VIRY.CZ

prosim o kontrilu logu , Pc zacal hucat napriek tomu ze nie su otvorene ziadne programy, nefunguje restart pc ( iba na tvrdo) nefunguje ctrl+alt+del sem tam vyhadzuje hlasku ze windows prieskumnik nefunguje.... prehnal som to roughkillerom a combofixom ale nepomohlo to . Dakujem za pomoc .

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 26 days old and could be outdated)
Ran by Administrator (administrator) on ROBERT-MSI on 08-04-2014 16:52:50
Running from C:\Users\Administrator\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: 041B
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\S-Bar\MSIService.exe
() C:\windows\SysWOW64\PnkBstrA.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Somoto LTD) C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(Somoto LTD) C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(Somoto LTD) C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe
(Somoto LTD) C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetynut.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(BitTorrent Inc.) C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Ardaco, a.s.) C:\Program Files (x86)\Ardaco\QSign\zepapp.exe
(forum.viry.cz) C:\Users\Administrator\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2544664 2014-03-20] ()
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-649568267-640355484-1299417552-500\...\Run: [Wisdom-soft ScreenHunter 6.0 Free] - 0

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10640A& ... 81-254&t=4
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {52db1893-8a90-4192-aede-08e00b8f8473} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={481 ... 2014-02-08 09:49:57&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKCU - {BC94F6B6-C94C-42D6-87C6-BA30478B1C4E} URL = http://search.conduit.com/ResultsExt.as ... 25531&UM=1
SearchScopes: HKCU - {E3E8E998-43FB-420E-8E6E-7A2DD2F4072C} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - C:\PROGRA~2\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll No File
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.5.292\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.5.292\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - C:\PROGRA~2\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF Extension: FTdownloader - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\profiles\extensions\ftdownloader@ftdownloader.com.xpi [2012-11-29]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-03]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-12-13]

Chrome:
=======
CHR DefaultSearchProvider: Ask.com
CHR DefaultSearchURL: http://dts.search.ask.com/sr?src=crb&gc ... earchTerms}
CHR Extension: (Movies Toolbar) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic [2014-02-11]
CHR Extension: (Google Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-02]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-02]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-02]
CHR Extension: (Online TV From UK) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmimnpfphpmminhlhfijocolgmmhmibo [2013-12-19]
CHR Extension: (Google Search) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-02]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-12-13]
CHR Extension: (Skype Click to Call) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-14]
CHR Extension: (Google Maps) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-01-11]
CHR Extension: (Google Wallet) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-02]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-02]
CHR HKCU\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Administrator\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2013-11-02]
CHR HKLM-x32\...\Chrome\Extension: [aaaaimdcedbpbcjjbbnfcbbjcngmomic] - C:\Users\Administrator\AppData\Local\somotomoviestoolbar1\GC\toolbar.crx [2013-08-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Administrator\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\Softonic.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [gkjoindjjcmbdpbfppabdgflnkgbbcli] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx [2014-03-03]

==================== Services (Whitelisted) =================

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\S-Bar\MSIService.exe [160768 2011-06-24] (Micro-Star International Co., Ltd.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2012-03-10] ()
R2 SafetyNutManager; C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe [3544072 2014-04-07] (Somoto LTD)
R2 SafetyNutManager2; C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe [3544072 2014-04-07] (Somoto LTD)
R2 vToolbarUpdater18.0.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [1771032 2014-03-20] (AVG Secure Search)
R2 postgresql-8.4; C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-09] (DT Soft Ltd)
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\configmgrc1.cfg [36224 2014-04-07] (Somoto LTD)
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\configmgrc1.cfg [36224 2014-04-07] (Somoto LTD)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-03-25] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MGHwCtrl; \??\C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-08 16:52 - 2014-04-08 16:53 - 00020129 _____ () C:\Users\Administrator\Desktop\FRST.txt
2014-04-08 16:52 - 2014-04-08 16:52 - 00029696 _____ () C:\Users\Administrator\AppData\Local\MSGBOX.EXE
2014-04-08 16:52 - 2014-04-08 16:52 - 00015327 _____ () C:\Users\Administrator\Desktop\LM.bat
2014-04-08 16:52 - 2014-04-08 16:52 - 00000000 ____D () C:\FRST
2014-04-08 16:50 - 2014-04-08 16:50 - 00112640 _____ (forum.viry.cz) C:\Users\Administrator\Desktop\FRSTLauncher.exe
2014-04-08 16:49 - 2014-04-08 16:49 - 02157056 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2014-04-08 16:33 - 2014-04-08 16:33 - 00057143 _____ () C:\ComboFix.txt
2014-04-08 16:17 - 2014-04-08 16:33 - 00000000 ____D () C:\ComboFix
2014-04-08 16:16 - 2014-04-08 16:16 - 05194596 ____R (Swearware) C:\Users\Administrator\Desktop\ComboFix.exe
2014-04-08 16:13 - 2014-04-08 16:14 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\GetRightToGo
2014-04-08 16:08 - 2014-04-08 16:42 - 00001340 _____ () C:\windows\PFRO.log
2014-04-08 12:54 - 2014-04-08 12:54 - 02347384 _____ (ESET) C:\Users\Administrator\Downloads\esetsmartinstaller_enu (1).exe
2014-04-08 12:05 - 2014-04-08 12:05 - 00001987 _____ () C:\Users\Administrator\Desktop\RKreport[0]_S_04082014_120527.txt
2014-04-08 12:02 - 2014-04-08 12:02 - 00001951 _____ () C:\Users\Administrator\Desktop\RKreport[0]_S_04082014_120251.txt
2014-04-08 12:00 - 2014-04-08 12:00 - 00001917 _____ () C:\Users\Administrator\Desktop\RKreport[0]_S_04082014_120008.txt
2014-04-08 11:57 - 2014-04-08 11:57 - 00003639 _____ () C:\Users\Administrator\Desktop\RKreport[0]_S_04082014_115730.txt
2014-04-08 11:24 - 2014-04-08 16:52 - 00000000 ____D () C:\ProgramData\SafetyNut
2014-04-07 07:26 - 2014-04-07 07:26 - 14020125 _____ () C:\Users\Administrator\Desktop\The Rolling Stones- Losing My Touch.mp4
2014-04-06 20:38 - 2014-04-06 20:38 - 08047783 _____ () C:\Users\Administrator\Desktop\Zuzana Navarová (Nerez) Rozpravy.mp4
2014-04-06 18:27 - 2014-04-06 18:27 - 00000000 ____D () C:\Users\Administrator\Desktop\skuska
2014-04-05 11:26 - 2014-04-05 11:26 - 38157960 _____ (Amazon.com) C:\KindleForPC-installer.exe
2014-04-05 11:26 - 2014-04-05 11:26 - 00002000 _____ () C:\Users\Administrator\Desktop\Kindle.lnk
2014-04-04 07:02 - 2014-04-04 07:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\{3EACAA05-6220-4976-AE7B-CC10298993C8}
2014-04-01 08:22 - 2014-04-01 08:46 - 00000000 ____D () C:\Users\Administrator\Desktop\Ado tlac
2014-03-30 15:27 - 2014-04-08 15:24 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\vlc
2014-03-30 15:25 - 2014-03-30 15:25 - 24677393 _____ () C:\Program Files\vlc-2.1.3-win32.exe
2014-03-30 14:46 - 2014-03-30 14:46 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-30 14:41 - 2014-03-30 14:41 - 21041152 _____ () C:\Users\Administrator\Documents\ja.evtx
2014-03-30 14:41 - 2014-03-30 14:41 - 00000000 ____D () C:\Users\Administrator\Documents\LocaleMetaData
2014-03-28 10:29 - 2014-04-08 05:04 - 00000000 ____D () C:\Users\Administrator\Desktop\Tibor
2014-03-26 08:58 - 2014-03-26 08:58 - 00320746 _____ () C:\Users\Administrator\Desktop\Holdem-Manager-1+2-Trial-Reseter.rar
2014-03-26 08:58 - 2014-03-26 08:58 - 00000000 ____D () C:\Users\Administrator\Desktop\Holdem-Manager-1+2-Trial-Reseter
2014-03-25 12:16 - 2014-03-25 12:17 - 00000000 ____D () C:\Users\Administrator\Desktop\Mtt Yegon
2014-03-25 08:15 - 2014-03-25 08:15 - 00661577 _____ () C:\Users\Administrator\Desktop\v2.0.zip
2014-03-25 08:15 - 2014-03-25 08:15 - 00000000 ____D () C:\Users\Administrator\Desktop\v2.0
2014-03-23 11:10 - 2014-04-08 16:43 - 00004127 _____ () C:\windows\setupact.log
2014-03-23 11:10 - 2014-03-23 11:10 - 00000000 _____ () C:\windows\setuperr.log
2014-03-22 16:01 - 2014-03-22 16:02 - 58816639 _____ () C:\Users\Administrator\Desktop\MTT2-resteal.zip
2014-03-22 15:59 - 2014-03-22 16:30 - 00000000 ____D () C:\Users\Administrator\Desktop\MTT1-resteal
2014-03-20 20:07 - 2014-03-20 20:07 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-20 06:37 - 2014-03-20 08:27 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Popcorn-Time
2014-03-20 06:37 - 2014-03-20 06:37 - 40442937 _____ () C:\Popcorn-Time-2.7-Win.zip
2014-03-20 06:37 - 2014-03-20 06:37 - 00000000 ____D () C:\Popcorn-Time-2.7-Win
2014-03-13 07:04 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-03-13 07:04 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-03-13 07:04 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-03-13 07:04 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-03-13 07:04 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-03-13 07:04 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-03-13 07:04 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-03-13 07:04 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-03-13 07:04 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-03-13 07:04 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-03-13 07:04 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-03-13 07:04 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-03-13 07:04 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-03-13 07:04 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-13 07:04 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-03-13 07:04 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-03-13 07:04 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-03-13 07:04 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-03-13 07:04 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-03-13 07:04 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-03-13 07:04 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-03-13 07:04 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-03-13 07:04 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-03-13 07:04 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-03-13 07:04 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-03-13 07:04 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-03-13 07:04 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-03-13 07:04 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-03-13 07:04 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-03-13 07:04 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-03-13 07:04 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-03-13 07:04 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-03-13 07:04 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-03-13 07:04 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-03-13 07:04 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-03-13 07:04 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-03-13 07:04 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-03-13 07:04 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-03-13 07:04 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-03-13 07:04 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-03-13 07:04 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-03-13 07:04 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-03-13 07:04 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-03-13 07:04 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-03-13 07:04 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-03-13 07:04 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-03-13 07:04 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2014-03-13 07:04 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-03-09 21:18 - 2014-03-09 21:19 - 730335232 _____ () C:\Users\Administrator\Desktop\Wallander.S01E01.HDTV.XviD-BiA.avi

==================== One Month Modified Files and Folders =======

2014-04-08 16:53 - 2014-04-08 16:52 - 00020129 _____ () C:\Users\Administrator\Desktop\FRST.txt
2014-04-08 16:52 - 2014-04-08 16:52 - 00029696 _____ () C:\Users\Administrator\AppData\Local\MSGBOX.EXE
2014-04-08 16:52 - 2014-04-08 16:52 - 00015327 _____ () C:\Users\Administrator\Desktop\LM.bat
2014-04-08 16:52 - 2014-04-08 16:52 - 00000000 ____D () C:\FRST
2014-04-08 16:52 - 2014-04-08 11:24 - 00000000 ____D () C:\ProgramData\SafetyNut
2014-04-08 16:52 - 2013-01-14 11:08 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\uTorrent
2014-04-08 16:51 - 2009-07-14 06:45 - 00024656 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-08 16:51 - 2009-07-14 06:45 - 00024656 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-08 16:50 - 2014-04-08 16:50 - 00112640 _____ (forum.viry.cz) C:\Users\Administrator\Desktop\FRSTLauncher.exe
2014-04-08 16:49 - 2014-04-08 16:49 - 02157056 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2014-04-08 16:49 - 2009-07-14 07:13 - 00786514 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-08 16:47 - 2012-03-09 16:39 - 01694312 _____ () C:\windows\WindowsUpdate.log
2014-04-08 16:44 - 2012-03-25 20:49 - 00000946 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-08 16:43 - 2014-03-23 11:10 - 00004127 _____ () C:\windows\setupact.log
2014-04-08 16:43 - 2012-03-25 20:49 - 00000950 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-08 16:43 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-08 16:42 - 2014-04-08 16:08 - 00001340 _____ () C:\windows\PFRO.log
2014-04-08 16:33 - 2014-04-08 16:33 - 00057143 _____ () C:\ComboFix.txt
2014-04-08 16:33 - 2014-04-08 16:17 - 00000000 ____D () C:\ComboFix
2014-04-08 16:33 - 2012-07-15 11:33 - 00000000 ____D () C:\Qoobox
2014-04-08 16:30 - 2009-07-14 04:34 - 00000215 _____ () C:\windows\system.ini
2014-04-08 16:16 - 2014-04-08 16:16 - 05194596 ____R (Swearware) C:\Users\Administrator\Desktop\ComboFix.exe
2014-04-08 16:14 - 2014-04-08 16:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\GetRightToGo
2014-04-08 16:08 - 2013-01-13 19:40 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-04-08 16:06 - 2013-12-03 13:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-08 16:06 - 2012-05-21 16:43 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Mozilla
2014-04-08 15:24 - 2014-03-30 15:27 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\vlc
2014-04-08 12:54 - 2014-04-08 12:54 - 02347384 _____ (ESET) C:\Users\Administrator\Downloads\esetsmartinstaller_enu (1).exe
2014-04-08 12:05 - 2014-04-08 12:05 - 00001987 _____ () C:\Users\Administrator\Desktop\RKreport[0]_S_04082014_120527.txt
2014-04-08 12:04 - 2012-03-09 17:24 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-08 12:02 - 2014-04-08 12:02 - 00001951 _____ () C:\Users\Administrator\Desktop\RKreport[0]_S_04082014_120251.txt
2014-04-08 12:00 - 2014-04-08 12:00 - 00001917 _____ () C:\Users\Administrator\Desktop\RKreport[0]_S_04082014_120008.txt
2014-04-08 11:58 - 2014-02-25 15:27 - 00000000 ____D () C:\Users\Administrator\Desktop\RK_Quarantine
2014-04-08 11:57 - 2014-04-08 11:57 - 00003639 _____ () C:\Users\Administrator\Desktop\RKreport[0]_S_04082014_115730.txt
2014-04-08 11:54 - 2013-12-06 21:57 - 04527616 _____ () C:\Users\Administrator\Desktop\RogueKillerX64.exe
2014-04-08 11:34 - 2012-04-29 17:03 - 00000000 ____D () C:\Users\postgres
2014-04-08 11:28 - 2012-03-10 16:46 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Skype
2014-04-08 05:04 - 2014-03-28 10:29 - 00000000 ____D () C:\Users\Administrator\Desktop\Tibor
2014-04-07 07:26 - 2014-04-07 07:26 - 14020125 _____ () C:\Users\Administrator\Desktop\The Rolling Stones- Losing My Touch.mp4
2014-04-06 20:40 - 2012-12-12 21:37 - 00000000 ____D () C:\Users\Administrator\AppData\Local\FullTiltPoker
2014-04-06 20:40 - 2012-12-12 21:37 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker
2014-04-06 20:38 - 2014-04-06 20:38 - 08047783 _____ () C:\Users\Administrator\Desktop\Zuzana Navarová (Nerez) Rozpravy.mp4
2014-04-06 18:36 - 2014-02-08 00:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\AuxClient
2014-04-06 18:27 - 2014-04-06 18:27 - 00000000 ____D () C:\Users\Administrator\Desktop\skuska
2014-04-06 07:12 - 2012-03-11 20:54 - 00000000 ____D () C:\Users\Administrator\AppData\Local\PokerStars
2014-04-05 11:26 - 2014-04-05 11:26 - 38157960 _____ (Amazon.com) C:\KindleForPC-installer.exe
2014-04-05 11:26 - 2014-04-05 11:26 - 00002000 _____ () C:\Users\Administrator\Desktop\Kindle.lnk
2014-04-05 11:26 - 2012-03-31 05:27 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-04-04 07:03 - 2014-04-04 07:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\{3EACAA05-6220-4976-AE7B-CC10298993C8}
2014-04-02 14:10 - 2012-03-25 20:49 - 00003946 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-02 14:10 - 2012-03-25 20:49 - 00003694 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-01 08:46 - 2014-04-01 08:22 - 00000000 ____D () C:\Users\Administrator\Desktop\Ado tlac
2014-03-30 21:24 - 2013-03-06 11:54 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\HoldemManager
2014-03-30 21:17 - 2014-01-05 20:40 - 00079184 _____ () C:\rusherr.txt
2014-03-30 21:17 - 2013-03-06 13:00 - 00656736 _____ () C:\blitzerr.txt
2014-03-30 16:00 - 2012-03-09 16:37 - 00000000 ____D () C:\Users\robert
2014-03-30 16:00 - 2012-03-09 14:11 - 00000000 ____D () C:\Users\Administrator
2014-03-30 15:25 - 2014-03-30 15:25 - 24677393 _____ () C:\Program Files\vlc-2.1.3-win32.exe
2014-03-30 15:22 - 2012-03-10 17:07 - 00000000 ____D () C:\Users\Administrator\AppData\Local\CrashDumps
2014-03-30 14:59 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\registration
2014-03-30 14:59 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\AppCompat
2014-03-30 14:46 - 2014-03-30 14:46 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-30 14:41 - 2014-03-30 14:41 - 21041152 _____ () C:\Users\Administrator\Documents\ja.evtx
2014-03-30 14:41 - 2014-03-30 14:41 - 00000000 ____D () C:\Users\Administrator\Documents\LocaleMetaData
2014-03-26 08:58 - 2014-03-26 08:58 - 00320746 _____ () C:\Users\Administrator\Desktop\Holdem-Manager-1+2-Trial-Reseter.rar
2014-03-26 08:58 - 2014-03-26 08:58 - 00000000 ____D () C:\Users\Administrator\Desktop\Holdem-Manager-1+2-Trial-Reseter
2014-03-25 12:17 - 2014-03-25 12:16 - 00000000 ____D () C:\Users\Administrator\Desktop\Mtt Yegon
2014-03-25 08:15 - 2014-03-25 08:15 - 00661577 _____ () C:\Users\Administrator\Desktop\v2.0.zip
2014-03-25 08:15 - 2014-03-25 08:15 - 00000000 ____D () C:\Users\Administrator\Desktop\v2.0
2014-03-23 11:10 - 2014-03-23 11:10 - 00000000 _____ () C:\windows\setuperr.log
2014-03-22 16:30 - 2014-03-22 15:59 - 00000000 ____D () C:\Users\Administrator\Desktop\MTT1-resteal
2014-03-22 16:02 - 2014-03-22 16:01 - 58816639 _____ () C:\Users\Administrator\Desktop\MTT2-resteal.zip
2014-03-21 00:08 - 2014-02-08 10:50 - 00000000 ____D () C:\Users\Administrator\AppData\Local\AVG SafeGuard toolbar
2014-03-20 20:07 - 2014-03-20 20:07 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-20 20:07 - 2014-02-08 10:49 - 00049952 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx64.sys
2014-03-20 20:07 - 2014-02-08 10:49 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-03-20 08:27 - 2014-03-20 06:37 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Popcorn-Time
2014-03-20 06:37 - 2014-03-20 06:37 - 40442937 _____ () C:\Popcorn-Time-2.7-Win.zip
2014-03-20 06:37 - 2014-03-20 06:37 - 00000000 ____D () C:\Popcorn-Time-2.7-Win
2014-03-19 11:42 - 2013-04-28 11:50 - 00000000 ____D () C:\Users\Administrator\Desktop\Pokerove vyukove videa low stakes
2014-03-18 04:02 - 2013-07-15 03:04 - 00000000 ____D () C:\windows\system32\MRT
2014-03-18 04:00 - 2012-03-13 08:32 - 90015360 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-03-14 04:20 - 2009-07-14 06:45 - 00458136 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-14 04:19 - 2012-05-17 03:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 04:19 - 2012-05-17 03:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 04:02 - 2012-03-25 17:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 16:59 - 2013-01-23 15:34 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-12 20:44 - 2013-10-28 13:52 - 00000000 ____D () C:\Users\Administrator\Desktop\Hovorene slovo
2014-03-12 10:55 - 2013-01-13 19:40 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 10:55 - 2013-01-13 19:40 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 10:55 - 2013-01-13 19:40 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-03-09 21:19 - 2014-03-09 21:18 - 730335232 _____ () C:\Users\Administrator\Desktop\Wallander.S01E01.HDTV.XviD-BiA.avi

Files to move or delete:
====================
C:\Users\robert\DTLite4453-0297.exe
C:\Users\robert\install_flash_player_64bit.exe
C:\Users\robert\SkypeSetup.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-03-30 04:33

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (OS_Install) (Fixed) (Total:271.78 GB) (Free:16.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:181.18 GB) (Free:17.03 GB) NTFS

Available physical RAM: 2135.7 MB
Total physical RAM: 4003.4 MB
Percentage of memory in use: 46%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: D80D248C)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Security Center ==================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Zdravim

:arrow:Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)?

Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Obrázek

Nebezpeci CFka

Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
Maze stopy po haveti, takze v logu z RSIT neni nic videt
Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

ok, urobil som chybu , chcete log z combofixu?

Ano, chci log z CF a logy z RogueKilleru tez

ComboFix 14-04-08.01 - Administrator . 04. 2014 16:19:05.7.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4003.2304 [GMT 2:00]
Running from: c:\users\Administrator\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2014-03-08 to 2014-04-08 )))))))))))))))))))))))))))))))
.
.
2014-04-08 14:30 . 2014-04-08 14:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-04-08 14:30 . 2014-04-08 14:30 -------- d-----w- c:\users\robert\AppData\Local\temp
2014-04-08 14:30 . 2014-04-08 14:30 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-04-08 14:30 . 2014-04-08 14:30 -------- d-----w- c:\users\postgres\AppData\Local\temp
2014-04-08 14:30 . 2014-04-08 14:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-08 14:13 . 2014-04-08 14:14 -------- d-----w- c:\users\Administrator\AppData\Roaming\GetRightToGo
2014-04-08 09:24 . 2014-04-08 14:30 -------- d-----w- c:\programdata\SafetyNut
2014-04-05 09:26 . 2014-04-05 09:26 38157960 ----a-w- C:\KindleForPC-installer.exe
2014-04-05 01:05 . 2014-04-08 01:59 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{19CEDA09-669A-4A36-9BAA-5AE60E5E1894}\offreg.dll
2014-04-04 16:45 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{19CEDA09-669A-4A36-9BAA-5AE60E5E1894}\mpengine.dll
2014-03-30 13:27 . 2014-04-08 13:24 -------- d-----w- c:\users\Administrator\AppData\Roaming\vlc
2014-03-30 13:25 . 2014-03-30 13:25 24677393 ----a-w- c:\program files\vlc-2.1.3-win32.exe
2014-03-30 12:46 . 2014-03-30 12:46 -------- d-----w- c:\programdata\Package Cache
2014-03-20 18:07 . 2014-03-20 18:07 -------- d-----w- c:\programdata\AVG Secure Search
2014-03-20 04:37 . 2014-03-20 06:27 -------- d-----w- c:\users\Administrator\AppData\Local\Popcorn-Time
2014-03-20 04:37 . 2014-03-20 04:37 -------- d-----w- C:\Popcorn-Time-2.7-Win
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-20 18:07 . 2014-02-08 08:49 49952 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2014-03-20 04:37 . 2014-03-20 04:37 40442937 ----a-w- C:\Popcorn-Time-2.7-Win.zip
2014-03-18 02:00 . 2012-03-13 06:32 90015360 ----a-w- c:\windows\system32\MRT.exe
2014-03-12 08:55 . 2013-01-13 17:40 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-12 08:55 . 2013-01-13 17:40 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-21 08:10 . 2014-02-21 08:10 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-02-21 08:10 . 2014-02-21 08:11 312744 ----a-w- c:\windows\system32\javaws.exe
2014-02-21 08:10 . 2012-05-07 12:18 189352 ----a-w- c:\windows\system32\javaw.exe
2014-02-21 08:10 . 2012-05-07 12:18 189352 ----a-w- c:\windows\system32\java.exe
2014-02-21 08:09 . 2014-02-21 08:09 30796712 ----a-w- c:\program files\jre-7u51-windows-x64.exe
2014-01-22 17:35 . 2014-01-22 17:34 63042752 ----a-w- C:\AVSVideoConverter.exe
2014-01-05 07:53 . 2014-01-05 07:52 8049726 ----a-w- c:\program files\ca_setup.exe
2014-01-05 07:24 . 2014-01-05 07:24 6153112 ----a-w- c:\program files\Pazera_Free_MP4_to_AVI_Converter.exe
2014-01-04 21:20 . 2014-01-04 21:20 1107022 ----a-w- c:\program files\SubtitleWorkshop251.exe
2014-01-03 08:29 . 2014-01-03 08:29 56601328 ----a-w- c:\program files\LGS_8.51.5_x64_Logitech.exe
2013-12-26 20:43 . 2013-12-26 20:43 9918872 ----a-w- c:\program files\WMEncoder.exe
2013-12-26 20:16 . 2013-12-26 20:16 6892808 ----a-w- c:\program files\jing_setup.exe
2013-12-21 16:28 . 2013-01-14 09:07 1142864 ----a-w- c:\program files\uTorrent.exe
2013-12-21 16:23 . 2013-12-21 16:23 4359168 ----a-w- c:\program files\RogueKillerX64.exe
2013-12-17 11:39 . 2013-12-17 11:38 33803296 ----a-w- c:\program files\Opera_18.0.1284.68_Setup.exe
2013-12-14 12:49 . 2013-12-14 12:49 7357440 ----a-w- c:\program files\MM26_ENU.msi
2013-12-13 10:48 . 2013-12-13 10:48 976344 ----a-w- c:\program files\pdfcomp.exe
2013-12-07 06:54 . 2013-12-07 06:53 24489269 ----a-w- c:\program files\vlc-2.1.1-win32.exe
2013-12-03 11:39 . 2013-12-03 11:38 23825048 ----a-w- c:\program files\Firefox Setup 25.0.exe
2013-11-20 20:35 . 2013-11-20 20:33 46460752 ----a-w- c:\program files\mpnexwin106ea23-2.exe
2013-10-28 14:50 . 2013-10-28 14:50 3147025 ----a-w- c:\program files\CubicExplorer_0.95.1_Setup.exe
2013-10-25 14:08 . 2013-10-25 14:08 5946344 ----a-w- c:\program files\ADE_2.0_Installer.exe
2013-10-08 19:24 . 2013-10-08 19:24 563512 ----a-w- c:\program files\SetupPoker.exe_e9343b.exe
2013-09-18 14:03 . 2013-09-18 14:03 12891208 ----a-w- c:\program files\ashampoo_burning_studio_6_free_6.84_13471.exe
2013-08-09 05:44 . 2013-08-09 05:43 27884121 ----a-w- c:\program files\tor-browser-2.3.25-10_en-US.exe
2013-05-23 07:13 . 2013-05-23 07:13 816128 ----a-w- c:\program files\RogueKiller.exe
2013-05-12 03:55 . 2013-05-12 03:55 318776 ----a-w- c:\program files\SetupPoker_199cd6.exe
2013-03-31 07:47 . 2013-03-31 07:47 642712 ----a-w- c:\program files\age-of-empires-online_1.0.exe
2013-03-23 08:20 . 2013-03-23 08:20 457168 ----a-w- c:\program files\SetupPoker_ac4215_cs.exe
2013-03-06 07:31 . 2013-03-06 07:29 80882485 ----a-w- c:\program files\7697_HoldemManager2Setup.exe
2013-02-18 10:40 . 2013-02-18 10:40 903638 ----a-w- c:\program files\AntiTwin_Setup.exe
2013-02-11 14:30 . 2013-02-11 14:30 1821192 ----a-w- c:\program files\vcredist_x86.exe
2013-02-11 14:17 . 2013-02-11 14:17 19157736 ----a-w- c:\program files\fpdb-0.30.7.exe
2013-01-26 15:06 . 2013-01-26 15:06 10156344 ----a-w- c:\program files\mbam-setup-1.70.0.1100.exe
2013-01-13 17:20 . 2013-01-13 17:20 699912 ----a-w- c:\program files\uninstall_flash_player.exe
2013-01-13 16:51 . 2013-01-13 16:51 4139168 ----a-w- c:\program files\install_flash_player_32bit.exe
2012-11-14 08:56 . 2012-11-14 08:56 12768736 ----a-w- c:\program files\Opera_1210_int_Setup.exe
2012-11-08 16:50 . 2012-05-03 09:41 80521624 ----a-w- c:\program files\iTunes64Setup.exe
2012-10-18 13:13 . 2012-10-18 13:13 3041341 ----a-w- c:\program files\DxtorySetup2.0.120.exe
2012-10-18 13:01 . 2012-10-18 13:01 3037059 ----a-w- c:\program files\DxtorySetup2.0.119.exe
2012-10-16 10:13 . 2012-10-16 10:11 4981258 ----a-w- c:\program files\ComboFix.exe
2012-10-09 03:37 . 2012-10-09 03:37 3462033 ----a-w- c:\program files\pci_filerecovery.exe
2012-09-21 13:15 . 2012-09-21 13:15 5896408 ----a-w- c:\program files\tcm801x32_64.exe
2012-09-06 01:47 . 2012-09-06 01:45 22657136 ----a-w- c:\program files\vlc-2.0.2-win32.exe
2012-09-02 11:07 . 2012-09-02 11:07 4472121 ----a-w- c:\program files\CamStudio_Setup_v2.6b.exe
2012-09-01 22:58 . 2012-09-01 22:57 11534325 ----a-w- c:\program files\setupscreenhunterfree.exe
2012-09-01 19:34 . 2012-09-01 19:34 8236984 ----a-w- c:\program files\ScreenshotCaptorSetup.exe
2012-09-01 11:55 . 2012-09-01 11:55 999840 ----a-w- c:\program files\install_flashplayer11x32_chra_au_aih.exe
2012-08-28 10:05 . 2012-08-28 10:03 22716480 ----a-w- c:\program files\Gw2Setup.exe
2012-08-03 14:16 . 2012-08-03 14:13 48359936 ----a-w- c:\program files\calibre-0.8.62.msi
2012-07-20 12:02 . 2012-07-20 12:01 10063000 ----a-w- c:\program files\mbam-setup-1.61.0.1400.exe
2012-07-20 11:58 . 2012-07-20 11:58 16373192 ----a-w- c:\program files\Windows-KB890830-V4.10.exe
2012-07-06 10:38 . 2012-04-20 13:16 296792 ----a-w- c:\program files\SweetImSetup.exe
2012-06-22 14:05 . 2012-06-22 14:05 1505732 ----a-w- c:\program files\MacheteLiteInst38.exe
2012-05-07 12:17 . 2012-05-07 12:16 17210144 ----a-w- c:\program files\jre-6u32-windows-x64.exe
2012-05-07 12:12 . 2012-05-07 12:11 26248832 ----a-w- c:\program files\JDownloaderSetup.exe
2012-04-29 15:00 . 2012-04-22 11:25 118088518 ----a-w- c:\program files\Holdem_Manager_Setup1.12.09.exe
2012-04-29 14:49 . 2012-03-11 18:52 16178184 ----a-w- c:\program files\PokerStarsInstall.exe
2012-04-20 10:58 . 2012-04-20 10:55 46104904 ----a-w- c:\program files\Diablo-III-Beta-enUS-Setup.exe
2012-04-13 18:58 . 2012-04-13 18:56 21853983 ----a-w- c:\program files\wireshark-win64-1.4.12.exe
2012-04-13 12:38 . 2012-04-13 12:37 20855157 ----a-w- c:\program files\ageofconan-en.exe
2012-04-06 07:51 . 2012-04-06 07:49 22259528 ----a-w- c:\program files\vlc-2.0.1-win32.exe
2012-03-31 03:27 . 2012-03-31 03:25 28904504 ----a-w- c:\program files\KindleForPC-installer.exe
2012-03-30 08:22 . 2012-03-11 18:42 3595896 ----a-w- c:\program files\TeamViewer_Setup_sk.exe
2012-03-26 07:08 . 2012-03-26 07:08 739816 ----a-w- c:\program files\GoogleEarthSetup.exe
2012-03-21 19:22 . 2012-03-21 19:21 20924432 ----a-w- c:\program files\the-gimp_2.6.12.exe
2012-03-21 18:49 . 2012-03-21 18:49 24460600 ----a-w- c:\program files\gimp-help-2-2.6.0-en-setup.exe
2012-03-13 15:05 . 2012-03-13 15:05 3870120 ----a-w- c:\program files\battlelog-web-plugins-1.116.0-retail-prod.exe
2012-03-10 17:19 . 2012-03-10 17:04 210810984 ----a-w- c:\program files\295.73-notebook-win7-winvista-64bit-international-whql.exe
2012-03-10 16:19 . 2012-03-10 16:19 292184 ----a-w- c:\program files\dxwebsetup.exe
2012-03-10 14:59 . 2012-03-10 14:58 17054752 ----a-w- c:\program files\OriginThinSetup.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2014-03-20 18:07 3486232 ----a-w- c:\program files (x86)\AVG SafeGuard toolbar\18.0.5.292\AVG SafeGuard toolbar_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG SafeGuard toolbar\18.0.5.292\AVG SafeGuard toolbar_toolbar.dll" [2014-03-20 3486232]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Wisdom-soft ScreenHunter 6.0 Free"="0" [X]
"uTorrent"="c:\users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe" [2014-01-23 905296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2014-03-20 2544664]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QSign.lnk - c:\program files (x86)\Ardaco\QSign\zepapp.exe [2011-10-13 4970496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"RequireSignedAppInit_DLLs"=0 (0x0)
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622;c:\program files (x86)\Movies Toolbar\SafetyNut\x64\configmgrc1.cfg;c:\program files (x86)\Movies Toolbar\SafetyNut\x64\configmgrc1.cfg [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222;F06DEFF2-5B9C-490D-910F-35D3A91196222;c:\program files (x86)\Movies Toolbar\SafetyNut\x64\configmgrc1.cfg;c:\program files (x86)\Movies Toolbar\SafetyNut\x64\configmgrc1.cfg [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\S-Bar\MSIService.exe;c:\program files (x86)\S-Bar\MSIService.exe [x]
S2 postgresql-8.4;PostgreSQL Server 8.4;C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files (x86)/PostgreSQL/8.4/data -w;C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files (x86)/PostgreSQL/8.4/data -w [x]
S2 SafetyNutManager;SafetyNut Manager;c:\program files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe;c:\program files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe [x]
S2 SafetyNutManager2;SafetyNut Manager2;c:\program files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe;c:\program files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vToolbarUpdater18.0.5;vToolbarUpdater18.0.5;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 18:09 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-04-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-13 08:55]
.
2014-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-25 18:49]
.
2014-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-25 18:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 81-254&t=4
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Previesť cieľ odkazu do formátu Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Previesť do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pridať cieľ odkazu do existujúceho súboru PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Pridať do existujúceho súboru PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
Trusted Zone: slovensko.sk\www
TCP: DhcpNameServer = 192.168.0.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{3444c3c5-6c56-4a16-a453-832b05bf6ea4} - c:\progra~2\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll
Toolbar-Locked - (no file)
Toolbar-{3444c3c5-6c56-4a16-a453-832b05bf6ea4} - c:\progra~2\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll
Toolbar-10 - (no file)
Toolbar-10 - (no file)
AddRemove-PunkBusterSvc - c:\program files (x86)\Origin Games\Battlefield 3\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\F06DEFF2-5B9C-490D-910F-35D3A9119622]
"ImagePath"="\??\c:\program files (x86)\Movies Toolbar\SafetyNut\x64\configmgrc1.cfg"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\F06DEFF2-5B9C-490D-910F-35D3A91196222]
"ImagePath"="\??\c:\program files (x86)\Movies Toolbar\SafetyNut\x64\configmgrc1.cfg"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files (x86)/PostgreSQL/8.4/data\" -w"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,10,c9,
08,9f,bd,e4,0d,bf,9a,a5,0c,88,6d,fb,da
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,cc,26,
80,30,19,d8,05,94,c0,0e,3f,72,4b,25,df
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"=hex:51,66,7a,6c,4c,1d,3b,1b,d5,75,c0,
ee,46,4e,63,05,95,50,4a,9e,a8,a1,ff,bc
"{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,3b,1b,0e,1e,64,
ed,ec,ca,2a,07,bf,86,54,f0,45,12,8c,c1
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,23,3b,
5d,8c,3c,1d,08,8a,f9,a2,80,01,76,3f,6c
"{7473B6BD-4691-4744-A82B-7854EB3D70B6}"=hex:51,66,7a,6c,4c,1d,3b,1b,ad,ae,65,
64,a3,13,23,08,b2,27,27,0f,ef,7e,36,af
"{5A7B890D-29F9-E0A4-4899-A7F4678ABA8B}"=hex:51,66,7a,6c,4c,1d,3b,1b,1d,91,6d,
4a,cb,7c,c3,af,52,95,f8,af,63,c9,fc,92
"{5B0873D5-5594-6A5E-C854-FAEC42F510CC}"=hex:51,66,7a,6c,4c,1d,3b,1b,c5,6b,1e,
4b,a6,00,39,25,d2,58,a5,b7,46,b6,56,d5
"{E5AE3E4D-7362-98B6-9E93-7CB4B0A068FC}"=hex:51,66,7a,6c,4c,1d,3b,1b,5d,26,b8,
f5,50,26,d1,d7,84,9f,23,ef,b4,e3,2e,e5
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,3b,1b,ab,8f,02,
66,c2,83,4b,09,ac,e7,8b,81,f5,9a,6b,5a
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,18,de,
cb,77,f1,3c,0c,a6,78,c3,7e,c5,86,ce,b0
"{5018CFD2-804D-4C99-9F81-25EAEA2769DE}"=hex:51,66,7a,6c,4c,1d,3b,1b,c2,d7,0e,
40,7f,d5,fe,03,85,8d,7a,b1,ee,64,2f,c7
"{E87806B5-E908-45FD-AF5E-957D83E58E68}"=hex:51,66,7a,6c,4c,1d,3b,1b,a5,1e,6e,
f8,3a,bc,9a,0a,b5,52,ca,26,87,a6,c8,71
"{56ecbd8d-d7f7-4e92-8bf1-77cdfb71c50a}"=hex:51,66,7a,6c,4c,1d,3b,1b,9d,a5,fa,
46,c5,82,f5,01,91,fd,28,96,ff,32,83,13
"{338A754C-B46E-4BF2-8AC8-23DE36862AD3}"=hex:51,66,7a,6c,4c,1d,38,12,22,76,99,
37,5c,fa,9c,0e,f5,de,60,9e,33,d8,6e,c7
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (Administrator)
"Timestamp"=hex:66,fa,52,f1,a8,77,ce,01
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8e,86,e4,69,a0,2d,bf,42,90,b9,04,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,45,b9,77,4f,94,d8,ac,48,84,39,7a,\
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3fr\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.3fr"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.arw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.avi"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.bmi"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.bmp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.bms"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.CDA"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.cr2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.crw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="OperaStable"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.cs1"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.dcm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.dib"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.dng"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Word.Document.12"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.emf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.erf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.fff"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.gif"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.hdp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.hdr"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.ico"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.j2k"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jp2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jpc"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jpe"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jpeg"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jpg"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jps\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jps"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.jxr"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.kdc"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.m3u"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M4A"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mac\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.mac"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mdm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.mdm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.mef"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mobi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Amazon.Kindle.content"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MOV"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mp4"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpo\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.mpo"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.mrw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.nef"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nex\UserChoice]
@Denied: (2) (Administrator)
"Progid"="OperaStable"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.nrw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.orf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pam\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pam"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pbm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pcd"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pcx"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pef"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pgm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.png"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pnm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pnm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pns\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pns"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.ppm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psb\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.psb"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.psd"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.psp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.pspimage"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.raf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.raw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.rle"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.rw2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.rwl"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.rwz"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="OperaStable"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.sr2"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.srf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.srw"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.tga"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.thm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.tif"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.tiff"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAV"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.wbm"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.wbmp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.wdp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.wmf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMV"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.wpg"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.x3f\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.x3f"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="xmlfile"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zbr\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.zbr"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zcl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.zcl"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zmf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.zmf"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zmp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document.zmp"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\._zmeoamedcd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document._zmeoamedcd"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\._zmeoameddef\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ZPS140.Document._zmeoameddef"
.
[HKEY_USERS\S-1-5-21-649568267-640355484-1299417552-500\Software\SecuROM\License information*]
"datasecu"=hex:96,05,52,b9,0c,12,a4,6e,43,1e,17,72,92,5e,1d,52,d0,40,33,8c,8d,
a4,5b,2e,21,0b,b9,cd,6c,bb,a3,6d,c7,39,70,a5,89,d8,a8,48,54,50,5c,45,99,ba,\
"rkeysecu"=hex:0f,de,9b,d5,06,48,b3,ce,99,56,71,15,7f,b4,67,47
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
Completion time: 2014-04-08 16:33:54
ComboFix-quarantined-files.txt 2014-04-08 14:33
ComboFix2.txt 2014-02-20 06:45
ComboFix3.txt 2013-01-26 13:18
ComboFix4.txt 2013-01-20 12:13
ComboFix5.txt 2014-04-08 14:17
.
Pre-Run: 20 928 606 208 bytes free
Post-Run: 20 689 903 616 bytes free
.
- - End Of File - - C9B8E996E79CE85516E4ACB8A5D215E6

RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : Administrator [Práva Správcu]
Režim : Kontrola -- Dátum : 04/08/2014 11:57:30
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 23 ¤¤¤
[IFEO] HKLM\[...]\bitguard.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\bprotect.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\bpsvc.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\browserdefender.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\browserprotect.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\browsersafeguard.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\dprotectsvc.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\jumpflip : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\protectedsearch.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\searchinstaller.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\searchprotection.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\searchprotector.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\searchsettings.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\searchsettings64.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\snapdo.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\stinst32.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\stinst64.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\umbrella.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\utiljumpflip.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\volaro : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\vonteera : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\websteroids.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ
[IFEO] HKLM\[...]\websteroidsservice.exe : Debugger (tasklist.exe [7]) -> NÁJDENÉ

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spustenie položky : 0 ¤¤¤

¤¤¤ webové prehliadače : 0 ¤¤¤

¤¤¤ Browser Addons : 1 ¤¤¤
[CHR][PUP] Default : Movies Toolbar

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : PUP ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000BEKT-22KA9T0 +++++
--- User ---
[MBR] 449fa81b2f95183927e7595d472f3fc5
[BSP] c913293601aa4b10924dbef29cb10d48 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13008 MB
1 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 26642432 | Size: 100 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 26847232 | Size: 278298 MB
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 596801536 | Size: 185532 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[0]_S_04082014_115730.txt >>
RKreport[0]_S_02272014_103604.txt;RKreport[0]_S_02282014_113824.txt;RKreport[0]_S_02282014_114344.txt
RKreport[0]_S_03232014_072849.txt;RKreport[0]_S_03232014_073331.txt

Dejte mi do raru vsechny log z RK (RKreport[0]_X_YYYYYY_ZZZZZZ.txt)

Rar nekam uploadnete a odkaz sem

vstky z dneska predpokladam .... ?

Dejte tam vsechny prosim

nech a paci

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

mam zase obrovske problemy s windows prieskumnikom ,mam to skusit v nudzovom rezime ?

Ano, muzete

pri pokuse o spusten ZOEK sa mi vypina PC, aj v nudzovom rezime

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

VIRY.CZ

problemy s windows prieskuknikom

problemy s windows prieskuknikom

Re: problemy s windows prieskuknikom

Re: problemy s windows prieskuknikom

Re: problemy s windows prieskuknikom

Re: problemy s windows prieskuknikom

Re: problemy s windows prieskuknikom

Re: problemy s windows prieskuknikom

Re: problemy s windows prieskuknikom

Re: problemy s windows prieskuknikom

Re: problemy s windows prieskuknikom

Re: problemy s windows prieskuknikom

Re: problemy s windows prieskuknikom

Re: problemy s windows prieskuknikom

Re: problemy s windows prieskuknikom

Re: problemy s windows prieskuknikom