Problem s PC

[pepan92]

Mam taky problem ze ked kliknem na nejaky link v emaily tak mi otvara uplne ine stranky ako by malo a to aj na treti krat potom uz otvara normalne...pouzivam chrome a napr aj sem tam mi pride email ze sa niekto pokusa prihlasit na moj steam z ineho pc...davam log z hijackthis


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:30:03, on 16. 2. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16750)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\Downloads\hijackthis.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 222.222.222.222:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Cm108Sound] RunDll32 cm108.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8D8574F-0375-495A-B09C-66E4D1721683}: NameServer = 8.8.8.8
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\smartweb\smartweb.dll
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe

--
End of file - 4576 bytes

[Rudy]

Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[pepan92]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-02-2014 01
Ran by Peter (administrator) on PETER-PC on 16-02-2014 17:36:14
Running from C:\Users\Peter\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: 041B
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp.) C:\Windows\SOUNDMAN.EXE
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASC.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Peter\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Cm108Sound] - RunDll32 cm108.cpl,CMICtrlWnd
HKLM\...\Run: [SoundMan] - C:\Windows\SOUNDMAN.EXE [604704 2009-04-14] (Realtek Semiconductor Corp.)
HKU\.DEFAULT\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2313411190-107904724-3513802042-1001\...\Run: [Facebook Update] - C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-25] (Facebook Inc.)
HKU\S-1-5-21-2313411190-107904724-3513802042-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2313411190-107904724-3513802042-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2313411190-107904724-3513802042-1001\...\MountPoints2: {95dc59fb-5c50-11e0-9375-0009d0500433} - G:\autorun.exe
HKU\S-1-5-21-2313411190-107904724-3513802042-1007\...\Run: [] - [X]
HKU\S-1-5-21-2313411190-107904724-3513802042-1007\...\Run: [Google Update] - C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-03-30] (Google Inc.)
HKU\S-1-5-21-2313411190-107904724-3513802042-1007\...\Run: [Facebook Update] - C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-25] (Facebook Inc.)
HKU\S-1-5-21-2313411190-107904724-3513802042-1007\...\Policies\Explorer: []
HKU\S-1-5-21-2313411190-107904724-3513802042-1007\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2313411190-107904724-3513802042-1007\...\MountPoints2: {95dc59fb-5c50-11e0-9375-0009d0500433} - G:\autorun.exe
AppInit_DLLs: c:\progra~2\smartweb\smartweb.dll => C:\ProgramData\SmartWeb\SmartWeb.dll [4162048 2013-12-28] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: 222.222.222.222:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9A9E751E03EFCB01
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... earchTerms}
URLSearchHook: HKCU - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.dosearches.com/?utm_source=b ... 1379766379
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosearches.com/web/?utm_s ... earchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosearches.com/web/?utm_s ... earchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2737658
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 0000.10011
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... earchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2737658
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 0000.10011
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 www.iobit.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A8D8574F-0375-495A-B09C-66E4D1721683}: [NameServer]8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cpactsbn.default
FF user.js: detected! => C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cpactsbn.default\user.js
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Peter\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Peter\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Peter\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: No Name - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-07-05]
FF Extension: GoPhotoIt - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi [2012-07-31]
FF Extension: NeteoCoupon - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cpactsbn.default\Extensions\dsrx@jegrieiu.com [2014-01-02]
FF Extension: BitSavEr - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cpactsbn.default\Extensions\iyy_me6k@fibb.net [2014-01-02]
FF Extension: AdBlocknWattch - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cpactsbn.default\Extensions\mdwkklfhzq@nfqyttrez.co.uk [2014-01-31]

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: ""
CHR Plugin: (Shockwave Flash) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.138\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Peter\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Peter\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Peter\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CHR Extension: (AdBlocknWattch) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\adadcfejfmdfbdkpbcnfhmdjmhapnmok [2014-01-31]
CHR Extension: (Media Plugin) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci [2013-12-15]
CHR Extension: (BitSavEr) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnpjdolpbnjlionimoghhjlodedbokfm [2014-01-01]
CHR Extension: (NeteoCoupon) - C:\ProgramData\pnebadonfpdmnegceohciocapepgonmg [2014-01-01]
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-07-05]
CHR HKLM\...\Chrome\Extension: [ocphobfcfafpclibolpjdafgaffkaoci] - C:\Users\Peter\AppData\Local\GamePlayLabs Plugin\plugin.crx [2011-05-08]
CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit14.crx [2012-07-31]
CHR StartMenuInternet: Google Chrome - C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 34677ac8; C:\ProgramData\SmartWeb\SmartWebSvc.dll [180048 2013-12-28] ()
S4 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)
S4 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [86016 2013-08-30] (Dassault Systèmes)
S4 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2013-12-14] (Flexera Software LLC)
S3 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
S4 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2013-11-11] (IObit)
S4 mitsijm2014; D:\inventor\Inventor 2014\Moldflow\bin\mitsijm.exe [723744 2013-01-25] (Autodesk, Inc.)
S4 RzOvlMon; C:\Program Files\Razer\Core\rzovlmon.exe [30912 2013-11-21] (Razer, Inc.)
S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580232 2013-04-25] (WiseCleaner.com)
S4 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [825920 2013-09-21] (Wsys Co., Ltd.)
S4 ICQ Service; No ImagePath

==================== Drivers (Whitelisted) ====================

R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2009-06-19] (Realtek Semiconductor Corp.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [84096 2013-09-21] (Eugene V. Muzychenko)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2012-12-18] ()
S3 KbFilter_Kb_FlexDef3x; C:\Windows\System32\DRIVERS\KbFilter_FlexDef3x.sys [19456 2012-08-15] (Siliten)
S3 NTIOLib_1_0_4; C:\Program Files\MSI\Live Update 5\NTIOLib.sys [7680 2010-10-20] (MSI)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [102592 2013-11-21] (Razer, Inc.)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [65216 2013-11-21] (Razer, Inc.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [15672 2013-05-22] ()
S3 USBPNPA; C:\Windows\System32\drivers\CM108.sys [1517056 2010-08-12] (C-Media Electronics Inc)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-16 17:36 - 2014-02-16 17:36 - 00015405 _____ () C:\Users\Peter\Desktop\FRST.txt
2014-02-16 17:35 - 2014-02-16 17:36 - 00000000 ____D () C:\FRST
2014-02-16 17:34 - 2014-02-16 17:34 - 01141248 _____ (Farbar) C:\Users\Peter\Downloads\FRST.exe
2014-02-16 17:34 - 2014-02-16 17:34 - 01141248 _____ (Farbar) C:\Users\Peter\Desktop\FRST.exe
2014-02-16 17:34 - 2014-02-16 17:34 - 00112640 _____ (forum.viry.cz) C:\Users\Peter\Downloads\FRSTLauncher.exe
2014-02-16 17:34 - 2014-02-16 17:34 - 00112640 _____ (forum.viry.cz) C:\Users\Peter\Desktop\FRSTLauncher.exe
2014-02-16 16:30 - 2014-02-16 16:30 - 00004577 _____ () C:\Users\Peter\Documents\hijackthis.log
2014-02-15 19:28 - 2014-02-15 19:28 - 00002147 _____ () C:\Users\Peter\Desktop\League of Legends Championship LCS IEM all music - PART 2 (breakmusic) HD - odkaz.lnk
2014-02-12 17:55 - 2014-02-16 15:32 - 00000616 _____ () C:\Windows\setupact.log
2014-02-12 17:55 - 2014-02-12 17:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-12 17:54 - 2014-02-12 17:54 - 00012592 _____ () C:\Windows\PFRO.log
2014-02-12 17:53 - 2014-02-12 17:53 - 00000000 _____ () C:\asc_rdflag
2014-02-11 15:41 - 2014-02-11 15:41 - 00000000 ____D () C:\Users\Peter\Downloads\backups
2014-02-11 15:39 - 2014-02-11 15:39 - 00004565 _____ () C:\Users\Peter\Desktop\hijackthis.log
2014-02-11 15:37 - 2014-02-11 15:38 - 00388608 _____ (Trend Micro Inc.) C:\Users\Peter\Downloads\hijackthis.exe
2014-02-10 10:54 - 2014-02-10 10:54 - 00013002 _____ () C:\Users\Peter\Downloads\[CzT]Hobit_Neocekavana_cesta_The_Hobbit_An_Unexpected_Journey_2012_CZ_.torrent
2014-02-06 15:40 - 2014-02-07 23:21 - 00002318 _____ () C:\Users\Peter\Desktop\League of Legends Championship _ LCS _ IEM all music (breakmusic _ during a break) HD Original - odkaz.lnk
2014-02-06 10:26 - 2014-02-06 10:26 - 00019459 _____ () C:\Users\Peter\Downloads\[CzT]Lovci_duchu_Supernatural_S09E13_The_Purge_TvRip_.torrent
2014-02-06 10:25 - 2014-02-06 10:26 - 00015639 _____ () C:\Users\Peter\Downloads\Supernatural_S09E13.rar
2014-02-05 19:49 - 2014-02-05 19:49 - 00000000 ____D () C:\Users\Peter\Downloads\Mysli_jako_on_2012_cz
2014-02-05 19:48 - 2014-02-05 19:48 - 00018432 _____ () C:\Users\Peter\Downloads\[CzT]Mysli_jako_on_Think_Like_a_Man_2012_CZ_.torrent
2014-02-04 18:49 - 2014-02-04 18:49 - 00016850 _____ () C:\Users\Peter\Downloads\[CzT]Captain_America_Prvni_Avenger_Captain_America_2011_.torrent
2014-02-03 22:44 - 2013-01-31 12:21 - 19915552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2014-02-03 22:44 - 2013-01-31 12:21 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-03 22:44 - 2013-01-31 12:21 - 10919200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-03 22:44 - 2013-01-31 12:21 - 07754560 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-03 22:44 - 2013-01-31 12:21 - 02577184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-03 22:44 - 2013-01-31 12:21 - 01869088 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-03 22:41 - 2014-02-03 22:41 - 00319488 _____ (Realtek Semiconductor Corp.) C:\Windows\HideWin.exe
2014-02-03 22:41 - 2014-02-03 22:41 - 00000000 ____D () C:\Program Files\Realtek AC97
2014-02-03 22:33 - 2014-02-03 22:33 - 00001165 _____ () C:\Users\Public\Desktop\Driver Genius Professional Edition.lnk
2014-02-03 22:33 - 2014-02-03 22:33 - 00000000 ____D () C:\Program Files\Driver-Soft
2014-02-03 22:31 - 2014-02-03 22:31 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Driver-Soft
2014-02-03 22:29 - 2014-02-03 22:29 - 28170967 _____ (Driver-Soft) C:\Users\Peter\Downloads\drvgenpro.exe
2014-02-03 22:28 - 2014-02-03 22:28 - 00017733 _____ () C:\Users\Peter\Downloads\[CzT]Driver_Genius_Professional_Edition_11_0_0_1138_CZ_SK_.torrent
2014-02-03 12:25 - 2014-02-03 12:25 - 00012641 _____ () C:\Users\Peter\Downloads\[CzT]Czech_Amateurs_92_720pHD_.torrent
2014-02-03 12:22 - 2014-02-03 12:22 - 00014706 _____ () C:\Users\Peter\Downloads\[CzT]Udelej_se_Katka_720pHD_.torrent
2014-02-03 12:22 - 2014-02-03 12:22 - 00014341 _____ () C:\Users\Peter\Downloads\[CzT]James_Deen_Ava_Addams.torrent
2014-02-02 21:10 - 2014-02-02 21:10 - 00000604 _____ () C:\Users\Peter\Downloads\utazky ktore boli.txt
2014-02-01 12:26 - 2014-02-01 12:26 - 06696482 _____ () C:\Users\Peter\Downloads\pap-poznamky.rar
2014-01-31 22:37 - 2014-01-31 22:37 - 00002478 __RSH () C:\ProgramData\ntuser.pol
2014-01-31 22:37 - 2014-01-31 22:37 - 00000000 ____D () C:\ProgramData\AdBlocknWattch
2014-01-31 22:37 - 2014-01-31 22:37 - 00000000 ____D () C:\ProgramData\adadcfejfmdfbdkpbcnfhmdjmhapnmok
2014-01-30 23:10 - 2014-01-30 23:10 - 00000000 ____D () C:\Users\Peter\Desktop\matika
2014-01-28 15:21 - 2014-01-28 18:39 - 00000000 ____D () C:\Users\Peter\Desktop\2014_01_28
2014-01-26 21:20 - 2014-01-26 21:21 - 00078848 _____ () C:\Users\Peter\Downloads\syntax a štylistika.ppt
2014-01-25 23:03 - 2014-01-25 23:03 - 00014607 _____ () C:\Users\Peter\Downloads\[CzT]Total_Recall_2012_.torrent
2014-01-25 15:03 - 2014-02-16 12:08 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job
2014-01-25 15:03 - 2014-02-15 15:08 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001Core.job
2014-01-25 15:03 - 2014-01-25 15:03 - 00000000 ____D () C:\Users\Peter\AppData\Local\Facebook
2014-01-25 15:00 - 2014-01-25 15:00 - 00501248 _____ (Facebook Inc.) C:\Users\Peter\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-01-24 23:39 - 2014-01-24 23:39 - 00019417 _____ () C:\Users\Peter\Downloads\[CzT]Konecna_The_Last_Stand_2013_CZ_.torrent
2014-01-23 10:40 - 2014-01-23 10:41 - 909697033 _____ () C:\Users\Peter\Downloads\Supernatural.S09E11.720p.HDTV.X264-DIMENSION.mkv
2014-01-23 10:38 - 2014-01-23 10:38 - 00017931 _____ () C:\Users\Peter\Downloads\[CzT]Lovci_duchu_Supernatural_S09E11_First_Born_TVRip_720p_.torrent
2014-01-23 10:37 - 2014-01-23 10:37 - 00017440 _____ () C:\Users\Peter\Downloads\Supernatural_S09E11.rar
2014-01-23 10:36 - 2014-01-23 10:36 - 00018836 _____ () C:\Users\Peter\Downloads\[CzT]Lovci_duchu_Supernatural_S09E11_First_Born_TVRip_.torrent
2014-01-20 22:38 - 2014-01-20 22:49 - 823046144 _____ () C:\Users\Peter\Downloads\jOBS.avi
2014-01-20 22:37 - 2014-01-20 22:37 - 00016229 _____ () C:\Users\Peter\Downloads\[CzT]jOBS_2013_CZ_.torrent
2014-01-20 13:02 - 2014-01-20 13:02 - 00020799 _____ () C:\Users\Peter\Downloads\[CzT]Rychly_prachy_34_Praha_24_08_2009_CZ_.torrent
2014-01-19 21:35 - 2014-01-19 21:50 - 00000000 ____D () C:\Users\Peter\Desktop\2014_01_19
2014-01-18 20:58 - 2014-01-18 20:58 - 00016996 _____ () C:\Users\Peter\Downloads\[CzT]Souboj_Titanu_Clash_of_the_Titans_2010_.torrent
2014-01-18 17:23 - 2014-01-18 17:33 - 00000000 ____D () C:\Users\Peter\Downloads\Plán útěku
2014-01-18 17:23 - 2014-01-18 17:23 - 00015288 _____ () C:\Users\Peter\Downloads\[CzT]Plan_uteku_Escape_Plan_2013_.torrent
2014-01-17 10:37 - 2014-01-17 11:02 - 226488722 _____ () C:\Users\Peter\Downloads\Supernatural-S09E10---Road-Trip.rar
2014-01-17 10:36 - 2014-01-17 10:42 - 364510674 _____ () C:\Users\Peter\Downloads\Supernatural.S09E10.HDTV.XviD-FUM.avi
2014-01-17 10:35 - 2014-01-17 10:35 - 00014478 _____ () C:\Users\Peter\Downloads\[CzT]Lovci_duchu_Supernatural_S09E10_Road_Trip_TvRip_.torrent
2014-01-17 10:33 - 2014-01-17 10:33 - 00016352 _____ () C:\Users\Peter\Downloads\Supernatural_S09E10.rar

==================== One Month Modified Files and Folders =======

2014-02-16 17:36 - 2014-02-16 17:36 - 00015405 _____ () C:\Users\Peter\Desktop\FRST.txt
2014-02-16 17:36 - 2014-02-16 17:35 - 00000000 ____D () C:\FRST
2014-02-16 17:34 - 2014-02-16 17:34 - 01141248 _____ (Farbar) C:\Users\Peter\Downloads\FRST.exe
2014-02-16 17:34 - 2014-02-16 17:34 - 01141248 _____ (Farbar) C:\Users\Peter\Desktop\FRST.exe
2014-02-16 17:34 - 2014-02-16 17:34 - 00112640 _____ (forum.viry.cz) C:\Users\Peter\Downloads\FRSTLauncher.exe
2014-02-16 17:34 - 2014-02-16 17:34 - 00112640 _____ (forum.viry.cz) C:\Users\Peter\Desktop\FRSTLauncher.exe
2014-02-16 17:32 - 2012-09-30 12:29 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Skype
2014-02-16 16:44 - 2011-03-30 18:52 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job
2014-02-16 16:37 - 2012-04-05 09:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-16 16:30 - 2014-02-16 16:30 - 00004577 _____ () C:\Users\Peter\Documents\hijackthis.log
2014-02-16 15:36 - 2014-01-07 08:20 - 00365696 _____ () C:\Windows\WindowsUpdate.log
2014-02-16 15:33 - 2013-12-15 23:08 - 00000444 ____H () C:\Windows\Tasks\SK.Enabler-S-1495795506.job
2014-02-16 15:32 - 2014-02-12 17:55 - 00000616 _____ () C:\Windows\setupact.log
2014-02-16 15:32 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-16 13:41 - 2011-03-30 18:52 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001Core.job
2014-02-16 12:08 - 2014-01-25 15:03 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job
2014-02-15 19:28 - 2014-02-15 19:28 - 00002147 _____ () C:\Users\Peter\Desktop\League of Legends Championship LCS IEM all music - PART 2 (breakmusic) HD - odkaz.lnk
2014-02-15 15:08 - 2014-01-25 15:03 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001Core.job
2014-02-13 23:50 - 2013-04-28 22:13 - 00000000 ____D () C:\Users\Peter\Desktop\Jeble obrazky
2014-02-13 15:50 - 2013-04-02 18:55 - 00000000 ____D () C:\Users\Peter\AppData\Local\PMB Files
2014-02-13 15:50 - 2013-04-02 18:55 - 00000000 ____D () C:\ProgramData\PMB Files
2014-02-12 17:55 - 2014-02-12 17:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-12 17:54 - 2014-02-12 17:54 - 00012592 _____ () C:\Windows\PFRO.log
2014-02-12 17:53 - 2014-02-12 17:53 - 00000000 _____ () C:\asc_rdflag
2014-02-12 17:53 - 2013-07-05 14:56 - 00000000 ____D () C:\Users\UpdatusUser.Peter-PC
2014-02-12 17:53 - 2011-03-30 18:49 - 00000000 ____D () C:\Users\Peter
2014-02-12 16:18 - 2009-07-14 05:34 - 00017296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-12 16:18 - 2009-07-14 05:34 - 00017296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-12 16:03 - 2011-03-30 20:26 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\uTorrent
2014-02-11 18:05 - 2011-03-30 18:52 - 00000000 ____D () C:\Users\Peter\AppData\Local\Deployment
2014-02-11 17:28 - 2013-12-26 15:52 - 00000000 ____D () C:\Users\Peter\AppData\Local\CrashDumps
2014-02-11 15:41 - 2014-02-11 15:41 - 00000000 ____D () C:\Users\Peter\Downloads\backups
2014-02-11 15:39 - 2014-02-11 15:39 - 00004565 _____ () C:\Users\Peter\Desktop\hijackthis.log
2014-02-11 15:38 - 2014-02-11 15:37 - 00388608 _____ (Trend Micro Inc.) C:\Users\Peter\Downloads\hijackthis.exe
2014-02-10 11:34 - 2014-01-02 17:24 - 2601699328 _____ () C:\Users\Peter\Downloads\The.Hobbit.An.Unexpected.Journey.2012.BRRip.XviD.AC3.CZ.avi
2014-02-10 10:54 - 2014-02-10 10:54 - 00013002 _____ () C:\Users\Peter\Downloads\[CzT]Hobit_Neocekavana_cesta_The_Hobbit_An_Unexpected_Journey_2012_CZ_.torrent
2014-02-10 09:39 - 2012-04-05 09:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-10 09:39 - 2011-05-30 00:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-09 20:16 - 2013-12-08 18:34 - 00000000 ____D () C:\Users\Peter\Desktop\Ja a Nikuš
2014-02-08 15:04 - 2013-10-31 16:46 - 00026112 _____ () C:\Users\Peter\Desktop\Treningove plany.xls
2014-02-07 23:21 - 2014-02-06 15:40 - 00002318 _____ () C:\Users\Peter\Desktop\League of Legends Championship _ LCS _ IEM all music (breakmusic _ during a break) HD Original - odkaz.lnk
2014-02-07 15:38 - 2012-09-29 13:58 - 00000000 ____D () C:\Users\Peter\Desktop\POWERLEVELING
2014-02-06 10:26 - 2014-02-06 10:26 - 00019459 _____ () C:\Users\Peter\Downloads\[CzT]Lovci_duchu_Supernatural_S09E13_The_Purge_TvRip_.torrent
2014-02-06 10:26 - 2014-02-06 10:25 - 00015639 _____ () C:\Users\Peter\Downloads\Supernatural_S09E13.rar
2014-02-05 19:49 - 2014-02-05 19:49 - 00000000 ____D () C:\Users\Peter\Downloads\Mysli_jako_on_2012_cz
2014-02-05 19:48 - 2014-02-05 19:48 - 00018432 _____ () C:\Users\Peter\Downloads\[CzT]Mysli_jako_on_Think_Like_a_Man_2012_CZ_.torrent
2014-02-04 18:49 - 2014-02-04 18:49 - 00016850 _____ () C:\Users\Peter\Downloads\[CzT]Captain_America_Prvni_Avenger_Captain_America_2011_.torrent
2014-02-03 22:46 - 2012-03-21 11:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-03 22:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Help
2014-02-03 22:41 - 2014-02-03 22:41 - 00319488 _____ (Realtek Semiconductor Corp.) C:\Windows\HideWin.exe
2014-02-03 22:41 - 2014-02-03 22:41 - 00000000 ____D () C:\Program Files\Realtek AC97
2014-02-03 22:40 - 2012-01-25 20:08 - 00000000 ____D () C:\ProgramData\DriverGenius
2014-02-03 22:33 - 2014-02-03 22:33 - 00001165 _____ () C:\Users\Public\Desktop\Driver Genius Professional Edition.lnk
2014-02-03 22:33 - 2014-02-03 22:33 - 00000000 ____D () C:\Program Files\Driver-Soft
2014-02-03 22:31 - 2014-02-03 22:31 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Driver-Soft
2014-02-03 22:29 - 2014-02-03 22:29 - 28170967 _____ (Driver-Soft) C:\Users\Peter\Downloads\drvgenpro.exe
2014-02-03 22:28 - 2014-02-03 22:28 - 00017733 _____ () C:\Users\Peter\Downloads\[CzT]Driver_Genius_Professional_Edition_11_0_0_1138_CZ_SK_.torrent
2014-02-03 12:25 - 2014-02-03 12:25 - 00012641 _____ () C:\Users\Peter\Downloads\[CzT]Czech_Amateurs_92_720pHD_.torrent
2014-02-03 12:22 - 2014-02-03 12:22 - 00014706 _____ () C:\Users\Peter\Downloads\[CzT]Udelej_se_Katka_720pHD_.torrent
2014-02-03 12:22 - 2014-02-03 12:22 - 00014341 _____ () C:\Users\Peter\Downloads\[CzT]James_Deen_Ava_Addams.torrent
2014-02-02 21:10 - 2014-02-02 21:10 - 00000604 _____ () C:\Users\Peter\Downloads\utazky ktore boli.txt
2014-02-01 12:26 - 2014-02-01 12:26 - 06696482 _____ () C:\Users\Peter\Downloads\pap-poznamky.rar
2014-02-01 12:26 - 2013-11-24 22:14 - 00000000 ____D () C:\Users\Peter\Desktop\Pevnosť pružnosť
2014-01-31 22:37 - 2014-01-31 22:37 - 00002478 __RSH () C:\ProgramData\ntuser.pol
2014-01-31 22:37 - 2014-01-31 22:37 - 00000000 ____D () C:\ProgramData\AdBlocknWattch
2014-01-31 22:37 - 2014-01-31 22:37 - 00000000 ____D () C:\ProgramData\adadcfejfmdfbdkpbcnfhmdjmhapnmok
2014-01-31 22:37 - 2013-12-15 23:07 - 00000000 ____D () C:\ProgramData\4c8da25714f3b573
2014-01-30 23:10 - 2014-01-30 23:10 - 00000000 ____D () C:\Users\Peter\Desktop\matika
2014-01-30 12:38 - 2014-01-10 16:25 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Spotify
2014-01-30 09:33 - 2014-01-10 16:25 - 00000000 ____D () C:\Users\Peter\AppData\Local\Spotify
2014-01-29 15:38 - 2009-07-14 05:53 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-28 23:09 - 2013-04-23 14:32 - 00000000 ____D () C:\Users\Peter\Desktop\matika11
2014-01-28 18:39 - 2014-01-28 15:21 - 00000000 ____D () C:\Users\Peter\Desktop\2014_01_28
2014-01-26 21:54 - 2013-11-24 22:16 - 00000000 ____D () C:\Users\Peter\Desktop\Vyrobne technologie
2014-01-26 21:21 - 2014-01-26 21:20 - 00078848 _____ () C:\Users\Peter\Downloads\syntax a štylistika.ppt
2014-01-25 23:03 - 2014-01-25 23:03 - 00014607 _____ () C:\Users\Peter\Downloads\[CzT]Total_Recall_2012_.torrent
2014-01-25 15:03 - 2014-01-25 15:03 - 00000000 ____D () C:\Users\Peter\AppData\Local\Facebook
2014-01-25 15:00 - 2014-01-25 15:00 - 00501248 _____ (Facebook Inc.) C:\Users\Peter\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-01-25 01:04 - 2011-03-30 18:54 - 00391756 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-24 23:39 - 2014-01-24 23:39 - 00019417 _____ () C:\Users\Peter\Downloads\[CzT]Konecna_The_Last_Stand_2013_CZ_.torrent
2014-01-23 10:41 - 2014-01-23 10:40 - 909697033 _____ () C:\Users\Peter\Downloads\Supernatural.S09E11.720p.HDTV.X264-DIMENSION.mkv
2014-01-23 10:38 - 2014-01-23 10:38 - 00017931 _____ () C:\Users\Peter\Downloads\[CzT]Lovci_duchu_Supernatural_S09E11_First_Born_TVRip_720p_.torrent
2014-01-23 10:37 - 2014-01-23 10:37 - 00017440 _____ () C:\Users\Peter\Downloads\Supernatural_S09E11.rar
2014-01-23 10:36 - 2014-01-23 10:36 - 00018836 _____ () C:\Users\Peter\Downloads\[CzT]Lovci_duchu_Supernatural_S09E11_First_Born_TVRip_.torrent
2014-01-22 21:47 - 2014-01-12 22:23 - 00000000 ____D () C:\Users\Peter\Desktop\2014_01_12
2014-01-20 22:49 - 2014-01-20 22:38 - 823046144 _____ () C:\Users\Peter\Downloads\jOBS.avi
2014-01-20 22:37 - 2014-01-20 22:37 - 00016229 _____ () C:\Users\Peter\Downloads\[CzT]jOBS_2013_CZ_.torrent
2014-01-20 13:02 - 2014-01-20 13:02 - 00020799 _____ () C:\Users\Peter\Downloads\[CzT]Rychly_prachy_34_Praha_24_08_2009_CZ_.torrent
2014-01-19 21:50 - 2014-01-19 21:35 - 00000000 ____D () C:\Users\Peter\Desktop\2014_01_19
2014-01-19 03:00 - 2012-03-21 07:46 - 00000332 _____ () C:\Windows\Tasks\RegInOut Scheduled Scan - Peter.job
2014-01-19 03:00 - 2012-01-20 13:29 - 00000372 _____ () C:\Windows\Tasks\RegAce Scheduled Scan - Peter.job
2014-01-18 20:58 - 2014-01-18 20:58 - 00016996 _____ () C:\Users\Peter\Downloads\[CzT]Souboj_Titanu_Clash_of_the_Titans_2010_.torrent
2014-01-18 17:33 - 2014-01-18 17:23 - 00000000 ____D () C:\Users\Peter\Downloads\Plán útěku
2014-01-18 17:23 - 2014-01-18 17:23 - 00015288 _____ () C:\Users\Peter\Downloads\[CzT]Plan_uteku_Escape_Plan_2013_.torrent
2014-01-17 11:02 - 2014-01-17 10:37 - 226488722 _____ () C:\Users\Peter\Downloads\Supernatural-S09E10---Road-Trip.rar
2014-01-17 10:42 - 2014-01-17 10:36 - 364510674 _____ () C:\Users\Peter\Downloads\Supernatural.S09E10.HDTV.XviD-FUM.avi
2014-01-17 10:35 - 2014-01-17 10:35 - 00014478 _____ () C:\Users\Peter\Downloads\[CzT]Lovci_duchu_Supernatural_S09E10_Road_Trip_TvRip_.torrent
2014-01-17 10:33 - 2014-01-17 10:33 - 00016352 _____ () C:\Users\Peter\Downloads\Supernatural_S09E10.rar

Some content of TEMP:
====================
C:\Users\Peter\AppData\Local\Temp\RTBK.EXE
C:\Users\WOW US\AppData\Local\Temp\RTBK.EXE


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-08 17:43




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:95.7 GB) (Free:19.52 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DISK D HRY) (Fixed) (Total:94.21 GB) (Free:24.83 GB) NTFS

Available physical RAM: 1638.51 MB
Total physical RAM: 2559.55 MB
Percentage of memory in use: 35%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 190 GB) (Disk ID: 3B963B95)
Partition 1: (Active) - (Size=96 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=94 GB) - (Type=OF Extended)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001Core.job => C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job => C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001Core.job => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegAce Scheduled Scan - Peter.job => C:\Program Files\RegAce System Suite\RegAce.exe
Task: C:\Windows\Tasks\RegInOut Scheduled Scan - Peter.job => C:\Program Files\RegInOut\RegInOut.exe
Task: C:\Windows\Tasks\SK.Enabler-S-1495795506.job => c:\programdata\quickset\sk.enabler\SK.Enabler.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939
AlternateDataStreams: C:\ProgramData\TEMP:DBC416F8
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8

==================== Security Center ==================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Peter\Desktop" je 9568 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher
"C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
"C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5
"C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter
"C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx
C:\Users\Peter\AppData\Roaming\ICQM\icq.exe -CU [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cm108Sound
C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
C:\Program Files\MSI\Live Update 5\BootStartLiveupdate.exe /reminder [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Program Files\LOLReplay\LOLRecorder.exe" -minimize [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScannerSelectorEX
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files\Pando Networks\Media Booster\PMB.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update 5
C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe /autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LOLReplay Recorder
C:\Program Files\Razer\Core\razercore.exe /ChatApplet [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe
"C:\Program Files\Razer\Synapse\RzSynapse.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru
"C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Converter Elite Print Dispatcher
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivitizeVPN
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Razer Comms
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Razer Synapse
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk
C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpotdd01.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\386EB9~1.130\SSSCHE~1.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip
C:\PROGRA~1\MYPCBA~1\MYPCBA~1.EXE [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Jak to vypadá s legalitou vašeho oper. systému?

[pepan92]

myslim ze to je ok ono ten problem som nemal dlhe meesiace vsetko oblo ok zacalo to asi pred tyzdnom...

[Rudy]

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<.

[pepan92]

potom tu mam hodit nejaky log? lebo stale to skenuje

Edit: mam tu 2 logy mam ich hodit sem alebo do prilohy?

[Rudy]

Dejte sem oba logy.

[pepan92]

OTL Extras logfile created on: 16. 2. 2014 18:11:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peter\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,50 Gb Total Physical Memory | 0,73 Gb Available Physical Memory | 29,29% Memory free
5,43 Gb Paging File | 3,16 Gb Available in Paging File | 58,31% Paging File free
Paging file location(s): c:\pagefile.sys 3000 6000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 95,70 Gb Total Space | 19,52 Gb Free Space | 20,40% Space Free | Partition Type: NTFS
Drive D: | 94,21 Gb Total Space | 24,83 Gb Free Space | 26,36% Space Free | Partition Type: NTFS

Computer Name: PETER-PC | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09A4B292-CE10-44B4-841E-1FD99EAE0824}" = lport=10243 | protocol=6 | dir=in | app=system |
"{13DE5562-FDAB-48FE-8883-04776CAB0CF9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{17427A73-7272-492F-B082-B785BEEBDA03}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{195D7184-574E-4DA5-9F9C-F7C83B8798CF}" = rport=445 | protocol=6 | dir=out | app=system |
"{2085C5D3-958E-4F2A-9172-F90C0D63ED7A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2467A2F2-406D-40A7-9912-B9FC8E033C4F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{332757F3-52C5-41D7-A047-6D4CE8E5B063}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B2C5BFE-F7C1-494F-858C-D96544AB00D4}" = lport=137 | protocol=17 | dir=in | app=system |
"{4144D48A-A6C7-44EE-817C-00EEDB7A0030}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{49FE4ACF-829C-4868-A0D1-25D06332172E}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{4B787673-BB4B-4A93-B169-3F50CCB5E064}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{55C8E68C-EAC3-45D5-825E-E719A35FAE15}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6273FD27-EBE7-41A0-AEDE-7457CAFD1CE1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{653E6036-C039-4D8C-B36E-30CEEC61F59F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{67345B3B-D45A-427B-BAC7-235218E5CADE}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{7183DA33-7127-4B99-8EA4-753A338252CA}" = lport=445 | protocol=6 | dir=in | app=system |
"{819C1F1C-365D-4A91-BD3C-4A2AE32A44D5}" = rport=138 | protocol=17 | dir=out | app=system |
"{82925303-43F7-429D-8965-5D5A9AF924C6}" = rport=139 | protocol=6 | dir=out | app=system |
"{831CBA11-D6F5-4FD0-BFC9-E6E03D423307}" = lport=139 | protocol=6 | dir=in | app=system |
"{84D75808-2882-497E-9437-5F210BD88B13}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{87AA70D1-BC5F-487C-B317-97B114A041C3}" = rport=137 | protocol=17 | dir=out | app=system |
"{96DC119F-8864-4E9E-B283-76E1A61F68E8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B1E45614-21A8-477E-8451-339164E70B5E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C4A0B96A-AA55-49A6-B504-DC1454BE5FF5}" = lport=138 | protocol=17 | dir=in | app=system |
"{E28F73BD-B6EE-4112-9B1F-AA1BCEC76323}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EE426278-1DA0-4039-8F0C-5A59F4C8E515}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{097FC490-526E-4AFC-946C-34C737E384A8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{20F43FA6-55EF-41A3-8337-849D76FE60E7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2343B9F9-7708-451A-B68E-F9208B1638A7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{24927FB6-CBA4-4201-ABE6-71AD2C3997FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{41C85B75-DD16-44B2-B900-683FC5F14888}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{68BCD2B1-4B5D-4551-B750-5D37FB8D6FC6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{72ABD9AA-9FC4-48CE-A451-39EF1965C802}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{76C1F7D0-AFCF-46D8-9D75-431CCA0533AA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{802E3D4A-F4D3-4932-8CF4-14FB7274B34B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{837C143C-32AB-4855-9508-913722D4E396}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{93268A1B-64C1-48F2-AC97-74075E5C038E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{9F79CCCD-2CF6-4698-B624-2FB7669389FB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A3F18E3A-8F56-4C7F-97DC-8A9BD7F4BD76}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AC93ABA8-2F06-46ED-B79A-9C1A2AC31B55}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{B3CF0543-E6DA-4CF4-80CF-1753162253AE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B7B4595D-47BE-4B04-BBD2-CE9679407722}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C26642DF-2D03-43B2-A802-62B112D09970}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D4C6A2B0-A1D7-48F7-A2C8-D9263B26C187}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{D5A8D3F4-0D33-4949-BA69-64BE3CE79DB6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DBE62180-194A-455F-8022-8CA0875A930E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E5FE0FA8-F067-4A72-A555-2AB0F05BBC9C}" = protocol=6 | dir=out | app=system |
"{FD3164D4-B142-4281-9A07-24E53149E1E1}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
"{08466673-3905-4437-93E8-34A221B7CA4E}" = Fotogaléria
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0BB716E0-1400-0200-0000-097DC2F354DF}" = Autodesk Revit Interoperability for Inventor 2014
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series" = Canon MG3100 series MP Drivers
"{140754E1-C019-44A9-A81B-2D7625AABE8A}" = Photo Common
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}" = Autodesk Design Review 2013
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{28950295-A98C-4081-AC82-045E9879945E}" = Windows Live UX Platform Language Pack
"{317D8BB4-16C3-CFBD-3777-AED69667DA46}" = NeteoCoupon
"{3CF3DEF4-ED15-4F7B-9320-C3E1081EA4DA}" = SlimDrivers
"{41313863-5170-4D7E-AD60-3CDF4DEBA81F}" = Nokia PC Suite
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1" = System Checkup 3.3
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{547488D7-023D-9784-93BC-8699F58BCC4B}" = AdBlocknWattch
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5C29CC1F-218F-4C30-948A-11066CAC59FB}" = Autodesk Material Library Low Resolution Image Library 2014
"{5F189DF5-2D05-472B-9091-84D9848AE48B}{34677ac8}" = SmartWeb
"{60413225-DF15-47BE-9993-4E87BA8754C3}" = DriverGenius
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76F0FEBD-6C17-4D57-80F5-5FB526E90D4C}" = Ultimate ZIP Cracker Trial version
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7F4DD591-1832-0001-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2014
"{7F4DD591-1832-0001-1029-7107D70F3DB4}" = Autodesk Inventor Professional 2014 Language Pack - čeština (Czech)
"{8256F87F-8554-4457-8C3D-3F3324697D9F}" = Windows Live ID Sign-in Assistant
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E59704C-4853-4785-9CC5-254CDE0923EB}" = Jungle Timer
"{9011041B-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x86)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}" = Suurf and keepu
"{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}" = BitSavEr
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Czech
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek PCI Fast Ethernet Controller Driver For Vista and Win7
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}" = Windows Live Messenger
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{B8C82D2C-A31A-467C-92AD-C1860EFF4A48}" = DriverGenius
"{B98389D4-5E94-4504-83F0-D727DE67D280}" = Windows Live Messenger
"{BAB89D31-4C55-472B-8909-6CBE2CC276B1}" = Microsoft Visual Basic for Applications 7.1 (x86) English
"{C0959742-5DEB-453B-A55C-528AA0EBA103}" = Zoner Barcode Studio 2
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{CF2FF2C3-3013-33E4-8413-92090A340FE1}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{CFBFE244-6269-41DC-85B6-86F99C88ED02}" = Movie Maker
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A2A99A-D618-4F24-9730-464893DC27AC}" = Eco Materials Adviser for Autodesk Inventor 2014 (32-bit)
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1" = Wise Care 365 version 2.76
"{E8BAA541-D161-4C9B-85BF-01F05A56BD7F}}_is1" = Live Update 5
"{EAF50C07-A0CE-4007-94D3-3A40B21C9FC6}" = DraftSight
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA29B84F-8306-4A62-A340-F2C41305E7AF}" = Windows Live Essentials
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FC54FD8D-789C-406D-BB88-F7C4421B7E83}_is1" = VideoGenie
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"ALUpdate_is1" = ALTools Update
"ALZip_is1" = ALZip 8.51
"Autodesk Design Review 2013" = Autodesk Design Review 2013
"Autodesk Inventor Professional 2014" = Autodesk Inventor Professional 2014 - čeština (Czech)
"Autodesk Revit Interoperability for Inventor 2014" = Autodesk Revit Interoperability for Inventor 2014
"BSPlayerf" = BS.Player FREE
"Canon MG3100 series On-screen Manual" = Canon MG3100 series On-screen Manual
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"C-Media CM108 Like Sound Driver" = USB PnP Sound Device
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CPUID HWMonitorPro_is1" = CPUID HWMonitor Pro 1.17
"Driver Booster_is1" = Driver Booster
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows Driver Package - Nokia Modem (02/25/2011 4.7)
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"GamePlayLabs Plugin" = GamePlayLabs Plugin
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"IObit Malware Fighter_is1" = IObit Malware Fighter
"Jungle Timer 1.0.0" = Jungle Timer
"LOLReplay" = LOLReplay
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Mozilla Firefox 26.0 (x86 sk)" = Mozilla Firefox 26.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"PrivitizeVPN" = PrivitizeVPN
"Razer Comms" = Razer Comms
"Razer Core" = Razer Core
"Registrácia používateľa produktu Canon MG3100 series" = Registrácia používateľa produktu Canon MG3100 series
"S-1495795506" = SK.Enabler
"SkypePlayer" = Skype Audio Player (remove only)
"Smart Defrag 2_is1" = Smart Defrag 2
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Virtual Audio Cable 4.12" = Virtual Audio Cable 4.12
"VLC media player" = VLC media player 2.0.8
"WinLiveSuite" = Windows Live Essentials
"Wise PC 1stAid_is1" = Wise PC 1stAid 1.34
"World of Warcraft" = World of Warcraft
"WsysControl" = Wsys Control 10.2.1.2634
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.9.9.10

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client - 1
"Akamai" = Akamai NetSession Interface
"Ardamax Keylogger 3.9.3" = Ardamax Keylogger 3.9.3
"MyFreeCodec" = MyFreeCodec
"Spotify" = Spotify

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client - 1
"Akamai" = Akamai NetSession Interface
"Ardamax Keylogger 3.9.3" = Ardamax Keylogger 3.9.3
"Google Chrome" = Google Chrome
"MyFreeCodec" = MyFreeCodec
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 15. 2. 2014 19:00:01 | Computer Name = Peter-PC | Source = VSS | ID = 13
Description =

Error - 15. 2. 2014 19:00:01 | Computer Name = Peter-PC | Source = VSS | ID = 12292
Description =

Error - 16. 2. 2014 5:50:39 | Computer Name = Peter-PC | Source = Winlogon | ID = 4103
Description = Aktivácia licencie systému Windows zlyhala. Chyba: 0x80070005.

Error - 16. 2. 2014 10:33:35 | Computer Name = Peter-PC | Source = Winlogon | ID = 4103
Description = Aktivácia licencie systému Windows zlyhala. Chyba: 0x80070005.

Error - 16. 2. 2014 12:37:08 | Computer Name = Peter-PC | Source = VSS | ID = 13
Description =

Error - 16. 2. 2014 12:37:08 | Computer Name = Peter-PC | Source = VSS | ID = 12292
Description =

Error - 16. 2. 2014 13:21:15 | Computer Name = Peter-PC | Source = VSS | ID = 13
Description =

Error - 16. 2. 2014 13:21:15 | Computer Name = Peter-PC | Source = VSS | ID = 12292
Description =

Error - 16. 2. 2014 13:21:15 | Computer Name = Peter-PC | Source = VSS | ID = 8193
Description =

Error - 16. 2. 2014 13:21:15 | Computer Name = Peter-PC | Source = System Restore | ID = 8193
Description =

[ System Events ]
Error - 14. 2. 2014 13:25:33 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Security Accounts Manager, od ktorej závisí služba
Server, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 14. 2. 2014 13:26:20 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 15. 2. 2014 6:48:43 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Security Accounts Manager, od ktorej závisí služba
Server, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 15. 2. 2014 6:49:30 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 15. 2. 2014 8:58:09 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Security Accounts Manager, od ktorej závisí služba
Server, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 15. 2. 2014 8:58:55 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 16. 2. 2014 5:47:25 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Security Accounts Manager, od ktorej závisí služba
Server, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 16. 2. 2014 5:50:49 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 16. 2. 2014 10:32:43 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Security Accounts Manager, od ktorej závisí služba
Server, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 16. 2. 2014 10:33:53 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058


< End of report >

[pepan92]

tu je druhy log nevojde mi to tu normalne

[Rudy]

Spusťte znovu OTL. do sponího okna vložte následující text.

:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.dosearches.com/web/?utm_s ... earchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2737658
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 0000.10011
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... earchTerms}
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2737658
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1001\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 0000.10011
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1007\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... earchTerms}
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1007\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2737658
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1007\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 0000.10011
FF - prefs.js..keyword.URL: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
@Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:FB1B13D8
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A1EDB939
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:DBC416F8

:files
C:\ProgramData\adadcfejfmdfbdkpbcnfhmdjmhapnmok
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job
C:\ProgramData\KGyGaAvL.sys
C:\ProgramData\D6CD59BA6A.sys
C:\Users\Peter\AppData\Roaming\Babylon
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001Core.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job
C:\Users\Peter\AppData\Local\Facebook\Update
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[pepan92]

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Registry value HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1001\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1007\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1007\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1007\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1007\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Prefs.js: "" removed from keyword.URL
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.defaultenginename
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.selectedEngine
Prefs.js: "" removed from browser.startup.homepage
Prefs.js: "" removed from sweetim.toolbar.previous.keyword.URL
ADS C:\ProgramData\TEMP:FB1B13D8 deleted successfully.
ADS C:\ProgramData\TEMP:A1EDB939 deleted successfully.
ADS C:\ProgramData\TEMP:DBC416F8 deleted successfully.
========== FILES ==========
C:\ProgramData\adadcfejfmdfbdkpbcnfhmdjmhapnmok folder moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job moved successfully.
C:\ProgramData\KGyGaAvL.sys moved successfully.
C:\ProgramData\D6CD59BA6A.sys moved successfully.
C:\Users\Peter\AppData\Roaming\Babylon folder moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001Core.job moved successfully.
File\Folder C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job not found.
C:\Users\Peter\AppData\Local\Facebook\Update\Manifest\Initial folder moved successfully.
C:\Users\Peter\AppData\Local\Facebook\Update\Manifest folder moved successfully.
C:\Users\Peter\AppData\Local\Facebook\Update\Download folder moved successfully.
C:\Users\Peter\AppData\Local\Facebook\Update\1.2.205.0 folder moved successfully.
C:\Users\Peter\AppData\Local\Facebook\Update folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\msdownld.tmp folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 2836 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Peter
->Temp folder emptied: 704224 bytes
->Temporary Internet Files folder emptied: 2423577063 bytes
->Java cache emptied: 321807 bytes
->FireFox cache emptied: 86343643 bytes
->Google Chrome cache emptied: 249875380 bytes
->Flash cache emptied: 1556 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 2836 bytes

User: UpdatusUser.Peter-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 2836 bytes

User: WOW US
->Temp folder emptied: 697187 bytes
->Temporary Internet Files folder emptied: 1476510 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 21919665 bytes
->Flash cache emptied: 3946 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 22905037 bytes

Total Files Cleaned = 2 678,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Peter
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

User: UpdatusUser.Peter-PC
->Flash cache emptied: 0 bytes

User: WOW US
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

System Restore Service not available.

OTL by OldTimer - Version 3.2.69.0 log created on 02162014_193007

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Rudy]

Nastala nějaká změna?

[pepan92]

ano uz mi tie stranky neotvara dakujem pekne keby nieco nastalo este sa ozvem

[Rudy]

OK, to jsem rád.