUpdateService.exe
2013-06-27 07:25:39 ----D---- C:\Windows\Minidump
2013-06-26 13:41:48 ----D---- C:\Windows\system32\world_the_end
2013-06-26 13:41:48 ----D---- C:\Windows\system32\world_nether
2013-06-26 13:41:48 ----D---- C:\Windows\system32\world
2013-06-26 13:41:47 ----D---- C:\Windows\system32\plugins
2013-06-26 13:41:47 ----A---- C:\Windows\system32\white-list.txt
2013-06-26 13:41:47 ----A---- C:\Windows\system32\ops.txt
2013-06-26 13:41:47 ----A---- C:\Windows\system32\banned-players.txt
2013-06-26 13:41:47 ----A---- C:\Windows\system32\banned-ips.txt

======List of files/folders modified in the last 1 month======

2013-07-24 18:20:23 ----D---- C:\Users\Mirek\AppData\Roaming\Skype
2013-07-24 18:13:16 ----D---- C:\Users\Mirek\AppData\Roaming\DAEMON Tools Lite
2013-07-24 18:13:16 ----D---- C:\Program Files (x86)\PDFCreator
2013-07-24 18:13:12 ----D---- C:\Windows\ModemLogs
2013-07-24 18:13:12 ----D---- C:\Windows
2013-07-24 18:11:01 ----D---- C:\Windows\Temp
2013-07-24 18:10:52 ----D---- C:\Windows\system32\Tasks
2013-07-24 18:10:47 ----RD---- C:\Program Files
2013-07-24 18:04:55 ----D---- C:\Windows\system32\config
2013-07-24 17:53:44 ----D---- C:\Windows\System32
2013-07-24 17:53:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-24 17:49:10 ----D---- C:\ProgramData\NVIDIA
2013-07-24 16:38:21 ----D---- C:\Windows\inf
2013-07-24 16:28:56 ----D---- C:\Windows\system32\drivers\etc
2013-07-24 16:28:50 ----SHD---- C:\Windows\Installer
2013-07-24 16:28:50 ----D---- C:\Windows\Tasks
2013-07-24 16:28:48 ----D---- C:\Users\Mirek\AppData\Roaming\HoolappForAndroid
2013-07-24 15:43:03 ----HD---- C:\ProgramData
2013-07-24 15:42:18 ----SHD---- C:\System Volume Information
2013-07-24 15:42:18 ----D---- C:\Windows\system32\catroot2
2013-07-24 15:29:06 ----RD---- C:\Program Files (x86)
2013-07-24 15:29:06 ----D---- C:\Windows\SysWOW64
2013-07-24 11:00:55 ----SD---- C:\Users\Mirek\AppData\Roaming\Microsoft
2013-07-24 11:00:54 ----SD---- C:\ProgramData\Microsoft
2013-07-23 17:28:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-07-23 17:25:06 ----D---- C:\Program Files (x86)\Audacity
2013-07-23 17:19:59 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-23 17:19:57 ----D---- C:\Windows\Panther
2013-07-23 17:19:57 ----D---- C:\Windows\Logs
2013-07-23 17:19:57 ----D---- C:\Windows\debug
2013-07-23 15:55:24 ----D---- C:\Users\Mirek\AppData\Roaming\thejoyoffarming
2013-07-23 15:51:59 ----D---- C:\Windows\Prefetch
2013-07-22 16:13:43 ----AD---- C:\ProgramData\TEMP
2013-07-19 21:11:00 ----D---- C:\Windows\system32\catroot
2013-07-19 10:18:34 ----D---- C:\Program Files (x86)\Common Files
2013-07-19 10:18:21 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-07-19 10:18:21 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-07-19 09:56:11 ----D---- C:\Program Files\Microsoft Security Client
2013-07-19 09:56:03 ----D---- C:\Windows\system32\drivers
2013-07-19 09:56:02 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-07-19 09:18:30 ----D---- C:\Windows\system32\wfp
2013-07-19 09:18:30 ----D---- C:\Windows\system32\DriverStore
2013-07-19 09:18:29 ----D---- C:\Windows\system32\wbem
2013-07-19 09:18:29 ----D---- C:\Windows\system32\CodeIntegrity
2013-07-19 09:18:29 ----D---- C:\Windows\AppCompat
2013-07-19 09:18:27 ----D---- C:\Windows\registration
2013-07-19 09:17:26 ----D---- C:\Windows\system32\LogFiles
2013-07-14 13:23:51 ----D---- C:\Program Files (x86)\Sanny Builder 3
2013-07-14 12:54:47 ----D---- C:\ProgramData\Skype
2013-07-14 12:54:46 ----RD---- C:\Program Files (x86)\Skype
2013-07-12 12:20:25 ----RSD---- C:\Windows\assembly
2013-07-12 12:20:25 ----D---- C:\Windows\Microsoft.NET
2013-07-12 10:05:48 ----D---- C:\Windows\winsxs
2013-07-12 10:04:51 ----D---- C:\Program Files\Windows Defender
2013-07-12 10:04:51 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-12 10:04:51 ----D---- C:\Program Files (x86)\Internet Explorer
2013-07-12 10:04:50 ----D---- C:\Program Files\Internet Explorer
2013-07-12 10:04:48 ----D---- C:\Program Files\Windows Journal
2013-07-12 10:04:42 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-12 10:04:41 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 01:39:58 ----D---- C:\ProgramData\Microsoft Help
2013-07-08 23:03:01 ----D---- C:\Program Files (x86)\Mumble
2013-07-07 22:22:32 ----D---- C:\Users\Mirek\AppData\Roaming\Wargaming.net
2013-07-05 13:37:14 ----D---- C:\Windows\SYSWOW64\directx
2013-07-04 15:20:53 ----D---- C:\Users\Mirek\AppData\Roaming\.minecraft
2013-06-28 15:06:39 ----SHD---- C:\$Recycle.Bin
2013-06-28 15:06:34 ----RD---- C:\Users
2013-06-26 22:20:40 ----D---- C:\ProgramData\FarmFrenzy-PizzaParty
2013-06-26 20:28:21 ----D---- C:\Program Files (x86)\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-15 283200]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-11-16 11880]
R3 vwmfbus;Vertex Wireless Composite Device driver (WDM); C:\Windows\system32\DRIVERS\vwmfbus.sys [2009-11-11 127488]
R3 vwmfdiag;Vertex Wireless Diagnostic Monitor Port Driver (WDM); C:\Windows\system32\DRIVERS\vwmfdiag.sys [2009-11-11 128512]
R3 vwmfmdfl;~Vertex Wireless CDC Modem Filter~; C:\Windows\system32\DRIVERS\vwmfmdfl.sys [2009-11-11 18944]
R3 vwmfmdm;Vertex Wireless CDC Modem Driver; C:\Windows\system32\DRIVERS\vwmfmdm.sys [2009-11-11 161280]
R3 vwmfserd;Vertex Wireless Device Management Port Driver (WDM); C:\Windows\system32\DRIVERS\vwmfserd.sys [2009-11-11 128512]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28 163328]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-14 2466304]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2013-05-24 107832]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2013-01-31 2402080]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-19 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-05-24 66872]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-19 116648]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-07-10 559016]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-17 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------