VIRY.CZ

Mam taky problem ze ked kliknem na nejaky link v emaily tak mi otvara uplne ine stranky ako by malo a to aj na treti krat potom uz otvara normalne...pouzivam chrome a napr aj sem tam mi pride email ze sa niekto pokusa prihlasit na moj steam z ineho pc...davam log z hijackthis


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:30:03, on 16. 2. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16750)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\Downloads\hijackthis.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 222.222.222.222:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Cm108Sound] RunDll32 cm108.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8D8574F-0375-495A-B09C-66E4D1721683}: NameServer = 8.8.8.8
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\smartweb\smartweb.dll
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe

--
End of file - 4576 bytes

Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-02-2014 01
Ran by Peter (administrator) on PETER-PC on 16-02-2014 17:36:14
Running from C:\Users\Peter\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: 041B
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp.) C:\Windows\SOUNDMAN.EXE
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASC.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Peter\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Cm108Sound] - RunDll32 cm108.cpl,CMICtrlWnd
HKLM\...\Run: [SoundMan] - C:\Windows\SOUNDMAN.EXE [604704 2009-04-14] (Realtek Semiconductor Corp.)
HKU\.DEFAULT\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2313411190-107904724-3513802042-1001\...\Run: [Facebook Update] - C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-25] (Facebook Inc.)
HKU\S-1-5-21-2313411190-107904724-3513802042-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2313411190-107904724-3513802042-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2313411190-107904724-3513802042-1001\...\MountPoints2: {95dc59fb-5c50-11e0-9375-0009d0500433} - G:\autorun.exe
HKU\S-1-5-21-2313411190-107904724-3513802042-1007\...\Run: [] - [X]
HKU\S-1-5-21-2313411190-107904724-3513802042-1007\...\Run: [Google Update] - C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-03-30] (Google Inc.)
HKU\S-1-5-21-2313411190-107904724-3513802042-1007\...\Run: [Facebook Update] - C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-25] (Facebook Inc.)
HKU\S-1-5-21-2313411190-107904724-3513802042-1007\...\Policies\Explorer: []
HKU\S-1-5-21-2313411190-107904724-3513802042-1007\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2313411190-107904724-3513802042-1007\...\MountPoints2: {95dc59fb-5c50-11e0-9375-0009d0500433} - G:\autorun.exe
AppInit_DLLs: c:\progra~2\smartweb\smartweb.dll => C:\ProgramData\SmartWeb\SmartWeb.dll [4162048 2013-12-28] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyServer: 222.222.222.222:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9A9E751E03EFCB01
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... earchTerms}
URLSearchHook: HKCU - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.dosearches.com/?utm_source=b ... 1379766379
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosearches.com/web/?utm_s ... earchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.dosearches.com/web/?utm_s ... earchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2737658
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 0000.10011
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... earchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2737658
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 0000.10011
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 www.iobit.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A8D8574F-0375-495A-B09C-66E4D1721683}: [NameServer]8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cpactsbn.default
FF user.js: detected! => C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cpactsbn.default\user.js
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Peter\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Peter\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Peter\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: No Name - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-07-05]
FF Extension: GoPhotoIt - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi [2012-07-31]
FF Extension: NeteoCoupon - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cpactsbn.default\Extensions\dsrx@jegrieiu.com [2014-01-02]
FF Extension: BitSavEr - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cpactsbn.default\Extensions\iyy_me6k@fibb.net [2014-01-02]
FF Extension: AdBlocknWattch - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\cpactsbn.default\Extensions\mdwkklfhzq@nfqyttrez.co.uk [2014-01-31]

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: ""
CHR Plugin: (Shockwave Flash) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.138\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Peter\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Peter\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Peter\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CHR Extension: (AdBlocknWattch) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\adadcfejfmdfbdkpbcnfhmdjmhapnmok [2014-01-31]
CHR Extension: (Media Plugin) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocphobfcfafpclibolpjdafgaffkaoci [2013-12-15]
CHR Extension: (BitSavEr) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnpjdolpbnjlionimoghhjlodedbokfm [2014-01-01]
CHR Extension: (NeteoCoupon) - C:\ProgramData\pnebadonfpdmnegceohciocapepgonmg [2014-01-01]
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-07-05]
CHR HKLM\...\Chrome\Extension: [ocphobfcfafpclibolpjdafgaffkaoci] - C:\Users\Peter\AppData\Local\GamePlayLabs Plugin\plugin.crx [2011-05-08]
CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit14.crx [2012-07-31]
CHR StartMenuInternet: Google Chrome - C:\Users\Peter\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 34677ac8; C:\ProgramData\SmartWeb\SmartWebSvc.dll [180048 2013-12-28] ()
S4 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)
S4 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [86016 2013-08-30] (Dassault Systèmes)
S4 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2013-12-14] (Flexera Software LLC)
S3 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
S4 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2013-11-11] (IObit)
S4 mitsijm2014; D:\inventor\Inventor 2014\Moldflow\bin\mitsijm.exe [723744 2013-01-25] (Autodesk, Inc.)
S4 RzOvlMon; C:\Program Files\Razer\Core\rzovlmon.exe [30912 2013-11-21] (Razer, Inc.)
S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580232 2013-04-25] (WiseCleaner.com)
S4 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [825920 2013-09-21] (Wsys Co., Ltd.)
S4 ICQ Service; No ImagePath

==================== Drivers (Whitelisted) ====================

R3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2009-06-19] (Realtek Semiconductor Corp.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [84096 2013-09-21] (Eugene V. Muzychenko)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2012-12-18] ()
S3 KbFilter_Kb_FlexDef3x; C:\Windows\System32\DRIVERS\KbFilter_FlexDef3x.sys [19456 2012-08-15] (Siliten)
S3 NTIOLib_1_0_4; C:\Program Files\MSI\Live Update 5\NTIOLib.sys [7680 2010-10-20] (MSI)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [102592 2013-11-21] (Razer, Inc.)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [65216 2013-11-21] (Razer, Inc.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [15672 2013-05-22] ()
S3 USBPNPA; C:\Windows\System32\drivers\CM108.sys [1517056 2010-08-12] (C-Media Electronics Inc)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-16 17:36 - 2014-02-16 17:36 - 00015405 _____ () C:\Users\Peter\Desktop\FRST.txt
2014-02-16 17:35 - 2014-02-16 17:36 - 00000000 ____D () C:\FRST
2014-02-16 17:34 - 2014-02-16 17:34 - 01141248 _____ (Farbar) C:\Users\Peter\Downloads\FRST.exe
2014-02-16 17:34 - 2014-02-16 17:34 - 01141248 _____ (Farbar) C:\Users\Peter\Desktop\FRST.exe
2014-02-16 17:34 - 2014-02-16 17:34 - 00112640 _____ (forum.viry.cz) C:\Users\Peter\Downloads\FRSTLauncher.exe
2014-02-16 17:34 - 2014-02-16 17:34 - 00112640 _____ (forum.viry.cz) C:\Users\Peter\Desktop\FRSTLauncher.exe
2014-02-16 16:30 - 2014-02-16 16:30 - 00004577 _____ () C:\Users\Peter\Documents\hijackthis.log
2014-02-15 19:28 - 2014-02-15 19:28 - 00002147 _____ () C:\Users\Peter\Desktop\League of Legends Championship LCS IEM all music - PART 2 (breakmusic) HD - odkaz.lnk
2014-02-12 17:55 - 2014-02-16 15:32 - 00000616 _____ () C:\Windows\setupact.log
2014-02-12 17:55 - 2014-02-12 17:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-12 17:54 - 2014-02-12 17:54 - 00012592 _____ () C:\Windows\PFRO.log
2014-02-12 17:53 - 2014-02-12 17:53 - 00000000 _____ () C:\asc_rdflag
2014-02-11 15:41 - 2014-02-11 15:41 - 00000000 ____D () C:\Users\Peter\Downloads\backups
2014-02-11 15:39 - 2014-02-11 15:39 - 00004565 _____ () C:\Users\Peter\Desktop\hijackthis.log
2014-02-11 15:37 - 2014-02-11 15:38 - 00388608 _____ (Trend Micro Inc.) C:\Users\Peter\Downloads\hijackthis.exe
2014-02-10 10:54 - 2014-02-10 10:54 - 00013002 _____ () C:\Users\Peter\Downloads\[CzT]Hobit_Neocekavana_cesta_The_Hobbit_An_Unexpected_Journey_2012_CZ_.torrent
2014-02-06 15:40 - 2014-02-07 23:21 - 00002318 _____ () C:\Users\Peter\Desktop\League of Legends Championship _ LCS _ IEM all music (breakmusic _ during a break) HD Original - odkaz.lnk
2014-02-06 10:26 - 2014-02-06 10:26 - 00019459 _____ () C:\Users\Peter\Downloads\[CzT]Lovci_duchu_Supernatural_S09E13_The_Purge_TvRip_.torrent
2014-02-06 10:25 - 2014-02-06 10:26 - 00015639 _____ () C:\Users\Peter\Downloads\Supernatural_S09E13.rar
2014-02-05 19:49 - 2014-02-05 19:49 - 00000000 ____D () C:\Users\Peter\Downloads\Mysli_jako_on_2012_cz
2014-02-05 19:48 - 2014-02-05 19:48 - 00018432 _____ () C:\Users\Peter\Downloads\[CzT]Mysli_jako_on_Think_Like_a_Man_2012_CZ_.torrent
2014-02-04 18:49 - 2014-02-04 18:49 - 00016850 _____ () C:\Users\Peter\Downloads\[CzT]Captain_America_Prvni_Avenger_Captain_America_2011_.torrent
2014-02-03 22:44 - 2013-01-31 12:21 - 19915552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2014-02-03 22:44 - 2013-01-31 12:21 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-03 22:44 - 2013-01-31 12:21 - 10919200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-03 22:44 - 2013-01-31 12:21 - 07754560 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-03 22:44 - 2013-01-31 12:21 - 02577184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-03 22:44 - 2013-01-31 12:21 - 01869088 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-03 22:41 - 2014-02-03 22:41 - 00319488 _____ (Realtek Semiconductor Corp.) C:\Windows\HideWin.exe
2014-02-03 22:41 - 2014-02-03 22:41 - 00000000 ____D () C:\Program Files\Realtek AC97
2014-02-03 22:33 - 2014-02-03 22:33 - 00001165 _____ () C:\Users\Public\Desktop\Driver Genius Professional Edition.lnk
2014-02-03 22:33 - 2014-02-03 22:33 - 00000000 ____D () C:\Program Files\Driver-Soft
2014-02-03 22:31 - 2014-02-03 22:31 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Driver-Soft
2014-02-03 22:29 - 2014-02-03 22:29 - 28170967 _____ (Driver-Soft) C:\Users\Peter\Downloads\drvgenpro.exe
2014-02-03 22:28 - 2014-02-03 22:28 - 00017733 _____ () C:\Users\Peter\Downloads\[CzT]Driver_Genius_Professional_Edition_11_0_0_1138_CZ_SK_.torrent
2014-02-03 12:25 - 2014-02-03 12:25 - 00012641 _____ () C:\Users\Peter\Downloads\[CzT]Czech_Amateurs_92_720pHD_.torrent
2014-02-03 12:22 - 2014-02-03 12:22 - 00014706 _____ () C:\Users\Peter\Downloads\[CzT]Udelej_se_Katka_720pHD_.torrent
2014-02-03 12:22 - 2014-02-03 12:22 - 00014341 _____ () C:\Users\Peter\Downloads\[CzT]James_Deen_Ava_Addams.torrent
2014-02-02 21:10 - 2014-02-02 21:10 - 00000604 _____ () C:\Users\Peter\Downloads\utazky ktore boli.txt
2014-02-01 12:26 - 2014-02-01 12:26 - 06696482 _____ () C:\Users\Peter\Downloads\pap-poznamky.rar
2014-01-31 22:37 - 2014-01-31 22:37 - 00002478 __RSH () C:\ProgramData\ntuser.pol
2014-01-31 22:37 - 2014-01-31 22:37 - 00000000 ____D () C:\ProgramData\AdBlocknWattch
2014-01-31 22:37 - 2014-01-31 22:37 - 00000000 ____D () C:\ProgramData\adadcfejfmdfbdkpbcnfhmdjmhapnmok
2014-01-30 23:10 - 2014-01-30 23:10 - 00000000 ____D () C:\Users\Peter\Desktop\matika
2014-01-28 15:21 - 2014-01-28 18:39 - 00000000 ____D () C:\Users\Peter\Desktop\2014_01_28
2014-01-26 21:20 - 2014-01-26 21:21 - 00078848 _____ () C:\Users\Peter\Downloads\syntax a štylistika.ppt
2014-01-25 23:03 - 2014-01-25 23:03 - 00014607 _____ () C:\Users\Peter\Downloads\[CzT]Total_Recall_2012_.torrent
2014-01-25 15:03 - 2014-02-16 12:08 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job
2014-01-25 15:03 - 2014-02-15 15:08 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001Core.job
2014-01-25 15:03 - 2014-01-25 15:03 - 00000000 ____D () C:\Users\Peter\AppData\Local\Facebook
2014-01-25 15:00 - 2014-01-25 15:00 - 00501248 _____ (Facebook Inc.) C:\Users\Peter\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-01-24 23:39 - 2014-01-24 23:39 - 00019417 _____ () C:\Users\Peter\Downloads\[CzT]Konecna_The_Last_Stand_2013_CZ_.torrent
2014-01-23 10:40 - 2014-01-23 10:41 - 909697033 _____ () C:\Users\Peter\Downloads\Supernatural.S09E11.720p.HDTV.X264-DIMENSION.mkv
2014-01-23 10:38 - 2014-01-23 10:38 - 00017931 _____ () C:\Users\Peter\Downloads\[CzT]Lovci_duchu_Supernatural_S09E11_First_Born_TVRip_720p_.torrent
2014-01-23 10:37 - 2014-01-23 10:37 - 00017440 _____ () C:\Users\Peter\Downloads\Supernatural_S09E11.rar
2014-01-23 10:36 - 2014-01-23 10:36 - 00018836 _____ () C:\Users\Peter\Downloads\[CzT]Lovci_duchu_Supernatural_S09E11_First_Born_TVRip_.torrent
2014-01-20 22:38 - 2014-01-20 22:49 - 823046144 _____ () C:\Users\Peter\Downloads\jOBS.avi
2014-01-20 22:37 - 2014-01-20 22:37 - 00016229 _____ () C:\Users\Peter\Downloads\[CzT]jOBS_2013_CZ_.torrent
2014-01-20 13:02 - 2014-01-20 13:02 - 00020799 _____ () C:\Users\Peter\Downloads\[CzT]Rychly_prachy_34_Praha_24_08_2009_CZ_.torrent
2014-01-19 21:35 - 2014-01-19 21:50 - 00000000 ____D () C:\Users\Peter\Desktop\2014_01_19
2014-01-18 20:58 - 2014-01-18 20:58 - 00016996 _____ () C:\Users\Peter\Downloads\[CzT]Souboj_Titanu_Clash_of_the_Titans_2010_.torrent
2014-01-18 17:23 - 2014-01-18 17:33 - 00000000 ____D () C:\Users\Peter\Downloads\Plán útěku
2014-01-18 17:23 - 2014-01-18 17:23 - 00015288 _____ () C:\Users\Peter\Downloads\[CzT]Plan_uteku_Escape_Plan_2013_.torrent
2014-01-17 10:37 - 2014-01-17 11:02 - 226488722 _____ () C:\Users\Peter\Downloads\Supernatural-S09E10---Road-Trip.rar
2014-01-17 10:36 - 2014-01-17 10:42 - 364510674 _____ () C:\Users\Peter\Downloads\Supernatural.S09E10.HDTV.XviD-FUM.avi
2014-01-17 10:35 - 2014-01-17 10:35 - 00014478 _____ () C:\Users\Peter\Downloads\[CzT]Lovci_duchu_Supernatural_S09E10_Road_Trip_TvRip_.torrent
2014-01-17 10:33 - 2014-01-17 10:33 - 00016352 _____ () C:\Users\Peter\Downloads\Supernatural_S09E10.rar

==================== One Month Modified Files and Folders =======

2014-02-16 17:36 - 2014-02-16 17:36 - 00015405 _____ () C:\Users\Peter\Desktop\FRST.txt
2014-02-16 17:36 - 2014-02-16 17:35 - 00000000 ____D () C:\FRST
2014-02-16 17:34 - 2014-02-16 17:34 - 01141248 _____ (Farbar) C:\Users\Peter\Downloads\FRST.exe
2014-02-16 17:34 - 2014-02-16 17:34 - 01141248 _____ (Farbar) C:\Users\Peter\Desktop\FRST.exe
2014-02-16 17:34 - 2014-02-16 17:34 - 00112640 _____ (forum.viry.cz) C:\Users\Peter\Downloads\FRSTLauncher.exe
2014-02-16 17:34 - 2014-02-16 17:34 - 00112640 _____ (forum.viry.cz) C:\Users\Peter\Desktop\FRSTLauncher.exe
2014-02-16 17:32 - 2012-09-30 12:29 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Skype
2014-02-16 16:44 - 2011-03-30 18:52 - 00000946 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job
2014-02-16 16:37 - 2012-04-05 09:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-16 16:30 - 2014-02-16 16:30 - 00004577 _____ () C:\Users\Peter\Documents\hijackthis.log
2014-02-16 15:36 - 2014-01-07 08:20 - 00365696 _____ () C:\Windows\WindowsUpdate.log
2014-02-16 15:33 - 2013-12-15 23:08 - 00000444 ____H () C:\Windows\Tasks\SK.Enabler-S-1495795506.job
2014-02-16 15:32 - 2014-02-12 17:55 - 00000616 _____ () C:\Windows\setupact.log
2014-02-16 15:32 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-16 13:41 - 2011-03-30 18:52 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001Core.job
2014-02-16 12:08 - 2014-01-25 15:03 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job
2014-02-15 19:28 - 2014-02-15 19:28 - 00002147 _____ () C:\Users\Peter\Desktop\League of Legends Championship LCS IEM all music - PART 2 (breakmusic) HD - odkaz.lnk
2014-02-15 15:08 - 2014-01-25 15:03 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001Core.job
2014-02-13 23:50 - 2013-04-28 22:13 - 00000000 ____D () C:\Users\Peter\Desktop\Jeble obrazky
2014-02-13 15:50 - 2013-04-02 18:55 - 00000000 ____D () C:\Users\Peter\AppData\Local\PMB Files
2014-02-13 15:50 - 2013-04-02 18:55 - 00000000 ____D () C:\ProgramData\PMB Files
2014-02-12 17:55 - 2014-02-12 17:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-12 17:54 - 2014-02-12 17:54 - 00012592 _____ () C:\Windows\PFRO.log
2014-02-12 17:53 - 2014-02-12 17:53 - 00000000 _____ () C:\asc_rdflag
2014-02-12 17:53 - 2013-07-05 14:56 - 00000000 ____D () C:\Users\UpdatusUser.Peter-PC
2014-02-12 17:53 - 2011-03-30 18:49 - 00000000 ____D () C:\Users\Peter
2014-02-12 16:18 - 2009-07-14 05:34 - 00017296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-12 16:18 - 2009-07-14 05:34 - 00017296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-12 16:03 - 2011-03-30 20:26 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\uTorrent
2014-02-11 18:05 - 2011-03-30 18:52 - 00000000 ____D () C:\Users\Peter\AppData\Local\Deployment
2014-02-11 17:28 - 2013-12-26 15:52 - 00000000 ____D () C:\Users\Peter\AppData\Local\CrashDumps
2014-02-11 15:41 - 2014-02-11 15:41 - 00000000 ____D () C:\Users\Peter\Downloads\backups
2014-02-11 15:39 - 2014-02-11 15:39 - 00004565 _____ () C:\Users\Peter\Desktop\hijackthis.log
2014-02-11 15:38 - 2014-02-11 15:37 - 00388608 _____ (Trend Micro Inc.) C:\Users\Peter\Downloads\hijackthis.exe
2014-02-10 11:34 - 2014-01-02 17:24 - 2601699328 _____ () C:\Users\Peter\Downloads\The.Hobbit.An.Unexpected.Journey.2012.BRRip.XviD.AC3.CZ.avi
2014-02-10 10:54 - 2014-02-10 10:54 - 00013002 _____ () C:\Users\Peter\Downloads\[CzT]Hobit_Neocekavana_cesta_The_Hobbit_An_Unexpected_Journey_2012_CZ_.torrent
2014-02-10 09:39 - 2012-04-05 09:30 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-10 09:39 - 2011-05-30 00:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-09 20:16 - 2013-12-08 18:34 - 00000000 ____D () C:\Users\Peter\Desktop\Ja a Nikuš
2014-02-08 15:04 - 2013-10-31 16:46 - 00026112 _____ () C:\Users\Peter\Desktop\Treningove plany.xls
2014-02-07 23:21 - 2014-02-06 15:40 - 00002318 _____ () C:\Users\Peter\Desktop\League of Legends Championship _ LCS _ IEM all music (breakmusic _ during a break) HD Original - odkaz.lnk
2014-02-07 15:38 - 2012-09-29 13:58 - 00000000 ____D () C:\Users\Peter\Desktop\POWERLEVELING
2014-02-06 10:26 - 2014-02-06 10:26 - 00019459 _____ () C:\Users\Peter\Downloads\[CzT]Lovci_duchu_Supernatural_S09E13_The_Purge_TvRip_.torrent
2014-02-06 10:26 - 2014-02-06 10:25 - 00015639 _____ () C:\Users\Peter\Downloads\Supernatural_S09E13.rar
2014-02-05 19:49 - 2014-02-05 19:49 - 00000000 ____D () C:\Users\Peter\Downloads\Mysli_jako_on_2012_cz
2014-02-05 19:48 - 2014-02-05 19:48 - 00018432 _____ () C:\Users\Peter\Downloads\[CzT]Mysli_jako_on_Think_Like_a_Man_2012_CZ_.torrent
2014-02-04 18:49 - 2014-02-04 18:49 - 00016850 _____ () C:\Users\Peter\Downloads\[CzT]Captain_America_Prvni_Avenger_Captain_America_2011_.torrent
2014-02-03 22:46 - 2012-03-21 11:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-03 22:46 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Help
2014-02-03 22:41 - 2014-02-03 22:41 - 00319488 _____ (Realtek Semiconductor Corp.) C:\Windows\HideWin.exe
2014-02-03 22:41 - 2014-02-03 22:41 - 00000000 ____D () C:\Program Files\Realtek AC97
2014-02-03 22:40 - 2012-01-25 20:08 - 00000000 ____D () C:\ProgramData\DriverGenius
2014-02-03 22:33 - 2014-02-03 22:33 - 00001165 _____ () C:\Users\Public\Desktop\Driver Genius Professional Edition.lnk
2014-02-03 22:33 - 2014-02-03 22:33 - 00000000 ____D () C:\Program Files\Driver-Soft
2014-02-03 22:31 - 2014-02-03 22:31 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Driver-Soft
2014-02-03 22:29 - 2014-02-03 22:29 - 28170967 _____ (Driver-Soft) C:\Users\Peter\Downloads\drvgenpro.exe
2014-02-03 22:28 - 2014-02-03 22:28 - 00017733 _____ () C:\Users\Peter\Downloads\[CzT]Driver_Genius_Professional_Edition_11_0_0_1138_CZ_SK_.torrent
2014-02-03 12:25 - 2014-02-03 12:25 - 00012641 _____ () C:\Users\Peter\Downloads\[CzT]Czech_Amateurs_92_720pHD_.torrent
2014-02-03 12:22 - 2014-02-03 12:22 - 00014706 _____ () C:\Users\Peter\Downloads\[CzT]Udelej_se_Katka_720pHD_.torrent
2014-02-03 12:22 - 2014-02-03 12:22 - 00014341 _____ () C:\Users\Peter\Downloads\[CzT]James_Deen_Ava_Addams.torrent
2014-02-02 21:10 - 2014-02-02 21:10 - 00000604 _____ () C:\Users\Peter\Downloads\utazky ktore boli.txt
2014-02-01 12:26 - 2014-02-01 12:26 - 06696482 _____ () C:\Users\Peter\Downloads\pap-poznamky.rar
2014-02-01 12:26 - 2013-11-24 22:14 - 00000000 ____D () C:\Users\Peter\Desktop\Pevnosť pružnosť
2014-01-31 22:37 - 2014-01-31 22:37 - 00002478 __RSH () C:\ProgramData\ntuser.pol
2014-01-31 22:37 - 2014-01-31 22:37 - 00000000 ____D () C:\ProgramData\AdBlocknWattch
2014-01-31 22:37 - 2014-01-31 22:37 - 00000000 ____D () C:\ProgramData\adadcfejfmdfbdkpbcnfhmdjmhapnmok
2014-01-31 22:37 - 2013-12-15 23:07 - 00000000 ____D () C:\ProgramData\4c8da25714f3b573
2014-01-30 23:10 - 2014-01-30 23:10 - 00000000 ____D () C:\Users\Peter\Desktop\matika
2014-01-30 12:38 - 2014-01-10 16:25 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Spotify
2014-01-30 09:33 - 2014-01-10 16:25 - 00000000 ____D () C:\Users\Peter\AppData\Local\Spotify
2014-01-29 15:38 - 2009-07-14 05:53 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-28 23:09 - 2013-04-23 14:32 - 00000000 ____D () C:\Users\Peter\Desktop\matika11
2014-01-28 18:39 - 2014-01-28 15:21 - 00000000 ____D () C:\Users\Peter\Desktop\2014_01_28
2014-01-26 21:54 - 2013-11-24 22:16 - 00000000 ____D () C:\Users\Peter\Desktop\Vyrobne technologie
2014-01-26 21:21 - 2014-01-26 21:20 - 00078848 _____ () C:\Users\Peter\Downloads\syntax a štylistika.ppt
2014-01-25 23:03 - 2014-01-25 23:03 - 00014607 _____ () C:\Users\Peter\Downloads\[CzT]Total_Recall_2012_.torrent
2014-01-25 15:03 - 2014-01-25 15:03 - 00000000 ____D () C:\Users\Peter\AppData\Local\Facebook
2014-01-25 15:00 - 2014-01-25 15:00 - 00501248 _____ (Facebook Inc.) C:\Users\Peter\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-01-25 01:04 - 2011-03-30 18:54 - 00391756 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-24 23:39 - 2014-01-24 23:39 - 00019417 _____ () C:\Users\Peter\Downloads\[CzT]Konecna_The_Last_Stand_2013_CZ_.torrent
2014-01-23 10:41 - 2014-01-23 10:40 - 909697033 _____ () C:\Users\Peter\Downloads\Supernatural.S09E11.720p.HDTV.X264-DIMENSION.mkv
2014-01-23 10:38 - 2014-01-23 10:38 - 00017931 _____ () C:\Users\Peter\Downloads\[CzT]Lovci_duchu_Supernatural_S09E11_First_Born_TVRip_720p_.torrent
2014-01-23 10:37 - 2014-01-23 10:37 - 00017440 _____ () C:\Users\Peter\Downloads\Supernatural_S09E11.rar
2014-01-23 10:36 - 2014-01-23 10:36 - 00018836 _____ () C:\Users\Peter\Downloads\[CzT]Lovci_duchu_Supernatural_S09E11_First_Born_TVRip_.torrent
2014-01-22 21:47 - 2014-01-12 22:23 - 00000000 ____D () C:\Users\Peter\Desktop\2014_01_12
2014-01-20 22:49 - 2014-01-20 22:38 - 823046144 _____ () C:\Users\Peter\Downloads\jOBS.avi
2014-01-20 22:37 - 2014-01-20 22:37 - 00016229 _____ () C:\Users\Peter\Downloads\[CzT]jOBS_2013_CZ_.torrent
2014-01-20 13:02 - 2014-01-20 13:02 - 00020799 _____ () C:\Users\Peter\Downloads\[CzT]Rychly_prachy_34_Praha_24_08_2009_CZ_.torrent
2014-01-19 21:50 - 2014-01-19 21:35 - 00000000 ____D () C:\Users\Peter\Desktop\2014_01_19
2014-01-19 03:00 - 2012-03-21 07:46 - 00000332 _____ () C:\Windows\Tasks\RegInOut Scheduled Scan - Peter.job
2014-01-19 03:00 - 2012-01-20 13:29 - 00000372 _____ () C:\Windows\Tasks\RegAce Scheduled Scan - Peter.job
2014-01-18 20:58 - 2014-01-18 20:58 - 00016996 _____ () C:\Users\Peter\Downloads\[CzT]Souboj_Titanu_Clash_of_the_Titans_2010_.torrent
2014-01-18 17:33 - 2014-01-18 17:23 - 00000000 ____D () C:\Users\Peter\Downloads\Plán útěku
2014-01-18 17:23 - 2014-01-18 17:23 - 00015288 _____ () C:\Users\Peter\Downloads\[CzT]Plan_uteku_Escape_Plan_2013_.torrent
2014-01-17 11:02 - 2014-01-17 10:37 - 226488722 _____ () C:\Users\Peter\Downloads\Supernatural-S09E10---Road-Trip.rar
2014-01-17 10:42 - 2014-01-17 10:36 - 364510674 _____ () C:\Users\Peter\Downloads\Supernatural.S09E10.HDTV.XviD-FUM.avi
2014-01-17 10:35 - 2014-01-17 10:35 - 00014478 _____ () C:\Users\Peter\Downloads\[CzT]Lovci_duchu_Supernatural_S09E10_Road_Trip_TvRip_.torrent
2014-01-17 10:33 - 2014-01-17 10:33 - 00016352 _____ () C:\Users\Peter\Downloads\Supernatural_S09E10.rar

Some content of TEMP:
====================
C:\Users\Peter\AppData\Local\Temp\RTBK.EXE
C:\Users\WOW US\AppData\Local\Temp\RTBK.EXE


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-08 17:43




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:95.7 GB) (Free:19.52 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DISK D HRY) (Fixed) (Total:94.21 GB) (Free:24.83 GB) NTFS

Available physical RAM: 1638.51 MB
Total physical RAM: 2559.55 MB
Percentage of memory in use: 35%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 190 GB) (Disk ID: 3B963B95)
Partition 1: (Active) - (Size=96 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=94 GB) - (Type=OF Extended)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001Core.job => C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job => C:\Users\Peter\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001Core.job => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job => C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegAce Scheduled Scan - Peter.job => C:\Program Files\RegAce System Suite\RegAce.exe
Task: C:\Windows\Tasks\RegInOut Scheduled Scan - Peter.job => C:\Program Files\RegInOut\RegInOut.exe
Task: C:\Windows\Tasks\SK.Enabler-S-1495795506.job => c:\programdata\quickset\sk.enabler\SK.Enabler.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939
AlternateDataStreams: C:\ProgramData\TEMP:DBC416F8
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8

==================== Security Center ==================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Peter\Desktop" je 9568 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher
"C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
"C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5
"C:\Users\Peter\AppData\Local\Akamai\netsession_win.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter
"C:\Users\Peter\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx
C:\Users\Peter\AppData\Roaming\ICQM\icq.exe -CU [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cm108Sound
C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
C:\Program Files\MSI\Live Update 5\BootStartLiveupdate.exe /reminder [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Program Files\LOLReplay\LOLRecorder.exe" -minimize [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScannerSelectorEX
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files\Pando Networks\Media Booster\PMB.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update 5
C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe /autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LOLReplay Recorder
C:\Program Files\Razer\Core\razercore.exe /ChatApplet [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe
"C:\Program Files\Razer\Synapse\RzSynapse.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru
"C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Converter Elite Print Dispatcher
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivitizeVPN
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Razer Comms
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Razer Synapse
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hpoddt01.exe.lnk
C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpotdd01.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\386EB9~1.130\SSSCHE~1.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip
C:\PROGRA~1\MYPCBA~1\MYPCBA~1.EXE [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Jak to vypadá s legalitou vašeho oper. systému?

myslim ze to je ok ono ten problem som nemal dlhe meesiace vsetko oblo ok zacalo to asi pred tyzdnom...

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<.

potom tu mam hodit nejaky log? lebo stale to skenuje

Edit: mam tu 2 logy mam ich hodit sem alebo do prilohy?

Dejte sem oba logy.

OTL Extras logfile created on: 16. 2. 2014 18:11:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peter\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

2,50 Gb Total Physical Memory | 0,73 Gb Available Physical Memory | 29,29% Memory free
5,43 Gb Paging File | 3,16 Gb Available in Paging File | 58,31% Paging File free
Paging file location(s): c:\pagefile.sys 3000 6000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 95,70 Gb Total Space | 19,52 Gb Free Space | 20,40% Space Free | Partition Type: NTFS
Drive D: | 94,21 Gb Total Space | 24,83 Gb Free Space | 26,36% Space Free | Partition Type: NTFS

Computer Name: PETER-PC | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09A4B292-CE10-44B4-841E-1FD99EAE0824}" = lport=10243 | protocol=6 | dir=in | app=system |
"{13DE5562-FDAB-48FE-8883-04776CAB0CF9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{17427A73-7272-492F-B082-B785BEEBDA03}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{195D7184-574E-4DA5-9F9C-F7C83B8798CF}" = rport=445 | protocol=6 | dir=out | app=system |
"{2085C5D3-958E-4F2A-9172-F90C0D63ED7A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2467A2F2-406D-40A7-9912-B9FC8E033C4F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{332757F3-52C5-41D7-A047-6D4CE8E5B063}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B2C5BFE-F7C1-494F-858C-D96544AB00D4}" = lport=137 | protocol=17 | dir=in | app=system |
"{4144D48A-A6C7-44EE-817C-00EEDB7A0030}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{49FE4ACF-829C-4868-A0D1-25D06332172E}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{4B787673-BB4B-4A93-B169-3F50CCB5E064}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{55C8E68C-EAC3-45D5-825E-E719A35FAE15}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6273FD27-EBE7-41A0-AEDE-7457CAFD1CE1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{653E6036-C039-4D8C-B36E-30CEEC61F59F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{67345B3B-D45A-427B-BAC7-235218E5CADE}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{7183DA33-7127-4B99-8EA4-753A338252CA}" = lport=445 | protocol=6 | dir=in | app=system |
"{819C1F1C-365D-4A91-BD3C-4A2AE32A44D5}" = rport=138 | protocol=17 | dir=out | app=system |
"{82925303-43F7-429D-8965-5D5A9AF924C6}" = rport=139 | protocol=6 | dir=out | app=system |
"{831CBA11-D6F5-4FD0-BFC9-E6E03D423307}" = lport=139 | protocol=6 | dir=in | app=system |
"{84D75808-2882-497E-9437-5F210BD88B13}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{87AA70D1-BC5F-487C-B317-97B114A041C3}" = rport=137 | protocol=17 | dir=out | app=system |
"{96DC119F-8864-4E9E-B283-76E1A61F68E8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B1E45614-21A8-477E-8451-339164E70B5E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C4A0B96A-AA55-49A6-B504-DC1454BE5FF5}" = lport=138 | protocol=17 | dir=in | app=system |
"{E28F73BD-B6EE-4112-9B1F-AA1BCEC76323}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EE426278-1DA0-4039-8F0C-5A59F4C8E515}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{097FC490-526E-4AFC-946C-34C737E384A8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{20F43FA6-55EF-41A3-8337-849D76FE60E7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2343B9F9-7708-451A-B68E-F9208B1638A7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{24927FB6-CBA4-4201-ABE6-71AD2C3997FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{41C85B75-DD16-44B2-B900-683FC5F14888}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{68BCD2B1-4B5D-4551-B750-5D37FB8D6FC6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{72ABD9AA-9FC4-48CE-A451-39EF1965C802}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{76C1F7D0-AFCF-46D8-9D75-431CCA0533AA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{802E3D4A-F4D3-4932-8CF4-14FB7274B34B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{837C143C-32AB-4855-9508-913722D4E396}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{93268A1B-64C1-48F2-AC97-74075E5C038E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{9F79CCCD-2CF6-4698-B624-2FB7669389FB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A3F18E3A-8F56-4C7F-97DC-8A9BD7F4BD76}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AC93ABA8-2F06-46ED-B79A-9C1A2AC31B55}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{B3CF0543-E6DA-4CF4-80CF-1753162253AE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B7B4595D-47BE-4B04-BBD2-CE9679407722}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C26642DF-2D03-43B2-A802-62B112D09970}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D4C6A2B0-A1D7-48F7-A2C8-D9263B26C187}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{D5A8D3F4-0D33-4949-BA69-64BE3CE79DB6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DBE62180-194A-455F-8022-8CA0875A930E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E5FE0FA8-F067-4A72-A555-2AB0F05BBC9C}" = protocol=6 | dir=out | app=system |
"{FD3164D4-B142-4281-9A07-24E53149E1E1}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
"{08466673-3905-4437-93E8-34A221B7CA4E}" = Fotogaléria
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0BB716E0-1400-0200-0000-097DC2F354DF}" = Autodesk Revit Interoperability for Inventor 2014
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series" = Canon MG3100 series MP Drivers
"{140754E1-C019-44A9-A81B-2D7625AABE8A}" = Photo Common
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}" = Autodesk Design Review 2013
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{28950295-A98C-4081-AC82-045E9879945E}" = Windows Live UX Platform Language Pack
"{317D8BB4-16C3-CFBD-3777-AED69667DA46}" = NeteoCoupon
"{3CF3DEF4-ED15-4F7B-9320-C3E1081EA4DA}" = SlimDrivers
"{41313863-5170-4D7E-AD60-3CDF4DEBA81F}" = Nokia PC Suite
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1" = System Checkup 3.3
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{547488D7-023D-9784-93BC-8699F58BCC4B}" = AdBlocknWattch
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5C29CC1F-218F-4C30-948A-11066CAC59FB}" = Autodesk Material Library Low Resolution Image Library 2014
"{5F189DF5-2D05-472B-9091-84D9848AE48B}{34677ac8}" = SmartWeb
"{60413225-DF15-47BE-9993-4E87BA8754C3}" = DriverGenius
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76F0FEBD-6C17-4D57-80F5-5FB526E90D4C}" = Ultimate ZIP Cracker Trial version
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7F4DD591-1832-0001-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2014
"{7F4DD591-1832-0001-1029-7107D70F3DB4}" = Autodesk Inventor Professional 2014 Language Pack - čeština (Czech)
"{8256F87F-8554-4457-8C3D-3F3324697D9F}" = Windows Live ID Sign-in Assistant
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E59704C-4853-4785-9CC5-254CDE0923EB}" = Jungle Timer
"{9011041B-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x86)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}" = Suurf and keepu
"{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}" = BitSavEr
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Czech
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek PCI Fast Ethernet Controller Driver For Vista and Win7
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}" = Windows Live Messenger
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizácie NVIDIA 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{B8C82D2C-A31A-467C-92AD-C1860EFF4A48}" = DriverGenius
"{B98389D4-5E94-4504-83F0-D727DE67D280}" = Windows Live Messenger
"{BAB89D31-4C55-472B-8909-6CBE2CC276B1}" = Microsoft Visual Basic for Applications 7.1 (x86) English
"{C0959742-5DEB-453B-A55C-528AA0EBA103}" = Zoner Barcode Studio 2
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{CF2FF2C3-3013-33E4-8413-92090A340FE1}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{CFBFE244-6269-41DC-85B6-86F99C88ED02}" = Movie Maker
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A2A99A-D618-4F24-9730-464893DC27AC}" = Eco Materials Adviser for Autodesk Inventor 2014 (32-bit)
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1" = Wise Care 365 version 2.76
"{E8BAA541-D161-4C9B-85BF-01F05A56BD7F}}_is1" = Live Update 5
"{EAF50C07-A0CE-4007-94D3-3A40B21C9FC6}" = DraftSight
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA29B84F-8306-4A62-A340-F2C41305E7AF}" = Windows Live Essentials
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FC54FD8D-789C-406D-BB88-F7C4421B7E83}_is1" = VideoGenie
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"ALUpdate_is1" = ALTools Update
"ALZip_is1" = ALZip 8.51
"Autodesk Design Review 2013" = Autodesk Design Review 2013
"Autodesk Inventor Professional 2014" = Autodesk Inventor Professional 2014 - čeština (Czech)
"Autodesk Revit Interoperability for Inventor 2014" = Autodesk Revit Interoperability for Inventor 2014
"BSPlayerf" = BS.Player FREE
"Canon MG3100 series On-screen Manual" = Canon MG3100 series On-screen Manual
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"C-Media CM108 Like Sound Driver" = USB PnP Sound Device
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CPUID HWMonitorPro_is1" = CPUID HWMonitor Pro 1.17
"Driver Booster_is1" = Driver Booster
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows Driver Package - Nokia Modem (02/25/2011 4.7)
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"GamePlayLabs Plugin" = GamePlayLabs Plugin
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"IObit Malware Fighter_is1" = IObit Malware Fighter
"Jungle Timer 1.0.0" = Jungle Timer
"LOLReplay" = LOLReplay
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Mozilla Firefox 26.0 (x86 sk)" = Mozilla Firefox 26.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"PrivitizeVPN" = PrivitizeVPN
"Razer Comms" = Razer Comms
"Razer Core" = Razer Core
"Registrácia používateľa produktu Canon MG3100 series" = Registrácia používateľa produktu Canon MG3100 series
"S-1495795506" = SK.Enabler
"SkypePlayer" = Skype Audio Player (remove only)
"Smart Defrag 2_is1" = Smart Defrag 2
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Virtual Audio Cable 4.12" = Virtual Audio Cable 4.12
"VLC media player" = VLC media player 2.0.8
"WinLiveSuite" = Windows Live Essentials
"Wise PC 1stAid_is1" = Wise PC 1stAid 1.34
"World of Warcraft" = World of Warcraft
"WsysControl" = Wsys Control 10.2.1.2634
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.9.9.10

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client - 1
"Akamai" = Akamai NetSession Interface
"Ardamax Keylogger 3.9.3" = Ardamax Keylogger 3.9.3
"MyFreeCodec" = MyFreeCodec
"Spotify" = Spotify

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client - 1
"Akamai" = Akamai NetSession Interface
"Ardamax Keylogger 3.9.3" = Ardamax Keylogger 3.9.3
"Google Chrome" = Google Chrome
"MyFreeCodec" = MyFreeCodec
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 15. 2. 2014 19:00:01 | Computer Name = Peter-PC | Source = VSS | ID = 13
Description =

Error - 15. 2. 2014 19:00:01 | Computer Name = Peter-PC | Source = VSS | ID = 12292
Description =

Error - 16. 2. 2014 5:50:39 | Computer Name = Peter-PC | Source = Winlogon | ID = 4103
Description = Aktivácia licencie systému Windows zlyhala. Chyba: 0x80070005.

Error - 16. 2. 2014 10:33:35 | Computer Name = Peter-PC | Source = Winlogon | ID = 4103
Description = Aktivácia licencie systému Windows zlyhala. Chyba: 0x80070005.

Error - 16. 2. 2014 12:37:08 | Computer Name = Peter-PC | Source = VSS | ID = 13
Description =

Error - 16. 2. 2014 12:37:08 | Computer Name = Peter-PC | Source = VSS | ID = 12292
Description =

Error - 16. 2. 2014 13:21:15 | Computer Name = Peter-PC | Source = VSS | ID = 13
Description =

Error - 16. 2. 2014 13:21:15 | Computer Name = Peter-PC | Source = VSS | ID = 12292
Description =

Error - 16. 2. 2014 13:21:15 | Computer Name = Peter-PC | Source = VSS | ID = 8193
Description =

Error - 16. 2. 2014 13:21:15 | Computer Name = Peter-PC | Source = System Restore | ID = 8193
Description =

[ System Events ]
Error - 14. 2. 2014 13:25:33 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Security Accounts Manager, od ktorej závisí služba
Server, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 14. 2. 2014 13:26:20 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 15. 2. 2014 6:48:43 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Security Accounts Manager, od ktorej závisí služba
Server, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 15. 2. 2014 6:49:30 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 15. 2. 2014 8:58:09 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Security Accounts Manager, od ktorej závisí služba
Server, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 15. 2. 2014 8:58:55 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 16. 2. 2014 5:47:25 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Security Accounts Manager, od ktorej závisí služba
Server, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 16. 2. 2014 5:50:49 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 16. 2. 2014 10:32:43 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Security Accounts Manager, od ktorej závisí služba
Server, zlyhalo kvôli nasledujúcej chybe: %%1058

Error - 16. 2. 2014 10:33:53 | Computer Name = Peter-PC | Source = Service Control Manager | ID = 7001
Description = Spustenie služby Function Discovery Provider Host, od ktorej závisí
služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe: %%1058


< End of report >

tu je druhy log nevojde mi to tu normalne

Spusťte znovu OTL. do sponího okna vložte následující text.

:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.dosearches.com/web/?utm_s ... earchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2737658
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 0000.10011
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... earchTerms}
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2737658
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1001\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 0000.10011
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1007\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... earchTerms}
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1007\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2737658
IE - HKU\S-1-5-21-2313411190-107904724-3513802042-1007\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... 0000.10011
FF - prefs.js..keyword.URL: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
@Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:FB1B13D8
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A1EDB939
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:DBC416F8

:files
C:\ProgramData\adadcfejfmdfbdkpbcnfhmdjmhapnmok
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job
C:\ProgramData\KGyGaAvL.sys
C:\ProgramData\D6CD59BA6A.sys
C:\Users\Peter\AppData\Roaming\Babylon
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001Core.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job
C:\Users\Peter\AppData\Local\Facebook\Update
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Registry value HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1001\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1007\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1007\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1007\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-2313411190-107904724-3513802042-1007\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847}\ not found.
Prefs.js: "" removed from keyword.URL
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.defaultenginename
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.selectedEngine
Prefs.js: "" removed from browser.startup.homepage
Prefs.js: "" removed from sweetim.toolbar.previous.keyword.URL
ADS C:\ProgramData\TEMP:FB1B13D8 deleted successfully.
ADS C:\ProgramData\TEMP:A1EDB939 deleted successfully.
ADS C:\ProgramData\TEMP:DBC416F8 deleted successfully.
========== FILES ==========
C:\ProgramData\adadcfejfmdfbdkpbcnfhmdjmhapnmok folder moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job moved successfully.
C:\ProgramData\KGyGaAvL.sys moved successfully.
C:\ProgramData\D6CD59BA6A.sys moved successfully.
C:\Users\Peter\AppData\Roaming\Babylon folder moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001Core.job moved successfully.
File\Folder C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2313411190-107904724-3513802042-1001UA.job not found.
C:\Users\Peter\AppData\Local\Facebook\Update\Manifest\Initial folder moved successfully.
C:\Users\Peter\AppData\Local\Facebook\Update\Manifest folder moved successfully.
C:\Users\Peter\AppData\Local\Facebook\Update\Download folder moved successfully.
C:\Users\Peter\AppData\Local\Facebook\Update\1.2.205.0 folder moved successfully.
C:\Users\Peter\AppData\Local\Facebook\Update folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\msdownld.tmp folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 2836 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Peter
->Temp folder emptied: 704224 bytes
->Temporary Internet Files folder emptied: 2423577063 bytes
->Java cache emptied: 321807 bytes
->FireFox cache emptied: 86343643 bytes
->Google Chrome cache emptied: 249875380 bytes
->Flash cache emptied: 1556 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 2836 bytes

User: UpdatusUser.Peter-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 2836 bytes

User: WOW US
->Temp folder emptied: 697187 bytes
->Temporary Internet Files folder emptied: 1476510 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 21919665 bytes
->Flash cache emptied: 3946 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 22905037 bytes

Total Files Cleaned = 2 678,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Peter
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

User: UpdatusUser.Peter-PC
->Flash cache emptied: 0 bytes

User: WOW US
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

System Restore Service not available.

OTL by OldTimer - Version 3.2.69.0 log created on 02162014_193007

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Nastala nějaká změna?

ano uz mi tie stranky neotvara dakujem pekne keby nieco nastalo este sa ozvem

OK, to jsem rád.