VIRY.CZ

Dobrý den, mám problem nefunguju mi videa na youtube ostanu cierne, pocitac je spomaleny, mala som 15 virusov ale nedalo sa ich odstranit setky cez avast
v poslednej dobe sa mi spomalil aj internet neviem ci to neni tym velka latencia v hrach tu prikladam log:








Logfile of random's system information tool 1.09 (written by random/random)
Run by sabina at 2014-01-25 19:28:24
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 669 GB (70%) free of 954 GB
Total RAM: 8183 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:28:36, on 25. 1. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Users\sabina\AppData\Local\Skillbrains\lightshot\4.4.2.10\LightShot.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\uTorrent\utorrent.exe
C:\Program Files\trend micro\sabina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MSStp] C:\Windows\system32\msstp.vbe
O4 - HKLM\..\Run: [mncpoborSrv] C:\Windows\inf\mncpobor.vbe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Windows] "C:\Users\Public\Public Documents\Windows Movie Player\player.exe"
O4 - HKCU\..\Run: [LightShot] C:\Users\sabina\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10544 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Users\sabina\AppData\Local\Skillbrains\lightshot\4.4.2.10\LightShot.exe" Flags: uninsdeletevalue
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-057b8d48-8c54-4f53-84cd-835e20b0f1ac -SystemEventPortName:HostProcess-55aec349-3f87-4473-8dc8-681b96045e5d -IoCancelEventPortName:HostProcess-cfb911e0-e03a-4832-9dcb-ab14bd06ca15 -NonStateChangingEventPortName:HostProcess-1c802d4e-e7e2-4140-8094-186dc7f5a0ed -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:84bbf50b-f920-4590-bc1b-b19b02e305e5 -DeviceGroupId:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6104.0.1433870548\608581132" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,13,23,28 --gpu-vendor-id=0x10de --gpu-device-id=0x0f00 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1106 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_97/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="6104.7.859742863\2093917145" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll" --lang=sk --channel="6104.11.1598279083\317941428" /prefetch:-390060480
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\uTorrent\utorrent.exe" "C:\Users\sabina\Downloads\[CzT]Pripad_cislo_39_Case_39_2009_CZ_.torrent"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\sabina\Downloads\RSITx64 (1).exe"
"c:\Program Files\Microsoft Security Client\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey FCB5AB59-5D31-034B-D723-97C4C86594D0 -Reinvoke
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\avast! Emergency Update.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf15098763e5da.job
C:\Windows\tasks\HP Deskjet 2540 series.exe_{9359753B-1293-4862-8F1C-965A2C0FA47B}.job
C:\Windows\tasks\HPCustPartic.exe_{A40132D7-9979-4B6F-AE4E-E146CB00BA44}.job
C:\Windows\tasks\Toolbox.exe_{EAA267D5-C6E4-4E6A-A364-0DC9956F41B9}.job
C:\Windows\tasks\update-S-1-5-21-3477457955-4250271348-77972968-1000.job
C:\Windows\tasks\update-sys.job

=========Mozilla firefox=========

ProfilePath - C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\n04xg997.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-24 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23 1137784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-24 1138536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-24 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-24 1138536]
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23 1137784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows"=C:\Users\Public\Public Documents\Windows Movie Player\player.exe [2008-12-07 675840]
"AdobeBridge"= []
"LightShot"=C:\Users\sabina\AppData\Local\Skillbrains\lightshot\LightShot.exe [2013-09-27 226592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msgcqdSrv]
C:\Windows\inf\msgcqd.vbe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msloupdSrv]
C:\Windows\inf\msloupd.vbe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv]
C:\Windows\inf\ntvdm.vbe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-18 20587168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-05-04 630912]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []
"MSStp"=C:\Windows\system32\msstp.vbe []
"mncpoborSrv"=C:\Windows\inf\mncpobor.vbe [2014-01-13 1338]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-24 3764024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-01-25 19:28:24 ----D---- C:\rsit
2014-01-25 19:28:24 ----D---- C:\Program Files\trend micro
2014-01-24 17:39:38 ----A---- C:\Windows\system32\drivers\PCTBD64.sys
2014-01-24 17:39:34 ----A---- C:\Windows\BDTSupport.dll
2014-01-24 17:39:33 ----A---- C:\Windows\SGDetectionTool.dll
2014-01-24 17:39:32 ----A---- C:\Windows\PCTBDCore.dll
2014-01-24 17:39:31 ----A---- C:\Windows\PCTBDRes.dll
2014-01-24 17:37:28 ----D---- C:\Program Files (x86)\PC Tools
2014-01-24 17:32:14 ----A---- C:\Windows\system32\drivers\Cat.DB
2014-01-24 17:31:55 ----A---- C:\Windows\system32\drivers\PCTSD64.sys
2014-01-24 17:31:25 ----D---- C:\Users\sabina\AppData\Roaming\AVAST Software
2014-01-24 17:31:02 ----D---- C:\ProgramData\PC Tools
2014-01-24 17:30:59 ----D---- C:\Users\sabina\AppData\Roaming\TestApp
2014-01-24 17:30:58 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-01-24 17:30:58 ----A---- C:\Windows\system32\drivers\aswstm.sys
2014-01-24 17:30:56 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-01-24 17:30:56 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-01-24 17:30:56 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-01-24 17:30:56 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-01-24 17:30:55 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-01-24 17:30:53 ----A---- C:\Windows\system32\aswBoot.exe
2014-01-24 17:30:45 ----A---- C:\Windows\avastSS.scr
2014-01-24 17:30:09 ----D---- C:\Program Files\AVAST Software
2014-01-24 17:29:35 ----D---- C:\ProgramData\AVAST Software
2014-01-24 17:25:46 ----D---- C:\Program Files (x86)\Company
2014-01-24 17:25:07 ----D---- C:\Program Files (x86)\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod
2014-01-20 21:54:36 ----D---- C:\Users\sabina\AppData\Roaming\Origin
2014-01-20 21:53:06 ----D---- C:\ProgramData\Origin
2014-01-20 19:33:55 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-01-16 00:09:46 ----D---- C:\Program Files (x86)\HTC
2014-01-16 00:09:16 ----D---- C:\ProgramData\HTC
2014-01-16 00:09:15 ----D---- C:\Temp
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-01-15 11:45:19 ----A---- C:\Windows\system32\win32k.sys
2014-01-15 11:45:18 ----A---- C:\Windows\system32\drivers\netio.sys
2014-01-13 17:46:33 ----D---- C:\Program Files (x86)\Hewlett-Packard
2014-01-13 17:46:31 ----D---- C:\ProgramData\Visan
2014-01-13 17:46:31 ----D---- C:\ProgramData\HP Photo Creations
2014-01-13 17:46:31 ----D---- C:\Program Files (x86)\HP Photo Creations
2014-01-13 17:46:04 ----D---- C:\Users\sabina\AppData\Roaming\HpUpdate
2014-01-13 17:45:52 ----N---- C:\Windows\system32\HPDiscoPMC211.dll
2014-01-13 17:45:00 ----D---- C:\ProgramData\HP
2014-01-13 17:44:55 ----D---- C:\Program Files (x86)\HP
2014-01-13 17:44:02 ----D---- C:\Program Files\HP
2014-01-13 17:43:58 ----A---- C:\ProgramData\Ament.ini
2014-01-09 15:54:45 ----D---- C:\Program Files (x86)\R.G. Catalyst
2014-01-09 08:19:02 ----D---- C:\Program Files (x86)\Electronic Arts
2014-01-09 08:18:58 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2014-01-09 08:18:58 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-01-09 08:18:57 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2014-01-09 08:18:57 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2014-01-09 08:18:57 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-01-09 08:18:57 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-01-09 08:18:55 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2014-01-09 08:18:55 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2014-01-09 08:18:55 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-01-09 08:18:55 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-01-09 08:18:54 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2014-01-09 08:18:54 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2014-01-09 08:18:54 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-01-09 08:18:54 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-01-09 08:18:53 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2014-01-09 08:18:53 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-01-09 08:18:51 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2014-01-09 08:18:51 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2014-01-09 08:18:51 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-01-09 08:18:51 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-01-09 08:18:50 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2014-01-09 08:18:50 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2014-01-09 08:18:50 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-01-09 08:18:50 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-01-09 08:18:49 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2014-01-09 08:18:49 ----A---- C:\Windows\system32\d3dx9_34.dll
2014-01-09 08:18:48 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2014-01-09 08:18:48 ----A---- C:\Windows\system32\xinput1_3.dll
2014-01-09 08:18:47 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2014-01-09 08:18:47 ----A---- C:\Windows\system32\xactengine2_7.dll
2014-01-09 08:18:46 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2014-01-09 08:18:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2014-01-09 08:18:46 ----A---- C:\Windows\system32\d3dx10_33.dll
2014-01-09 08:18:46 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2014-01-09 08:18:45 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2014-01-09 08:18:45 ----A---- C:\Windows\system32\d3dx9_33.dll
2014-01-09 08:18:44 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2014-01-09 08:18:44 ----A---- C:\Windows\system32\xactengine2_6.dll
2014-01-09 08:18:43 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2014-01-09 08:18:43 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2014-01-09 08:18:43 ----A---- C:\Windows\system32\xactengine2_5.dll
2014-01-09 08:18:43 ----A---- C:\Windows\system32\d3dx10.dll
2014-01-09 08:18:42 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2014-01-09 08:18:42 ----A---- C:\Windows\system32\d3dx9_32.dll
2014-01-09 08:18:41 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2014-01-09 08:18:41 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2014-01-09 08:18:41 ----A---- C:\Windows\system32\xactengine2_4.dll
2014-01-09 08:18:41 ----A---- C:\Windows\system32\x3daudio1_1.dll
2014-01-09 08:18:40 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2014-01-09 08:18:40 ----A---- C:\Windows\system32\d3dx9_31.dll
2014-01-09 08:18:39 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2014-01-09 08:18:39 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2014-01-09 08:18:39 ----A---- C:\Windows\system32\xinput1_2.dll
2014-01-09 08:18:39 ----A---- C:\Windows\system32\xactengine2_3.dll
2014-01-09 08:18:38 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2014-01-09 08:18:38 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2014-01-09 08:18:38 ----A---- C:\Windows\system32\xinput1_1.dll
2014-01-09 08:18:38 ----A---- C:\Windows\system32\xactengine2_2.dll
2014-01-09 08:18:37 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2014-01-09 08:18:37 ----A---- C:\Windows\system32\xactengine2_1.dll
2014-01-09 08:18:29 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2014-01-09 08:18:29 ----A---- C:\Windows\system32\d3dx9_30.dll
2014-01-09 08:18:28 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2014-01-09 08:18:28 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2014-01-09 08:18:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2014-01-09 08:18:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2014-01-09 08:18:27 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2014-01-09 08:18:27 ----A---- C:\Windows\system32\d3dx9_29.dll
2014-01-09 08:18:26 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2014-01-09 08:18:26 ----A---- C:\Windows\system32\d3dx9_28.dll
2014-01-09 08:18:25 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2014-01-09 08:18:25 ----A---- C:\Windows\system32\d3dx9_27.dll
2014-01-09 08:18:24 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2014-01-09 08:18:24 ----A---- C:\Windows\system32\d3dx9_26.dll
2014-01-09 08:18:23 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2014-01-09 08:18:23 ----A---- C:\Windows\system32\d3dx9_25.dll
2014-01-09 08:18:22 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2014-01-09 08:18:22 ----A---- C:\Windows\system32\d3dx9_24.dll
2014-01-03 00:45:36 ----D---- C:\Program Files (x86)\Skillbrains
2013-12-30 17:03:17 ----D---- C:\Program Files (x86)\MSXML 4.0
2013-12-29 16:04:48 ----D---- C:\Windows\Watson
2013-12-29 16:04:48 ----D---- C:\Program Files (x86)\Microsoft Games
2013-12-23 19:55:45 ----D---- C:\Program Files (x86)\Mio
2013-12-14 23:46:16 ----D---- C:\Program Files (x86)\EA GAMES
2013-12-14 23:46:15 ----RA---- C:\Windows\SYSWOW64\vp6vfw.dll
2013-12-12 19:46:43 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-12 19:46:42 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-12 19:46:42 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-12 19:46:40 ----A---- C:\Windows\system32\wmp.dll
2013-12-12 19:44:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 19:44:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-12 19:44:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-12 19:44:58 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-12 19:44:58 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-12 19:44:58 ----A---- C:\Windows\system32\ieui.dll
2013-12-12 19:44:57 ----A---- C:\Windows\system32\iesetup.dll
2013-12-12 19:44:57 ----A---- C:\Windows\system32\iernonce.dll
2013-12-12 19:44:57 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-12 19:44:57 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-12 19:44:57 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-12 19:44:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-12 19:44:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-12 19:44:56 ----A---- C:\Windows\system32\mshtml.dll
2013-12-12 19:44:56 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-12 19:44:56 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-12 19:44:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-12 19:44:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-12 19:44:55 ----A---- C:\Windows\system32\iertutil.dll
2013-12-12 19:44:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-12 19:44:54 ----A---- C:\Windows\system32\wininet.dll
2013-12-12 19:44:54 ----A---- C:\Windows\system32\urlmon.dll
2013-12-12 19:44:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-12 19:44:53 ----A---- C:\Windows\system32\ieframe.dll
2013-12-12 19:44:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-12 19:44:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-12 19:44:51 ----A---- C:\Windows\system32\jscript9.dll
2013-12-12 19:17:01 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-12 19:17:01 ----A---- C:\Windows\system32\msieftp.dll
2013-12-12 19:17:00 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-12 19:17:00 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-12 19:17:00 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-12 19:17:00 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 19:16:58 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-12 19:16:58 ----A---- C:\Windows\system32\tzres.dll
2013-12-12 19:16:55 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-12 19:16:55 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-12 19:16:54 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-12 19:16:54 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-12 19:16:54 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-12 19:16:54 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 19:16:54 ----A---- C:\Windows\system32\scrrun.dll
2013-12-12 19:16:54 ----A---- C:\Windows\system32\cscript.exe
2013-12-01 01:33:29 ----D---- C:\ProgramData\LogMeIn
2013-11-24 19:03:56 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-11-24 19:00:13 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-11-24 19:00:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\url.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-11-24 19:00:10 ----A---- C:\Windows\system32\elshyph.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-11-24 19:00:08 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-11-24 19:00:08 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-11-24 19:00:08 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-11-24 19:00:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-24 19:00:08 ----A---- C:\Windows\system32\msrating.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\msls31.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\msfeedssync.exe
2013-11-24 19:00:08 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\jsIntl.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\wextract.exe
2013-11-24 19:00:07 ----A---- C:\Windows\system32\webcheck.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\vbscript.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\url.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\mshtmler.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\licmgr10.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\inseng.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\iexpress.exe
2013-11-24 19:00:07 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\iedkcs32.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\ieapfltr.dat
2013-11-24 19:00:07 ----A---- C:\Windows\system32\icardie.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\dxtrans.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\dxtmsft.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\pngfilt.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\occache.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\mshta.exe
2013-11-24 19:00:06 ----A---- C:\Windows\system32\jscript.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\imgutil.dll
2013-11-24 19:00:02 ----A---- C:\Windows\system32\iepeers.dll
2013-11-24 16:56:17 ----D---- C:\Program Files\CoreFTP
2013-11-23 18:22:54 ----D---- C:\Program Files\7-Zip
2013-11-14 18:53:11 ----D---- C:\Users\sabina\AppData\Roaming\AnvSoft
2013-11-14 18:52:52 ----D---- C:\Program Files (x86)\AnvSoft
2013-11-13 18:38:08 ----D---- C:\Users\sabina\AppData\Roaming\Apple Computer
2013-11-13 18:35:31 ----D---- C:\ProgramData\Apple Computer
2013-11-13 18:35:31 ----D---- C:\Program Files (x86)\QuickTime
2013-11-13 18:34:41 ----D---- C:\ProgramData\Apple
2013-11-13 18:18:49 ----D---- C:\Program Files (x86)\pazera-software
2013-11-12 21:35:32 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-11-12 21:35:32 ----A---- C:\Windows\system32\crypt32.dll
2013-11-12 21:35:30 ----A---- C:\Windows\system32\drivers\afd.sys
2013-11-12 21:35:29 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-12 21:35:29 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-11-12 21:35:29 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-11-12 21:35:29 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-12 21:35:29 ----A---- C:\Windows\system32\credui.dll
2013-11-12 21:35:29 ----A---- C:\Windows\system32\authui.dll
2013-11-12 21:35:25 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-11-12 21:35:25 ----A---- C:\Windows\system32\sspicli.dll
2013-11-12 21:35:25 ----A---- C:\Windows\system32\schannel.dll
2013-11-12 21:35:25 ----A---- C:\Windows\system32\lsasrv.dll
2013-11-12 21:35:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-11-12 21:35:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-11-12 21:35:25 ----A---- C:\Windows\system32\drivers\cng.sys
2013-11-12 21:35:24 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-11-12 21:35:24 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-11-12 21:35:24 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-11-12 21:35:24 ----A---- C:\Windows\system32\sspisrv.dll
2013-11-12 21:35:24 ----A---- C:\Windows\system32\secur32.dll
2013-11-12 21:35:24 ----A---- C:\Windows\system32\ncrypt.dll
2013-11-12 21:35:24 ----A---- C:\Windows\system32\lsass.exe
2013-11-12 21:35:23 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-11-12 21:35:23 ----A---- C:\Windows\system32\gdi32.dll
2013-11-12 21:35:22 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-11-12 21:35:22 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-11-12 21:35:22 ----A---- C:\Windows\system32\nshwfp.dll
2013-11-12 21:35:22 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-12 21:35:22 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-04 15:47:21 ----D---- C:\Users\sabina\AppData\Roaming\CoreFTP
2013-11-04 15:47:07 ----D---- C:\Program Files (x86)\CoreFTP
2013-11-04 14:30:57 ----D---- C:\Users\sabina\AppData\Roaming\Mozilla
2013-11-04 14:30:07 ----D---- C:\ProgramData\Mozilla
2013-11-04 14:30:07 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-04 14:29:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-11-02 16:24:41 ----D---- C:\ProgramData\FLEXnet
2013-11-02 15:23:33 ----D---- C:\Program Files\Adobe
2013-11-02 15:16:16 ----D---- C:\Windows\SYSWOW64\spool
2013-11-02 15:15:20 ----D---- C:\Program Files (x86)\Adobe Media Player
2013-11-02 15:10:21 ----D---- C:\ProgramData\Adobe
2013-11-02 15:09:59 ----D---- C:\Program Files (x86)\Adobe
2013-11-02 15:09:38 ----D---- C:\Program Files\Common Files\Macrovision Shared
2013-11-02 15:09:37 ----D---- C:\Program Files\Common Files\Adobe
2013-11-02 14:40:17 ----D---- C:\Users\sabina\AppData\Roaming\Notepad++
2013-11-02 14:40:04 ----D---- C:\Program Files (x86)\Notepad++
2013-10-26 16:58:40 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2013-10-26 16:58:40 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2013-10-26 16:58:40 ----A---- C:\Windows\system32\XAudio2_7.dll
2013-10-26 16:58:40 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2013-10-26 16:58:39 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2013-10-26 16:58:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2013-10-26 16:58:39 ----A---- C:\Windows\system32\xactengine3_7.dll
2013-10-26 16:58:39 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-10-26 16:58:38 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2013-10-26 16:58:38 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2013-10-26 16:58:38 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2013-10-26 16:58:38 ----A---- C:\Windows\system32\d3dx11_43.dll
2013-10-26 16:58:38 ----A---- C:\Windows\system32\d3dx10_43.dll
2013-10-26 16:58:38 ----A---- C:\Windows\system32\d3dcsx_43.dll
2013-10-26 16:58:37 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2013-10-26 16:58:37 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2013-10-26 16:58:37 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2013-10-26 16:58:37 ----A---- C:\Windows\system32\XAudio2_6.dll
2013-10-26 16:58:37 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2013-10-26 16:58:37 ----A---- C:\Windows\system32\D3DX9_43.dll
2013-10-26 16:58:36 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2013-10-26 16:58:36 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2013-10-26 16:58:36 ----A---- C:\Windows\system32\xactengine3_6.dll
2013-10-26 16:58:36 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2013-10-26 16:58:35 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2013-10-26 16:58:35 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2013-10-26 16:58:35 ----A---- C:\Windows\system32\XAudio2_5.dll
2013-10-26 16:58:35 ----A---- C:\Windows\system32\xactengine3_5.dll
2013-10-26 16:58:34 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2013-10-26 16:58:34 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2013-10-26 16:58:33 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2013-10-26 16:58:33 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2013-10-26 16:58:33 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2013-10-26 16:58:33 ----A---- C:\Windows\system32\d3dx11_42.dll
2013-10-26 16:58:33 ----A---- C:\Windows\system32\d3dx10_42.dll
2013-10-26 16:58:33 ----A---- C:\Windows\system32\d3dcsx_42.dll
2013-10-26 16:58:32 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2013-10-26 16:58:32 ----A---- C:\Windows\system32\D3DX9_42.dll
2013-10-26 16:58:20 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2013-10-26 16:58:20 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2013-10-26 16:58:20 ----A---- C:\Windows\system32\D3DX9_41.dll
2013-10-26 16:58:20 ----A---- C:\Windows\system32\d3dx10_41.dll
2013-10-26 16:58:20 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2013-10-26 16:58:19 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2013-10-26 16:58:19 ----A---- C:\Windows\system32\XAudio2_4.dll
2013-10-26 16:58:19 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2013-10-26 16:58:18 ----A---- C:\Windows\system32\xactengine3_4.dll
2013-10-26 16:58:18 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2013-10-26 16:58:17 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2013-10-26 16:58:17 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2013-10-26 16:58:17 ----A---- C:\Windows\system32\d3dx10_40.dll
2013-10-26 16:58:17 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2013-10-26 16:58:16 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2013-10-26 16:58:16 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2013-10-26 16:58:16 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2013-10-26 16:58:16 ----A---- C:\Windows\system32\XAudio2_3.dll
2013-10-26 16:58:16 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2013-10-26 16:58:16 ----A---- C:\Windows\system32\D3DX9_40.dll
2013-10-26 16:58:15 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2013-10-26 16:58:15 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2013-10-26 16:58:15 ----A---- C:\Windows\system32\xactengine3_3.dll
2013-10-26 16:58:15 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2013-10-26 16:58:14 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2013-10-26 16:58:14 ----A---- C:\Windows\system32\XAudio2_2.dll
2013-10-26 16:58:14 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2013-10-26 16:58:14 ----A---- C:\Windows\system32\xactengine3_2.dll
2013-10-26 16:58:13 ----A---- C:\Windows\system32\d3dx10_39.dll
2013-10-26 16:58:13 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2013-10-26 16:58:12 ----A---- C:\Windows\system32\D3DX9_39.dll
2013-10-26 16:48:22 ----D---- C:\Program Files (x86)\Ubisoft
2013-10-26 14:16:47 ----D---- C:\412988f1bbf86413bac1
2013-10-26 01:07:32 ----D---- C:\Program Files (x86)\Rockstar Games
2013-10-26 01:02:14 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2013-10-26 01:02:14 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2013-10-26 01:02:14 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2013-10-26 01:02:14 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2013-10-26 00:11:21 ----RHD---- C:\Users\sabina\AppData\Roaming\SecuROM

======List of files/folders modified in the last 3 months======

2014-01-25 19:28:24 ----RD---- C:\Program Files
2014-01-25 19:28:15 ----D---- C:\Windows\Temp
2014-01-25 19:28:11 ----D---- C:\Users\sabina\AppData\Roaming\uTorrent
2014-01-25 18:18:33 ----AD---- C:\ProgramData\TEMP
2014-01-25 18:18:28 ----D---- C:\Windows\system32\drivers
2014-01-25 18:13:46 ----D---- C:\ProgramData\PMB Files
2014-01-25 16:03:22 ----D---- C:\Users\sabina\AppData\Roaming\Winamp
2014-01-25 14:44:50 ----D---- C:\Windows\system32\LogFiles
2014-01-25 14:16:14 ----D---- C:\Windows\system32\config
2014-01-25 14:06:11 ----D---- C:\Windows\System32
2014-01-25 14:06:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-25 14:06:10 ----D---- C:\Windows\inf
2014-01-25 14:03:24 ----D---- C:\Windows
2014-01-25 14:01:32 ----D---- C:\ProgramData\NVIDIA
2014-01-24 17:37:33 ----SHD---- C:\Windows\Installer
2014-01-24 17:37:28 ----RD---- C:\Program Files (x86)
2014-01-24 17:32:14 ----SHD---- C:\System Volume Information
2014-01-24 17:31:52 ----D---- C:\Program Files (x86)\Common Files
2014-01-24 17:31:05 ----D---- C:\Windows\Tasks
2014-01-24 17:31:02 ----HD---- C:\ProgramData
2014-01-24 17:30:54 ----D---- C:\Windows\winsxs
2014-01-24 17:25:22 ----D---- C:\Windows\SysWOW64
2014-01-20 21:52:45 ----D---- C:\Users\sabina\AppData\Roaming\vlc
2014-01-19 21:27:00 ----D---- C:\Windows\system32\catroot2
2014-01-19 12:21:20 ----D---- C:\Program Files (x86)\Google
2014-01-19 08:33:29 ----N---- C:\Windows\system32\MpSigStub.exe
2014-01-19 01:01:43 ----D---- C:\Users\sabina\AppData\Roaming\DAEMON Tools Lite
2014-01-16 13:41:49 ----D---- C:\Windows\system32\DriverStore
2014-01-16 01:27:58 ----D---- C:\Windows\system32\catroot
2014-01-16 01:27:56 ----D---- C:\ProgramData\Microsoft Help
2014-01-15 11:41:45 ----D---- C:\Program Files (x86)\Internet Explorer
2014-01-14 12:39:32 ----D---- C:\Program Files (x86)\epson
2014-01-13 18:11:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-01-13 18:08:26 ----D---- C:\Windows\twain_32
2014-01-09 08:37:01 ----RSD---- C:\Windows\assembly
2013-12-31 00:19:21 ----D---- C:\Users\sabina\AppData\Roaming\Adobe
2013-12-29 16:04:55 ----RSD---- C:\Windows\Fonts
2013-12-29 15:43:18 ----D---- C:\Program Files (x86)\uTorrent
2013-12-24 01:47:14 ----D---- C:\Users\sabina\AppData\Roaming\Skype
2013-12-12 21:10:40 ----D---- C:\Windows\system32\NDF
2013-12-12 21:06:25 ----D---- C:\Program Files\Windows Media Player
2013-12-12 21:06:25 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-12 21:06:24 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-12-12 21:06:24 ----D---- C:\Windows\system32\sk-SK
2013-12-12 21:06:24 ----D---- C:\Program Files\Internet Explorer
2013-12-10 11:08:33 ----SHD---- C:\$Recycle.Bin
2013-12-06 10:05:54 ----SD---- C:\Users\sabina\AppData\Roaming\Microsoft
2013-12-01 01:35:13 ----D---- C:\Windows\Panther
2013-12-01 01:35:13 ----D---- C:\Windows\Logs
2013-12-01 01:00:03 ----D---- C:\ProgramData\Skype
2013-12-01 01:00:02 ----RD---- C:\Program Files (x86)\Skype
2013-11-24 21:59:21 ----D---- C:\Windows\SYSWOW64\wbem
2013-11-24 21:59:21 ----D---- C:\Windows\SYSWOW64\migration
2013-11-24 21:59:21 ----D---- C:\Windows\SYSWOW64\en-US
2013-11-24 21:59:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-11-24 21:59:20 ----D---- C:\Windows\system32\wbem
2013-11-24 21:59:20 ----D---- C:\Windows\system32\migration
2013-11-24 21:59:20 ----D---- C:\Windows\system32\en-US
2013-11-24 21:59:20 ----D---- C:\Windows\system32\cs-CZ
2013-11-24 21:59:20 ----D---- C:\Windows\PolicyDefinitions
2013-11-19 01:48:56 ----D---- C:\Program Files\Microsoft Security Client
2013-11-19 01:48:56 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-11-14 17:58:33 ----D---- C:\Program Files\Google
2013-11-14 17:52:31 ----D---- C:\Windows\SoftwareDistribution
2013-11-14 17:52:17 ----D---- C:\ProgramData\Google
2013-11-04 23:44:42 ----D---- C:\Windows\SYSWOW64\LogFiles
2013-11-04 14:42:48 ----SD---- C:\ProgramData\Microsoft
2013-11-02 16:24:46 ----D---- C:\Users\sabina\AppData\Roaming\NVIDIA
2013-11-02 15:17:49 ----D---- C:\Windows\SYSWOW64\drivers
2013-11-02 15:09:38 ----D---- C:\Program Files\Common Files
2013-10-27 21:37:21 ----D---- C:\Users\sabina\AppData\Roaming\Seznam.cz

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-01-24 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-24 207904]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-01-24 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-24 1034464]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-24 422216]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-17 283064]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-11-13 55936]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-24 78648]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
R3 PCTBD;PC Tools Browser Defender Driver; C:\Windows\System32\Drivers\PCTBD64.sys [2012-10-23 77144]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-01-13 56448]
R3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
R4 PCTCore;PCTools KDS; C:\Windows\system32\drivers\PCTCore64.sys []
R4 pctDS;PC Tools Data Store; C:\Windows\system32\drivers\pctDS64.sys []
R4 pctEFA;PC Tools Extended File Attributes; C:\Windows\system32\drivers\pctEFA64.sys []
R4 PCTSD;PC Tools Spyware Doctor Driver; C:\Windows\System32\Drivers\PCTSD64.sys [2012-11-01 253256]
S3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-01-24 79672]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-05-04 361984]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-24 50344]
R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-10-23 580728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-19 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-11-02 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-11-02 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-19 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-26 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-26 1255736]

-----------------EOF-----------------

Zdravim

Havet tam rozhodne je


V nouzovem rezimu udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2013.04.04.07

Windows 7 Service Pack 1 x64 NTFS (Núdzový režim)
Internet Explorer 11.0.9600.16476
sabina :: SABINA-PC [administrátor]

25. 1. 2014 21:26:38
MBAM-log-2014-01-25 (21-58-55).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 389284
Uplynutý čas: 30 min, 42 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows (Trojan.Agent) -> Dáta: "C:\Users\Public\Public Documents\Windows Movie Player\player.exe" -> Žiadna úloha nevykonaná.

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 3
C:\Program Files (x86)\Adobe\Adobe Photoshop CS4\Adobe_Photoshop_CS4.exe (Trojan.Agent.CK) -> Žiadna úloha nevykonaná.
C:\Users\sabina\Desktop\pc\PC.Optimizer.Pro.v6.1.8.6.Patch-CREC\pc.optimizer.pro.v6.x.x-patch.rar (PUP.Hacktool.Patcher) -> Žiadna úloha nevykonaná.
C:\Users\Public\Public Documents\Windows Movie Player\player.exe (Trojan.Agent) -> Žiadna úloha nevykonaná.

(koniec)

Vsechny nalezy nechte odstranit.



Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

nejde http://prntscr.com/2mktdx

Zkuste stahnout novy a spustit znovu. Kdyz to nepujde, pokracujte RogueKillerem


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

RogueKiller V8.8.3 [Jan 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : sabina [Práva Správcu]
Režim : Kontrola -- Dátum : 01/27/2014 15:30:24
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 1 ¤¤¤
[SUSP PATH] Lightshot.exe -- C:\Users\sabina\AppData\Local\Skillbrains\lightshot\4.4.2.10\LightShot.exe [7] -> ZASTAVENÉ [TermProc]

¤¤¤ Záznamy Registrov : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : LightShot (C:\Users\sabina\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue [7][x][x]) -> NÁJDENÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-3477457955-4250271348-77972968-1000\[...]\Run : LightShot (C:\Users\sabina\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue [7][x][x]) -> NÁJDENÉ
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NÁJDENÉ
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NÁJDENÉ
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NÁJDENÉ
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NÁJDENÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spustenie položky : 0 ¤¤¤

¤¤¤ webové prehliadače : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 csc3-2010-crl.verisign.com
127.0.0.1 ocsp.verisign.com
127.0.0.1 crl.verisign.com
127.0.0.1 download.dm.origin.com
127.0.0.1 secure.download.dm.origin.com
127.0.0.1 loginregistration.dm.origin.com
127.0.0.1 achievements.gameservices.ea.com
127.0.0.1 friends.dm.origin.com
127.0.0.1 avatar.dm.origin.com
127.0.0.1 ecommerce.dm.origin.com
127.0.0.1 static.cdn.ea.com
127.0.0.1 tealium.hs.llnwd.net
127.0.0.1 heartbeat.dm.origin.com
127.0.0.1 web.dm.origin.com
127.0.0.1 store.origin.com
127.0.0.1 ec2-54-243-231-82.compute-1.amazonaws.com
127.0.0.1 eaassets-a.akamaihd.net
127.0.0.1 ssl.resources.ea.com
127.0.0.1 akamai.cdn.ea.com
127.0.0.1 novafusion.ea.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD10EZEX-22RKKA0 ATA Device +++++
--- User ---
[MBR] 6691722b280ac59f63c8c39e1713a876
[BSP] 84a29e5c8b996dda98e9e5577ecdaef1 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953768 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[0]_S_01272014_153024.txt >>

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

RogueKiller V8.8.3 [Jan 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : sabina [Práva Správcu]
Režim : Odebrať -- Dátum : 01/27/2014 22:53:04
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 1 ¤¤¤
[SUSP PATH] Lightshot.exe -- C:\Users\sabina\AppData\Local\Skillbrains\lightshot\4.4.2.10\LightShot.exe [7] -> ZASTAVENÉ [TermProc]

¤¤¤ Záznamy Registrov : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : LightShot (C:\Users\sabina\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue [7][x][x]) -> VYMAZANÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-3477457955-4250271348-77972968-1000\[...]\Run : LightShot (C:\Users\sabina\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue [7][x][x]) -> [0x2] Systém nemôže nájsť zadaný súbor.
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRADENÉ (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NAHRADENÉ (1)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRADENÉ (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRADENÉ (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRADENÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRADENÉ (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spustenie položky : 0 ¤¤¤

¤¤¤ webové prehliadače : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 csc3-2010-crl.verisign.com
127.0.0.1 ocsp.verisign.com
127.0.0.1 crl.verisign.com
127.0.0.1 download.dm.origin.com
127.0.0.1 secure.download.dm.origin.com
127.0.0.1 loginregistration.dm.origin.com
127.0.0.1 achievements.gameservices.ea.com
127.0.0.1 friends.dm.origin.com
127.0.0.1 avatar.dm.origin.com
127.0.0.1 ecommerce.dm.origin.com
127.0.0.1 static.cdn.ea.com
127.0.0.1 tealium.hs.llnwd.net
127.0.0.1 heartbeat.dm.origin.com
127.0.0.1 web.dm.origin.com
127.0.0.1 store.origin.com
127.0.0.1 ec2-54-243-231-82.compute-1.amazonaws.com
127.0.0.1 eaassets-a.akamaihd.net
127.0.0.1 ssl.resources.ea.com
127.0.0.1 akamai.cdn.ea.com
127.0.0.1 novafusion.ea.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD10EZEX-22RKKA0 ATA Device +++++
--- User ---
[MBR] 6691722b280ac59f63c8c39e1713a876
[BSP] 84a29e5c8b996dda98e9e5577ecdaef1 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953768 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[0]_D_01272014_225304.txt >>
RKreport[0]_S_01272014_153024.txt;RKreport[0]_S_01272014_225225.txt









RogueKiller V8.8.3 [Jan 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : sabina [Práva Správcu]
Režim : Oprava HOSTS -- Dátum : 01/27/2014 22:53:49
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 1 ¤¤¤
[SUSP PATH] Lightshot.exe -- C:\Users\sabina\AppData\Local\Skillbrains\lightshot\4.4.2.10\LightShot.exe [7] -> ZASTAVENÉ [TermProc]

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 csc3-2010-crl.verisign.com
127.0.0.1 ocsp.verisign.com
127.0.0.1 crl.verisign.com
127.0.0.1 download.dm.origin.com
127.0.0.1 secure.download.dm.origin.com
127.0.0.1 loginregistration.dm.origin.com
127.0.0.1 achievements.gameservices.ea.com
127.0.0.1 friends.dm.origin.com
127.0.0.1 avatar.dm.origin.com
127.0.0.1 ecommerce.dm.origin.com
127.0.0.1 static.cdn.ea.com
127.0.0.1 tealium.hs.llnwd.net
127.0.0.1 heartbeat.dm.origin.com
127.0.0.1 web.dm.origin.com
127.0.0.1 store.origin.com
127.0.0.1 ec2-54-243-231-82.compute-1.amazonaws.com
127.0.0.1 eaassets-a.akamaihd.net
127.0.0.1 ssl.resources.ea.com
127.0.0.1 akamai.cdn.ea.com
127.0.0.1 novafusion.ea.com
[...]


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončené : << RKreport[0]_H_01272014_225349.txt >>
RKreport[0]_D_01272014_225304.txt;RKreport[0]_S_01272014_153024.txt;RKreport[0]_S_01272014_225225.txt

Dejte novy log z RSIT

a k tomu

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL logfile created on: 28. 1. 2014 17:52:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\sabina\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

7,99 Gb Total Physical Memory | 6,35 Gb Available Physical Memory | 79,48% Memory free
15,98 Gb Paging File | 14,08 Gb Available in Paging File | 88,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 757,63 Gb Free Space | 81,34% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 84,74 Mb Free Space | 84,75% Space Free | Partition Type: NTFS

Computer Name: SABINA-PC | User Name: sabina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/28 17:50:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sabina\Desktop\OTL.exe
PRC - [2014/01/24 17:30:41 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/24 17:30:41 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/01/23 06:57:02 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/01/18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/12/07 18:27:50 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012/10/23 17:40:06 | 000,580,728 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2009/06/14 04:07:58 | 000,287,536 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\utorrent.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/24 17:30:44 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/01/23 06:57:00 | 000,399,640 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppgooglenaclpluginchrome.dll
MOD - [2014/01/23 06:56:56 | 004,055,320 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
MOD - [2014/01/23 06:56:02 | 000,715,544 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libglesv2.dll
MOD - [2014/01/23 06:56:01 | 000,100,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libegl.dll
MOD - [2014/01/23 06:55:58 | 001,634,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
MOD - [2014/01/20 19:33:52 | 016,287,624 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/01/24 17:30:41 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/11/26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/02 15:09:38 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/05/04 14:40:36 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/02 15:09:28 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/10/26 02:53:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/02/25 23:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/01/18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/12/07 18:27:50 | 000,167,424 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012/10/23 17:40:06 | 000,580,728 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/01/24 17:31:18 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/01/24 17:30:46 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/01/24 17:30:46 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/01/24 17:30:46 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/01/24 17:30:46 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/01/24 17:30:46 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/01/24 17:30:46 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/10/17 15:28:00 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/12/07 18:27:50 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2012/10/23 17:40:32 | 000,077,144 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCTBD64.sys -- (PCTBD)
DRV:64bit: - [2012/04/18 18:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/16 06:42:00 | 000,676,968 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/01/13 21:05:55 | 000,056,448 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/11/13 13:31:16 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 76 E9 63 A7 07 A1 CE 01 [binary data]
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... KB_skSK550
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\SearchScopes\4FC19F7FF664411CBBCAA3FC5CA6E9E0: "URL" = http://www.google.com/search?q={searchT ... KB_skSK550
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/24 17:30:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\ [2014/01/24 17:39:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/11/04 14:31:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sabina\AppData\Roaming\mozilla\Extensions
[2013/11/04 14:29:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/04 14:29:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchT ... KB_skSK550
CHR - default_search_provider: suggest_url = ,
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Disabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Disabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
CHR - Extension: Dokumenty Google = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Skype Click to Call = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Pe\u0148a\u017Eenka Google = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/01/27 22:53:49 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs File not found
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [mncpoborSrv] C:\Windows\inf\mncpobor.vbe ()
O4 - HKLM..\Run: [MSStp] C:\Windows\SysWOW64\msstp.vbe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3477457955-4250271348-77972968-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3477457955-4250271348-77972968-1000..\Run: [Windows] C:\Users\Public\Public Documents\Windows Movie Player\player.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0633A4ED-B8AD-4751-85E4-4ACA2A19E5C2}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{26bb5e3d-3722-11e3-90cf-d43d7e277f36}\Shell - "" = AutoRun
O33 - MountPoints2\{26bb5e3d-3722-11e3-90cf-d43d7e277f36}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{55e94e70-4dfe-11e3-8fe5-d43d7e277f36}\Shell - "" = AutoRun
O33 - MountPoints2\{55e94e70-4dfe-11e3-8fe5-d43d7e277f36}\Shell\AutoRun\command - "" = G:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{a4227617-7eab-11e3-bf9c-d43d7e277f36}\Shell - "" = AutoRun
O33 - MountPoints2\{a4227617-7eab-11e3-bf9c-d43d7e277f36}\Shell\AutoRun\command - "" = G:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/28 17:52:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/28 17:50:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\sabina\Desktop\OTL.exe
[2014/01/27 18:00:02 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\klamar
[2014/01/27 15:28:50 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\RK_Quarantine
[2014/01/27 13:25:37 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\Nový priečinok (2)
[2014/01/25 22:44:02 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\zaloha
[2014/01/25 21:26:24 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\Malwarebytes
[2014/01/25 21:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/25 21:26:18 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/01/25 21:26:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/01/25 21:26:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/25 19:28:24 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/01/25 19:28:24 | 000,000,000 | ---D | C] -- C:\rsit
[2014/01/24 17:39:38 | 000,077,144 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTBD64.sys
[2014/01/24 17:39:33 | 000,150,648 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2014/01/24 17:39:32 | 002,280,568 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2014/01/24 17:39:31 | 001,690,744 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2014/01/24 17:37:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2014/01/24 17:31:55 | 000,253,256 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2014/01/24 17:31:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2014/01/24 17:31:25 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\AVAST Software
[2014/01/24 17:31:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/24 17:31:02 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2014/01/24 17:30:59 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\TestApp
[2014/01/24 17:30:58 | 000,079,672 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/01/24 17:30:56 | 001,034,464 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/01/24 17:30:56 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/01/24 17:30:56 | 000,078,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/01/24 17:30:55 | 000,092,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/01/24 17:30:53 | 000,334,136 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/01/24 17:30:45 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/24 17:30:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/01/24 17:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/24 17:25:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Company
[2014/01/24 17:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod
[2014/01/24 17:25:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod
[2014/01/23 16:54:01 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\telenovela
[2014/01/20 21:54:36 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\Origin
[2014/01/20 21:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2014/01/20 19:33:55 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/01/20 19:33:54 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/19 12:31:44 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\Carrie.2013.720p.BluRay.x264-SPARKS
[2014/01/19 12:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/01/16 00:09:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTC
[2014/01/16 00:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\HTC
[2014/01/16 00:09:15 | 000,000,000 | ---D | C] -- C:\Temp
[2014/01/15 11:45:20 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/01/15 11:45:20 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/01/15 11:45:18 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/01/13 17:46:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2014/01/13 17:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan
[2014/01/13 17:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2014/01/13 17:46:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP Photo Creations
[2014/01/13 17:46:04 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\HpUpdate
[2014/01/13 17:45:52 | 000,755,744 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\HPDiscoPMC211.dll
[2014/01/13 17:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2014/01/13 17:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2014/01/13 17:44:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2014/01/13 17:44:02 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014/01/13 17:43:26 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Local\HP
[2014/01/09 15:54:46 | 000,000,000 | ---D | C] -- C:\Users\sabina\Documents\Electronic Arts
[2014/01/09 15:54:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. Catalyst
[2014/01/09 08:19:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2014/01/09 08:18:58 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2014/01/09 08:18:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2014/01/09 08:18:57 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2014/01/09 08:18:57 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2014/01/09 08:18:57 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2014/01/09 08:18:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2014/01/09 08:18:55 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2014/01/09 08:18:55 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2014/01/09 08:18:55 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2014/01/09 08:18:55 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2014/01/09 08:18:54 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2014/01/09 08:18:54 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2014/01/09 08:18:54 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2014/01/09 08:18:54 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2014/01/09 08:18:53 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2014/01/09 08:18:53 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2014/01/09 08:18:51 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2014/01/09 08:18:51 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2014/01/09 08:18:51 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2014/01/09 08:18:51 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2014/01/09 08:18:50 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2014/01/09 08:18:50 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2014/01/09 08:18:50 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2014/01/09 08:18:50 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2014/01/09 08:18:49 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2014/01/09 08:18:49 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2014/01/09 08:18:48 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2014/01/09 08:18:48 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2014/01/09 08:18:47 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2014/01/09 08:18:47 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2014/01/09 08:18:46 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2014/01/09 08:18:46 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2014/01/09 08:18:46 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2014/01/09 08:18:46 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2014/01/09 08:18:45 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2014/01/09 08:18:45 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2014/01/09 08:18:44 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2014/01/09 08:18:44 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2014/01/09 08:18:43 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2014/01/09 08:18:43 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2014/01/09 08:18:43 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2014/01/09 08:18:43 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2014/01/09 08:18:42 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2014/01/09 08:18:42 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2014/01/09 08:18:41 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2014/01/09 08:18:41 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2014/01/09 08:18:41 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2014/01/09 08:18:41 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2014/01/09 08:18:40 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2014/01/09 08:18:40 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2014/01/09 08:18:39 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2014/01/09 08:18:39 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2014/01/09 08:18:39 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2014/01/09 08:18:39 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2014/01/09 08:18:38 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2014/01/09 08:18:38 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2014/01/09 08:18:38 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2014/01/09 08:18:38 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2014/01/09 08:18:37 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2014/01/09 08:18:37 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2014/01/09 08:18:29 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2014/01/09 08:18:29 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2014/01/09 08:18:28 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2014/01/09 08:18:28 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2014/01/09 08:18:28 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2014/01/09 08:18:28 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2014/01/09 08:18:27 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2014/01/09 08:18:27 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2014/01/09 08:18:26 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2014/01/09 08:18:26 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2014/01/09 08:18:25 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2014/01/09 08:18:25 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2014/01/09 08:18:24 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2014/01/09 08:18:24 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2014/01/09 08:18:23 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2014/01/09 08:18:23 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2014/01/09 08:18:22 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2014/01/09 08:18:22 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2014/01/08 23:37:33 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\sims
[2014/01/03 00:45:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Skillbrains
[2014/01/03 00:45:34 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
[2014/01/03 00:45:31 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Local\Skillbrains
[2014/01/03 00:45:11 | 002,727,456 | ---- | C] (Skillbrains ) -- C:\Users\sabina\Desktop\setup-lightshot.exe
[2014/01/02 03:33:23 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\slender man
[2013/12/30 17:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0

========== Files - Modified Within 30 Days ==========

[2014/01/28 17:50:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sabina\Desktop\OTL.exe
[2014/01/28 15:53:40 | 1537,034,240 | ---- | M] () -- C:\Users\sabina\Desktop\Lovci myšlenek.avi
[2014/01/28 14:31:13 | 000,015,311 | ---- | M] () -- C:\Users\sabina\Desktop\[CzT]Lovci_myslenek_Mindhunters_2004_.torrent
[2014/01/28 14:30:38 | 731,895,808 | ---- | M] () -- C:\Users\sabina\Desktop\Sexy party 1.avi
[2014/01/28 14:26:18 | 000,112,243 | ---- | M] () -- C:\Users\sabina\Desktop\[CzT]Sexy_party_1_Van_Wilder.torrent
[2014/01/28 14:24:55 | 781,099,008 | ---- | M] () -- C:\Users\sabina\Desktop\Nepřítel pod ochranou.avi
[2014/01/28 14:12:09 | 000,015,450 | ---- | M] () -- C:\Users\sabina\Desktop\[CzT]Nepritel_pod_ochranou_Safe_House_2012_.torrent
[2014/01/28 14:08:41 | 000,012,012 | ---- | M] () -- C:\Users\sabina\Desktop\[CzT]Far_Cry_2008_.torrent
[2014/01/28 13:02:00 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/28 13:02:00 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/28 12:59:20 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/28 12:58:23 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/28 12:58:23 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/28 12:58:23 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/28 12:55:30 | 000,000,860 | ---- | M] () -- C:\Users\sabina\rgmnr
[2014/01/28 12:53:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/28 12:53:51 | 2140,159,999 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/27 18:31:36 | 941,850,150 | ---- | M] () -- C:\Users\sabina\Desktop\Ve jménu Angela.avi
[2014/01/27 17:59:52 | 000,024,003 | ---- | M] () -- C:\Users\sabina\Desktop\[CzT]Klamari_Lie_to_me_1_serie_SK_.torrent
[2014/01/27 15:28:28 | 003,792,384 | ---- | M] () -- C:\Users\sabina\Desktop\RogueKiller (1).exe
[2014/01/27 15:22:48 | 003,792,384 | ---- | M] () -- C:\Users\sabina\Desktop\RogueKiller.exe
[2014/01/25 21:26:19 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/25 19:58:59 | 910,028,612 | ---- | M] () -- C:\Users\sabina\Desktop\Případ číslo 39.avi
[2014/01/25 14:09:06 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/24 17:32:24 | 002,015,705 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2014/01/24 17:31:18 | 000,079,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/01/24 17:31:05 | 000,000,350 | -H-- | M] () -- C:\Windows\tasks\avast! Emergency Update.job
[2014/01/24 17:30:46 | 001,034,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/01/24 17:30:46 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/01/24 17:30:46 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/01/24 17:30:46 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/01/24 17:30:46 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/01/24 17:30:46 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/01/24 17:30:46 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/01/24 17:30:45 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/20 19:33:55 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/01/20 19:33:54 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/19 12:28:08 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf15098763e5da.job
[2014/01/17 11:42:00 | 001,220,902 | ---- | M] () -- C:\Users\sabina\Desktop\komunitny_plan_socialnych_sluzieb_mesta_pe_2012_2022.pdf
[2014/01/17 00:14:44 | 000,227,597 | ---- | M] () -- C:\Users\sabina\Desktop\statnicove_otazky_bc (1).pdf
[2014/01/16 16:36:08 | 000,195,896 | ---- | M] () -- C:\Users\sabina\Desktop\Antrag_auf_Ausstellung_des_Formulares_E_106.pdf
[2014/01/16 13:42:56 | 003,031,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/15 00:51:13 | 035,322,222 | ---- | M] () -- C:\Users\sabina\Desktop\psdjosip.rar
[2014/01/14 13:20:29 | 000,418,788 | ---- | M] () -- C:\Users\sabina\Desktop\Vko prelozenie ziv..jpg
[2014/01/14 12:48:49 | 000,042,621 | ---- | M] () -- C:\Users\sabina\Desktop\Standortverlegung-Formular.pdf
[2014/01/14 12:43:14 | 000,183,959 | ---- | M] () -- C:\Users\sabina\Desktop\hela-SZ.zip
[2014/01/13 19:03:59 | 000,526,382 | ---- | M] () -- C:\Users\sabina\Desktop\Scan.jpg
[2014/01/13 17:49:48 | 000,000,764 | ---- | M] () -- C:\Windows\tasks\HP Deskjet 2540 series.exe_{9359753B-1293-4862-8F1C-965A2C0FA47B}.job
[2014/01/13 17:49:47 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HPCustPartic.exe_{A40132D7-9979-4B6F-AE4E-E146CB00BA44}.job
[2014/01/13 17:49:32 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\Toolbox.exe_{EAA267D5-C6E4-4E6A-A364-0DC9956F41B9}.job
[2014/01/13 17:46:31 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/01/13 17:45:51 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk
[2014/01/13 17:45:51 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 2540 series.lnk
[2014/01/13 17:43:58 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2014/01/13 10:25:54 | 000,001,418 | --S- | M] () -- C:\Windows\SysWow64\msstp.vbe
[2014/01/13 00:27:33 | 000,227,597 | ---- | M] () -- C:\Users\sabina\Desktop\statnicove_otazky_bc.pdf
[2014/01/03 02:06:20 | 1963,524,096 | ---- | M] () -- C:\Users\sabina\Desktop\Válka Bohů.avi
[2014/01/03 00:45:37 | 000,000,443 | ---- | M] () -- C:\Users\sabina\AppData\Local\UserProducts.xml
[2014/01/03 00:45:37 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-3477457955-4250271348-77972968-1000.job
[2014/01/03 00:45:36 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\update-sys.job
[2014/01/03 00:45:21 | 002,727,456 | ---- | M] (Skillbrains ) -- C:\Users\sabina\Desktop\setup-lightshot.exe
[2014/01/01 22:21:18 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/12/31 21:26:37 | 000,683,030 | ---- | M] () -- C:\Users\sabina\Desktop\IMAG0125.jpg
[2013/12/31 21:26:26 | 000,828,761 | ---- | M] () -- C:\Users\sabina\Desktop\IMAG0124.jpg

========== Files Created - No Company Name ==========

[2014/01/28 14:31:45 | 1537,034,240 | ---- | C] () -- C:\Users\sabina\Desktop\Lovci myšlenek.avi
[2014/01/28 14:31:12 | 000,015,311 | ---- | C] () -- C:\Users\sabina\Desktop\[CzT]Lovci_myslenek_Mindhunters_2004_.torrent
[2014/01/28 14:27:14 | 731,895,808 | ---- | C] () -- C:\Users\sabina\Desktop\Sexy party 1.avi
[2014/01/28 14:26:18 | 000,112,243 | ---- | C] () -- C:\Users\sabina\Desktop\[CzT]Sexy_party_1_Van_Wilder.torrent
[2014/01/28 14:12:13 | 781,099,008 | ---- | C] () -- C:\Users\sabina\Desktop\Nepřítel pod ochranou.avi
[2014/01/28 14:12:08 | 000,015,450 | ---- | C] () -- C:\Users\sabina\Desktop\[CzT]Nepritel_pod_ochranou_Safe_House_2012_.torrent
[2014/01/28 14:08:40 | 000,012,012 | ---- | C] () -- C:\Users\sabina\Desktop\[CzT]Far_Cry_2008_.torrent
[2014/01/27 17:59:52 | 000,024,003 | ---- | C] () -- C:\Users\sabina\Desktop\[CzT]Klamari_Lie_to_me_1_serie_SK_.torrent
[2014/01/27 15:28:26 | 003,792,384 | ---- | C] () -- C:\Users\sabina\Desktop\RogueKiller (1).exe
[2014/01/27 15:22:47 | 003,792,384 | ---- | C] () -- C:\Users\sabina\Desktop\RogueKiller.exe
[2014/01/27 13:27:38 | 000,828,761 | ---- | C] () -- C:\Users\sabina\Desktop\IMAG0124.jpg
[2014/01/27 13:27:38 | 000,683,030 | ---- | C] () -- C:\Users\sabina\Desktop\IMAG0125.jpg
[2014/01/25 21:26:19 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/25 19:25:15 | 910,028,612 | ---- | C] () -- C:\Users\sabina\Desktop\Případ číslo 39.avi
[2014/01/24 19:47:26 | 000,000,860 | ---- | C] () -- C:\Users\sabina\rgmnr
[2014/01/24 17:39:34 | 000,769,144 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2014/01/24 17:39:33 | 000,003,488 | ---- | C] () -- C:\Windows\UDB.zip
[2014/01/24 17:39:33 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2014/01/24 17:39:33 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2014/01/24 17:39:33 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2014/01/24 17:32:14 | 002,015,705 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2014/01/24 17:31:22 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/24 17:31:05 | 000,000,350 | -H-- | C] () -- C:\Windows\tasks\avast! Emergency Update.job
[2014/01/24 17:30:58 | 000,207,904 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/01/24 17:30:56 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/01/24 17:25:22 | 000,001,418 | --S- | C] () -- C:\Windows\SysWow64\msstp.vbe
[2014/01/23 21:29:17 | 941,850,150 | ---- | C] () -- C:\Users\sabina\Desktop\Ve jménu Angela.avi
[2014/01/19 12:28:08 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf15098763e5da.job
[2014/01/19 12:21:30 | 000,002,195 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/17 11:41:57 | 001,220,902 | ---- | C] () -- C:\Users\sabina\Desktop\komunitny_plan_socialnych_sluzieb_mesta_pe_2012_2022.pdf
[2014/01/17 00:14:44 | 000,227,597 | ---- | C] () -- C:\Users\sabina\Desktop\statnicove_otazky_bc (1).pdf
[2014/01/16 16:36:08 | 000,195,896 | ---- | C] () -- C:\Users\sabina\Desktop\Antrag_auf_Ausstellung_des_Formulares_E_106.pdf
[2014/01/15 00:50:47 | 035,322,222 | ---- | C] () -- C:\Users\sabina\Desktop\psdjosip.rar
[2014/01/14 13:19:59 | 000,418,788 | ---- | C] () -- C:\Users\sabina\Desktop\Vko prelozenie ziv..jpg
[2014/01/14 12:48:48 | 000,042,621 | ---- | C] () -- C:\Users\sabina\Desktop\Standortverlegung-Formular.pdf
[2014/01/14 12:43:11 | 000,183,959 | ---- | C] () -- C:\Users\sabina\Desktop\hela-SZ.zip
[2014/01/13 19:03:30 | 000,526,382 | ---- | C] () -- C:\Users\sabina\Desktop\Scan.jpg
[2014/01/13 17:49:48 | 000,000,764 | ---- | C] () -- C:\Windows\tasks\HP Deskjet 2540 series.exe_{9359753B-1293-4862-8F1C-965A2C0FA47B}.job
[2014/01/13 17:49:47 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\HPCustPartic.exe_{A40132D7-9979-4B6F-AE4E-E146CB00BA44}.job
[2014/01/13 17:49:32 | 000,000,286 | ---- | C] () -- C:\Windows\tasks\Toolbox.exe_{EAA267D5-C6E4-4E6A-A364-0DC9956F41B9}.job
[2014/01/13 17:46:31 | 000,001,991 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/01/13 17:45:51 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk
[2014/01/13 17:45:51 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 2540 series.lnk
[2014/01/13 17:43:58 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2014/01/13 00:27:32 | 000,227,597 | ---- | C] () -- C:\Users\sabina\Desktop\statnicove_otazky_bc.pdf
[2014/01/03 01:41:48 | 1963,524,096 | ---- | C] () -- C:\Users\sabina\Desktop\Válka Bohů.avi
[2014/01/03 00:45:37 | 000,000,443 | ---- | C] () -- C:\Users\sabina\AppData\Local\UserProducts.xml
[2014/01/03 00:45:37 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\update-S-1-5-21-3477457955-4250271348-77972968-1000.job
[2014/01/03 00:45:36 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\update-sys.job
[2013/09/18 15:40:56 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2013/09/18 15:40:55 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2013/09/18 15:40:55 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2013/09/18 15:40:55 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2013/09/18 15:40:55 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2013/09/18 15:40:55 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2013/09/18 15:40:55 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2013/09/18 15:40:55 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2013/09/18 15:40:55 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2013/09/18 15:40:55 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2013/09/18 15:40:55 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2013/09/18 15:40:55 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2013/09/18 15:40:55 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2013/09/18 15:40:54 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2013/09/18 15:40:54 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2013/09/18 15:40:54 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2013/09/18 15:40:54 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2013/09/18 15:40:54 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2013/09/18 15:40:54 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2013/09/18 15:22:29 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX6000EFDG.ini
[2013/09/09 12:09:23 | 000,000,000 | ---- | C] () -- C:\Users\sabina\regbcm
[2012/05/04 14:37:46 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/14 18:53:11 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\AnvSoft
[2014/01/24 17:31:25 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\AVAST Software
[2014/01/07 21:43:50 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\CoreFTP
[2014/01/19 01:01:43 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\DAEMON Tools Lite
[2013/08/25 15:01:31 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\LolClient
[2013/11/02 14:40:23 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Notepad++
[2013/08/24 21:52:43 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\OpenCandy
[2014/01/20 21:59:00 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Origin
[2013/08/25 13:47:07 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Riot Games
[2013/10/27 21:37:21 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Seznam.cz
[2014/01/24 17:30:59 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\TestApp
[2014/01/28 17:53:23 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 172 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:373E1720

< End of report >

OTL Extras logfile created on: 28. 1. 2014 17:52:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\sabina\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

7,99 Gb Total Physical Memory | 6,35 Gb Available Physical Memory | 79,48% Memory free
15,98 Gb Paging File | 14,08 Gb Available in Paging File | 88,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 757,63 Gb Free Space | 81,34% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 84,74 Mb Free Space | 84,75% Space Free | Partition Type: NTFS

Computer Name: SABINA-PC | User Name: sabina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3477457955-4250271348-77972968-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D08361E-C2BA-4112-B729-4A6DF60618A2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0E26857A-7A0B-45BD-B1CA-72E78F1D06EA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{22F6ABC0-7EEE-4211-B486-EBE70D6D8CF8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2312B656-1DBD-448E-A7C6-9EC1691D17D3}" = rport=445 | protocol=6 | dir=out | app=system |
"{24B40966-BABB-4E57-880E-6A7A46141655}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2C37DCB0-FF67-42CF-9044-D9C1A7306A73}" = lport=445 | protocol=6 | dir=in | app=system |
"{51921879-749E-4FAA-B496-6BFD1F28B83E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{60491ECA-8E23-488E-AAD8-ED7086856834}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{63F0F624-C9AA-4DB9-8A97-AC33C843B2FC}" = lport=139 | protocol=6 | dir=in | app=system |
"{6A058EBC-AD6C-4F96-85B8-4B89D829B50D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6A34E81B-B021-4C51-9864-14F8648D4014}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7201547A-133F-4981-A8B9-B564AAA37764}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{72FF75E8-5D97-47A4-8089-202FE45B1CBB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7DD74E37-AB38-4CD9-9EAB-FD7FC1034377}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{7F985FCF-6AD6-47DE-9758-EAED255A046A}" = lport=137 | protocol=17 | dir=in | app=system |
"{81B71B79-7632-492B-A18C-7977E7D22809}" = lport=138 | protocol=17 | dir=in | app=system |
"{963D0BC2-85B8-47CC-8521-7DE6703F7995}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B7C8F6B4-712E-4711-8BD7-92C3E253A717}" = rport=138 | protocol=17 | dir=out | app=system |
"{D75FE9F2-8515-435D-8E9E-81B7F384BCA7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D98BE89D-39BF-477C-BB00-ACC91DF2736F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DAD6F99D-BB0B-406A-90C6-4BA12DA908C9}" = rport=137 | protocol=17 | dir=out | app=system |
"{DD1D61E9-2175-43EF-93DB-9F662F531E30}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DF7B18A9-CB56-470A-961D-3B274661D05A}" = rport=139 | protocol=6 | dir=out | app=system |
"{E2A49E8C-FD23-45AC-B058-3982F9C51C31}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EA373DFC-FA11-4BF0-9FDC-55466900BEAC}" = lport=5357 | protocol=6 | dir=in | name=ws-eventing tcp port 5357 |
"{FB79479E-F80A-4EE4-A9FF-34FDFB3CED42}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006B59B3-AEEB-4D79-B4F2-8262C09B43CC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{06B67336-F0A3-47F0-966C-477D1DE67FBF}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{08FEAF81-57C3-4068-99B5-8A2F8D4F9A24}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{094F494F-BC4B-4590-B4B4-A47E5D933B50}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0C6BD942-19C9-4412-B1F9-4C1D7C0EE959}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1622A710-D94F-45D7-B6F8-DE9DC33BDB91}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1911524D-8D3E-417D-B671-215D444AE14F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1B7410A9-E91C-42B8-B4C9-96457D6F0703}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{20B1EA8B-CBA5-41ED-A1B3-42529D4CE5B3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2ABA5D5E-C7FC-42F8-B987-BCA9BB8A23AA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2D31E2D7-D782-41C9-8DD1-555A1A2D9BB0}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2E72CFEF-D9A6-4381-A7B9-1B57A638998D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{2EEC8D79-A326-481F-857E-4E765C6288F8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2F7E14BE-F122-4BA3-96D8-776AE8AAA9E3}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{33E848BB-8509-40A5-B754-D21DA7815AA5}" = protocol=6 | dir=out | app=system |
"{3AA9950E-5098-4D8C-99B5-A48DD3EAC0D4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{586B3451-4DC4-4AA4-AF9F-5CFD535EC157}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{5ECE08B4-61DE-417E-99E6-5D3ABC220117}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{65A9C3B5-5297-4E43-9B79-5A8BAC881EBD}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{69F679CB-1FE1-4932-B7CE-24800A66E250}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{72CB87E4-623B-431D-B260-F9629C1768FE}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{78726207-CB8C-4D76-9949-98E47EB9D86A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{8725077F-1059-4D87-823F-7D1E9774A5CF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{886BF4B8-3505-41C4-A248-611F976CD0E3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8EEAED15-2229-45FB-83C8-9A2DC1476E9B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{92CAA227-79E7-425C-8E02-FF9AD6D9CF78}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{94D3F4FE-CD49-4BC6-BC6B-C421213B8673}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9EE15287-67C1-45CB-9363-195B81F16B65}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A0DF63F5-EAA2-4D02-8F15-C8E289E06835}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of mythology\aomx.exe |
"{A5888AF1-47E8-4089-9C20-FDF49CFFBF3B}" = dir=in | app=c:\program files\hp\hp deskjet 2540 series\bin\devicesetup.exe |
"{A7005B7B-F71A-4B04-89F2-1FD9F1E09D9A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AA09F667-C59C-48EC-9839-35ABB5408A06}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{B14C9BD9-BA99-498B-B0DA-4B4895F5CA56}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{B7522A3C-6021-493F-8912-CA92EC959EA4}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{BDDF9651-597E-4099-8255-CFF3EF1809FB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C3FACC93-0102-499C-9009-BD8AD6822A71}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C5254E1F-C823-428F-8AD7-BA80AD6A7475}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C5C4C09D-2C78-44E3-B4E4-114346ACD074}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D787EA34-9F5B-4720-9C4A-C3AD8FBD3DC9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of mythology\aomx.exe |
"{DC3D00EF-313E-496D-BB57-001B0B17236F}" = dir=in | app=c:\program files\hp\hp deskjet 2540 series\bin\hpnetworkcommunicatorcom.exe |
"{EAC13712-52B6-4914-A155-265942DA2E1B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{FB98F415-133B-4A19-B8C9-4286723AB299}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FDEDFBFF-BF6D-4619-9BF1-4A6500967810}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{FE34E2FC-D0A5-4781-80E3-6B129AC60529}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"TCP Query User{17D4B22C-3E45-45C5-ACA8-C2CC952322A4}C:\program files (x86)\coreftp\coreftp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\coreftp\coreftp.exe |
"TCP Query User{59653D50-29E6-4251-B235-E40F8221177A}C:\program files (x86)\ubisoft\driver san francisco\driver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\driver san francisco\driver.exe |
"TCP Query User{5AB3A1E0-C64A-490D-96E5-430A97AEC220}C:\users\sabina\desktop\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\users\sabina\desktop\warcraft iii\war3.exe |
"TCP Query User{812F9BB6-94B1-40E0-A9C7-418FD0248919}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{914061F8-7E04-4C37-9BDD-DE4920C0DB9A}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{11287BB6-88DF-4309-9E28-717E1E8B49FE}C:\program files (x86)\ubisoft\driver san francisco\driver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\driver san francisco\driver.exe |
"UDP Query User{343022D4-06C3-42E6-81CB-B73EDD0C6494}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{4DDDA994-E877-446F-B8B0-AC3B42DDAB96}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{75F0CCBA-2D19-4B34-ABB5-DE92FC94AD00}C:\users\sabina\desktop\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\users\sabina\desktop\warcraft iii\war3.exe |
"UDP Query User{86AFC507-009A-4CFF-8231-694DEA8300F3}C:\program files (x86)\coreftp\coreftp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\coreftp\coreftp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2302D958-4F1E-469A-8A90-15C321320C71}" = Product Improvement Study for HP Deskjet 2540 series
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{975290F7-01EE-6256-484A-EDD705037432}" = ccc-utility64
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovládač 3D Vision 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision radič ovládača 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovládač zvuku HD 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BD1EFE20-246B-451F-B900-F1214324DF5F}" = HP Deskjet 2540 series Basic Device Software
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DD562794-C098-A1E5-66ED-10E8BD1C84C5}" = AMD Catalyst Install Manager
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
"{E94CF53A-B97F-DBCF-17F4-60AEECFC1A62}" = AMD Fuel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"EPSON Printer and Utilities" = EPSON Printer Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08208143-777D-4A06-BB54-71BF0AD1BB70}" = IPTInstaller
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0C7B34CC-3C7F-97F6-B989-1259B93E304F}" = CCC Help Turkish
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1D437FD2-BEBA-294A-14B0-73DF88537625}" = CCC Help Danish
"{225E3607-953C-EFCF-84C5-727EBE431CAB}" = CCC Help Greek
"{23BCF74C-00C6-0328-CA15-C8711DCCB5A5}_is1" = winrar 4.11 full cz 32bit version for Windows
"{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1" = lightshot-4.4.2.10
"{3567AA55-A730-4EFB-D419-C198EF9C3B51}" = CCC Help English
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EA29604-AB1F-00F7-AD0C-11FC133CE7C0}" = CCC Help Thai
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.6
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{443F2BDB-67B3-E0BF-0A8D-D1FC7A83FB1C}" = CCC Help Japanese
"{449DC4DE-157B-4CE5-685D-8A0ACCDAEE9F}" = CCC Help Chinese Standard
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{4539575D-C09D-4E71-B207-0F2D6BD74DA2}" = HP Deskjet 2540 series Help
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A85401C-71E6-5487-F1C0-598C10E22D3B}" = CCC Help Spanish
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{501E43C9-C95D-8E8D-8D12-AA5FEFBA09EC}" = CCC Help Swedish
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{6395030F-815F-0948-F166-73ECC57097E3}" = CCC Help Norwegian
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69C610F3-4DEC-44C5-D142-E69217E88448}" = CCC Help Russian
"{6A4945F7-5B9C-6DDA-A08A-048816260309}" = CCC Help German
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{777D5DD4-8BBC-EADA-B300-815B68F33D5F}" = CCC Help Finnish
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9243354A-3075-C91E-6E12-403D932B38E5}" = Catalyst Control Center InstallProxy
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D2DD563-E1DD-920B-6E64-C057D4F080EB}" = CCC Help Hungarian
"{9D6D7292-8EA9-B5DD-9C10-D5B2937CFD84}" = CCC Help Italian
"{A2804FE8-4101-48a0-AE1A-575B99014BF4}-Mio-7.30" = MioMore Desktop 7.30
"{A5B4707E-CFD3-A08F-ED69-C500D541EAEF}" = CCC Help Korean
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6700BBF-1153-FA04-FD0A-ADEF36C564E3}" = CCC Help Dutch
"{B6775E22-DBCC-1BA2-0416-CACE257BE884}_is1" = uTorrent CZ 1.8.3 version for Windows
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8E7A402-AB25-F1EC-C21A-7E95F2BBDDB0}" = CCC Help Czech
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D6116D91-A114-671F-D075-73B4154F7390}" = Catalyst Control Center
"{D87A50FE-11B3-3B70-77EB-E64570E82F9E}" = CCC Help French
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DF549E6D-193A-0EA3-7C90-F24B631CC2EB}" = CCC Help Portuguese
"{DF7ADC65-EBCE-97DA-4C8A-4F0BCF7C0E73}" = CCC Help Polish
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F0F34B75-C634-8714-D226-9259FC1A7E92}" = Catalyst Control Center Localization All
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F19AE52F-963E-F6B3-458D- 4C7D24043C6}_is1" = Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod version for Windows
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FC53A2BD-6B34-C6FB-C3F4-9D8DC7ED5C92}" = CCC Help Chinese Traditional
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"µTorrent CZ_is1" = µTorrent CZ 1.8.3 (build 15638)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Age of Mythology Expansion Pack 1.0" = Age of Mythology Gold
"Any Video Converter_is1" = Any Video Converter 5.0.9
"Avast" = avast! Free Antivirus
"bi_uninstaller" = Bundled software uninstaller
"Browser Defender_is1" = Browser Guard 4.0
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CoreFTP(x64)" = Core FTP LE (x64)
"DAEMON Tools Lite" = DAEMON Tools Lite
"Driver San Francisco" = Driver San Francisco
"Driver San Francisco 1.01" = Driver San Francisco 1.01
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESDX6000_CX5900 User's Guide" = ESDX6000_CX5900 User's Guide
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"League of Legends 3.0.1" = League of Legends
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verzia 1.75.0.1300
"Mozilla Firefox 25.0 (x86 sk)" = Mozilla Firefox 25.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod 1.00" = Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod 1.00
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"VLC media player" = VLC media player 2.0.7
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.11 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3477457955-4250271348-77972968-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.

< End of report >

OTL bylo spusteno bez toho textu. Takhle je log k nicemu. Ten text, ktery jste tam mela zkopirovat, mi vytahne informace, ktere potrebuji, abych to mohl procistit poradne. Tak to zkuste jeste jednou. Nebo to hazelo nejakou chybu?

http://prntscr.com/2ngbp0





Logfile of random's system information tool 1.09 (written by random/random)
Run by sabina at 2014-01-28 22:30:54
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 776 GB (81%) free of 954 GB
Total RAM: 8183 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:30:56, on 28. 1. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\uTorrent\utorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\sabina\Desktop\OTL.exe
C:\Users\sabina\AppData\Local\Skillbrains\lightshot\4.4.2.10\LightShot.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\sabina\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\sabina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MSStp] C:\Windows\system32\msstp.vbe
O4 - HKLM\..\Run: [mncpoborSrv] C:\Windows\inf\mncpobor.vbe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Windows] "C:\Users\Public\Public Documents\Windows Movie Player\player.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10496 bytes

======Scheduled tasks folder======

C:\Windows\tasks\avast! Emergency Update.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf15098763e5da.job
C:\Windows\tasks\HP Deskjet 2540 series.exe_{9359753B-1293-4862-8F1C-965A2C0FA47B}.job
C:\Windows\tasks\HPCustPartic.exe_{A40132D7-9979-4B6F-AE4E-E146CB00BA44}.job
C:\Windows\tasks\Toolbox.exe_{EAA267D5-C6E4-4E6A-A364-0DC9956F41B9}.job
C:\Windows\tasks\update-S-1-5-21-3477457955-4250271348-77972968-1000.job
C:\Windows\tasks\update-sys.job

=========Mozilla firefox=========

ProfilePath - C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\n04xg997.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{cb84136f-9c44-433a-9048-c5cd9df1dc16}"=C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23 1137784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-24 1138536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-24 1138536]
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23 1137784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-05-04 630912]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []
"MSStp"=C:\Windows\system32\msstp.vbe [2014-01-13 1418]
"mncpoborSrv"=C:\Windows\inf\mncpobor.vbe [2014-01-13 1338]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-24 3764024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows"=C:\Users\Public\Public Documents\Windows Movie Player\player.exe [2008-12-07 675840]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-01-28 22:30:54 ----D---- C:\Program Files (x86)\trend micro
2014-01-28 17:52:01 ----D---- C:\_OTL
2014-01-25 21:26:24 ----D---- C:\Users\sabina\AppData\Roaming\Malwarebytes
2014-01-25 21:26:18 ----D---- C:\ProgramData\Malwarebytes
2014-01-25 21:26:18 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-25 19:28:24 ----D---- C:\rsit
2014-01-24 17:39:34 ----A---- C:\Windows\BDTSupport.dll
2014-01-24 17:39:33 ----A---- C:\Windows\SGDetectionTool.dll
2014-01-24 17:39:32 ----A---- C:\Windows\PCTBDCore.dll
2014-01-24 17:39:31 ----A---- C:\Windows\PCTBDRes.dll
2014-01-24 17:37:28 ----D---- C:\Program Files (x86)\PC Tools
2014-01-24 17:31:52 ----D---- C:\Program Files (x86)\Common Files\PC Tools
2014-01-24 17:31:25 ----D---- C:\Users\sabina\AppData\Roaming\AVAST Software
2014-01-24 17:31:02 ----D---- C:\ProgramData\PC Tools
2014-01-24 17:30:59 ----D---- C:\Users\sabina\AppData\Roaming\TestApp
2014-01-24 17:30:45 ----A---- C:\Windows\avastSS.scr
2014-01-24 17:29:35 ----D---- C:\ProgramData\AVAST Software
2014-01-24 17:25:46 ----D---- C:\Program Files (x86)\Company
2014-01-24 17:25:07 ----D---- C:\Program Files (x86)\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod
2014-01-20 21:54:36 ----D---- C:\Users\sabina\AppData\Roaming\Origin
2014-01-20 21:53:06 ----D---- C:\ProgramData\Origin
2014-01-20 19:33:55 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-16 00:09:46 ----D---- C:\Program Files (x86)\HTC
2014-01-16 00:09:16 ----D---- C:\ProgramData\HTC
2014-01-16 00:09:15 ----D---- C:\Temp
2014-01-13 17:46:33 ----D---- C:\Program Files (x86)\Hewlett-Packard
2014-01-13 17:46:31 ----D---- C:\ProgramData\Visan
2014-01-13 17:46:31 ----D---- C:\ProgramData\HP Photo Creations
2014-01-13 17:46:31 ----D---- C:\Program Files (x86)\HP Photo Creations
2014-01-13 17:46:04 ----D---- C:\Users\sabina\AppData\Roaming\HpUpdate
2014-01-13 17:45:00 ----D---- C:\ProgramData\HP
2014-01-13 17:44:55 ----D---- C:\Program Files (x86)\HP
2014-01-13 17:43:58 ----A---- C:\ProgramData\Ament.ini
2014-01-09 15:54:45 ----D---- C:\Program Files (x86)\R.G. Catalyst
2014-01-09 08:19:02 ----D---- C:\Program Files (x86)\Electronic Arts
2014-01-09 08:18:58 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2014-01-09 08:18:57 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2014-01-09 08:18:57 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-01-09 08:18:55 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2014-01-09 08:18:55 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2014-01-09 08:18:54 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2014-01-09 08:18:54 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-01-09 08:18:53 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2014-01-09 08:18:51 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2014-01-09 08:18:51 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-01-09 08:18:50 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2014-01-09 08:18:50 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-01-09 08:18:49 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2014-01-09 08:18:48 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2014-01-09 08:18:47 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2014-01-09 08:18:46 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2014-01-09 08:18:46 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-01-09 08:18:45 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2014-01-09 08:18:44 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2014-01-09 08:18:43 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2014-01-09 08:18:43 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2014-01-09 08:18:42 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll
2014-01-09 08:18:41 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2014-01-09 08:18:41 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2014-01-09 08:18:40 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2014-01-09 08:18:39 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2014-01-09 08:18:39 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2014-01-09 08:18:38 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2014-01-09 08:18:38 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2014-01-09 08:18:37 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2014-01-09 08:18:29 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2014-01-09 08:18:28 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2014-01-09 08:18:28 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2014-01-09 08:18:27 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2014-01-09 08:18:26 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2014-01-09 08:18:25 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2014-01-09 08:18:24 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2014-01-09 08:18:23 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2014-01-09 08:18:22 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2014-01-03 00:45:36 ----D---- C:\Program Files (x86)\Skillbrains
2013-12-30 17:03:17 ----D---- C:\Program Files (x86)\MSXML 4.0
2013-12-29 16:04:48 ----D---- C:\Windows\Watson
2013-12-29 16:04:48 ----D---- C:\Program Files (x86)\Microsoft Games
2013-12-23 19:55:45 ----D---- C:\Program Files (x86)\Mio
2013-12-14 23:46:16 ----D---- C:\Program Files (x86)\EA GAMES
2013-12-14 23:46:15 ----RA---- C:\Windows\SysWOW64\vp6vfw.dll
2013-12-12 19:46:42 ----A---- C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 19:46:42 ----A---- C:\Windows\SysWOW64\wmp.dll
2013-12-12 19:44:58 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 19:44:58 ----A---- C:\Windows\SysWOW64\ieui.dll
2013-12-12 19:44:56 ----A---- C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 19:44:56 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 19:44:55 ----A---- C:\Windows\SysWOW64\wininet.dll
2013-12-12 19:44:55 ----A---- C:\Windows\SysWOW64\iertutil.dll
2013-12-12 19:44:54 ----A---- C:\Windows\SysWOW64\urlmon.dll
2013-12-12 19:44:53 ----A---- C:\Windows\SysWOW64\ieframe.dll
2013-12-12 19:44:52 ----A---- C:\Windows\SysWOW64\mshtml.dll
2013-12-12 19:44:51 ----A---- C:\Windows\SysWOW64\jscript9.dll
2013-12-12 19:17:01 ----A---- C:\Windows\SysWOW64\msieftp.dll
2013-12-12 19:17:00 ----A---- C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 19:17:00 ----A---- C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 19:16:58 ----A---- C:\Windows\SysWOW64\tzres.dll
2013-12-12 19:16:54 ----A---- C:\Windows\SysWOW64\wscript.exe
2013-12-12 19:16:54 ----A---- C:\Windows\SysWOW64\scrrun.dll
2013-12-12 19:16:54 ----A---- C:\Windows\SysWOW64\cscript.exe
2013-12-01 01:33:29 ----D---- C:\ProgramData\LogMeIn
2013-11-24 19:00:13 ----A---- C:\Windows\SysWOW64\elshyph.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SysWOW64\url.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-24 19:00:10 ----A---- C:\Windows\SysWOW64\msrating.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SysWOW64\msls31.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SysWOW64\jsIntl.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SysWOW64\ieapfltr.dat
2013-11-24 19:00:10 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\wextract.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\webcheck.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\vbscript.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\pngfilt.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\occache.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\mshta.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\jscript.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\inseng.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\imgutil.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\iexpress.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\iesetup.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\iernonce.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\iepeers.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SysWOW64\icardie.dll
2013-11-24 19:00:08 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-24 19:00:08 ----A---- C:\Windows\SysWOW64\mshtmler.dll
2013-11-24 19:00:08 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2013-11-14 18:53:11 ----D---- C:\Users\sabina\AppData\Roaming\AnvSoft
2013-11-14 18:52:52 ----D---- C:\Program Files (x86)\AnvSoft
2013-11-13 18:38:08 ----D---- C:\Users\sabina\AppData\Roaming\Apple Computer
2013-11-13 18:35:31 ----D---- C:\ProgramData\Apple Computer
2013-11-13 18:35:31 ----D---- C:\Program Files (x86)\QuickTime
2013-11-13 18:34:51 ----D---- C:\Program Files (x86)\Common Files\Apple
2013-11-13 18:34:41 ----D---- C:\ProgramData\Apple
2013-11-13 18:18:49 ----D---- C:\Program Files (x86)\pazera-software
2013-11-12 21:35:32 ----A---- C:\Windows\SysWOW64\crypt32.dll
2013-11-12 21:35:29 ----A---- C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-12 21:35:29 ----A---- C:\Windows\SysWOW64\credui.dll
2013-11-12 21:35:29 ----A---- C:\Windows\SysWOW64\authui.dll
2013-11-12 21:35:25 ----A---- C:\Windows\SysWOW64\schannel.dll
2013-11-12 21:35:24 ----A---- C:\Windows\SysWOW64\sspicli.dll
2013-11-12 21:35:24 ----A---- C:\Windows\SysWOW64\secur32.dll
2013-11-12 21:35:24 ----A---- C:\Windows\SysWOW64\ncrypt.dll
2013-11-12 21:35:23 ----A---- C:\Windows\SysWOW64\gdi32.dll
2013-11-12 21:35:22 ----A---- C:\Windows\SysWOW64\nshwfp.dll
2013-11-12 21:35:22 ----A---- C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-04 15:47:21 ----D---- C:\Users\sabina\AppData\Roaming\CoreFTP
2013-11-04 15:47:07 ----D---- C:\Program Files (x86)\CoreFTP
2013-11-04 14:30:57 ----D---- C:\Users\sabina\AppData\Roaming\Mozilla
2013-11-04 14:30:07 ----D---- C:\ProgramData\Mozilla
2013-11-04 14:30:07 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-04 14:29:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-11-02 16:24:41 ----D---- C:\ProgramData\FLEXnet
2013-11-02 15:16:16 ----D---- C:\Windows\SysWOW64\spool
2013-11-02 15:15:20 ----D---- C:\Program Files (x86)\Adobe Media Player
2013-11-02 15:11:58 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2013-11-02 15:10:21 ----D---- C:\ProgramData\Adobe
2013-11-02 15:09:59 ----D---- C:\Program Files (x86)\Adobe
2013-11-02 15:09:27 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared
2013-11-02 15:05:23 ----D---- C:\Program Files (x86)\Common Files\Adobe
2013-11-02 14:40:17 ----D---- C:\Users\sabina\AppData\Roaming\Notepad++
2013-11-02 14:40:04 ----D---- C:\Program Files (x86)\Notepad++

======List of files/folders modified in the last 3 months======

2014-01-28 22:30:54 ----RD---- C:\Program Files (x86)
2014-01-28 22:30:47 ----D---- C:\Windows\Temp
2014-01-28 22:26:15 ----D---- C:\Users\sabina\AppData\Roaming\uTorrent
2014-01-28 21:59:00 ----SHD---- C:\System Volume Information
2014-01-28 19:40:42 ----D---- C:\ProgramData\PMB Files
2014-01-28 13:04:02 ----AD---- C:\ProgramData\TEMP
2014-01-28 13:04:01 ----D---- C:\Windows
2014-01-28 12:58:23 ----D---- C:\Windows\System32
2014-01-28 12:58:23 ----D---- C:\Windows\inf
2014-01-28 12:53:54 ----D---- C:\ProgramData\NVIDIA
2014-01-27 15:46:14 ----D---- C:\Users\sabina\AppData\Roaming\Winamp
2014-01-25 21:26:18 ----HD---- C:\ProgramData
2014-01-25 19:28:24 ----RD---- C:\Program Files
2014-01-24 17:37:33 ----SHD---- C:\Windows\Installer
2014-01-24 17:31:52 ----D---- C:\Program Files (x86)\Common Files
2014-01-24 17:31:05 ----D---- C:\Windows\Tasks
2014-01-24 17:30:54 ----D---- C:\Windows\winsxs
2014-01-24 17:25:22 ----D---- C:\Windows\SysWOW64
2014-01-24 15:17:56 ----D---- C:\412988f1bbf86413bac1
2014-01-20 21:52:45 ----D---- C:\Users\sabina\AppData\Roaming\vlc
2014-01-19 12:21:20 ----D---- C:\Program Files (x86)\Google
2014-01-19 01:01:43 ----D---- C:\Users\sabina\AppData\Roaming\DAEMON Tools Lite
2014-01-16 01:27:56 ----D---- C:\ProgramData\Microsoft Help
2014-01-15 11:41:45 ----D---- C:\Program Files (x86)\Internet Explorer
2014-01-14 12:39:32 ----D---- C:\Program Files (x86)\epson
2014-01-13 18:11:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-01-13 18:08:26 ----D---- C:\Windows\twain_32
2014-01-09 08:37:01 ----RSD---- C:\Windows\assembly
2014-01-07 21:34:08 ----D---- C:\Program Files (x86)\Rockstar Games
2013-12-31 00:19:21 ----D---- C:\Users\sabina\AppData\Roaming\Adobe
2013-12-29 16:04:55 ----RSD---- C:\Windows\Fonts
2013-12-29 15:43:18 ----D---- C:\Program Files (x86)\uTorrent
2013-12-24 01:47:14 ----D---- C:\Users\sabina\AppData\Roaming\Skype
2013-12-12 21:06:25 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-12 21:06:24 ----D---- C:\Windows\SysWOW64\sk-SK
2013-12-10 11:08:33 ----SHD---- C:\$Recycle.Bin
2013-12-06 10:05:54 ----SD---- C:\Users\sabina\AppData\Roaming\Microsoft
2013-12-01 01:35:13 ----D---- C:\Windows\Panther
2013-12-01 01:35:13 ----D---- C:\Windows\Logs
2013-12-01 01:00:03 ----D---- C:\ProgramData\Skype
2013-12-01 01:00:02 ----RD---- C:\Program Files (x86)\Skype
2013-11-24 21:59:21 ----D---- C:\Windows\SysWOW64\wbem
2013-11-24 21:59:21 ----D---- C:\Windows\SysWOW64\migration
2013-11-24 21:59:21 ----D---- C:\Windows\SysWOW64\en-US
2013-11-24 21:59:21 ----D---- C:\Windows\SysWOW64\cs-CZ
2013-11-24 21:59:20 ----D---- C:\Windows\PolicyDefinitions
2013-11-19 01:48:56 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-11-14 17:52:31 ----D---- C:\Windows\SoftwareDistribution
2013-11-14 17:52:17 ----D---- C:\ProgramData\Google
2013-11-04 23:44:42 ----D---- C:\Windows\SysWOW64\LogFiles
2013-11-04 14:42:48 ----SD---- C:\ProgramData\Microsoft
2013-11-02 16:24:46 ----D---- C:\Users\sabina\AppData\Roaming\NVIDIA
2013-11-02 15:17:49 ----D---- C:\Windows\SysWOW64\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\SysWOW64\drivers\aswRvrt.sys []
R0 aswVmm;avast! VM Monitor; C:\Windows\SysWOW64\drivers\aswVmm.sys []
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys []
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R2 adfs;adfs; C:\Windows\SysWOW64\drivers\adfs.sys [2008-08-14 74720]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-11-13 55936]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys []
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys []
S3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys []
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 PCTBD;PC Tools Browser Defender Driver; C:\Windows\System32\Drivers\PCTBD64.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-05-04 361984]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-24 50344]
R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-10-23 580728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-19 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-11-02 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-11-02 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-19 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-26 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------

Proc jste mi tu ted dala log ze spatneho RSIT? Na zacatku jste pouzila spravny, tedy ten pro 64bit system. Takze pouzijte ten spravny a dejte z neho log.


No a k OTL

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem Pak konecne smazem ty smejdy, co tam porad visi