Jak odinstalovat Windows8 defender?

Scientific · Příspěvekod **Scientific** » 08 říj 2013 14:19

Tak už jsem ho našel v msconfig, dal jsem zakázat, pak restart PC. Předtím tam buď nebyl, nebo jsem byl slepý. Nicméně stejně nejde změnit "typ spuštění" v "služby"

http://upload.cszona.cz/30/hehe1.png
Obrázek

Reklama

Příspěvekod **jaro3** » 08 říj 2013 19:45

Dá se tam odebrat to zatržítko?
win8 nemám..

Scientific · Příspěvekod **Scientific** » 09 říj 2013 16:57

Když ho odeberu, uložím chce to restart, ale po restartu je opět zatržené.

Příspěvekod **jaro3** » 09 říj 2013 17:40

A dáváš odebrat před restatem i msconfig?

Scientific · Příspěvekod **Scientific** » 10 říj 2013 16:24

Vůbec nechápu, žádné odebrat nikde nedávám.

Dělám zkrátka to, co jsi mi řekl.

1. Spustil jsem jako správce "msconfig"
2. Odškrtnul "Služba Windows Defender".
3. Uložil
4. Vyžádalo si restart, že se změny projeví po restartu.
5. Restartoval jsem.
6. Otevřel "služby"
7. Našel "Služba Windows Defender"
8. Pravým tlačítkem kliknul a vybral z nabídky "Vlastnosti"
9. A ejhle "Typ spuštění" stále nelze změnit.

Příspěvekod **jaro3** » 10 říj 2013 18:33

Tak to asi nepůjde , nebo se poohlédni na Googlu.

Jinak platí , že se to dá smazat v OTL.

Scientific · Příspěvekod **Scientific** » 14 říj 2013 17:59

OTL.txt
OTL logfile created on: 14. 10. 2013 17:44:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Steelovo\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

3,89 Gb Total Physical Memory | 2,65 Gb Available Physical Memory | 68,27% Memory free
7,79 Gb Paging File | 6,18 Gb Available in Paging File | 79,35% Paging File free
Paging file location(s): c:\pagefile.sys 4000 8000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,30 Gb Total Space | 84,61 Gb Free Space | 45,42% Space Free | Partition Type: NTFS
Drive D: | 258,44 Gb Total Space | 215,00 Gb Free Space | 83,19% Space Free | Partition Type: NTFS

Computer Name: STEEL | User Name: Steelovo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/14 17:41:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Steelovo\Desktop\OTL.exe
PRC - [2013/08/07 11:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/06/29 10:49:28 | 000,068,608 | ---- | M] (IvoSoft) -- C:\Program Files\Classic Shell\ClassicShellService.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/21 15:19:46 | 001,341,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2012/10/31 12:09:50 | 000,020,352 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/08/08 12:23:28 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2012/08/08 12:23:08 | 001,091,520 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2012/08/06 15:56:14 | 000,590,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
PRC - [2012/08/03 17:31:12 | 000,184,704 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2012/07/31 05:32:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/07/25 10:53:18 | 001,558,176 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2012/07/24 19:21:22 | 001,123,536 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2012/07/23 19:59:02 | 000,105,120 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2012/07/17 17:54:20 | 000,178,848 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2012/07/17 15:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 15:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/07/06 12:23:40 | 000,322,208 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012/06/25 11:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/05/28 11:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2012/04/13 11:14:00 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
PRC - [2011/11/21 15:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

========== Modules (No Company Name) ==========

MOD - [2013/10/13 18:51:52 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\624ad6159b6e241ad6d28bf4dca9f14b\System.Xml.ni.dll
MOD - [2013/10/13 18:51:46 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\123cf617d7b6b31c44e39f8594f064c5\System.Xaml.ni.dll
MOD - [2013/10/13 18:45:43 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3603744988436295da5d16e76038e484\System.Drawing.ni.dll
MOD - [2013/10/13 18:45:31 | 000,467,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\cb65dcc8c60f33d257283ef1416a2175\PresentationFramework.Aero2.ni.dll
MOD - [2013/09/29 12:26:42 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\375a937eec7d6faa53ac11ab2973eb76\System.ni.dll
MOD - [2013/09/29 12:26:36 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\5e3a9f3d64adfb3c69b49d37368bf454\mscorlib.ni.dll
MOD - [2013/07/17 10:09:01 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\1f8e89f1344171031271d80ff21366ec\UIAutomationTypes.ni.dll

========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe /McCoreSvc -- (mcbootdelaystartsvc)
SRV:64bit: - [2013/08/16 07:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/07/02 02:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/06/29 10:49:28 | 000,068,608 | ---- | M] (IvoSoft) [Auto | Running] -- C:\Program Files\Classic Shell\ClassicShellService.exe -- (ClassicShellService)
SRV:64bit: - [2013/06/25 00:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/06/01 11:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/21 15:19:46 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2013/03/02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/01/10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/09/20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/07/26 05:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/07/26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/18 13:14:38 | 002,699,568 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012/07/18 13:14:16 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012/07/18 13:14:04 | 000,627,504 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012/07/18 13:13:40 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012/07/17 01:38:26 | 000,731,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2012/05/02 14:49:44 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012/04/20 15:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013/10/08 19:20:24 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/05 02:54:58 | 000,565,672 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/10/01 15:43:44 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/07 11:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/11/25 06:13:12 | 000,821,720 | ---- | M] (Mister Group) [On_Demand | Stopped] -- C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe -- (SystemExplorerHelpService)
SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/08/31 04:35:20 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/08/08 12:23:28 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012/08/08 12:23:08 | 001,091,520 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2012/07/31 05:32:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/07/26 05:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/23 19:59:02 | 000,105,120 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2012/07/17 15:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 15:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/06/25 11:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/04/13 11:14:00 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011/11/21 15:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/08/16 07:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/07/09 10:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/02 03:41:47 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/07/02 03:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/02 03:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/07/02 02:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/07/02 00:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/06/29 08:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/06/10 23:17:46 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/06/01 05:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/05/04 09:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/03/02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/02/14 13:21:04 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/01/10 10:25:22 | 000,139,768 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2013/01/10 10:25:20 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2013/01/10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/11/27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/31 12:10:00 | 000,061,824 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AsusTP.sys -- (ATP)
DRV:64bit: - [2012/10/12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/08 11:42:36 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012/09/20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/08/31 04:35:08 | 009,000,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/08/27 05:11:04 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/08/19 15:53:16 | 004,273,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64)
DRV:64bit: - [2012/08/09 20:29:54 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012/08/09 20:29:54 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012/08/09 20:29:52 | 000,188,384 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort)
DRV:64bit: - [2012/08/09 20:29:52 | 000,048,096 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub)
DRV:64bit: - [2012/08/02 05:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2012/07/26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/24 19:21:22 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2012/07/24 05:16:28 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/07/17 01:39:22 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012/07/17 01:39:22 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012/07/14 18:36:30 | 000,825,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2012/07/04 13:31:40 | 000,055,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2012/07/02 16:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/13 12:23:58 | 000,294,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:64bit: - [2012/06/12 15:41:22 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/06/02 16:34:37 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2012/06/02 16:31:50 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2012/06/02 16:31:38 | 000,333,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1i63x64.sys -- (e1iexpress)
DRV:64bit: - [2012/06/02 16:31:32 | 002,935,808 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/05/31 05:47:44 | 000,021,152 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AsHIDSwitch64.sys -- (HIDSwitch)
DRV:64bit: - [2012/04/24 12:01:12 | 000,110,592 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux)
DRV - [2011/09/07 10:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/02 18:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://178.238.41.90/ogp/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://imo.im/"
FF - prefs.js..extensions.enabledAddons: PageRank%40addonfactory.in:2.0
FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15
FF - prefs.js..extensions.enabledAddons: pagehacker-nico%40nc:1.2
FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.13
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@vmware.com/vmrc,version=5.1.0.00000: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/07/15 00:14:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013/07/16 20:30:47 | 000,000,000 | ---D | M]

[2013/07/14 23:24:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steelovo\AppData\Roaming\Mozilla\Extensions
[2013/09/30 19:24:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions
[2013/09/30 19:24:17 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2013/07/14 23:57:03 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013/07/14 23:51:06 | 000,000,000 | ---D | M] (ÄŚeskĂ˝ slovnĂk pro kontrolu pravopisu) -- C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\cs@dictionaries.addons.mozilla.org
[2013/09/28 23:51:06 | 000,000,000 | ---D | M] (Downlouad keeppeer) -- C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\wj5qi9k6@cwjweaeu.co.uk
[2013/09/28 23:51:06 | 000,000,000 | ---D | M] (SearchNewTab) -- C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\z9bbm@crjivypnmf.co.uk
[2013/08/05 01:32:14 | 000,032,816 | ---- | M] () (No name found) -- C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\pagehacker-nico@nc.xpi
[2013/07/14 23:51:19 | 000,025,208 | ---- | M] () (No name found) -- C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\PageRank@addonfactory.in.xpi
[2013/08/31 10:26:51 | 000,003,725 | ---- | M] () -- C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\searchplugins\safeguard-secure-search.xml
[2013/10/01 15:43:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/10/01 15:43:45 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2013/09/30 20:58:49 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe (ASUS Cloud Corporation)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [TeamSpeak 3 Client] C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
O4 - HKCU..\Run: [ThreadManager.exe] C:\Program Files (x86)\Thread Manager\ThreadManager.exe (Digital Generation Inc.)
O4 - Startup: C:\Users\Steelovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk = C:\Program Files (x86)\MultiSkypeLauncher\MultiSkypeLauncher.exe (IM-history)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Odeslat do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Odeslat do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm ()
O9:64bit: - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100 94.74.192.252 94.74.192.244
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{466EA5AB-8C0B-4EDB-B2F4-D679A210EBED}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F30618B3-7A5A-4E64-9696-25575067FC15}: DhcpNameServer = 192.168.1.100 94.74.192.252 94.74.192.244
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

Scientific · Příspěvekod **Scientific** » 14 říj 2013 18:02

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit64.dll) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll) - c:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\Windows\SysWOW64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/14 17:41:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Steelovo\Desktop\OTL.exe
[2013/10/12 16:03:07 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\Desktop\stranky
[2013/10/11 21:34:44 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\Desktop\autofocus
[2013/10/09 16:01:15 | 000,652,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013/10/09 16:01:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/10/09 16:01:13 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2013/10/09 16:01:13 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/10/09 16:01:12 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/10/09 16:01:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/10/09 16:01:12 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2013/10/09 16:01:11 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/10/09 16:01:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/10/09 16:01:11 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/10/09 16:01:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/10/09 16:01:10 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013/10/09 16:01:09 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/10/09 16:00:57 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/10/09 16:00:56 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/10/09 16:00:16 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013/10/09 16:00:16 | 000,054,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013/10/09 16:00:16 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2013/10/09 16:00:09 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/10/09 16:00:09 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/10/09 16:00:09 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/10/09 16:00:09 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/10/09 16:00:06 | 000,498,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/10/09 16:00:05 | 000,447,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS
[2013/10/09 16:00:05 | 000,337,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBXHCI.SYS
[2013/10/09 16:00:05 | 000,213,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UCX01000.SYS
[2013/10/09 16:00:05 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/10/09 16:00:05 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/10/09 16:00:05 | 000,021,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/10/08 17:52:19 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\Desktop\teamspeak
[2013/10/07 21:53:57 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\Desktop\objednavka
[2013/10/01 19:00:19 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/10/01 19:00:13 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/10/01 19:00:13 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\AppData\Local\temp
[2013/10/01 18:51:17 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013/10/01 15:43:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/09/30 20:50:59 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/09/30 20:50:59 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/09/30 20:50:59 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2013/09/30 20:50:59 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/09/30 20:50:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/09/30 20:50:38 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/09/30 20:50:12 | 005,132,885 | R--- | C] (Swearware) -- C:\Users\Steelovo\Desktop\ComboFix.exe
[2013/09/30 19:37:35 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\Desktop\RK_Quarantine
[2013/09/30 19:25:54 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/09/30 19:24:39 | 001,030,305 | ---- | C] (Thisisu) -- C:\Users\Steelovo\Desktop\JRT.exe
[2013/09/30 18:19:05 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\AppData\Local\Adobe
[2013/09/30 18:18:27 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\AppData\Local\ASUS
[2013/09/29 18:46:02 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/09/29 18:32:44 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\AppData\Roaming\Malwarebytes
[2013/09/29 18:32:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/09/29 18:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/09/29 18:32:17 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/09/29 18:32:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/09/29 14:38:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2013/09/29 14:38:59 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013/09/29 13:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\SystemExplorer
[2013/09/29 13:05:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
[2013/09/29 13:05:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\System Explorer
[2013/09/29 12:13:07 | 000,000,000 | ---D | C] -- C:\found.000
[2013/09/28 23:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\SummerSoft
[2013/09/28 23:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Downlouad keeppeer
[2013/09/28 23:49:50 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013/09/28 23:41:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Skype WebCam Hacker
[2013/09/23 18:29:26 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\Desktop\xhostingblue
[2013/09/22 17:47:59 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\AppData\Roaming\MultiSkypeLauncher
[2013/09/22 17:47:02 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MultiSkypeLauncher
[2013/09/22 17:47:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MultiSkypeLauncher
[2013/09/22 15:30:14 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\Desktop\web
[2013/09/22 15:22:17 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\Documents\Adobe
[2013/09/22 11:21:55 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\Desktop\xhosting
[2013/09/15 22:10:35 | 000,000,000 | ---D | C] -- C:\Users\Steelovo\AppData\Local\Overwolf

========== Files - Modified Within 30 Days ==========

[2013/10/14 17:42:40 | 000,000,600 | ---- | M] () -- C:\Users\Steelovo\AppData\Roaming\winscp.rnd
[2013/10/14 17:41:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Steelovo\Desktop\OTL.exe
[2013/10/14 17:20:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/10/14 16:39:30 | 001,714,430 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/10/14 16:39:30 | 000,727,488 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013/10/14 16:39:30 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/10/14 16:39:30 | 000,148,006 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013/10/14 16:39:30 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/10/14 16:09:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/13 18:33:05 | 005,862,160 | ---- | M] () -- C:\Users\Steelovo\Desktop\Plocha(2).rar
[2013/10/13 18:21:47 | 000,000,132 | ---- | M] () -- C:\Users\Steelovo\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
[2013/10/13 18:20:34 | 000,109,911 | ---- | M] () -- C:\Users\Steelovo\Desktop\logo.psd
[2013/10/13 17:49:45 | 000,144,461 | ---- | M] () -- C:\Users\Steelovo\Desktop\1385534_338141949662516_1590254262_n.png
[2013/10/13 15:36:03 | 000,000,600 | ---- | M] () -- C:\Users\Steelovo\AppData\Local\PUTTY.RND
[2013/10/13 14:02:06 | 000,094,046 | ---- | M] () -- C:\Users\Steelovo\Desktop\ff.jpg
[2013/10/13 13:54:26 | 000,007,213 | ---- | M] () -- C:\Users\Steelovo\Desktop\logo.png
[2013/10/13 13:41:53 | 000,037,178 | ---- | M] () -- C:\Users\Steelovo\Desktop\mandatory_ear_protection_clip_art_16223.jpg
[2013/10/13 13:38:39 | 000,006,946 | ---- | M] () -- C:\Users\Steelovo\Desktop\images.jpeg
[2013/10/13 13:37:27 | 000,164,900 | ---- | M] () -- C:\Users\Steelovo\Desktop\server.png
[2013/10/13 13:35:47 | 000,050,172 | ---- | M] () -- C:\Users\Steelovo\Desktop\vps-moznosti-platby.png
[2013/10/13 02:02:29 | 000,081,830 | ---- | M] () -- C:\Users\Steelovo\Desktop\fyzicky-a-vitualni-teamspeak.png
[2013/10/13 01:46:13 | 000,022,307 | ---- | M] () -- C:\Users\Steelovo\Desktop\teamspeak3.jpg
[2013/10/13 00:40:44 | 000,017,367 | ---- | M] () -- C:\Users\Steelovo\Desktop\hehe185dasd9259.png
[2013/10/12 22:34:17 | 000,170,117 | ---- | M] () -- C:\Users\Steelovo\Desktop\cestina-pro-teamspeak.rar
[2013/10/12 22:30:48 | 000,034,676 | ---- | M] () -- C:\Users\Steelovo\Desktop\barevne-stity.jpg
[2013/10/12 22:26:50 | 000,072,655 | ---- | M] () -- C:\Users\Steelovo\Desktop\ikonky-stity-red-green-blue-gray.rar
[2013/10/12 22:18:45 | 001,101,734 | ---- | M] () -- C:\Users\Steelovo\Desktop\tool.exe
[2013/10/12 17:56:34 | 000,118,481 | ---- | M] () -- C:\Users\Steelovo\Desktop\visual.jpg
[2013/10/12 17:18:35 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/10/12 17:17:59 | 3339,907,072 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/12 00:27:06 | 000,801,190 | ---- | M] () -- C:\Users\Steelovo\Desktop\Screenshot - 12_10.png
[2013/10/11 20:52:00 | 000,002,366 | ---- | M] () -- C:\Users\Steelovo\Desktop\top.php
[2013/10/11 20:44:20 | 001,090,709 | ---- | M] () -- C:\Users\Steelovo\Desktop\autofocus.zip
[2013/10/11 18:39:00 | 000,319,012 | ---- | M] () -- C:\Users\Steelovo\Desktop\dedikovany-server.png
[2013/10/10 18:47:10 | 000,004,569 | ---- | M] () -- C:\Users\Steelovo\Desktop\1384158_734678516549451_960047164_n.jpg
[2013/10/10 18:40:06 | 000,033,119 | ---- | M] () -- C:\Users\Steelovo\Desktop\1380302_735708779779758_550006652_n.jpg
[2013/10/10 18:39:44 | 000,047,097 | ---- | M] () -- C:\Users\Steelovo\Desktop\1378784_735696776447625_250826774_n.jpg
[2013/10/10 17:33:39 | 000,097,624 | ---- | M] () -- C:\Users\Steelovo\Desktop\bqwc0vcfrnu402e55t.png
[2013/10/10 17:24:20 | 000,485,999 | ---- | M] () -- C:\Users\Steelovo\Desktop\bqwc0vcfrnu4dd02e55t.png
[2013/10/09 21:06:55 | 000,003,141 | ---- | M] () -- C:\Users\Steelovo\Desktop\slideshow.php
[2013/10/09 19:53:34 | 000,000,386 | ---- | M] () -- C:\Users\Steelovo\Desktop\install.tgz
[2013/10/09 19:43:33 | 000,297,576 | ---- | M] () -- C:\Users\Steelovo\Desktop\Shot00004.jpg
[2013/10/08 19:43:15 | 000,372,475 | ---- | M] () -- C:\Users\Steelovo\Desktop\bguh.png
[2013/10/08 19:03:51 | 000,013,635 | ---- | M] () -- C:\Users\Steelovo\Desktop\web-hosting.html
[2013/10/08 19:03:51 | 000,013,635 | ---- | M] () -- C:\Users\Steelovo\Desktop\teamspeak-cenik-serveru-porovnani.php
[2013/10/08 19:03:46 | 000,023,646 | ---- | M] () -- C:\Users\Steelovo\Desktop\style.css
[2013/10/08 12:20:28 | 000,002,906 | ---- | M] () -- C:\Users\Steelovo\Desktop\test.php
[2013/10/07 21:50:14 | 000,026,704 | ---- | M] () -- C:\Users\Steelovo\Desktop\raiffeisenbank.png
[2013/10/07 21:47:53 | 000,047,282 | ---- | M] () -- C:\Users\Steelovo\Desktop\Bezfsdaf názvu-1.png
[2013/10/07 21:45:38 | 000,133,994 | ---- | M] () -- C:\Users\Steelovo\Desktop\Paypal-Money-Generator.png
[2013/10/07 21:43:22 | 000,088,533 | ---- | M] () -- C:\Users\Steelovo\Desktop\url.jpeg
[2013/10/07 21:40:17 | 000,150,141 | ---- | M] () -- C:\Users\Steelovo\Desktop\hypoteka-od-raiffeisen-bank-1305110968_resize.jpg
[2013/10/07 21:36:30 | 000,015,429 | ---- | M] () -- C:\Users\Steelovo\Desktop\rbank.png
[2013/10/07 21:36:28 | 000,012,064 | ---- | M] () -- C:\Users\Steelovo\Desktop\paypal.png
[2013/10/07 17:38:50 | 000,009,755 | ---- | M] () -- C:\Users\Steelovo\Desktop\logo hostingohostzona.png
[2013/10/07 17:38:38 | 000,083,672 | ---- | M] () -- C:\Users\Steelovo\Desktop\logo hostingohostzona.psd
[2013/10/07 17:36:50 | 000,011,825 | ---- | M] () -- C:\Users\Steelovo\Desktop\hostzona_bezvpafaf.png
[2013/10/06 21:05:03 | 000,050,968 | ---- | M] () -- C:\Users\Steelovo\Desktop\web-hosting-website-templates-5.jpg
[2013/10/06 17:46:24 | 002,738,966 | ---- | M] () -- C:\Users\Steelovo\Desktop\Bez názvu.bmp
[2013/10/06 17:43:56 | 000,062,084 | ---- | M] () -- C:\Users\Steelovo\Desktop\vps-sprava6.png
[2013/10/06 17:42:14 | 000,036,774 | ---- | M] () -- C:\Users\Steelovo\Desktop\vps-sprava5.png
[2013/10/06 17:40:35 | 001,922,674 | ---- | M] () -- C:\Users\Steelovo\Desktop\Bez názvu-1.psd
[2013/10/06 17:35:16 | 000,076,893 | ---- | M] () -- C:\Users\Steelovo\Desktop\vps-sprava3.png
[2013/10/06 17:32:38 | 000,040,562 | ---- | M] () -- C:\Users\Steelovo\Desktop\vps-sprava2.png
[2013/10/06 17:31:19 | 000,049,542 | ---- | M] () -- C:\Users\Steelovo\Desktop\vps-sprava1.png
[2013/10/06 16:53:49 | 000,074,513 | ---- | M] () -- C:\Users\Steelovo\Desktop\uparrow.png
[2013/10/06 16:47:37 | 000,053,236 | ---- | M] () -- C:\Users\Steelovo\Desktop\vps-administrace.png
[2013/10/06 16:44:56 | 000,066,350 | ---- | M] () -- C:\Users\Steelovo\Desktop\nahoru_hover.png
[2013/10/06 15:43:11 | 000,007,263 | ---- | M] () -- C:\Users\Steelovo\Desktop\am.png
[2013/10/06 15:42:09 | 000,006,377 | ---- | M] () -- C:\Users\Steelovo\Desktop\dis.png
[2013/10/06 15:41:03 | 000,011,275 | ---- | M] () -- C:\Users\Steelovo\Desktop\mass.png
[2013/10/06 15:39:36 | 000,006,395 | ---- | M] () -- C:\Users\Steelovo\Desktop\visa.png
[2013/10/06 15:25:08 | 000,004,939 | ---- | M] () -- C:\Users\Steelovo\Desktop\nahoru.png
[2013/10/06 15:23:05 | 000,004,931 | ---- | M] () -- C:\Users\Steelovo\Desktop\social-icons.png
[2013/10/06 14:48:51 | 000,039,869 | ---- | M] () -- C:\Users\Steelovo\Desktop\sadasd.png
[2013/10/03 21:35:39 | 000,001,480 | ---- | M] () -- C:\Users\Steelovo\AppData\Local\Adobe Uložit pro web 13.0 Prefs
[2013/10/02 16:25:32 | 002,017,897 | ---- | M] () -- C:\Users\Steelovo\Desktop\o5mufb5y54ldpf65g5k7.png
[2013/10/02 03:38:13 | 000,694,232 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/10/02 03:38:13 | 000,078,296 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/10/01 18:40:41 | 005,132,885 | R--- | M] (Swearware) -- C:\Users\Steelovo\Desktop\ComboFix.exe
[2013/09/30 20:58:49 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/09/30 19:36:11 | 003,969,024 | ---- | M] () -- C:\Users\Steelovo\Desktop\RogueKillerX64.exe
[2013/09/30 19:24:42 | 001,030,305 | ---- | M] (Thisisu) -- C:\Users\Steelovo\Desktop\JRT.exe
[2013/09/29 18:45:45 | 001,042,066 | ---- | M] () -- C:\Users\Steelovo\Desktop\adwcleaner.exe
[2013/09/29 18:32:21 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/09/29 14:38:59 | 000,002,991 | ---- | M] () -- C:\Users\Steelovo\Desktop\HiJackThis.lnk
[2013/09/29 11:43:10 | 472,462,031 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/09/28 02:51:38 | 000,007,605 | ---- | M] () -- C:\Users\Steelovo\AppData\Local\Resmon.ResmonCfg
[2013/09/27 20:15:42 | 000,187,078 | ---- | M] () -- C:\Users\Steelovo\Desktop\2013-09-27_00013.jpg
[2013/09/26 21:55:33 | 000,124,560 | ---- | M] () -- C:\Users\Steelovo\Desktop\Bez názvu-1.png
[2013/09/23 19:03:48 | 000,004,529 | ---- | M] () -- C:\Users\Steelovo\Desktop\-social-icons.png
[2013/09/23 01:27:49 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/09/23 00:55:16 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/09/23 00:54:55 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/09/23 00:54:51 | 003,959,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/09/23 00:54:51 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/09/22 17:47:02 | 000,001,187 | ---- | M] () -- C:\Users\Steelovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk
[2013/09/22 17:47:02 | 000,001,129 | ---- | M] () -- C:\Users\Steelovo\Desktop\MultiSkypeLauncher.lnk
[2013/09/18 16:48:48 | 000,019,806 | ---- | M] () -- C:\Users\Steelovo\Desktop\hesla.kdbx
========== Files Created - No Company Name ==========

[2013/10/13 18:32:56 | 005,862,160 | ---- | C] () -- C:\Users\Steelovo\Desktop\Plocha(2).rar
[2013/10/13 18:20:36 | 000,109,911 | ---- | C] () -- C:\Users\Steelovo\Desktop\logo.psd
[2013/10/13 17:46:38 | 000,144,461 | ---- | C] () -- C:\Users\Steelovo\Desktop\1385534_338141949662516_1590254262_n.png
[2013/10/13 14:02:04 | 000,094,046 | ---- | C] () -- C:\Users\Steelovo\Desktop\ff.jpg
[2013/10/13 13:45:41 | 000,007,213 | ---- | C] () -- C:\Users\Steelovo\Desktop\logo.png
[2013/10/13 13:41:53 | 000,037,178 | ---- | C] () -- C:\Users\Steelovo\Desktop\mandatory_ear_protection_clip_art_16223.jpg
[2013/10/13 13:37:26 | 000,164,900 | ---- | C] () -- C:\Users\Steelovo\Desktop\server.png
[2013/10/13 02:02:27 | 000,081,830 | ---- | C] () -- C:\Users\Steelovo\Desktop\fyzicky-a-vitualni-teamspeak.png
[2013/10/13 01:46:12 | 000,022,307 | ---- | C] () -- C:\Users\Steelovo\Desktop\teamspeak3.jpg
[2013/10/13 00:40:44 | 000,017,367 | ---- | C] () -- C:\Users\Steelovo\Desktop\hehe185dasd9259.png
[2013/10/12 22:34:18 | 000,170,117 | ---- | C] () -- C:\Users\Steelovo\Desktop\cestina-pro-teamspeak.rar
[2013/10/12 22:30:47 | 000,034,676 | ---- | C] () -- C:\Users\Steelovo\Desktop\barevne-stity.jpg
[2013/10/12 22:26:50 | 000,072,655 | ---- | C] () -- C:\Users\Steelovo\Desktop\ikonky-stity-red-green-blue-gray.rar
[2013/10/12 22:18:44 | 001,101,734 | ---- | C] () -- C:\Users\Steelovo\Desktop\tool.exe
[2013/10/12 17:56:34 | 000,118,481 | ---- | C] () -- C:\Users\Steelovo\Desktop\visual.jpg
[2013/10/12 11:58:39 | 000,013,635 | ---- | C] () -- C:\Users\Steelovo\Desktop\web-hosting.html
[2013/10/12 00:27:02 | 000,801,190 | ---- | C] () -- C:\Users\Steelovo\Desktop\Screenshot - 12_10.png
[2013/10/11 23:59:20 | 000,013,635 | ---- | C] () -- C:\Users\Steelovo\Desktop\teamspeak-cenik-serveru-porovnani.php
[2013/10/11 21:48:22 | 000,002,366 | ---- | C] () -- C:\Users\Steelovo\Desktop\top.php
[2013/10/11 21:35:24 | 001,090,709 | ---- | C] () -- C:\Users\Steelovo\Desktop\autofocus.zip
[2013/10/11 19:17:09 | 000,001,694 | ---- | C] () -- C:\Users\Steelovo\Desktop\server.cfg
[2013/10/10 18:47:09 | 000,004,569 | ---- | C] () -- C:\Users\Steelovo\Desktop\1384158_734678516549451_960047164_n.jpg
[2013/10/10 18:40:06 | 000,033,119 | ---- | C] () -- C:\Users\Steelovo\Desktop\1380302_735708779779758_550006652_n.jpg
[2013/10/10 18:39:42 | 000,047,097 | ---- | C] () -- C:\Users\Steelovo\Desktop\1378784_735696776447625_250826774_n.jpg
[2013/10/10 17:24:19 | 000,485,999 | ---- | C] () -- C:\Users\Steelovo\Desktop\bqwc0vcfrnu4dd02e55t.png
[2013/10/10 17:03:48 | 000,097,624 | ---- | C] () -- C:\Users\Steelovo\Desktop\bqwc0vcfrnu402e55t.png
[2013/10/09 19:53:48 | 000,000,386 | ---- | C] () -- C:\Users\Steelovo\Desktop\install.tgz
[2013/10/09 19:43:11 | 000,297,576 | ---- | C] () -- C:\Users\Steelovo\Desktop\Shot00004.jpg
[2013/10/09 19:23:07 | 000,003,141 | ---- | C] () -- C:\Users\Steelovo\Desktop\slideshow.php
[2013/10/08 19:20:13 | 000,023,646 | ---- | C] () -- C:\Users\Steelovo\Desktop\style.css
[2013/10/08 17:55:10 | 000,372,475 | ---- | C] () -- C:\Users\Steelovo\Desktop\bguh.png
[2013/10/08 12:20:27 | 000,002,906 | ---- | C] () -- C:\Users\Steelovo\Desktop\test.php
[2013/10/07 21:51:31 | 000,050,172 | ---- | C] () -- C:\Users\Steelovo\Desktop\vps-moznosti-platby.png
[2013/10/07 21:50:13 | 000,026,704 | ---- | C] () -- C:\Users\Steelovo\Desktop\raiffeisenbank.png
[2013/10/07 21:47:51 | 000,047,282 | ---- | C] () -- C:\Users\Steelovo\Desktop\Bezfsdaf názvu-1.png
[2013/10/07 21:45:38 | 000,133,994 | ---- | C] () -- C:\Users\Steelovo\Desktop\Paypal-Money-Generator.png
[2013/10/07 21:43:22 | 000,088,533 | ---- | C] () -- C:\Users\Steelovo\Desktop\url.jpeg
[2013/10/07 21:40:16 | 000,150,141 | ---- | C] () -- C:\Users\Steelovo\Desktop\hypoteka-od-raiffeisen-bank-1305110968_resize.jpg
[2013/10/07 21:36:30 | 000,015,429 | ---- | C] () -- C:\Users\Steelovo\Desktop\rbank.png
[2013/10/07 21:36:26 | 000,012,064 | ---- | C] () -- C:\Users\Steelovo\Desktop\paypal.png
[2013/10/07 17:38:48 | 000,009,755 | ---- | C] () -- C:\Users\Steelovo\Desktop\logo hostingohostzona.png
[2013/10/07 17:38:36 | 000,083,672 | ---- | C] () -- C:\Users\Steelovo\Desktop\logo hostingohostzona.psd
[2013/10/07 17:36:41 | 000,011,825 | ---- | C] () -- C:\Users\Steelovo\Desktop\hostzona_bezvpafaf.png
[2013/10/06 21:05:02 | 000,050,968 | ---- | C] () -- C:\Users\Steelovo\Desktop\web-hosting-website-templates-5.jpg
[2013/10/06 17:45:37 | 002,738,966 | ---- | C] () -- C:\Users\Steelovo\Desktop\Bez názvu.bmp
[2013/10/06 17:43:55 | 000,062,084 | ---- | C] () -- C:\Users\Steelovo\Desktop\vps-sprava6.png
[2013/10/06 17:41:55 | 000,036,774 | ---- | C] () -- C:\Users\Steelovo\Desktop\vps-sprava5.png
[2013/10/06 17:40:34 | 001,922,674 | ---- | C] () -- C:\Users\Steelovo\Desktop\Bez názvu-1.psd
[2013/10/06 17:35:14 | 000,076,893 | ---- | C] () -- C:\Users\Steelovo\Desktop\vps-sprava3.png
[2013/10/06 17:32:37 | 000,040,562 | ---- | C] () -- C:\Users\Steelovo\Desktop\vps-sprava2.png
[2013/10/06 17:31:18 | 000,049,542 | ---- | C] () -- C:\Users\Steelovo\Desktop\vps-sprava1.png
[2013/10/06 16:47:35 | 000,053,236 | ---- | C] () -- C:\Users\Steelovo\Desktop\vps-administrace.png
[2013/10/06 15:45:29 | 000,011,275 | ---- | C] () -- C:\Users\Steelovo\Desktop\mass.png
[2013/10/06 15:45:29 | 000,007,263 | ---- | C] () -- C:\Users\Steelovo\Desktop\am.png
[2013/10/06 15:45:29 | 000,006,395 | ---- | C] () -- C:\Users\Steelovo\Desktop\visa.png
[2013/10/06 15:45:29 | 000,006,377 | ---- | C] () -- C:\Users\Steelovo\Desktop\dis.png
[2013/10/06 15:33:14 | 000,066,350 | ---- | C] () -- C:\Users\Steelovo\Desktop\nahoru_hover.png
[2013/10/06 15:13:51 | 000,004,529 | ---- | C] () -- C:\Users\Steelovo\Desktop\-social-icons.png
[2013/10/06 15:04:02 | 000,004,931 | ---- | C] () -- C:\Users\Steelovo\Desktop\social-icons.png
[2013/10/06 14:48:50 | 000,039,869 | ---- | C] () -- C:\Users\Steelovo\Desktop\sadasd.png
[2013/10/06 11:03:42 | 000,004,939 | ---- | C] () -- C:\Users\Steelovo\Desktop\nahoru.png
[2013/10/06 10:58:00 | 000,074,513 | ---- | C] () -- C:\Users\Steelovo\Desktop\uparrow.png
[2013/10/06 10:39:47 | 000,319,012 | ---- | C] () -- C:\Users\Steelovo\Desktop\dedikovany-server.png
[2013/10/05 12:20:30 | 000,006,946 | ---- | C] () -- C:\Users\Steelovo\Desktop\images.jpeg
[2013/10/03 21:35:39 | 000,001,480 | ---- | C] () -- C:\Users\Steelovo\AppData\Local\Adobe Uložit pro web 13.0 Prefs
[2013/10/02 16:25:30 | 002,017,897 | ---- | C] () -- C:\Users\Steelovo\Desktop\o5mufb5y54ldpf65g5k7.png
[2013/09/30 20:50:59 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/09/30 20:50:59 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/09/30 20:50:59 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/09/30 20:50:59 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/09/30 20:50:59 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/09/30 19:36:10 | 003,969,024 | ---- | C] () -- C:\Users\Steelovo\Desktop\RogueKillerX64.exe
[2013/09/29 18:45:44 | 001,042,066 | ---- | C] () -- C:\Users\Steelovo\Desktop\adwcleaner.exe
[2013/09/29 18:32:21 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/09/29 14:38:59 | 000,002,991 | ---- | C] () -- C:\Users\Steelovo\Desktop\HiJackThis.lnk
[2013/09/27 20:15:42 | 000,187,078 | ---- | C] () -- C:\Users\Steelovo\Desktop\2013-09-27_00013.jpg
[2013/09/26 21:55:33 | 000,124,560 | ---- | C] () -- C:\Users\Steelovo\Desktop\Bez názvu-1.png
[2013/09/22 17:47:02 | 000,001,187 | ---- | C] () -- C:\Users\Steelovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk
[2013/09/22 17:47:02 | 000,001,129 | ---- | C] () -- C:\Users\Steelovo\Desktop\MultiSkypeLauncher.lnk
[2013/09/14 18:27:14 | 000,019,806 | ---- | C] () -- C:\Users\Steelovo\Desktop\hesla.kdbx
[2013/09/11 16:01:35 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/26 20:32:52 | 000,000,839 | ---- | C] () -- C:\Users\Steelovo\AppData\Roaming\Drives Meter_Settings.ini
[2013/08/26 20:31:38 | 000,001,003 | ---- | C] () -- C:\Users\Steelovo\AppData\Roaming\Currency Meter_Settings.ini
[2013/08/11 02:33:41 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2013/07/27 00:50:27 | 000,006,148 | ---- | C] () -- C:\Users\Steelovo\hehe.PNG
[2013/07/26 15:20:25 | 000,010,240 | ---- | C] () -- C:\Users\Steelovo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/24 14:13:48 | 000,446,276 | ---- | C] () -- C:\Users\Steelovo\IMG_24072013_141145.png
[2013/07/23 20:32:20 | 000,001,679 | ---- | C] () -- C:\Users\Steelovo\.vmrc_plugin_ovftool_settings.js
[2013/07/23 15:31:21 | 000,108,328 | ---- | C] () -- C:\Users\Steelovo\IMG_23072013_152927.png
[2013/07/23 15:12:08 | 000,010,976 | ---- | C] () -- C:\Users\Steelovo\cwtg.sma
[2013/07/20 02:46:34 | 000,000,132 | ---- | C] () -- C:\Users\Steelovo\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
[2013/07/18 19:05:26 | 000,000,600 | ---- | C] () -- C:\Users\Steelovo\AppData\Local\PUTTY.RND
[2013/07/18 13:00:00 | 000,027,457 | ---- | C] () -- C:\Users\Steelovo\Network_Meter_Data.js
[2013/07/18 12:36:09 | 000,000,025 | ---- | C] () -- C:\Users\Steelovo\AppData\Roaming\Network Meter_Usage.ini
[2013/07/15 01:19:47 | 000,009,794 | ---- | C] () -- C:\Users\Steelovo\config.cfg
[2013/07/15 01:19:47 | 000,002,326 | ---- | C] () -- C:\Users\Steelovo\autoexec.cfg
[2013/07/15 00:25:26 | 000,000,600 | ---- | C] () -- C:\Users\Steelovo\AppData\Roaming\winscp.rnd
[2013/07/14 23:11:29 | 000,000,000 | ---- | C] () -- C:\Users\Steelovo\regbcm
[2013/07/12 00:28:21 | 000,007,605 | ---- | C] () -- C:\Users\Steelovo\AppData\Local\Resmon.ResmonCfg
[2013/07/11 22:55:58 | 000,000,408 | ---- | C] () -- C:\Users\Steelovo\AppData\Roaming\sp_data.sys
[2012/09/04 13:29:38 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/09/04 13:29:24 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/09/04 13:29:22 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/08/04 19:37:02 | 000,000,217 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2012/07/26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/07/25 22:22:56 | 000,267,284 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/07/25 22:22:54 | 000,963,376 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012/06/02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012/04/20 14:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2012/10/22 12:02:17 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/07/11 22:56:21 | 000,000,000 | ---D | M] -- C:\Users\Steelovo\AppData\Roaming\ASUS WebStorage
[2013/08/05 00:56:19 | 000,000,000 | ---D | M] -- C:\Users\Steelovo\AppData\Roaming\DAEMON Tools Lite
[2013/07/20 13:47:46 | 000,000,000 | ---D | M] -- C:\Users\Steelovo\AppData\Roaming\DG
[2013/10/13 17:58:12 | 000,000,000 | ---D | M] -- C:\Users\Steelovo\AppData\Roaming\HLSW
[2013/08/23 12:18:12 | 000,000,000 | ---D | M] -- C:\Users\Steelovo\AppData\Roaming\ICQ
[2013/10/14 17:42:24 | 000,000,000 | ---D | M] -- C:\Users\Steelovo\AppData\Roaming\KeePass
[2013/09/22 17:48:01 | 000,000,000 | ---D | M] -- C:\Users\Steelovo\AppData\Roaming\MultiSkypeLauncher
[2013/08/10 10:03:58 | 000,000,000 | ---D | M] -- C:\Users\Steelovo\AppData\Roaming\Psi
[2013/07/20 15:38:41 | 000,000,000 | ---D | M] -- C:\Users\Steelovo\AppData\Roaming\TeamViewer
[2013/07/15 00:14:49 | 000,000,000 | ---D | M] -- C:\Users\Steelovo\AppData\Roaming\Thunderbird
[2013/10/14 17:42:38 | 000,000,000 | ---D | M] -- C:\Users\Steelovo\AppData\Roaming\TS3Client
[2013/08/04 14:06:43 | 000,000,000 | ---D | M] -- C:\Users\Steelovo\AppData\Roaming\Unity
[2013/08/06 10:49:01 | 000,000,000 | ---D | M] -- C:\Users\Steelovo\AppData\Roaming\uTorrent
[2013/09/14 21:53:31 | 000,000,000 | ---D | M] -- C:\Users\Steelovo\AppData\Roaming\YaTQA

========== Purity Check ==========

< End of report >

Scientific · Příspěvekod **Scientific** » 14 říj 2013 18:10

Omlouvám se, že jsem napsal tři příspěvky, ale jinak to nešlo. Je toho moc moc.

Extas.Txt
OTL Extras logfile created on: 14. 10. 2013 17:44:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Steelovo\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

3,89 Gb Total Physical Memory | 2,65 Gb Available Physical Memory | 68,27% Memory free
7,79 Gb Paging File | 6,18 Gb Available in Paging File | 79,35% Paging File free
Paging file location(s): c:\pagefile.sys 4000 8000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,30 Gb Total Space | 84,61 Gb Free Space | 45,42% Space Free | Partition Type: NTFS
Drive D: | 258,44 Gb Total Space | 215,00 Gb Free Space | 83,19% Space Free | Partition Type: NTFS

Computer Name: STEEL | User Name: Steelovo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{24F146DF-C223-40E7-8852-4F82465CBDD9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2DA5CD48-638D-4402-8D84-0C54ADF093BE}" = lport=138 | protocol=17 | dir=in | app=system |
"{3BCEFED2-A95C-44D8-A343-A48ADD81B60C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{559AEC73-B40B-4A05-AA9A-DEC3CB22D338}" = rport=138 | protocol=17 | dir=out | app=system |
"{5B1CB63E-5F33-4814-A6A4-D13278A4968D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{642847EC-0D5B-41BF-B2B8-14D68343332F}" = rport=445 | protocol=6 | dir=out | app=system |
"{6D370EC9-07CC-4C2B-9D50-1948A233E2FA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{76EB9AC7-51A1-4948-A096-A3BE0FD682A4}" = rport=137 | protocol=17 | dir=out | app=system |
"{848D814F-96B0-4165-B8E6-05E3839A1669}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{850593FD-3D2C-4495-8C19-D9245845C5CE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{90FDAF9F-2FB6-42F3-B885-7B45D8A378ED}" = lport=445 | protocol=6 | dir=in | app=system |
"{A580D441-41FC-4F55-81EE-48C709AEC670}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A9E99FF9-289D-45DE-A1B1-A1B71EBEFE75}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AC3C8196-62DD-4E07-AE6F-2D301CC28A45}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ADF53C85-9E5A-4AC5-8D04-4E52C384B3C2}" = rport=139 | protocol=6 | dir=out | app=system |
"{AF40A1BC-49D8-49E7-B101-65A25487673C}" = lport=137 | protocol=17 | dir=in | app=system |
"{AFAAF5EC-3F8A-4BCE-9D84-A021BE24E5E8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B668F7FA-EB8E-4DE7-9F8F-A216F9F2E288}" = lport=139 | protocol=6 | dir=in | app=system |
"{C545FD8E-35D9-4868-8C01-D22E73A9D2F5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CB14F077-251C-4A7F-B3BC-F6B069F6805E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EEBDADCF-EC9D-4B66-AE3D-7A912DEB937D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FDC49A7C-140F-46C9-AA68-BA233DD1267E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0131E891-360E-431C-97D1-B27700E573B8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{02893660-E4C7-45DA-8605-F742103EDF49}" = protocol=17 | dir=in | app=c:\users\steelovo\appdata\roaming\icqm\icq.exe |
"{030DBA77-A6C3-453B-B471-D4013ADCD02D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{056B1E23-92C9-4327-83B9-94049A966099}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{12C6BAC9-0B10-4BB0-9B3B-94D46E935A93}" = protocol=6 | dir=out | app=system |
"{134E0F17-2C32-4AA7-BD48-ED725AED3B6E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{14710076-EEFC-4EA8-A034-2F935CCF1B52}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{17B0E163-31AD-47F1-969B-5CE83ED15A98}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{1C30F53D-4E7A-455D-8AC1-9049941943D5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{21BFF85F-1093-4CEF-8989-A347A29C8E1E}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{23CE4FAA-6539-49D6-9F4F-8496C9C7510C}" = dir=out | name=adera |
"{2789BCB8-C573-4D36-BB9D-E56429842D4F}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{27CAA266-8B88-4381-AC23-BE91472554C6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{28FB744A-6C99-49C6-BB7D-CA55519293B1}" = protocol=6 | dir=in | app=c:\users\steelovo\appdata\roaming\icqm\icq.exe |
"{2D210F6F-1E1D-4DB5-AA49-6AE1773DCD34}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{2E4840B5-7134-41DA-B431-49CFCE7A15DE}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{32E30911-F344-4398-964C-FF2728DD8A17}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{358EF1D5-3CF2-491E-BEA1-36E2C5E7DC18}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{395C0362-56D6-4476-8929-345408B0C785}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{3A5278DB-E5D9-43E0-8FA1-902ACF5EBC96}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{3E7FDC56-44BC-4C77-9A5A-4256D899FDB8}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{3FFB55BC-4632-4031-8EB2-242CDF689C5E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{40D7308D-5484-496C-8612-E700F2229217}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{466376B6-4777-4F3A-A59B-1768F74C490E}" = protocol=6 | dir=in | app=c:\users\steelovo\appdata\roaming\utorrent\utorrent.exe |
"{510DB941-D57E-4FA4-ACEF-83F1D4ACC696}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{55CD1BFD-1781-432D-978A-B0A2A154C1A9}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{5BF0D2BF-9900-4188-8B48-4197D8E4289D}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe |
"{5CBDC481-F706-4DBB-8191-9596E7EAC959}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{60C7CDFD-5196-4105-8E7E-FFE1C064D50C}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{65062D8E-EC50-452B-89B3-CFB331E816C3}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{6B268CA2-089D-4464-B30A-76F11A0FCB31}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{6F2B9D5D-5800-44BE-94A7-1E1AF1DD37E9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{6FC6A648-7586-4C30-82BF-0F35B188971B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{70957CC2-2DAE-4D5F-8BFF-7750C5213834}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{72A1E18B-AA3D-4541-AE89-DCA12EC9975E}" = dir=out | name=adobe photoshop express |
"{7B74AD34-8640-4475-8863-78FC67CE6645}" = dir=out | name=microsoft solitaire collection |
"{7EDAFCF7-C4C3-48AD-B5DC-0B8DA2217677}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7F316FAE-0D6E-4B29-BB33-C92CA7F62F79}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7F695DC0-C7EA-4A8D-AB52-844B6CC9FB3D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8985DFA9-1C99-43A7-B00F-BF0838F11952}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{8A0B01C7-9611-4724-A02D-3C3BE6850E61}" = dir=out | name=taptiles |
"{8D564E63-F566-419A-9958-43A1C4891CB4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9157BA10-DB38-472D-ACB4-EA6DA3D14756}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{91AE97B2-9A4E-4E07-B231-711B310CA015}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{95A48634-F3FD-48D3-9D28-027762F5970E}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{9CD9DD03-E131-43D7-9636-4569E14DE976}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9F2C93D4-9FF9-46D1-9A53-B154B216B6AA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A0BEB4B6-6138-4E07-BE57-BFE0E95B8169}" = dir=out | name=windows_ie_ac_001 |
"{A160281E-7811-4366-B6A3-89977E4D9CCD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{AEB32C74-BD3C-4DCE-B2DD-51D34F457B8C}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{AF3C059E-E142-49F1-A5E4-9175154EFC9A}" = protocol=17 | dir=in | app=c:\users\steelovo\appdata\roaming\utorrent\utorrent.exe |
"{BF7517C2-2DF4-4D77-B96D-92E736AAE2BD}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{C0F0287E-42F6-47F7-8C4A-8FF9C4F0B2ED}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{C3236C06-14E8-4A00-85CA-5EA033884D7B}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{C40336FD-1EF1-44D4-B5D7-87E266824590}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{C7C094F7-A2F9-4373-8B37-4520C867AECD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CA462E67-2A86-4185-ACF7-A9CCE2A0E22E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CD47ED11-B9C7-485E-BD32-14C7B692671C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CEFDBB0E-3ABE-4E49-A976-9C5A77E89BB3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{CFBA9D8B-33FD-4417-8A14-33F1E5975A19}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{D10D446F-9498-4D72-BBB1-1C6FA2D993E5}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{D1759605-00B2-4A6E-BB5B-7D2647724FD8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{D5C04079-AD4F-4233-9AFA-0E24B1A1DB49}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{D7EAB5B1-A953-4478-BEA9-1D464751A8B5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DA641E5D-A74A-40E5-BA90-3691D6A6B698}" = protocol=1 | dir=in | name=hlsw icmp |
"{DBF8A258-D7D8-4F2A-8601-774AA37486CF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DEBCFF41-1C06-4B97-9820-6993D83E00AF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E0AE862D-EED3-4F60-959D-082DF4B76260}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{E30408E6-1037-4079-ABA7-FE7CEBA99067}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{E4C5855A-B991-4CD1-8A56-F974510B42EA}" = dir=out | name=wordament |
"{E56484CA-7CD3-4C29-9EB7-1ED254603F71}" = dir=in | name=adobe photoshop express |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E79D2BB7-57B7-4E87-8132-FF0317C8C1B3}" = dir=out | name=fresh paint |
"{E86D4FA0-33DA-4659-A1AC-44F224916B85}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ED6379D8-1709-453A-A8B1-0A8BAF1E30CC}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{EDA053F0-2363-4E8F-AC66-633F2662402E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{EEADAF34-C847-47F7-B0BB-432BBA40359D}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{EF41C4AE-3379-44E0-AA98-B6DB9A3E53AC}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{F26FDAA6-A87E-4253-85E0-A534FA5A246E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.7\icq.exe |
"{F379E332-BFD8-4E08-A5CA-D4AF4487A922}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{F4B7CE42-DDAC-4573-BF5D-7A501DF7DADF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F6BF8085-41DA-4B7C-9F1D-1DDA7BFE2172}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F746CF99-6F66-4B5D-B3D6-36B83809618F}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{FBB8A411-D810-4D84-9603-C6CE4072E35D}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{FDC288D1-A9D0-4E54-B0DB-BEF978B2DD30}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"TCP Query User{3C995F55-F7AB-4D7E-9F24-720AC74F0150}C:\users\steelovo\desktop\db\mysql\bin\mysqld_usbwv8.exe" = protocol=6 | dir=in | app=c:\users\steelovo\desktop\db\mysql\bin\mysqld_usbwv8.exe |
"TCP Query User{578BEFA1-E920-4CF8-8538-36C12A878508}C:\ogp\app\cygwin\usr\sbin\pure-ftpd.exe" = protocol=6 | dir=in | app=c:\ogp\app\cygwin\usr\sbin\pure-ftpd.exe |
"TCP Query User{6C04DA51-B869-458E-A33F-7249569390BC}C:\program files (x86)\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"TCP Query User{CB9A67F0-E391-4C70-913D-9B7A3FBA5EA0}C:\program files\psi\psi.exe" = protocol=6 | dir=in | app=c:\program files\psi\psi.exe |
"TCP Query User{F93DF82F-A72A-4C07-8DE2-8C70828CF0F9}C:\users\steelovo\desktop\db\apache2\bin\httpd_usbwv8.exe" = protocol=6 | dir=in | app=c:\users\steelovo\desktop\db\apache2\bin\httpd_usbwv8.exe |
"UDP Query User{4EB16022-8D0B-40F6-BE2D-63403B16CE49}C:\users\steelovo\desktop\db\mysql\bin\mysqld_usbwv8.exe" = protocol=17 | dir=in | app=c:\users\steelovo\desktop\db\mysql\bin\mysqld_usbwv8.exe |
"UDP Query User{81263306-E5E8-4F20-8EE3-19EF4CF4BA19}C:\ogp\app\cygwin\usr\sbin\pure-ftpd.exe" = protocol=17 | dir=in | app=c:\ogp\app\cygwin\usr\sbin\pure-ftpd.exe |
"UDP Query User{BBE6EB48-52FF-4C48-A1B2-A17AB623BCB0}C:\users\steelovo\desktop\db\apache2\bin\httpd_usbwv8.exe" = protocol=17 | dir=in | app=c:\users\steelovo\desktop\db\apache2\bin\httpd_usbwv8.exe |
"UDP Query User{E7E85918-72A8-4A91-891C-65420254333F}C:\program files (x86)\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"UDP Query User{F33CC33F-1338-4AF5-9EEF-B11792AC6D6F}C:\program files\psi\psi.exe" = protocol=17 | dir=in | app=c:\program files\psi\psi.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{792A453A-EB3B-48C7-BAEA-14E38B04D278}" = ESET NOD32 Antivirus
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89478C31-5CE8-461A-9084-9A0AF059F84F}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{89D2FA50-6002-4AFB-8586-3E38B355E891}" = Intel® PROSet/Wireless WiFi Software
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0613
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}" = Intel(R) WiDi
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{FEA1590B-540A-41FC-A95C-664493C82A21}" = Classic Shell
"C01F56FBD9B141017E63E2A1A141E59934D4DC67" = Balíček ovladače systému Windows - ASUS (ATP) Mouse (10/29/2012 1.0.0.148)
"ProInst" = Intel PROSet Wireless
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TNod" = TNod User & Password Finder
"Windows 8 Desktop Gadgets_is1" = Windows 8 Desktop Gadgets

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1" = System Explorer 4.2.2
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58172D66-2F69-4215-9AEC-ED8196023736}" = ASUS Tutor
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{749F674B-2674-47E8-879C-5626A06B2A91}" = ASUS InstantOn
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{78F4E027-355C-45C0-90DC-F89DFC618761}_is1" = Thread Manager 2.6.0.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}" = ASUS Instant Connect
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A4C2FDB2-4AF0-42E8-BE82-E4AF41A761C2}_is1" = WinRAR 4.20 32bit cz full version for Windows
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage Sync Agent
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HLSW_is1" = HLSW v1.4.0.2
"HyperCam 3" = HyperCam 3
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.22
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mozilla Firefox 24.0 (x86 cs)" = Mozilla Firefox 24.0 (x86 cs)
"Mozilla Thunderbird 17.0.8 (x86 cs)" = Mozilla Thunderbird 17.0.8 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MultiSkypeLauncher" = MultiSkypeLauncher (remove only)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Psi" = Psi (remove only)
"PSPad editor_is1" = PSPad editor
"Steam App 10" = Counter-Strike
"Steam App 43110" = Metro 2033
"Steam App 440" = Team Fortress 2
"Steam App 730" = Counter-Strike: Global Offensive
"TeamViewer 8" = TeamViewer 8
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"winscp3_is1" = WinSCP 5.1.5

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13. 10. 2013 14:29:46 | Computer Name = Steel | Source = Software Protection Platform Service | ID = 16385
Description = Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2113-09-19T18:29:46Z.
Kód chyby: 0x80041316

Error - 13. 10. 2013 14:30:16 | Computer Name = Steel | Source = Software Protection Platform Service | ID = 16385
Description = Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2113-09-19T18:30:16Z.
Kód chyby: 0x80041316

Error - 13. 10. 2013 14:30:46 | Computer Name = Steel | Source = Software Protection Platform Service | ID = 16385
Description = Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2113-09-19T18:30:46Z.
Kód chyby: 0x80041316

Error - 13. 10. 2013 14:31:16 | Computer Name = Steel | Source = Software Protection Platform Service | ID = 16385
Description = Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2113-09-19T18:31:16Z.
Kód chyby: 0x80041316

Error - 13. 10. 2013 14:31:46 | Computer Name = Steel | Source = Software Protection Platform Service | ID = 16385
Description = Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2113-09-19T18:31:46Z.
Kód chyby: 0x80041316

Error - 13. 10. 2013 14:32:16 | Computer Name = Steel | Source = Software Protection Platform Service | ID = 16385
Description = Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2113-09-19T18:32:16Z.
Kód chyby: 0x80041316

Error - 13. 10. 2013 14:32:46 | Computer Name = Steel | Source = Software Protection Platform Service | ID = 16385
Description = Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2113-09-19T18:32:46Z.
Kód chyby: 0x80041316

Error - 13. 10. 2013 14:33:16 | Computer Name = Steel | Source = Software Protection Platform Service | ID = 16385
Description = Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2113-09-19T18:33:16Z.
Kód chyby: 0x80041316

Error - 13. 10. 2013 14:33:46 | Computer Name = Steel | Source = Software Protection Platform Service | ID = 16385
Description = Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2113-09-19T18:33:46Z.
Kód chyby: 0x80041316

Error - 13. 10. 2013 14:34:16 | Computer Name = Steel | Source = Software Protection Platform Service | ID = 16385
Description = Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2113-09-19T18:34:16Z.
Kód chyby: 0x80041316

[ System Events ]
Error - 29. 9. 2013 5:54:50 | Computer Name = Steel | Source = Microsoft-Windows-Ntfs | ID = 98
Description =

Error - 29. 9. 2013 5:54:50 | Computer Name = Steel | Source = Ntfs | ID = 131
Description = Strukturu systému souborů ve svazku C: nelze opravit. Spusťte u svazku
2 program chkdsk C:.

Error - 29. 9. 2013 5:54:50 | Computer Name = Steel | Source = Ntfs | ID = 131
Description = Strukturu systému souborů ve svazku C: nelze opravit. Spusťte u svazku
2 program chkdsk C:.

Error - 29. 9. 2013 5:54:50 | Computer Name = Steel | Source = Ntfs | ID = 131
Description = Strukturu systému souborů ve svazku C: nelze opravit. Spusťte u svazku
2 program chkdsk C:.

Error - 29. 9. 2013 5:54:50 | Computer Name = Steel | Source = Ntfs | ID = 131
Description = Strukturu systému souborů ve svazku C: nelze opravit. Spusťte u svazku
2 program chkdsk C:.

Error - 29. 9. 2013 5:57:08 | Computer Name = Steel | Source = Ntfs | ID = 131
Description = Strukturu systému souborů ve svazku C: nelze opravit. Spusťte u svazku
2 program chkdsk C:.

Error - 29. 9. 2013 5:57:32 | Computer Name = Steel | Source = Ntfs | ID = 131
Description = Strukturu systému souborů ve svazku D: nelze opravit. Spusťte u svazku
2 program chkdsk D:.

Error - 29. 9. 2013 5:57:40 | Computer Name = Steel | Source = Microsoft-Windows-Ntfs | ID = 98
Description =

Error - 29. 9. 2013 5:57:40 | Computer Name = Steel | Source = Ntfs | ID = 55
Description = Ve struktuře systému souborů na svazku C: bylo zjištěno poškození.

Bylo
nalezeno poškození ve struktuře indexů systému souborů. Referenční číslo souboru
je 0x1000000000019. Název souboru je <nelze určit název souboru>. Poškozený atribut
indexu je :$O:$INDEX_ALLOCATION.

Error - 29. 9. 2013 5:57:44 | Computer Name = Steel | Source = Ntfs | ID = 131
Description = Strukturu systému souborů ve svazku C: nelze opravit. Spusťte u svazku
2 program chkdsk C:.

< End of report >

Příspěvekod **jaro3** » 15 říj 2013 10:00

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe /McCoreSvc -- (mcbootdelaystartsvc)
SRV:64bit: - [2013/07/02 02:44:21 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
DRV:64bit: - [2013/07/02 02:44:14 | 000,036,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/07/02 00:08:49 | 000,247,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15
FF - prefs.js..extensions.enabledAddons: pagehacker-nico%40nc:1.2
FF - prefs.js..extensions.enabledAddons: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.13
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF - HKLM\Software\MozillaPlugins\@vmware.com/vmrc,version=5.1.0.00000: File not found
[2013/07/14 23:24:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steelovo\AppData\Roaming\Mozilla\Extensions
[2013/09/30 19:24:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions
[2013/09/28 23:51:06 | 000,000,000 | ---D | M] (SearchNewTab) -- C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\z9bbm@crjivypnmf.co.uk
[2013/08/05 01:32:14 | 000,032,816 | ---- | M] () (No name found) -- C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\pagehacker-nico@nc.xpi
[2013/08/31 10:26:51 | 000,003,725 | ---- | M] () -- C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\searchplugins\safeguard-secure-search.xml
[2013/10/01 15:43:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2013/10/14 16:39:30 | 000,727,488 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013/10/14 16:39:30 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/10/14 16:39:30 | 000,148,006 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013/10/14 16:39:30 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Program Files\Windows Defender
c:\program files\common files\mcafee
C:\ComboFix
C:\Windows\SWREG.exe
C:\Windows\SWSC.exe
C:\Windows\SWXCACLS.exe
C:\Qoobox
C:\Users\Steelovo\Desktop\ComboFix.exe
C:\Users\Steelovo\Desktop\RK_Quarantine
C:\found.000
C:\Windows\PEV.exe
C:\Windows\MBR.exe
C:\Windows\sed.exe
C:\Windows\grep.exe
C:\Windows\zip.exe

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{E30408E6-1037-4079-ABA7-FE7CEBA99067}" =-
"{E30408E6-1037-4079-ABA7-FE7CEBA99067}" =-

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Error - 29. 9. 2013 5:54:50 | Computer Name = Steel | Source = Ntfs | ID = 131
Description = Strukturu systému souborů ve svazku C: nelze opravit. Spusťte u svazku
2 program chkdsk C:.
Error - 29. 9. 2013 5:57:40 | Computer Name = Steel | Source = Ntfs | ID = 55
Description = Ve struktuře systému souborů na svazku C: bylo zjištěno poškození.

Buď máš poškozený systém nebo disk...

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Scientific · Příspěvekod **Scientific** » 16 říj 2013 20:05

OTL.exe

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service mcbootdelaystartsvc stopped successfully!
Service mcbootdelaystartsvc deleted successfully!
File C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe /McCoreSvc not found.
Error: No service named WinDefend was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend deleted successfully.
File move failed. C:\Program Files\Windows Defender\MsMpEng.exe scheduled to be moved on reboot.
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
C:\Program Files (x86)\Skype\Updater\Updater.exe moved successfully.
Error: No service named WdBoot was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdBoot deleted successfully.
File move failed. C:\Windows\SysNative\Drivers\WdBoot.sys scheduled to be moved on reboot.
Error: No service named WdFilter was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdFilter deleted successfully.
File move failed. C:\Windows\SysNative\Drivers\WdFilter.sys scheduled to be moved on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15 removed from extensions.enabledAddons
Prefs.js: pagehacker-nico%40nc:1.2 removed from extensions.enabledAddons
Prefs.js: %7B1018e4d6-728f-4b20-ad56-37578a4de76b%7D:4.2.13 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0 removed from extensions.enabledAddons
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@vmware.com/vmrc,version=5.1.0.00000\ deleted successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\JAK folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses\email folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\classes folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\META-INF folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\chrome folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}\ipdb folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}\defaults\preferences folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}\defaults folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}\chrome\flagfox\modules folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}\chrome\flagfox folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}\chrome folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\z9bbm@crjivypnmf.co.uk\content folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\z9bbm@crjivypnmf.co.uk folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\wj5qi9k6@cwjweaeu.co.uk\content folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\wj5qi9k6@cwjweaeu.co.uk folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\cs@dictionaries.addons.mozilla.org\dictionaries folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\cs@dictionaries.addons.mozilla.org folder moved successfully.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions folder moved successfully.
Folder C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\z9bbm@crjivypnmf.co.uk\ not found.
File C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\extensions\pagehacker-nico@nc.xpi not found.
C:\Users\Steelovo\AppData\Roaming\Mozilla\Firefox\Profiles\kjwwh99n.default\searchplugins\safeguard-secure-search.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\SysNative\perfh005.dat moved successfully.
C:\Windows\SysNative\perfh009.dat moved successfully.
C:\Windows\SysNative\perfc005.dat moved successfully.
C:\Windows\SysNative\perfc009.dat moved successfully.
File EY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] not found.
File rity] not found.
File ptytemp] not found.
File art explorer] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 10162013_195601

Files\Folders moved on Reboot...
File move failed. C:\Program Files\Windows Defender\MsMpEng.exe scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\Drivers\WdBoot.sys scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\Drivers\WdFilter.sys scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

CristalDisc.exe
----------------------------------------------------------------------------
CrystalDiskInfo 5.6.1 Shizuku Edition (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8 [6.2 Build 9200] (x64)
Date : 2013/10/16 20:04:10

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- TOSHIBA MQ01ABD050
- HL-DT-ST DVDRAM
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MQ01ABD050 : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) TOSHIBA MQ01ABD050
----------------------------------------------------------------------------
Model : TOSHIBA MQ01ABD050
Firmware : AX002J
Serial Number : 526BF2E0S
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600
Power On Hours : 1617 hod.
Power On Count : 136 krát
Temparature : 36 C (96 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __1 000000000400 Čas na roztočení ploten
04 100 100 __0 00000000009B Počet spuštění/zastavení
05 100 100 _50 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _96 _96 __0 000000000651 Hodin v činnosti
0A 103 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000088 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000A5C Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000006 Počet vypnutí disku
C1 100 100 __0 000000000B8C Počet cyklů načítání/vymazání
C2 100 100 __0 002F000B0024 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000008 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000001 Počet chyb v kontrolním součtu UltraDMA
DC 100 100 __0 000000000000 Posunutí disku vůči ose
DE _97 _97 __0 0000000005B3 Počet hodin zalažení budoucího mechanismu magnetických hlav
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E0 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené napětím mechanických částí
E2 100 100 __0 0000000000B2 Celkový čas zatížení budiče magnetických hlav
F0 100 100 __1 000000000000 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2035 3236 4246 3245 3053
020: 0000 4000 0000 4158 3030 324A 2020 544F 5348 4942
030: 4120 4D51 3031 4142 4430 3530 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 8F0E 0006 004C 0048
080: 01F8 0000 746B 7D09 6163 7469 BC09 6163 203F 003F
090: 003F 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5000 0394
110: 06C8 177C 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E9A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 27 00 64 64 00
020: 04 00 00 00 00 00 04 32 00 64 64 9B 00 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 60 60 51 06 00 00 00
060: 00 00 0A 33 00 67 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 88 00 00 00 00 00 00 BF 32 00 64 64 5C
080: 0A 00 00 00 00 00 C0 32 00 64 64 06 00 00 00 00
090: 00 00 C1 32 00 64 64 8C 0B 00 00 00 00 00 C2 22
0A0: 00 64 64 24 00 0B 00 2F 00 00 C4 32 00 64 64 00
0B0: 00 00 00 00 00 00 C5 32 00 64 64 08 00 00 00 00
0C0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 32
0D0: 00 C8 C8 01 00 00 00 00 00 00 DC 02 00 64 64 00
0E0: 00 00 00 00 00 00 DE 32 00 61 61 B3 05 00 00 00
0F0: 00 00 DF 32 00 64 64 00 00 00 00 00 00 00 E0 22
100: 00 64 64 00 00 00 00 00 00 00 E2 26 00 64 64 B2
110: 00 00 00 00 00 00 F0 01 00 64 64 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 5B
170: 03 00 01 00 02 87 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 B1

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32
010: 00 00 00 00 00 00 00 00 00 00 03 01 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 32 00 00 00 00 00 00 00 00 00 00 07 32
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DC 00 00 00 00 00
0E0: 00 00 00 00 00 00 DE 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E0 00
100: 00 00 00 00 00 00 00 00 00 00 E2 00 00 00 00 00
110: 00 00 00 00 00 00 F0 01 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36

Příspěvekod **jaro3** » 17 říj 2013 09:37

Spusť OTL a klikni na Vyčisti.

000000000A5C Počet udalostí zaznamenaných otřesovým senzorem
000000000008 Počet podezřelých sektorů
Disk je na odchodu. Zazálohuj a disk reklamuj , kup nový.

Pokud nejsou jiné problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Jak odinstalovat Windows8 defender? Vyřešeno

Re: Eset NOD32 Smart Security vs Win8 Defender

Re: Eset NOD32 Smart Security vs Win8 Defender

Re: Eset NOD32 Smart Security vs Win8 Defender

Re: Eset NOD32 Smart Security vs Win8 Defender

Re: Eset NOD32 Smart Security vs Win8 Defender

Re: Jak odinstalovat Windows8 defender?

Re: Jak odinstalovat Windows8 defender?

Re: Jak odinstalovat Windows8 defender?

Re: Jak odinstalovat Windows8 defender?

Re: Jak odinstalovat Windows8 defender?

Re: Jak odinstalovat Windows8 defender?

Re: Jak odinstalovat Windows8 defender?

Kdo je online