Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:47:02, on 25. 8. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
FIREFOX: 39.0 (x86 sk)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Marek\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 5322 bytes
PC je o niečo viac zpomalené pri štarte pc najskôr nabehne čierna plocha až potom uvítacia obrazovka ikony nabehnú ale po cca 30s prebliknú (celkový štart pc do stavu kedy je na ňom nožné robiť sa predlžil cca o 2 minúty) sieťový adaptér sa načítava cca ešte 2minúty po štarte .Niektoré programy ktoré som mal v pc sa akoby odinštalovali zostali len ikony ktoré odkazujú na zmenený / presunutý obsah
Prosím o kontrolu Vyřešeno
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosím o kontrolu
OTL logfile created on: 25. 8. 2015 15:54:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marek\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17801)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
3,98 Gb Total Physical Memory | 2,81 Gb Available Physical Memory | 70,61% Memory free
7,96 Gb Paging File | 6,49 Gb Available in Paging File | 81,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 151,21 Gb Free Space | 32,47% Space Free | Partition Type: NTFS
Computer Name: MAREK-PC | User Name: Marek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Marek\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (LiveUpdateSvc) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (Riverbed Technology, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (Riverbed Technology, Inc.)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc)
DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc)
DRV:64bit: - (EtronSTOR) -- C:\Windows\SysNative\drivers\EtronSTOR.sys (Etron Technology Inc)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06diag) -- C:\Windows\SysNative\drivers\bxdiaga.sys (Broadcom Corporation)
DRV:64bit: - (bxois) -- C:\Windows\SysNative\drivers\bxois.sys (Broadcom Corporation)
DRV:64bit: - (bxfcoe) -- C:\Windows\SysNative\drivers\bxfcoe.sys (Broadcom Corporation)
DRV:64bit: - (BFN7x64) -- C:\Windows\SysNative\drivers\Xeno7x64.sys (Bigfoot Networks, Inc.)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (ioatdma2) -- C:\Windows\SysNative\drivers\qd262x64.sys (Intel Corporation)
DRV:64bit: - (ioatdma1) -- C:\Windows\SysNative\drivers\qd162x64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (HWiNFO32) -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS (REALiX(tm))
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 77336875
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sk-SK
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CC 73 7F 4E A1 09 D0 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "SK"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "SK"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.72.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.72.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Marek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014/09/20 14:00:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014/09/20 14:00:22 | 000,000,000 | ---D | M]
[2014/12/18 02:06:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marek\AppData\Roaming\Mozilla\Extensions
[2015/08/24 15:05:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\kbhmwv7t.default\extensions
[2015/07/04 15:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/07/04 15:38:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\MAREK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KBHMWV7T.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
O1 HOSTS File: ([2015/08/24 21:47:33 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 [2015/08/15 23:11:13 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0D066BF-65C4-4FE6-B14D-2C661AAA58A6}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marek\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17801)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
3,98 Gb Total Physical Memory | 2,81 Gb Available Physical Memory | 70,61% Memory free
7,96 Gb Paging File | 6,49 Gb Available in Paging File | 81,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 151,21 Gb Free Space | 32,47% Space Free | Partition Type: NTFS
Computer Name: MAREK-PC | User Name: Marek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Marek\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (LiveUpdateSvc) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (Riverbed Technology, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (Riverbed Technology, Inc.)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc)
DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc)
DRV:64bit: - (EtronSTOR) -- C:\Windows\SysNative\drivers\EtronSTOR.sys (Etron Technology Inc)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06diag) -- C:\Windows\SysNative\drivers\bxdiaga.sys (Broadcom Corporation)
DRV:64bit: - (bxois) -- C:\Windows\SysNative\drivers\bxois.sys (Broadcom Corporation)
DRV:64bit: - (bxfcoe) -- C:\Windows\SysNative\drivers\bxfcoe.sys (Broadcom Corporation)
DRV:64bit: - (BFN7x64) -- C:\Windows\SysNative\drivers\Xeno7x64.sys (Bigfoot Networks, Inc.)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (ioatdma2) -- C:\Windows\SysNative\drivers\qd262x64.sys (Intel Corporation)
DRV:64bit: - (ioatdma1) -- C:\Windows\SysNative\drivers\qd162x64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (HWiNFO32) -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS (REALiX(tm))
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 77336875
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sk-SK
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CC 73 7F 4E A1 09 D0 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "SK"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "SK"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.72.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.72.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Marek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014/09/20 14:00:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014/09/20 14:00:22 | 000,000,000 | ---D | M]
[2014/12/18 02:06:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marek\AppData\Roaming\Mozilla\Extensions
[2015/08/24 15:05:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\kbhmwv7t.default\extensions
[2015/07/04 15:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/07/04 15:38:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\MAREK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KBHMWV7T.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
O1 HOSTS File: ([2015/08/24 21:47:33 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 [2015/08/15 23:11:13 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0D066BF-65C4-4FE6-B14D-2C661AAA58A6}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
Re: Prosím o kontrolu
========== Files/Folders - Created Within 30 Days ==========
[2015/08/25 15:52:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marek\Desktop\OTL.exe
[2015/08/25 10:44:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2015/08/24 21:52:39 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2015/08/24 15:26:38 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Local\Temp
[2015/08/24 14:35:35 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysWow64\drivers\mcdbus.sys
[2015/08/24 14:35:35 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysNative\drivers\mcdbus.sys
[2015/08/23 22:22:37 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/08/22 11:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2015/08/22 11:05:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
[2015/08/22 11:03:30 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\Raptr
[2015/08/22 11:03:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr
[2015/08/22 11:03:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2015/08/17 16:43:28 | 000,000,000 | ---D | C] -- C:\Users\Marek\Desktop\PQR 4.3.4
[2015/08/14 07:42:29 | 000,000,000 | ---D | C] -- C:\Users\Marek\Desktop\2
[2015/08/04 08:29:06 | 000,107,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2015/08/04 08:29:04 | 000,100,568 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2015/08/04 08:28:58 | 000,141,792 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll
[2015/08/04 08:28:56 | 000,128,384 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll
[2015/08/04 08:28:54 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2015/08/04 08:28:54 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2015/08/04 08:28:52 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2015/08/04 08:28:52 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2015/08/04 08:28:42 | 000,152,056 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2015/08/04 08:28:40 | 000,133,016 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2015/08/04 08:28:36 | 000,102,616 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2015/08/04 08:28:30 | 001,193,904 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2015/08/04 08:28:24 | 011,948,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2015/08/04 08:28:20 | 010,094,152 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2015/08/04 08:28:12 | 007,929,616 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2015/08/04 08:28:04 | 007,408,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2015/08/04 08:25:44 | 000,297,672 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdacpksd.sys
[2015/08/04 08:23:28 | 021,622,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2015/08/04 08:18:56 | 047,785,472 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2015/08/04 08:14:14 | 039,714,304 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2015/08/04 08:09:58 | 000,065,024 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2015/08/04 08:09:52 | 000,059,392 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2015/08/04 07:58:20 | 027,535,872 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl12cl64.dll
[2015/08/04 07:57:46 | 022,318,592 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl12cl.dll
[2015/08/04 06:12:34 | 000,127,488 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantle64.dll
[2015/08/04 06:12:12 | 000,113,664 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantle32.dll
[2015/08/04 06:11:48 | 006,477,312 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmantle64.dll
[2015/08/04 05:43:50 | 005,068,288 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmantle32.dll
[2015/08/04 05:21:30 | 000,093,696 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantleaxl64.dll
[2015/08/04 05:21:18 | 000,086,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantleaxl32.dll
[2015/08/04 04:55:40 | 030,752,256 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2015/08/04 04:32:32 | 025,299,968 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2015/08/04 04:25:10 | 000,367,104 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2015/08/04 04:25:02 | 000,062,464 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2015/08/04 04:25:00 | 000,052,224 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2015/08/04 04:24:52 | 000,055,808 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2015/08/04 04:24:50 | 000,049,152 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2015/08/04 04:24:34 | 015,716,864 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2015/08/04 04:21:24 | 014,302,208 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2015/08/04 04:21:10 | 000,050,688 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmmcl6.dll
[2015/08/04 04:21:04 | 000,039,424 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmmcl.dll
[2015/08/04 04:07:30 | 000,029,696 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2015/08/04 04:07:22 | 000,672,768 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2015/08/04 04:06:32 | 000,246,784 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2015/08/04 04:05:16 | 000,190,976 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2015/08/04 03:48:20 | 000,865,792 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_15.20.dll
[2015/08/04 03:48:02 | 000,089,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2015/08/04 03:47:56 | 000,080,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
[2015/08/04 03:43:20 | 000,926,720 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2015/08/04 03:43:20 | 000,926,720 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxx.dll
[2015/08/04 03:43:06 | 000,075,264 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2015/08/04 03:43:02 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2015/08/04 03:43:02 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2015/08/04 03:42:58 | 000,156,672 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2015/08/04 03:42:44 | 000,141,824 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2015/08/04 03:42:28 | 000,665,088 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2015/08/04 03:35:02 | 000,043,520 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2015/08/01 19:55:22 | 000,000,000 | ---D | C] -- C:\Users\Marek\Desktop\Nová složka (4)
[2015/08/01 18:19:09 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\TradeSkillMaster
[2015/08/01 17:16:29 | 000,000,000 | ---D | C] -- C:\Users\Marek\Desktop\ebook
[2015/08/01 09:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\UPV
[2015/07/28 19:35:08 | 000,000,000 | ---D | C] -- C:\Users\Marek\Desktop\Deffender.eu_CATA_client_4.3.4
[2015/07/26 17:08:18 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\JAM Software
[2015/07/26 17:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\JAM Software
========== Files - Modified Within 30 Days ==========
[2015/08/25 15:52:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marek\Desktop\OTL.exe
[2015/08/25 15:00:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/08/25 14:36:42 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/08/25 14:36:42 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/08/25 13:43:46 | 000,113,880 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/08/25 10:43:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/08/25 10:43:20 | 3207,045,120 | -HS- | M] () -- C:\hiberfil.sys
[2015/08/24 22:03:17 | 000,000,512 | ---- | M] () -- C:\Users\Marek\Desktop\MBR.dat
[2015/08/24 21:47:33 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2015/08/24 15:06:48 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2015/08/24 14:58:08 | 000,037,624 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015/08/24 13:39:16 | 000,794,254 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/08/24 13:39:16 | 000,660,956 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/08/24 13:39:16 | 000,126,576 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/08/22 19:35:12 | 732,973,056 | ---- | M] () -- C:\Users\Marek\Desktop\Insidious-2-2013-CZ-titulky.avi
[2015/08/21 11:32:18 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/08/19 17:12:45 | 1619,147,764 | ---- | M] () -- C:\Users\Marek\Desktop\Insidious-1.-cz-tit..avi
[2015/08/19 12:28:03 | 000,007,607 | ---- | M] () -- C:\Users\Marek\AppData\Local\Resmon.ResmonCfg
[2015/08/17 16:44:20 | 000,437,598 | ---- | M] () -- C:\Users\Marek\Desktop\4.3 Patch.zip
[2015/08/11 22:00:45 | 000,778,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/08/11 22:00:45 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/08/06 12:13:39 | 779,235,328 | ---- | M] () -- C:\Users\Marek\Desktop\Až-vyjde-měsíc.avi
[2015/08/04 08:29:06 | 000,107,784 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2015/08/04 08:29:04 | 000,100,568 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2015/08/04 08:28:58 | 000,141,792 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll
[2015/08/04 08:28:56 | 000,128,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll
[2015/08/04 08:28:54 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2015/08/04 08:28:54 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2015/08/04 08:28:52 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2015/08/04 08:28:52 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2015/08/04 08:28:42 | 000,152,056 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2015/08/04 08:28:40 | 000,133,016 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2015/08/04 08:28:38 | 000,120,144 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2015/08/04 08:28:36 | 000,102,616 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2015/08/04 08:28:34 | 001,445,224 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2015/08/04 08:28:30 | 001,193,904 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2015/08/04 08:28:24 | 011,948,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2015/08/04 08:28:20 | 010,094,152 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2015/08/04 08:28:12 | 007,929,616 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2015/08/04 08:28:04 | 007,408,936 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2015/08/04 08:27:56 | 008,893,160 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2015/08/04 08:27:52 | 008,779,872 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2015/08/04 08:25:44 | 000,297,672 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdacpksd.sys
[2015/08/04 08:23:28 | 021,622,784 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2015/08/04 08:19:16 | 000,235,008 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe
[2015/08/04 08:18:56 | 047,785,472 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2015/08/04 08:14:14 | 039,714,304 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2015/08/04 08:09:58 | 000,065,024 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2015/08/04 08:09:52 | 000,059,392 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2015/08/04 07:58:20 | 027,535,872 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl12cl64.dll
[2015/08/04 07:57:46 | 022,318,592 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl12cl.dll
[2015/08/04 06:12:34 | 000,127,488 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantle64.dll
[2015/08/04 06:12:12 | 000,113,664 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantle32.dll
[2015/08/04 06:11:48 | 006,477,312 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmantle64.dll
[2015/08/04 05:43:50 | 005,068,288 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmantle32.dll
[2015/08/04 05:21:30 | 000,093,696 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantleaxl64.dll
[2015/08/04 05:21:18 | 000,086,528 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantleaxl32.dll
[2015/08/04 04:55:40 | 030,752,256 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2015/08/04 04:32:32 | 025,299,968 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2015/08/04 04:25:48 | 000,660,928 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2015/08/04 04:25:48 | 000,660,928 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2015/08/04 04:25:10 | 000,367,104 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2015/08/04 04:25:02 | 000,062,464 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2015/08/04 04:25:00 | 000,052,224 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2015/08/04 04:24:52 | 000,055,808 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2015/08/04 04:24:50 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2015/08/04 04:24:34 | 015,716,864 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2015/08/04 04:21:24 | 014,302,208 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2015/08/04 04:21:10 | 000,050,688 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmmcl6.dll
[2015/08/04 04:21:04 | 000,039,424 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmmcl.dll
[2015/08/04 04:16:06 | 003,437,632 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2015/08/04 04:07:56 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2015/08/04 04:07:44 | 000,160,256 | ---- | M] () -- C:\Windows\SysNative\atieah64.exe
[2015/08/04 04:07:42 | 000,143,872 | ---- | M] () -- C:\Windows\SysWow64\atieah32.exe
[2015/08/04 04:07:38 | 000,204,800 | ---- | M] () -- C:\Windows\SysNative\amdgfxinfo64.dll
[2015/08/04 04:07:34 | 000,189,952 | ---- | M] () -- C:\Windows\SysWow64\amdgfxinfo32.dll
[2015/08/04 04:07:30 | 000,029,696 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2015/08/04 04:07:22 | 000,672,768 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2015/08/04 04:06:32 | 000,246,784 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2015/08/04 04:05:16 | 000,190,976 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2015/08/04 04:00:58 | 003,471,376 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2015/08/04 03:48:20 | 000,865,792 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst_15.20.dll
[2015/08/04 03:48:02 | 000,089,088 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2015/08/04 03:47:56 | 000,080,896 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
[2015/08/04 03:43:32 | 001,247,744 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2015/08/04 03:43:20 | 000,926,720 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2015/08/04 03:43:20 | 000,926,720 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxx.dll
[2015/08/04 03:43:06 | 000,075,264 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2015/08/04 03:43:02 | 000,069,632 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2015/08/04 03:43:02 | 000,069,632 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2015/08/04 03:42:58 | 000,156,672 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2015/08/04 03:42:44 | 000,141,824 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2015/08/04 03:42:28 | 000,665,088 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2015/08/04 03:37:32 | 000,102,912 | ---- | M] () -- C:\Windows\SysNative\hsa-thunk64.dll
[2015/08/04 03:37:22 | 000,102,400 | ---- | M] () -- C:\Windows\SysWow64\hsa-thunk.dll
[2015/08/04 03:35:02 | 000,043,520 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2015/08/03 21:09:13 | 000,111,765 | ---- | M] () -- C:\Users\Marek\Desktop\odstupenie od zmluvy (1).pdf
[2015/08/03 20:53:09 | 000,111,765 | ---- | M] () -- C:\Users\Marek\Desktop\odstupenie od zmluvy.pdf
[2015/08/03 20:12:48 | 000,001,027 | ---- | M] () -- C:\Users\Marek\Desktop\HeavyLoad.lnk
[2015/08/03 20:12:35 | 000,044,845 | ---- | M] () -- C:\Users\Marek\Desktop\Untitled.png
[2015/08/03 19:52:05 | 000,156,866 | ---- | M] () -- C:\Users\Marek\Desktop\vratenie.pdf
[2015/08/01 19:59:33 | 922,727,644 | ---- | M] () -- C:\Users\Marek\Desktop\Nezvratný-osud-5.avi
[2015/08/01 19:39:49 | 1095,997,214 | ---- | M] () -- C:\Users\Marek\Desktop\Nezvratný-osud-3-=2006-Horor-DVD-CZ.avi
[2015/08/01 19:37:47 | 1012,630,188 | ---- | M] () -- C:\Users\Marek\Desktop\Nezvratný-osud-4-(2009)-(CZ+CZ-tit.)-(Horor,-Thriller).avi
[2015/08/01 19:32:11 | 1008,260,308 | ---- | M] () -- C:\Users\Marek\Desktop\Nezvratný-osud_2.AVI
[2015/08/01 19:15:13 | 943,520,774 | ---- | M] () -- C:\Users\Marek\Desktop\Nezvratný-osud-1.avi
[2015/08/01 12:21:35 | 000,000,050 | ---- | M] () -- C:\Users\Marek\Desktop\EnergyFM.m3u
[2015/07/28 20:57:29 | 1791,969,280 | ---- | M] () -- C:\Users\Marek\Desktop\Vlk-z-Wall-Street-_-The-Wolf-of-Wall-Street-2013,-CZ.avi
========== Files Created - No Company Name ==========
[2015/08/24 22:03:17 | 000,000,512 | ---- | C] () -- C:\Users\Marek\Desktop\MBR.dat
[2015/08/24 15:26:38 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2015/08/24 14:03:00 | 000,037,888 | ---- | C] () -- C:\Users\Marek\Desktop\usb_format.exe
[2015/08/22 18:13:53 | 732,973,056 | ---- | C] () -- C:\Users\Marek\Desktop\Insidious-2-2013-CZ-titulky.avi
[2015/08/18 21:43:57 | 1619,147,764 | ---- | C] () -- C:\Users\Marek\Desktop\Insidious-1.-cz-tit..avi
[2015/08/17 16:44:18 | 000,437,598 | ---- | C] () -- C:\Users\Marek\Desktop\4.3 Patch.zip
[2015/08/06 11:29:13 | 779,235,328 | ---- | C] () -- C:\Users\Marek\Desktop\Až-vyjde-měsíc.avi
[2015/08/04 08:19:16 | 000,235,008 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2015/08/04 04:25:48 | 000,660,928 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2015/08/04 04:25:48 | 000,660,928 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2015/08/04 04:16:06 | 003,437,632 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2015/08/04 04:07:44 | 000,160,256 | ---- | C] () -- C:\Windows\SysNative\atieah64.exe
[2015/08/04 04:07:42 | 000,143,872 | ---- | C] () -- C:\Windows\SysWow64\atieah32.exe
[2015/08/04 04:07:38 | 000,204,800 | ---- | C] () -- C:\Windows\SysNative\amdgfxinfo64.dll
[2015/08/04 04:07:34 | 000,189,952 | ---- | C] () -- C:\Windows\SysWow64\amdgfxinfo32.dll
[2015/08/04 04:00:58 | 003,471,376 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2015/08/04 03:37:32 | 000,102,912 | ---- | C] () -- C:\Windows\SysNative\hsa-thunk64.dll
[2015/08/04 03:37:22 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\hsa-thunk.dll
[2015/08/03 21:09:13 | 000,111,765 | ---- | C] () -- C:\Users\Marek\Desktop\odstupenie od zmluvy (1).pdf
[2015/08/03 20:53:09 | 000,111,765 | ---- | C] () -- C:\Users\Marek\Desktop\odstupenie od zmluvy.pdf
[2015/08/03 20:01:17 | 000,044,845 | ---- | C] () -- C:\Users\Marek\Desktop\Untitled.png
[2015/08/03 19:52:03 | 000,156,866 | ---- | C] () -- C:\Users\Marek\Desktop\vratenie.pdf
[2015/08/01 17:13:32 | 922,727,644 | ---- | C] () -- C:\Users\Marek\Desktop\Nezvratný-osud-5.avi
[2015/08/01 17:12:42 | 1012,630,188 | ---- | C] () -- C:\Users\Marek\Desktop\Nezvratný-osud-4-(2009)-(CZ+CZ-tit.)-(Horor,-Thriller).avi
[2015/08/01 17:12:20 | 1095,997,214 | ---- | C] () -- C:\Users\Marek\Desktop\Nezvratný-osud-3-=2006-Horor-DVD-CZ.avi
[2015/08/01 17:11:38 | 1008,260,308 | ---- | C] () -- C:\Users\Marek\Desktop\Nezvratný-osud_2.AVI
[2015/08/01 17:06:47 | 943,520,774 | ---- | C] () -- C:\Users\Marek\Desktop\Nezvratný-osud-1.avi
[2015/08/01 12:21:35 | 000,000,050 | ---- | C] () -- C:\Users\Marek\Desktop\EnergyFM.m3u
[2015/08/01 10:00:47 | 000,236,032 | ---- | C] () -- C:\Users\Marek\Desktop\keygen.exe
[2015/07/28 17:49:42 | 1791,969,280 | ---- | C] () -- C:\Users\Marek\Desktop\Vlk-z-Wall-Street-_-The-Wolf-of-Wall-Street-2013,-CZ.avi
[2015/07/26 17:08:16 | 000,001,027 | ---- | C] () -- C:\Users\Marek\Desktop\HeavyLoad.lnk
[2015/04/03 17:36:24 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-MAREK-PC-Windows-7-Ultimate-(64-bit).dat
[2015/02/18 12:33:40 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2015/01/14 21:36:50 | 001,065,984 | ---- | C] () -- C:\Users\Marek\AppData\Local\file__0.localstorage
[2014/12/15 15:00:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014/11/20 22:35:00 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014/09/20 20:05:20 | 000,007,607 | ---- | C] () -- C:\Users\Marek\AppData\Local\Resmon.ResmonCfg
[2014/09/20 13:56:57 | 000,169,820 | ---- | C] () -- C:\Windows\hpoins14.dat
[2014/09/20 13:56:57 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2014/09/20 12:41:20 | 000,798,940 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/04/18 04:22:56 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014/04/18 04:22:56 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014/04/18 03:25:52 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014/04/18 03:25:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
========== ZeroAccess Check ==========
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/12/24 15:57:37 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\4Media
[2014/12/24 15:58:10 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\AMD
[2015/06/09 16:07:01 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Anvsoft
[2015/02/08 15:52:11 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Atari
[2015/08/20 10:53:39 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\BitTorrent
[2014/11/12 17:01:01 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Dev-Cpp
[2015/05/11 16:19:50 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Downloaded Installations
[2014/12/14 18:40:39 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\driveridentifier
[2014/12/24 15:49:59 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\DVDVideoSoft
[2015/07/21 21:04:06 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Firetrust
[2015/07/17 01:49:15 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\fizzy
[2014/09/20 19:54:05 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\HD Tune Pro
[2015/08/24 12:50:26 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\IObit
[2015/07/26 17:08:18 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\JAM Software
[2014/09/20 12:49:19 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\library_dir
[2014/10/10 22:54:22 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\LolClient
[2015/06/07 19:28:56 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Mediatronic
[2015/07/24 12:02:24 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\MMFApplications
[2015/01/27 18:09:01 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Mount&Blade Warband
[2015/02/28 04:29:39 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\MOVAVI
[2015/05/11 16:41:43 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Nitro
[2015/05/11 16:38:20 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Nitro PDF
[2015/02/15 01:39:02 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Opera
[2014/09/20 13:16:16 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Opera Software
[2014/12/25 14:31:39 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\PortForward.com
[2015/08/22 11:18:25 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Raptr
[2015/06/13 16:00:33 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Riot Games
[2015/01/07 22:01:57 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\SmartDraw
[2015/03/20 01:04:50 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Steam
[2015/06/26 23:43:44 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TeamViewer
[2014/09/26 20:15:13 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\ThinkSky
[2015/08/01 18:19:09 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TradeSkillMaster
[2015/08/24 12:43:43 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TS3Client
[2014/09/20 12:55:13 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TuneUp Software
[2014/09/21 14:32:19 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Unity
[2015/03/02 21:46:47 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\VitySoft
[2015/07/19 11:34:01 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Wireshark
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2015/08/01 09:59:04 | 000,000,000 | ---D | C](C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\?rd?m?x Keylogger 4.3.1) -- C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdаmаx Keylogger 4.3.1
< End of report >
[2015/08/25 15:52:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marek\Desktop\OTL.exe
[2015/08/25 10:44:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2015/08/24 21:52:39 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2015/08/24 15:26:38 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Local\Temp
[2015/08/24 14:35:35 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysWow64\drivers\mcdbus.sys
[2015/08/24 14:35:35 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysNative\drivers\mcdbus.sys
[2015/08/23 22:22:37 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/08/22 11:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2015/08/22 11:05:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
[2015/08/22 11:03:30 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\Raptr
[2015/08/22 11:03:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr
[2015/08/22 11:03:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2015/08/17 16:43:28 | 000,000,000 | ---D | C] -- C:\Users\Marek\Desktop\PQR 4.3.4
[2015/08/14 07:42:29 | 000,000,000 | ---D | C] -- C:\Users\Marek\Desktop\2
[2015/08/04 08:29:06 | 000,107,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2015/08/04 08:29:04 | 000,100,568 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2015/08/04 08:28:58 | 000,141,792 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll
[2015/08/04 08:28:56 | 000,128,384 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll
[2015/08/04 08:28:54 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2015/08/04 08:28:54 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2015/08/04 08:28:52 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2015/08/04 08:28:52 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2015/08/04 08:28:42 | 000,152,056 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2015/08/04 08:28:40 | 000,133,016 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2015/08/04 08:28:36 | 000,102,616 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2015/08/04 08:28:30 | 001,193,904 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2015/08/04 08:28:24 | 011,948,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2015/08/04 08:28:20 | 010,094,152 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2015/08/04 08:28:12 | 007,929,616 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2015/08/04 08:28:04 | 007,408,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2015/08/04 08:25:44 | 000,297,672 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdacpksd.sys
[2015/08/04 08:23:28 | 021,622,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2015/08/04 08:18:56 | 047,785,472 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2015/08/04 08:14:14 | 039,714,304 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2015/08/04 08:09:58 | 000,065,024 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2015/08/04 08:09:52 | 000,059,392 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2015/08/04 07:58:20 | 027,535,872 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl12cl64.dll
[2015/08/04 07:57:46 | 022,318,592 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl12cl.dll
[2015/08/04 06:12:34 | 000,127,488 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantle64.dll
[2015/08/04 06:12:12 | 000,113,664 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantle32.dll
[2015/08/04 06:11:48 | 006,477,312 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmantle64.dll
[2015/08/04 05:43:50 | 005,068,288 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmantle32.dll
[2015/08/04 05:21:30 | 000,093,696 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantleaxl64.dll
[2015/08/04 05:21:18 | 000,086,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantleaxl32.dll
[2015/08/04 04:55:40 | 030,752,256 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2015/08/04 04:32:32 | 025,299,968 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2015/08/04 04:25:10 | 000,367,104 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2015/08/04 04:25:02 | 000,062,464 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2015/08/04 04:25:00 | 000,052,224 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2015/08/04 04:24:52 | 000,055,808 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2015/08/04 04:24:50 | 000,049,152 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2015/08/04 04:24:34 | 015,716,864 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2015/08/04 04:21:24 | 014,302,208 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2015/08/04 04:21:10 | 000,050,688 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmmcl6.dll
[2015/08/04 04:21:04 | 000,039,424 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmmcl.dll
[2015/08/04 04:07:30 | 000,029,696 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2015/08/04 04:07:22 | 000,672,768 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2015/08/04 04:06:32 | 000,246,784 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2015/08/04 04:05:16 | 000,190,976 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2015/08/04 03:48:20 | 000,865,792 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_15.20.dll
[2015/08/04 03:48:02 | 000,089,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2015/08/04 03:47:56 | 000,080,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
[2015/08/04 03:43:20 | 000,926,720 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2015/08/04 03:43:20 | 000,926,720 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxx.dll
[2015/08/04 03:43:06 | 000,075,264 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2015/08/04 03:43:02 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2015/08/04 03:43:02 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2015/08/04 03:42:58 | 000,156,672 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2015/08/04 03:42:44 | 000,141,824 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2015/08/04 03:42:28 | 000,665,088 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2015/08/04 03:35:02 | 000,043,520 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2015/08/01 19:55:22 | 000,000,000 | ---D | C] -- C:\Users\Marek\Desktop\Nová složka (4)
[2015/08/01 18:19:09 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\TradeSkillMaster
[2015/08/01 17:16:29 | 000,000,000 | ---D | C] -- C:\Users\Marek\Desktop\ebook
[2015/08/01 09:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\UPV
[2015/07/28 19:35:08 | 000,000,000 | ---D | C] -- C:\Users\Marek\Desktop\Deffender.eu_CATA_client_4.3.4
[2015/07/26 17:08:18 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\JAM Software
[2015/07/26 17:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\JAM Software
========== Files - Modified Within 30 Days ==========
[2015/08/25 15:52:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marek\Desktop\OTL.exe
[2015/08/25 15:00:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/08/25 14:36:42 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/08/25 14:36:42 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/08/25 13:43:46 | 000,113,880 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/08/25 10:43:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/08/25 10:43:20 | 3207,045,120 | -HS- | M] () -- C:\hiberfil.sys
[2015/08/24 22:03:17 | 000,000,512 | ---- | M] () -- C:\Users\Marek\Desktop\MBR.dat
[2015/08/24 21:47:33 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2015/08/24 15:06:48 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2015/08/24 14:58:08 | 000,037,624 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015/08/24 13:39:16 | 000,794,254 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/08/24 13:39:16 | 000,660,956 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/08/24 13:39:16 | 000,126,576 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/08/22 19:35:12 | 732,973,056 | ---- | M] () -- C:\Users\Marek\Desktop\Insidious-2-2013-CZ-titulky.avi
[2015/08/21 11:32:18 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/08/19 17:12:45 | 1619,147,764 | ---- | M] () -- C:\Users\Marek\Desktop\Insidious-1.-cz-tit..avi
[2015/08/19 12:28:03 | 000,007,607 | ---- | M] () -- C:\Users\Marek\AppData\Local\Resmon.ResmonCfg
[2015/08/17 16:44:20 | 000,437,598 | ---- | M] () -- C:\Users\Marek\Desktop\4.3 Patch.zip
[2015/08/11 22:00:45 | 000,778,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015/08/11 22:00:45 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015/08/06 12:13:39 | 779,235,328 | ---- | M] () -- C:\Users\Marek\Desktop\Až-vyjde-měsíc.avi
[2015/08/04 08:29:06 | 000,107,784 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2015/08/04 08:29:04 | 000,100,568 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2015/08/04 08:28:58 | 000,141,792 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll
[2015/08/04 08:28:56 | 000,128,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll
[2015/08/04 08:28:54 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2015/08/04 08:28:54 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2015/08/04 08:28:52 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2015/08/04 08:28:52 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2015/08/04 08:28:42 | 000,152,056 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2015/08/04 08:28:40 | 000,133,016 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2015/08/04 08:28:38 | 000,120,144 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2015/08/04 08:28:36 | 000,102,616 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2015/08/04 08:28:34 | 001,445,224 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2015/08/04 08:28:30 | 001,193,904 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2015/08/04 08:28:24 | 011,948,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2015/08/04 08:28:20 | 010,094,152 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2015/08/04 08:28:12 | 007,929,616 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2015/08/04 08:28:04 | 007,408,936 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2015/08/04 08:27:56 | 008,893,160 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2015/08/04 08:27:52 | 008,779,872 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2015/08/04 08:25:44 | 000,297,672 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdacpksd.sys
[2015/08/04 08:23:28 | 021,622,784 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2015/08/04 08:19:16 | 000,235,008 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe
[2015/08/04 08:18:56 | 047,785,472 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2015/08/04 08:14:14 | 039,714,304 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2015/08/04 08:09:58 | 000,065,024 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2015/08/04 08:09:52 | 000,059,392 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2015/08/04 07:58:20 | 027,535,872 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl12cl64.dll
[2015/08/04 07:57:46 | 022,318,592 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl12cl.dll
[2015/08/04 06:12:34 | 000,127,488 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantle64.dll
[2015/08/04 06:12:12 | 000,113,664 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantle32.dll
[2015/08/04 06:11:48 | 006,477,312 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmantle64.dll
[2015/08/04 05:43:50 | 005,068,288 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmantle32.dll
[2015/08/04 05:21:30 | 000,093,696 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantleaxl64.dll
[2015/08/04 05:21:18 | 000,086,528 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantleaxl32.dll
[2015/08/04 04:55:40 | 030,752,256 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2015/08/04 04:32:32 | 025,299,968 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2015/08/04 04:25:48 | 000,660,928 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2015/08/04 04:25:48 | 000,660,928 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2015/08/04 04:25:10 | 000,367,104 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2015/08/04 04:25:02 | 000,062,464 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2015/08/04 04:25:00 | 000,052,224 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2015/08/04 04:24:52 | 000,055,808 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2015/08/04 04:24:50 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2015/08/04 04:24:34 | 015,716,864 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2015/08/04 04:21:24 | 014,302,208 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2015/08/04 04:21:10 | 000,050,688 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmmcl6.dll
[2015/08/04 04:21:04 | 000,039,424 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmmcl.dll
[2015/08/04 04:16:06 | 003,437,632 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2015/08/04 04:07:56 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2015/08/04 04:07:44 | 000,160,256 | ---- | M] () -- C:\Windows\SysNative\atieah64.exe
[2015/08/04 04:07:42 | 000,143,872 | ---- | M] () -- C:\Windows\SysWow64\atieah32.exe
[2015/08/04 04:07:38 | 000,204,800 | ---- | M] () -- C:\Windows\SysNative\amdgfxinfo64.dll
[2015/08/04 04:07:34 | 000,189,952 | ---- | M] () -- C:\Windows\SysWow64\amdgfxinfo32.dll
[2015/08/04 04:07:30 | 000,029,696 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2015/08/04 04:07:22 | 000,672,768 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2015/08/04 04:06:32 | 000,246,784 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2015/08/04 04:05:16 | 000,190,976 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2015/08/04 04:00:58 | 003,471,376 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2015/08/04 03:48:20 | 000,865,792 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst_15.20.dll
[2015/08/04 03:48:02 | 000,089,088 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2015/08/04 03:47:56 | 000,080,896 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
[2015/08/04 03:43:32 | 001,247,744 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2015/08/04 03:43:20 | 000,926,720 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2015/08/04 03:43:20 | 000,926,720 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxx.dll
[2015/08/04 03:43:06 | 000,075,264 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2015/08/04 03:43:02 | 000,069,632 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2015/08/04 03:43:02 | 000,069,632 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2015/08/04 03:42:58 | 000,156,672 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2015/08/04 03:42:44 | 000,141,824 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2015/08/04 03:42:28 | 000,665,088 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2015/08/04 03:37:32 | 000,102,912 | ---- | M] () -- C:\Windows\SysNative\hsa-thunk64.dll
[2015/08/04 03:37:22 | 000,102,400 | ---- | M] () -- C:\Windows\SysWow64\hsa-thunk.dll
[2015/08/04 03:35:02 | 000,043,520 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2015/08/03 21:09:13 | 000,111,765 | ---- | M] () -- C:\Users\Marek\Desktop\odstupenie od zmluvy (1).pdf
[2015/08/03 20:53:09 | 000,111,765 | ---- | M] () -- C:\Users\Marek\Desktop\odstupenie od zmluvy.pdf
[2015/08/03 20:12:48 | 000,001,027 | ---- | M] () -- C:\Users\Marek\Desktop\HeavyLoad.lnk
[2015/08/03 20:12:35 | 000,044,845 | ---- | M] () -- C:\Users\Marek\Desktop\Untitled.png
[2015/08/03 19:52:05 | 000,156,866 | ---- | M] () -- C:\Users\Marek\Desktop\vratenie.pdf
[2015/08/01 19:59:33 | 922,727,644 | ---- | M] () -- C:\Users\Marek\Desktop\Nezvratný-osud-5.avi
[2015/08/01 19:39:49 | 1095,997,214 | ---- | M] () -- C:\Users\Marek\Desktop\Nezvratný-osud-3-=2006-Horor-DVD-CZ.avi
[2015/08/01 19:37:47 | 1012,630,188 | ---- | M] () -- C:\Users\Marek\Desktop\Nezvratný-osud-4-(2009)-(CZ+CZ-tit.)-(Horor,-Thriller).avi
[2015/08/01 19:32:11 | 1008,260,308 | ---- | M] () -- C:\Users\Marek\Desktop\Nezvratný-osud_2.AVI
[2015/08/01 19:15:13 | 943,520,774 | ---- | M] () -- C:\Users\Marek\Desktop\Nezvratný-osud-1.avi
[2015/08/01 12:21:35 | 000,000,050 | ---- | M] () -- C:\Users\Marek\Desktop\EnergyFM.m3u
[2015/07/28 20:57:29 | 1791,969,280 | ---- | M] () -- C:\Users\Marek\Desktop\Vlk-z-Wall-Street-_-The-Wolf-of-Wall-Street-2013,-CZ.avi
========== Files Created - No Company Name ==========
[2015/08/24 22:03:17 | 000,000,512 | ---- | C] () -- C:\Users\Marek\Desktop\MBR.dat
[2015/08/24 15:26:38 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2015/08/24 14:03:00 | 000,037,888 | ---- | C] () -- C:\Users\Marek\Desktop\usb_format.exe
[2015/08/22 18:13:53 | 732,973,056 | ---- | C] () -- C:\Users\Marek\Desktop\Insidious-2-2013-CZ-titulky.avi
[2015/08/18 21:43:57 | 1619,147,764 | ---- | C] () -- C:\Users\Marek\Desktop\Insidious-1.-cz-tit..avi
[2015/08/17 16:44:18 | 000,437,598 | ---- | C] () -- C:\Users\Marek\Desktop\4.3 Patch.zip
[2015/08/06 11:29:13 | 779,235,328 | ---- | C] () -- C:\Users\Marek\Desktop\Až-vyjde-měsíc.avi
[2015/08/04 08:19:16 | 000,235,008 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2015/08/04 04:25:48 | 000,660,928 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2015/08/04 04:25:48 | 000,660,928 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2015/08/04 04:16:06 | 003,437,632 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2015/08/04 04:07:44 | 000,160,256 | ---- | C] () -- C:\Windows\SysNative\atieah64.exe
[2015/08/04 04:07:42 | 000,143,872 | ---- | C] () -- C:\Windows\SysWow64\atieah32.exe
[2015/08/04 04:07:38 | 000,204,800 | ---- | C] () -- C:\Windows\SysNative\amdgfxinfo64.dll
[2015/08/04 04:07:34 | 000,189,952 | ---- | C] () -- C:\Windows\SysWow64\amdgfxinfo32.dll
[2015/08/04 04:00:58 | 003,471,376 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2015/08/04 03:37:32 | 000,102,912 | ---- | C] () -- C:\Windows\SysNative\hsa-thunk64.dll
[2015/08/04 03:37:22 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\hsa-thunk.dll
[2015/08/03 21:09:13 | 000,111,765 | ---- | C] () -- C:\Users\Marek\Desktop\odstupenie od zmluvy (1).pdf
[2015/08/03 20:53:09 | 000,111,765 | ---- | C] () -- C:\Users\Marek\Desktop\odstupenie od zmluvy.pdf
[2015/08/03 20:01:17 | 000,044,845 | ---- | C] () -- C:\Users\Marek\Desktop\Untitled.png
[2015/08/03 19:52:03 | 000,156,866 | ---- | C] () -- C:\Users\Marek\Desktop\vratenie.pdf
[2015/08/01 17:13:32 | 922,727,644 | ---- | C] () -- C:\Users\Marek\Desktop\Nezvratný-osud-5.avi
[2015/08/01 17:12:42 | 1012,630,188 | ---- | C] () -- C:\Users\Marek\Desktop\Nezvratný-osud-4-(2009)-(CZ+CZ-tit.)-(Horor,-Thriller).avi
[2015/08/01 17:12:20 | 1095,997,214 | ---- | C] () -- C:\Users\Marek\Desktop\Nezvratný-osud-3-=2006-Horor-DVD-CZ.avi
[2015/08/01 17:11:38 | 1008,260,308 | ---- | C] () -- C:\Users\Marek\Desktop\Nezvratný-osud_2.AVI
[2015/08/01 17:06:47 | 943,520,774 | ---- | C] () -- C:\Users\Marek\Desktop\Nezvratný-osud-1.avi
[2015/08/01 12:21:35 | 000,000,050 | ---- | C] () -- C:\Users\Marek\Desktop\EnergyFM.m3u
[2015/08/01 10:00:47 | 000,236,032 | ---- | C] () -- C:\Users\Marek\Desktop\keygen.exe
[2015/07/28 17:49:42 | 1791,969,280 | ---- | C] () -- C:\Users\Marek\Desktop\Vlk-z-Wall-Street-_-The-Wolf-of-Wall-Street-2013,-CZ.avi
[2015/07/26 17:08:16 | 000,001,027 | ---- | C] () -- C:\Users\Marek\Desktop\HeavyLoad.lnk
[2015/04/03 17:36:24 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-MAREK-PC-Windows-7-Ultimate-(64-bit).dat
[2015/02/18 12:33:40 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2015/01/14 21:36:50 | 001,065,984 | ---- | C] () -- C:\Users\Marek\AppData\Local\file__0.localstorage
[2014/12/15 15:00:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014/11/20 22:35:00 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014/09/20 20:05:20 | 000,007,607 | ---- | C] () -- C:\Users\Marek\AppData\Local\Resmon.ResmonCfg
[2014/09/20 13:56:57 | 000,169,820 | ---- | C] () -- C:\Windows\hpoins14.dat
[2014/09/20 13:56:57 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2014/09/20 12:41:20 | 000,798,940 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/04/18 04:22:56 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014/04/18 04:22:56 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014/04/18 03:25:52 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014/04/18 03:25:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
========== ZeroAccess Check ==========
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/12/24 15:57:37 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\4Media
[2014/12/24 15:58:10 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\AMD
[2015/06/09 16:07:01 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Anvsoft
[2015/02/08 15:52:11 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Atari
[2015/08/20 10:53:39 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\BitTorrent
[2014/11/12 17:01:01 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Dev-Cpp
[2015/05/11 16:19:50 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Downloaded Installations
[2014/12/14 18:40:39 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\driveridentifier
[2014/12/24 15:49:59 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\DVDVideoSoft
[2015/07/21 21:04:06 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Firetrust
[2015/07/17 01:49:15 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\fizzy
[2014/09/20 19:54:05 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\HD Tune Pro
[2015/08/24 12:50:26 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\IObit
[2015/07/26 17:08:18 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\JAM Software
[2014/09/20 12:49:19 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\library_dir
[2014/10/10 22:54:22 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\LolClient
[2015/06/07 19:28:56 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Mediatronic
[2015/07/24 12:02:24 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\MMFApplications
[2015/01/27 18:09:01 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Mount&Blade Warband
[2015/02/28 04:29:39 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\MOVAVI
[2015/05/11 16:41:43 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Nitro
[2015/05/11 16:38:20 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Nitro PDF
[2015/02/15 01:39:02 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Opera
[2014/09/20 13:16:16 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Opera Software
[2014/12/25 14:31:39 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\PortForward.com
[2015/08/22 11:18:25 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Raptr
[2015/06/13 16:00:33 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Riot Games
[2015/01/07 22:01:57 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\SmartDraw
[2015/03/20 01:04:50 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Steam
[2015/06/26 23:43:44 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TeamViewer
[2014/09/26 20:15:13 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\ThinkSky
[2015/08/01 18:19:09 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TradeSkillMaster
[2015/08/24 12:43:43 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TS3Client
[2014/09/20 12:55:13 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\TuneUp Software
[2014/09/21 14:32:19 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Unity
[2015/03/02 21:46:47 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\VitySoft
[2015/07/19 11:34:01 | 000,000,000 | ---D | M] -- C:\Users\Marek\AppData\Roaming\Wireshark
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2015/08/01 09:59:04 | 000,000,000 | ---D | C](C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\?rd?m?x Keylogger 4.3.1) -- C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdаmаx Keylogger 4.3.1
< End of report >
Re: Prosím o kontrolu
OTL Extras logfile created on: 25. 8. 2015 15:54:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marek\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17801)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
3,98 Gb Total Physical Memory | 2,81 Gb Available Physical Memory | 70,61% Memory free
7,96 Gb Paging File | 6,49 Gb Available in Paging File | 81,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 151,21 Gb Free Space | 32,47% Space Free | Partition Type: NTFS
Computer Name: MAREK-PC | User Name: Marek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00386991-DB2D-49E0-992F-3B024565026B}" = lport=445 | protocol=6 | dir=in | app=system |
"{040C4A8F-6B98-4C1B-8E2C-B552000A9F08}" = rport=3702 | protocol=17 | dir=out | svc=peerdistsvc | app=%systemroot%\system32\svchost.exe |
"{04E5D073-CE7F-4DFF-83F3-E7FD5CE54CC5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{05533080-135A-4CF5-B005-F067F4525436}" = lport=443 | protocol=6 | dir=in | app=system |
"{05A5DDAC-4576-43C5-8D2C-F2A3C39B90A9}" = lport=rpc | protocol=6 | dir=in | app=%systemroot%\system32\services.exe |
"{0D6AE64D-A558-414A-BD58-AAF1C2D0856F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{0EA02227-1F05-4D4D-9634-AFFBE44F717A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1510F5AB-C8E2-420E-A4D9-8C761600CFC2}" = lport=1701 | protocol=17 | dir=in | app=system |
"{169707F9-7469-4C28-B4AF-B2B9EAD40037}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{176E26FB-AC50-4E62-BA1B-CE643DEA944D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{17AAE2FA-8B11-44CD-B403-810F872181EA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1D600405-C581-48FB-92DE-C110C6A69432}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{243418BC-D158-4915-94E3-70CB371D6759}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{286097D2-811D-4FDE-AEA8-AB452692788F}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{29DD584D-BF68-44A6-A310-E18655E3AE6F}" = lport=rpc | protocol=6 | dir=in | app=%systemroot%\system32\vdsldr.exe |
"{2B9E8104-01C0-47CB-B5B5-93D41051235F}" = lport=443 | protocol=6 | dir=in | app=system |
"{31D78479-A410-4F1D-9908-437402C1AAF4}" = lport=rpc | protocol=6 | dir=in | svc=ktmrm | app=%systemroot%\system32\svchost.exe |
"{394C1C86-986B-4A54-A0E2-646D62050B67}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=%systemroot%\system32\vds.exe |
"{39E8AFC5-1325-45EC-AFEC-E289FE4CA7A9}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{41DBC96E-204B-48CC-BEEE-81A81524C571}" = lport=137 | protocol=17 | dir=in | app=system |
"{44312809-3ED0-424F-A8B2-344CB3C75831}" = rport=80 | protocol=6 | dir=out | app=system |
"{443503CF-7C8E-40E8-A9F2-5F44A963B628}" = rport=5358 | protocol=6 | dir=out | app=system |
"{461A534A-B6BB-4FE8-AB6A-16641BF34B75}" = lport=10244 | protocol=6 | dir=in | app=system |
"{4E572D6C-6B59-4F41-977D-96D3B6CB6785}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{52F15FD0-5647-45B3-AF5F-DDEE31972316}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5CF4CE74-6CEE-4F20-9FC5-0A4FE31C0F96}" = lport=139 | protocol=6 | dir=in | app=system |
"{618A67EB-1405-4EE7-AE18-95065CF2E280}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{62DC93B2-0D9A-4C25-9325-ADB09825538A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6346DB3F-538C-4924-B51C-79AE0106DF13}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6A6FD16E-0202-421B-90FD-82876E332678}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6F497C4F-E6D0-4CE4-A57F-8FAA70F1579C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{713B5F63-02B4-4C8D-A2A6-D1F003968D52}" = lport=1723 | protocol=6 | dir=in | app=system |
"{7390DC9C-AF7F-4321-91BD-EB27E3F4CE1D}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{74130750-743E-4670-8E98-9309AA0B0493}" = rport=139 | protocol=6 | dir=out | app=system |
"{76E88DAE-ECF3-4722-B3F8-76A5E085B442}" = lport=138 | protocol=17 | dir=in | app=system |
"{76ED7E32-0DEC-425E-A5D6-1C4CF5A806CA}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{799D30C9-5DA3-44E6-88F3-083DB32F3D20}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{8CD809D0-14F8-483B-B1ED-010AF6EF2019}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{8ED26294-29A9-4280-9F9D-C569C6BEBDC6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{9445DE88-3DA6-4D84-8325-2E9C5EC0A8A3}" = lport=5358 | protocol=6 | dir=in | app=system |
"{9BB0F0FD-FCCD-46DA-B455-E72C92C3AB1B}" = rport=138 | protocol=17 | dir=out | app=system |
"{A0A0F63D-477A-4F0E-BD9C-56C26F36EA82}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{A39B3530-9189-43F9-AD8F-07E5EBB147CE}" = lport=445 | protocol=6 | dir=in | app=system |
"{A6F965DF-5B3F-439C-85E3-EB7DD3AAF3CC}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{A70DA080-090C-438A-845A-C87AE15DAB1B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A8058118-A4F5-4540-B9F9-25EB860B0B53}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{ADF915D5-1531-47EB-83BB-E497F7216C87}" = lport=3702 | protocol=17 | dir=in | svc=peerdistsvc | app=%systemroot%\system32\svchost.exe |
"{B44A7EFB-AA78-48F2-8031-482793426961}" = lport=rpc | protocol=6 | dir=in | svc=schedule | app=%systemroot%\system32\svchost.exe |
"{BBE45A74-8681-4B94-97AA-78BB61E3F18E}" = lport=445 | protocol=6 | dir=in | app=system |
"{BEA7D899-3D6B-4D88-8A90-17B346ADC372}" = rport=1723 | protocol=6 | dir=out | app=system |
"{BEC73E4C-E849-40A6-B63C-BFF5B9993214}" = lport=445 | protocol=6 | dir=in | app=system |
"{C659F4FC-866D-412E-9A41-4CB99CEEFDB1}" = lport=443 | protocol=6 | dir=out | app=system |
"{C89ECB1F-9C98-431F-B77B-11728980B5D2}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{CC46E03D-A14E-49F9-9845-E136A3B53915}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{CF5B7074-713B-4A9C-B9C2-F5DC8A29B4F4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D39D4F12-8D9D-4242-B392-D92E821AFE2B}" = lport=5357 | protocol=6 | dir=in | app=system |
"{D73CFB2F-49AD-4D8A-9857-6514DE290DE9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{D7536A8F-8516-417E-AD2D-BBAEF9D1C95D}" = rport=137 | protocol=17 | dir=out | app=system |
"{D824D208-B825-46C2-B61B-58CB52C9F3F4}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=%systemroot%\system32\svchost.exe |
"{D93DE8BA-7182-4C3B-BDDE-C15075392267}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DDAE168A-9D7F-4127-8AB1-8C77DF1C1F8D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=file and printer sharing (spooler service - rpc-epmap) |
"{DE534F86-EBC8-4F62-AE02-7A71A9DC06E8}" = rport=5357 | protocol=6 | dir=out | app=system |
"{E19747E6-CD61-42F3-89D2-1147B3ADF299}" = rport=1701 | protocol=17 | dir=out | app=system |
"{E5F01E20-0E7F-4B86-81E4-0DCE499798C2}" = lport=500 | protocol=17 | dir=in | name=direct udp access to remote ike key exchange server |
"{E6950358-0457-4652-8A85-17245BC7A006}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E9365C11-99CD-4371-80F1-C5138B015903}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E9EB6272-FB34-4801-832A-A5FDAD6B3062}" = lport=162 | protocol=17 | dir=in | svc=snmptrap | app=%systemroot%\system32\snmptrap.exe |
"{EBDBDB6E-6EA3-45D3-B746-ED6434D566B1}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{ED406B76-AB51-4B43-9576-08A4116E921B}" = lport=80 | protocol=6 | dir=in | app=system |
"{EF0841E7-B1F8-476B-8125-B6C3F2222F3E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EFCC3F1C-56D4-40BC-8615-388E3F853D71}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{F40A336B-A7B1-41CB-B4B4-9220309A4E99}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F42222ED-54F0-4ECF-BF9C-27D20524FFEA}" = rport=443 | protocol=6 | dir=out | app=system |
"{F77B4FFB-1F1E-47D5-BC26-C397DD326175}" = rport=445 | protocol=6 | dir=out | app=system |
"{FAE22680-A6C4-4B71-A290-614E5C7F6B8C}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{FBD318B3-63DE-4CD6-B6DD-E743825667FB}" = lport=3390 | protocol=6 | dir=in | app=system |
"{FE51FBB9-A314-4D46-9C2A-E45A4B83FFE3}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0485C6BD-B387-4C51-9118-AE1166E4773E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{08124244-24EF-4641-84E0-1E44CBAF940E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0DAD132B-74EE-4AE7-BDA3-D050D1FD8D7C}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{11D9E0C7-C6FA-4BD7-AD67-49D51429A791}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1D4D6A00-BDB0-4E7D-AB3C-64EBB879E6E4}" = protocol=6 | dir=out | svc=msiscsi | app=%systemroot%\system32\svchost.exe |
"{1FCA65E6-1F35-4B0C-A4AD-693BF729964F}" = protocol=47 | dir=in | app=system |
"{22CC58BF-0D63-4934-A259-355DFE6B5663}" = protocol=6 | dir=in | app=%systemroot%\system32\wbem\unsecapp.exe |
"{24817955-3BC4-48A6-8F23-B16364D32BBA}" = protocol=6 | dir=in | svc=winmgmt | app=%systemroot%\system32\svchost.exe |
"{27F6D7CB-633C-47FD-B8E2-0E11C37AD872}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{288E4AE4-953F-4753-B49C-6F5488E071F5}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2015\x64\farmingsimulator2015game.exe |
"{308B4286-10D7-41B1-9B3D-8C3569B6B874}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{32E4DE77-E97F-4202-8D3F-293EF13AC678}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{354F2D15-4D84-4447-A651-56ABBBB3BA84}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{39B6D486-7673-42F0-9764-A88A4A0A47DF}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{3C8BDD85-CF6B-4FDC-B1A8-06CF375ED92B}" = protocol=6 | dir=in | app=%systemroot%\system32\plasrv.exe |
"{416F7BBB-3B85-477B-88EB-DF0D7DA69294}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{49016210-EB1C-4B7A-B102-202AF4458270}" = protocol=17 | dir=in | app=c:\users\marek\appdata\roaming\bittorrent\bittorrent.exe |
"{4CE44715-D09F-41E8-9BFA-4EB4865CCAB2}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{58C4672E-DE59-4555-A5DD-AA2A24C55363}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5AF70C67-880C-4366-8166-60608E0EBDE5}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{64703E40-710A-483B-A908-65ED8AB38F84}" = protocol=58 | dir=in | name=file and printer sharing (echo request - icmpv6-in) |
"{670B7B23-2276-4E2A-98D5-F70FAAEFFC48}" = protocol=1 | dir=out | name=file and printer sharing (echo request - icmpv4-out) |
"{6A225FC2-7A37-4DF8-8855-03F17C24D0E7}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{6CC64BF9-4BB4-4421-8B2F-4F5D7D2A79D0}" = protocol=6 | dir=out | app=%systemroot%\system32\msdtc.exe |
"{702F346C-4435-4E27-9CBC-333ABFF084BD}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{71E638A9-7D41-482D-887D-32473B9D2D72}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{73580FF4-4A1F-4B9B-8130-55400CBD0662}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7783B2DD-7817-41FF-B02C-1E071518D3A9}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{7B611F13-422D-4D50-9C8D-0F2168D5E688}" = protocol=58 | dir=out | name=file and printer sharing (echo request - icmpv6-out) |
"{7F644149-6E3E-4CCD-8F50-50578F096341}" = protocol=6 | dir=out | svc=winmgmt | app=%systemroot%\system32\svchost.exe |
"{8A572F81-A395-46AE-915C-FA8E5EE8D5F6}" = protocol=1 | dir=in | name=file and printer sharing (echo request - icmpv4-in) |
"{98BE1240-8A1A-4826-A3EF-C2401D31F15D}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2015\farmingsimulator2015.exe |
"{99665348-244D-44D8-809C-1D0044674845}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2015\x86\farmingsimulator2015game.exe |
"{AF085AB7-D79A-4AA1-A19B-ED7E9E43A7A4}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2015\x86\farmingsimulator2015game.exe |
"{B0BF4627-47DE-472F-B482-0857DBB273B8}" = protocol=47 | dir=out | app=system |
"{B2AEA14D-1A92-4872-84B8-76B6048AAA21}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{B99A13AF-7C2F-4159-9C7E-A2F300EE7E9E}" = protocol=6 | dir=in | svc=msiscsi | app=%systemroot%\system32\svchost.exe |
"{BF53803F-18E3-4105-809C-579D19E0A400}" = protocol=6 | dir=in | app=%systemroot%\system32\msdtc.exe |
"{C43E8A63-901A-4F19-B6CF-420E72CBE9F1}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{C9F9A6C8-DC9E-4DD5-A9E1-988B06BF63D2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D58688E2-3764-42FB-A9D0-B1B3EC6BFF18}" = protocol=6 | dir=in | app=c:\users\marek\appdata\roaming\bittorrent\bittorrent.exe |
"{D9CB1D43-FBC1-4B0E-B610-4EC8BE510E6D}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{DAB8CF36-C72E-4C8C-AAE4-A75CBB0679EF}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2015\x64\farmingsimulator2015game.exe |
"{DAEFC19B-9CDC-4802-93CE-D84C579E81DB}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{DD215AA6-2B78-4029-BBD5-70187072BDFB}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{E897AFB5-FB67-4C78-859B-76CB22D746C4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EE1A877F-1D55-4158-AAE6-83E03CF7BCEF}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{F76E7264-F748-40AC-9256-C9DDAA18A812}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{F795A6F6-E948-45E5-BE17-01A4517BBEEE}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2015\farmingsimulator2015.exe |
"{F9270BDB-9BDA-4E25-ABCF-BEED84FE23A0}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"TCP Query User{37630920-796F-46F8-A778-538B3DF69F05}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{7058B30D-58A4-49F9-8151-DBA6D66FB771}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{70F0CF24-D563-4050-9040-7C4206CD566A}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{FE844C22-A695-4EC2-8AF6-FB73DF13D2D2}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{151D4EEB-B219-426D-A81B-DA294F77A41C}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{24AF5842-7641-4365-AAFC-021E2004E368}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{EF7BD257-6B66-4A08-B27B-BAD9B9D88A36}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{F80EB9AD-0973-43F1-8B98-86E2641F5FDE}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A2E1907-D0DE-0D01-CA64-CB0AB0BFE539}" = AMD Wireless Display v3.0
"{1664D45E-FA92-8C52-92E9-E8ADB04A18ED}" = AMD Drag and Drop Transcoding
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F06417072FF}" = Java 7 Update 72 (64-bit)
"{426582A8-202F-D13C-8BD5-F00551BAFC93}" = AMD Wireless Display v3.0
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{630E5EF7-72F8-9E5D-BEF5-ED85B698E160}" = AMD Wireless Display v3.0
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7E5DC2C5-115A-322B-976C-219237FAED66}" = AMD Catalyst Install Manager
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{8F2415FA-72F2-F029-0450-4EB2FAE484C5}" = AMD Accelerated Video Transcoding
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B678797F-DF38-4556-8A31-8B818E261868}" = Apple Mobile Device Support
"{C16CD4C0-48EE-0F40-C9FD-0778EAF73FBD}" = AMD Wireless Display v3.0
"{EB773820-0871-46A8-9B96-F2B04F8B34F0}" = HP Deskjet All-In-One Driver Software 13.0 Rel. 1
"{FD071DBA-2994-4350-93BB-EC245D0D3C74}_is1" = iResizer 3.0
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.28
"HeavyLoad_is1" = HeavyLoad V3.3 (64 bit)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"WinRAR archiver" = WinRAR 4.11 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{11087D24-567D-7D88-69C6-D7A08B5F4C47}" = Catalyst Control Center - Branding
"{110E4EE7-85A9-B76B-B943-C0C1CF0C2F74}" = CCC Help Spanish
"{11BC8F83-7260-65EB-3E0A-FA7AC894B42D}" = CCC Help Hungarian
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{20AE3A4E-38CA-C6F8-4E60-5DF41A2CC0AC}" = AMD Catalyst Control Center
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.20
"{2640314A-2D9A-4F58-B501-DB109CD9DBA2}" = DJ_AIO_ProductContext
"{26A24AE4-039D-4CA4-87B4-2F83218045F0}" = Java 8 Update 45
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{315D9E6B-98B1-1E2B-9E93-B36A0B104224}" = Catalyst Control Center Localization All
"{31BC0B51-0676-A531-3940-1818B609EEA7}" = CCC Help Thai
"{32DACAC3-6538-405D-915E-8F2D026F199C}" = DJ_AIO_Software_min
"{33cc8e60-d6db-45be-9276-b6698187688a}" = F2100
"{37DBC990-C514-3821-D6FB-12E0745AA990}" = CCC Help Korean
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{42A97797-A255-49F9-4250-D58A9CEA2904}" = CCC Help Swedish
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{489E5436-B101-CAD9-5571-14746675ECE3}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{504819D1-3C0A-2695-0007-BBDFA5936D68}" = CCC Help Dutch
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69DF4822-9B16-CE04-7587-22E09FB5FD1D}" = CCC Help German
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C495748-5F03-0B97-568B-76D0368FB460}" = CCC Help English
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{703F229F-573E-10E7-3B44-341DB59AD86B}" = CCC Help Chinese Standard
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70D674B0-9F48-4A5D-B83E-943DC5D26CDD}" = MailWasher
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78002155-F025-4070-85B3-7C0453561701}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{79E3071B-8A0C-C105-6442-CF611732601E}" = CCC Help Norwegian
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{9114BDDB-A6A6-152D-060A-E99307057AD1}" = Catalyst Control Center Graphics Previews Common
"{968C0E92-6DA9-5784-9A0B-1061D0CB2C14}" = CCC Help Greek
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DB45EC2-90E7-642D-7CF9-5AC2FBDC14F7}" = CCC Help Turkish
"{A12E8E1A-A77D-94E5-72F8-E83D6256AF11}" = CCC Help Polish
"{A2804FE8-4101-48a0-AE1A-575B99014BF4}-Mio-7.50" = MioMore Desktop 7.50
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA0E1433-8F16-AA01-E8E9-E6408579D0D8}" = CCC Help Danish
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1051-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Slovak
"{AD5E3969-F0C0-ECBF-45E5-C36B84904281}" = CCC Help Portuguese
"{AD99B476-6FB7-4985-A3C3-E40595A7E6DE}" = DJ_AIO_Software
"{B03A580A-5D67-DAC5-59A1-7AD7C513381C}" = CCC Help French
"{BBA1614E-6470-7841-8A42-ABD5BA7B3FFE}" = CCC Help Czech
"{BD2F10CE-5561-4A0A-BD82-EB56E87D4FFB}_is1" = Football Manager 2015 version 15.3.2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C1920D73-7374-49d9-8C37-58A6E49078A5}" = F2100_Help
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C9353DBC-A47C-2C9B-AF32-5E2C8B4E3D3A}" = CCC Help Japanese
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{CFA2067C-AE90-3BF9-06AF-E7E65E679B3D}" = CCC Help Russian
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{D9CBA021-DB41-9736-923F-52E3E426912D}" = CCC Help Finnish
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FE4DC915-D724-E72C-EF86-DC5B89961ACF}" = CCC Help Italian
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Adobe Flash Player PPAPI" = Adobe Flash Player 18 PPAPI
"Any Video Converter" = Any Video Converter 5.8.1
"Car Mechanic Simulator 2015_is1" = Car Mechanic Simulator 2015
"Cok Free Auto Clicker_is1" = Cok Free Auto Clicker 2.0
"Crusader Kings II Horse Lords_is1" = Crusader Kings II Horse Lords
"CrystalDiskInfo_is1" = CrystalDiskInfo 6.5.2
"Dev-C++" = Dev-C++
"Euro Truck Simulator 2 v1.13.4.1s (17 DLC)1.13.4.1s" = Euro Truck Simulator 2 v1.13.4.1s (17 DLC)
"FarmingSimulator2015CZ_is1" = Farming Simulator 15
"Google Chrome" = Google Chrome
"Cheat Engine 6.4_is1" = Cheat Engine 6.4
"IObitUninstall" = IObit Uninstaller
"League of Legends 3.0.1" = League of Legends
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.1.8.1057
"MediaCoder" = MediaCoder 0.8.34.5716
"Mozilla Firefox 39.0 (x86 sk)" = Mozilla Firefox 39.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opera 31.0.1889.174" = Opera Stable 31.0.1889.174
"PROPLUS" = Microsoft Office Professional Plus 2007
"Raptr" = Raptr
"Swords and Sandals Full Pack" = Swords and Sandals Full Pack
"The Sims 4_is1" = The Sims 4
"VGhlU2ltczQ=_is1" = The Sims 4 Luxury Party Stuff DLC
"VLC media player" = VLC media player
"WinPcapInst" = WinPcap 4.1.3
"Wireshark" = Wireshark 1.12.3 (64-bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Аrdаmаx Keylogger 4.3.1" = Аrdаmаx Keylogger 4.3.1
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23. 8. 2015 5:14:35 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
Error - 23. 8. 2015 16:17:55 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
Error - 24. 8. 2015 0:54:27 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
Error - 24. 8. 2015 6:48:19 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
Error - 24. 8. 2015 8:36:12 | Computer Name = Marek-PC | Source = Application Hang | ID = 1002
Description = The program setup_magicdisc.exe version 2.5.0.77 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: fe8 Start
Time: 01d0de695c38f524 Termination Time: 10 Application Path: C:\Users\Marek\Downloads\setup_magicdisc.exe
Report
Id: b0a0f8fa-4a5c-11e5-b5c7-8c89a56adb1c
Error - 24. 8. 2015 8:50:22 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
Error - 24. 8. 2015 9:35:39 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
Error - 24. 8. 2015 15:48:13 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
Error - 25. 8. 2015 4:38:27 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
Error - 25. 8. 2015 4:46:23 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 24. 8. 2015 15:47:13 | Computer Name = Marek-PC | Source = Service Control Manager | ID = 7000
Description = The atksgt service failed to start due to the following error: %%577
Error - 24. 8. 2015 15:47:14 | Computer Name = Marek-PC | Source = Service Control Manager | ID = 7000
Description = The lirsgt service failed to start due to the following error: %%577
Error - 24. 8. 2015 16:03:24 | Computer Name = Marek-PC | Source = DCOM | ID = 10010
Description =
Error - 25. 8. 2015 4:38:06 | Computer Name = Marek-PC | Source = Service Control Manager | ID = 7000
Description = The atksgt service failed to start due to the following error: %%577
Error - 25. 8. 2015 4:38:07 | Computer Name = Marek-PC | Source = Service Control Manager | ID = 7000
Description = The lirsgt service failed to start due to the following error: %%577
Error - 25. 8. 2015 4:38:48 | Computer Name = Marek-PC | Source = Service Control Manager | ID = 7034
Description = The hpqcxs08 service terminated unexpectedly. It has done this 1
time(s).
Error - 25. 8. 2015 4:38:48 | Computer Name = Marek-PC | Source = Service Control Manager | ID = 7034
Description = The HP CUE DeviceDiscovery Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 25. 8. 2015 4:46:05 | Computer Name = Marek-PC | Source = Service Control Manager | ID = 7000
Description = The atksgt service failed to start due to the following error: %%577
Error - 25. 8. 2015 4:46:07 | Computer Name = Marek-PC | Source = Service Control Manager | ID = 7000
Description = The lirsgt service failed to start due to the following error: %%577
Error - 25. 8. 2015 4:46:41 | Computer Name = Marek-PC | Source = WMPNetworkSvc | ID = 866300
Description =
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marek\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17801)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
3,98 Gb Total Physical Memory | 2,81 Gb Available Physical Memory | 70,61% Memory free
7,96 Gb Paging File | 6,49 Gb Available in Paging File | 81,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 151,21 Gb Free Space | 32,47% Space Free | Partition Type: NTFS
Computer Name: MAREK-PC | User Name: Marek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00386991-DB2D-49E0-992F-3B024565026B}" = lport=445 | protocol=6 | dir=in | app=system |
"{040C4A8F-6B98-4C1B-8E2C-B552000A9F08}" = rport=3702 | protocol=17 | dir=out | svc=peerdistsvc | app=%systemroot%\system32\svchost.exe |
"{04E5D073-CE7F-4DFF-83F3-E7FD5CE54CC5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{05533080-135A-4CF5-B005-F067F4525436}" = lport=443 | protocol=6 | dir=in | app=system |
"{05A5DDAC-4576-43C5-8D2C-F2A3C39B90A9}" = lport=rpc | protocol=6 | dir=in | app=%systemroot%\system32\services.exe |
"{0D6AE64D-A558-414A-BD58-AAF1C2D0856F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{0EA02227-1F05-4D4D-9634-AFFBE44F717A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1510F5AB-C8E2-420E-A4D9-8C761600CFC2}" = lport=1701 | protocol=17 | dir=in | app=system |
"{169707F9-7469-4C28-B4AF-B2B9EAD40037}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{176E26FB-AC50-4E62-BA1B-CE643DEA944D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{17AAE2FA-8B11-44CD-B403-810F872181EA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1D600405-C581-48FB-92DE-C110C6A69432}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{243418BC-D158-4915-94E3-70CB371D6759}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{286097D2-811D-4FDE-AEA8-AB452692788F}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{29DD584D-BF68-44A6-A310-E18655E3AE6F}" = lport=rpc | protocol=6 | dir=in | app=%systemroot%\system32\vdsldr.exe |
"{2B9E8104-01C0-47CB-B5B5-93D41051235F}" = lport=443 | protocol=6 | dir=in | app=system |
"{31D78479-A410-4F1D-9908-437402C1AAF4}" = lport=rpc | protocol=6 | dir=in | svc=ktmrm | app=%systemroot%\system32\svchost.exe |
"{394C1C86-986B-4A54-A0E2-646D62050B67}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=%systemroot%\system32\vds.exe |
"{39E8AFC5-1325-45EC-AFEC-E289FE4CA7A9}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{41DBC96E-204B-48CC-BEEE-81A81524C571}" = lport=137 | protocol=17 | dir=in | app=system |
"{44312809-3ED0-424F-A8B2-344CB3C75831}" = rport=80 | protocol=6 | dir=out | app=system |
"{443503CF-7C8E-40E8-A9F2-5F44A963B628}" = rport=5358 | protocol=6 | dir=out | app=system |
"{461A534A-B6BB-4FE8-AB6A-16641BF34B75}" = lport=10244 | protocol=6 | dir=in | app=system |
"{4E572D6C-6B59-4F41-977D-96D3B6CB6785}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{52F15FD0-5647-45B3-AF5F-DDEE31972316}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5CF4CE74-6CEE-4F20-9FC5-0A4FE31C0F96}" = lport=139 | protocol=6 | dir=in | app=system |
"{618A67EB-1405-4EE7-AE18-95065CF2E280}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{62DC93B2-0D9A-4C25-9325-ADB09825538A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6346DB3F-538C-4924-B51C-79AE0106DF13}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6A6FD16E-0202-421B-90FD-82876E332678}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6F497C4F-E6D0-4CE4-A57F-8FAA70F1579C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{713B5F63-02B4-4C8D-A2A6-D1F003968D52}" = lport=1723 | protocol=6 | dir=in | app=system |
"{7390DC9C-AF7F-4321-91BD-EB27E3F4CE1D}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{74130750-743E-4670-8E98-9309AA0B0493}" = rport=139 | protocol=6 | dir=out | app=system |
"{76E88DAE-ECF3-4722-B3F8-76A5E085B442}" = lport=138 | protocol=17 | dir=in | app=system |
"{76ED7E32-0DEC-425E-A5D6-1C4CF5A806CA}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{799D30C9-5DA3-44E6-88F3-083DB32F3D20}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{8CD809D0-14F8-483B-B1ED-010AF6EF2019}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{8ED26294-29A9-4280-9F9D-C569C6BEBDC6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{9445DE88-3DA6-4D84-8325-2E9C5EC0A8A3}" = lport=5358 | protocol=6 | dir=in | app=system |
"{9BB0F0FD-FCCD-46DA-B455-E72C92C3AB1B}" = rport=138 | protocol=17 | dir=out | app=system |
"{A0A0F63D-477A-4F0E-BD9C-56C26F36EA82}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{A39B3530-9189-43F9-AD8F-07E5EBB147CE}" = lport=445 | protocol=6 | dir=in | app=system |
"{A6F965DF-5B3F-439C-85E3-EB7DD3AAF3CC}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{A70DA080-090C-438A-845A-C87AE15DAB1B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A8058118-A4F5-4540-B9F9-25EB860B0B53}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{ADF915D5-1531-47EB-83BB-E497F7216C87}" = lport=3702 | protocol=17 | dir=in | svc=peerdistsvc | app=%systemroot%\system32\svchost.exe |
"{B44A7EFB-AA78-48F2-8031-482793426961}" = lport=rpc | protocol=6 | dir=in | svc=schedule | app=%systemroot%\system32\svchost.exe |
"{BBE45A74-8681-4B94-97AA-78BB61E3F18E}" = lport=445 | protocol=6 | dir=in | app=system |
"{BEA7D899-3D6B-4D88-8A90-17B346ADC372}" = rport=1723 | protocol=6 | dir=out | app=system |
"{BEC73E4C-E849-40A6-B63C-BFF5B9993214}" = lport=445 | protocol=6 | dir=in | app=system |
"{C659F4FC-866D-412E-9A41-4CB99CEEFDB1}" = lport=443 | protocol=6 | dir=out | app=system |
"{C89ECB1F-9C98-431F-B77B-11728980B5D2}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{CC46E03D-A14E-49F9-9845-E136A3B53915}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{CF5B7074-713B-4A9C-B9C2-F5DC8A29B4F4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D39D4F12-8D9D-4242-B392-D92E821AFE2B}" = lport=5357 | protocol=6 | dir=in | app=system |
"{D73CFB2F-49AD-4D8A-9857-6514DE290DE9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{D7536A8F-8516-417E-AD2D-BBAEF9D1C95D}" = rport=137 | protocol=17 | dir=out | app=system |
"{D824D208-B825-46C2-B61B-58CB52C9F3F4}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=%systemroot%\system32\svchost.exe |
"{D93DE8BA-7182-4C3B-BDDE-C15075392267}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DDAE168A-9D7F-4127-8AB1-8C77DF1C1F8D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=file and printer sharing (spooler service - rpc-epmap) |
"{DE534F86-EBC8-4F62-AE02-7A71A9DC06E8}" = rport=5357 | protocol=6 | dir=out | app=system |
"{E19747E6-CD61-42F3-89D2-1147B3ADF299}" = rport=1701 | protocol=17 | dir=out | app=system |
"{E5F01E20-0E7F-4B86-81E4-0DCE499798C2}" = lport=500 | protocol=17 | dir=in | name=direct udp access to remote ike key exchange server |
"{E6950358-0457-4652-8A85-17245BC7A006}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E9365C11-99CD-4371-80F1-C5138B015903}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E9EB6272-FB34-4801-832A-A5FDAD6B3062}" = lport=162 | protocol=17 | dir=in | svc=snmptrap | app=%systemroot%\system32\snmptrap.exe |
"{EBDBDB6E-6EA3-45D3-B746-ED6434D566B1}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{ED406B76-AB51-4B43-9576-08A4116E921B}" = lport=80 | protocol=6 | dir=in | app=system |
"{EF0841E7-B1F8-476B-8125-B6C3F2222F3E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EFCC3F1C-56D4-40BC-8615-388E3F853D71}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{F40A336B-A7B1-41CB-B4B4-9220309A4E99}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F42222ED-54F0-4ECF-BF9C-27D20524FFEA}" = rport=443 | protocol=6 | dir=out | app=system |
"{F77B4FFB-1F1E-47D5-BC26-C397DD326175}" = rport=445 | protocol=6 | dir=out | app=system |
"{FAE22680-A6C4-4B71-A290-614E5C7F6B8C}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{FBD318B3-63DE-4CD6-B6DD-E743825667FB}" = lport=3390 | protocol=6 | dir=in | app=system |
"{FE51FBB9-A314-4D46-9C2A-E45A4B83FFE3}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0485C6BD-B387-4C51-9118-AE1166E4773E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{08124244-24EF-4641-84E0-1E44CBAF940E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0DAD132B-74EE-4AE7-BDA3-D050D1FD8D7C}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{11D9E0C7-C6FA-4BD7-AD67-49D51429A791}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1D4D6A00-BDB0-4E7D-AB3C-64EBB879E6E4}" = protocol=6 | dir=out | svc=msiscsi | app=%systemroot%\system32\svchost.exe |
"{1FCA65E6-1F35-4B0C-A4AD-693BF729964F}" = protocol=47 | dir=in | app=system |
"{22CC58BF-0D63-4934-A259-355DFE6B5663}" = protocol=6 | dir=in | app=%systemroot%\system32\wbem\unsecapp.exe |
"{24817955-3BC4-48A6-8F23-B16364D32BBA}" = protocol=6 | dir=in | svc=winmgmt | app=%systemroot%\system32\svchost.exe |
"{27F6D7CB-633C-47FD-B8E2-0E11C37AD872}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{288E4AE4-953F-4753-B49C-6F5488E071F5}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2015\x64\farmingsimulator2015game.exe |
"{308B4286-10D7-41B1-9B3D-8C3569B6B874}" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{32E4DE77-E97F-4202-8D3F-293EF13AC678}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{354F2D15-4D84-4447-A651-56ABBBB3BA84}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{39B6D486-7673-42F0-9764-A88A4A0A47DF}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{3C8BDD85-CF6B-4FDC-B1A8-06CF375ED92B}" = protocol=6 | dir=in | app=%systemroot%\system32\plasrv.exe |
"{416F7BBB-3B85-477B-88EB-DF0D7DA69294}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{49016210-EB1C-4B7A-B102-202AF4458270}" = protocol=17 | dir=in | app=c:\users\marek\appdata\roaming\bittorrent\bittorrent.exe |
"{4CE44715-D09F-41E8-9BFA-4EB4865CCAB2}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{58C4672E-DE59-4555-A5DD-AA2A24C55363}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5AF70C67-880C-4366-8166-60608E0EBDE5}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{64703E40-710A-483B-A908-65ED8AB38F84}" = protocol=58 | dir=in | name=file and printer sharing (echo request - icmpv6-in) |
"{670B7B23-2276-4E2A-98D5-F70FAAEFFC48}" = protocol=1 | dir=out | name=file and printer sharing (echo request - icmpv4-out) |
"{6A225FC2-7A37-4DF8-8855-03F17C24D0E7}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{6CC64BF9-4BB4-4421-8B2F-4F5D7D2A79D0}" = protocol=6 | dir=out | app=%systemroot%\system32\msdtc.exe |
"{702F346C-4435-4E27-9CBC-333ABFF084BD}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{71E638A9-7D41-482D-887D-32473B9D2D72}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{73580FF4-4A1F-4B9B-8130-55400CBD0662}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7783B2DD-7817-41FF-B02C-1E071518D3A9}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{7B611F13-422D-4D50-9C8D-0F2168D5E688}" = protocol=58 | dir=out | name=file and printer sharing (echo request - icmpv6-out) |
"{7F644149-6E3E-4CCD-8F50-50578F096341}" = protocol=6 | dir=out | svc=winmgmt | app=%systemroot%\system32\svchost.exe |
"{8A572F81-A395-46AE-915C-FA8E5EE8D5F6}" = protocol=1 | dir=in | name=file and printer sharing (echo request - icmpv4-in) |
"{98BE1240-8A1A-4826-A3EF-C2401D31F15D}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2015\farmingsimulator2015.exe |
"{99665348-244D-44D8-809C-1D0044674845}" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2015\x86\farmingsimulator2015game.exe |
"{AF085AB7-D79A-4AA1-A19B-ED7E9E43A7A4}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2015\x86\farmingsimulator2015game.exe |
"{B0BF4627-47DE-472F-B482-0857DBB273B8}" = protocol=47 | dir=out | app=system |
"{B2AEA14D-1A92-4872-84B8-76B6048AAA21}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{B99A13AF-7C2F-4159-9C7E-A2F300EE7E9E}" = protocol=6 | dir=in | svc=msiscsi | app=%systemroot%\system32\svchost.exe |
"{BF53803F-18E3-4105-809C-579D19E0A400}" = protocol=6 | dir=in | app=%systemroot%\system32\msdtc.exe |
"{C43E8A63-901A-4F19-B6CF-420E72CBE9F1}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{C9F9A6C8-DC9E-4DD5-A9E1-988B06BF63D2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D58688E2-3764-42FB-A9D0-B1B3EC6BFF18}" = protocol=6 | dir=in | app=c:\users\marek\appdata\roaming\bittorrent\bittorrent.exe |
"{D9CB1D43-FBC1-4B0E-B610-4EC8BE510E6D}" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe |
"{DAB8CF36-C72E-4C8C-AAE4-A75CBB0679EF}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2015\x64\farmingsimulator2015game.exe |
"{DAEFC19B-9CDC-4802-93CE-D84C579E81DB}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{DD215AA6-2B78-4029-BBD5-70187072BDFB}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{E897AFB5-FB67-4C78-859B-76CB22D746C4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EE1A877F-1D55-4158-AAE6-83E03CF7BCEF}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{F76E7264-F748-40AC-9256-C9DDAA18A812}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{F795A6F6-E948-45E5-BE17-01A4517BBEEE}" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2015\farmingsimulator2015.exe |
"{F9270BDB-9BDA-4E25-ABCF-BEED84FE23A0}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"TCP Query User{37630920-796F-46F8-A778-538B3DF69F05}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{7058B30D-58A4-49F9-8151-DBA6D66FB771}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{70F0CF24-D563-4050-9040-7C4206CD566A}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{FE844C22-A695-4EC2-8AF6-FB73DF13D2D2}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{151D4EEB-B219-426D-A81B-DA294F77A41C}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{24AF5842-7641-4365-AAFC-021E2004E368}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{EF7BD257-6B66-4A08-B27B-BAD9B9D88A36}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{F80EB9AD-0973-43F1-8B98-86E2641F5FDE}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A2E1907-D0DE-0D01-CA64-CB0AB0BFE539}" = AMD Wireless Display v3.0
"{1664D45E-FA92-8C52-92E9-E8ADB04A18ED}" = AMD Drag and Drop Transcoding
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F06417072FF}" = Java 7 Update 72 (64-bit)
"{426582A8-202F-D13C-8BD5-F00551BAFC93}" = AMD Wireless Display v3.0
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{630E5EF7-72F8-9E5D-BEF5-ED85B698E160}" = AMD Wireless Display v3.0
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7E5DC2C5-115A-322B-976C-219237FAED66}" = AMD Catalyst Install Manager
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{8F2415FA-72F2-F029-0450-4EB2FAE484C5}" = AMD Accelerated Video Transcoding
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B678797F-DF38-4556-8A31-8B818E261868}" = Apple Mobile Device Support
"{C16CD4C0-48EE-0F40-C9FD-0778EAF73FBD}" = AMD Wireless Display v3.0
"{EB773820-0871-46A8-9B96-F2B04F8B34F0}" = HP Deskjet All-In-One Driver Software 13.0 Rel. 1
"{FD071DBA-2994-4350-93BB-EC245D0D3C74}_is1" = iResizer 3.0
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.28
"HeavyLoad_is1" = HeavyLoad V3.3 (64 bit)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"WinRAR archiver" = WinRAR 4.11 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{11087D24-567D-7D88-69C6-D7A08B5F4C47}" = Catalyst Control Center - Branding
"{110E4EE7-85A9-B76B-B943-C0C1CF0C2F74}" = CCC Help Spanish
"{11BC8F83-7260-65EB-3E0A-FA7AC894B42D}" = CCC Help Hungarian
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{20AE3A4E-38CA-C6F8-4E60-5DF41A2CC0AC}" = AMD Catalyst Control Center
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.20
"{2640314A-2D9A-4F58-B501-DB109CD9DBA2}" = DJ_AIO_ProductContext
"{26A24AE4-039D-4CA4-87B4-2F83218045F0}" = Java 8 Update 45
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{315D9E6B-98B1-1E2B-9E93-B36A0B104224}" = Catalyst Control Center Localization All
"{31BC0B51-0676-A531-3940-1818B609EEA7}" = CCC Help Thai
"{32DACAC3-6538-405D-915E-8F2D026F199C}" = DJ_AIO_Software_min
"{33cc8e60-d6db-45be-9276-b6698187688a}" = F2100
"{37DBC990-C514-3821-D6FB-12E0745AA990}" = CCC Help Korean
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{42A97797-A255-49F9-4250-D58A9CEA2904}" = CCC Help Swedish
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{489E5436-B101-CAD9-5571-14746675ECE3}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{504819D1-3C0A-2695-0007-BBDFA5936D68}" = CCC Help Dutch
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69DF4822-9B16-CE04-7587-22E09FB5FD1D}" = CCC Help German
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C495748-5F03-0B97-568B-76D0368FB460}" = CCC Help English
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{703F229F-573E-10E7-3B44-341DB59AD86B}" = CCC Help Chinese Standard
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70D674B0-9F48-4A5D-B83E-943DC5D26CDD}" = MailWasher
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78002155-F025-4070-85B3-7C0453561701}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{79E3071B-8A0C-C105-6442-CF611732601E}" = CCC Help Norwegian
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{9114BDDB-A6A6-152D-060A-E99307057AD1}" = Catalyst Control Center Graphics Previews Common
"{968C0E92-6DA9-5784-9A0B-1061D0CB2C14}" = CCC Help Greek
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DB45EC2-90E7-642D-7CF9-5AC2FBDC14F7}" = CCC Help Turkish
"{A12E8E1A-A77D-94E5-72F8-E83D6256AF11}" = CCC Help Polish
"{A2804FE8-4101-48a0-AE1A-575B99014BF4}-Mio-7.50" = MioMore Desktop 7.50
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA0E1433-8F16-AA01-E8E9-E6408579D0D8}" = CCC Help Danish
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1051-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Slovak
"{AD5E3969-F0C0-ECBF-45E5-C36B84904281}" = CCC Help Portuguese
"{AD99B476-6FB7-4985-A3C3-E40595A7E6DE}" = DJ_AIO_Software
"{B03A580A-5D67-DAC5-59A1-7AD7C513381C}" = CCC Help French
"{BBA1614E-6470-7841-8A42-ABD5BA7B3FFE}" = CCC Help Czech
"{BD2F10CE-5561-4A0A-BD82-EB56E87D4FFB}_is1" = Football Manager 2015 version 15.3.2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C1920D73-7374-49d9-8C37-58A6E49078A5}" = F2100_Help
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C9353DBC-A47C-2C9B-AF32-5E2C8B4E3D3A}" = CCC Help Japanese
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{CFA2067C-AE90-3BF9-06AF-E7E65E679B3D}" = CCC Help Russian
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{D9CBA021-DB41-9736-923F-52E3E426912D}" = CCC Help Finnish
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FE4DC915-D724-E72C-EF86-DC5B89961ACF}" = CCC Help Italian
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Adobe Flash Player PPAPI" = Adobe Flash Player 18 PPAPI
"Any Video Converter" = Any Video Converter 5.8.1
"Car Mechanic Simulator 2015_is1" = Car Mechanic Simulator 2015
"Cok Free Auto Clicker_is1" = Cok Free Auto Clicker 2.0
"Crusader Kings II Horse Lords_is1" = Crusader Kings II Horse Lords
"CrystalDiskInfo_is1" = CrystalDiskInfo 6.5.2
"Dev-C++" = Dev-C++
"Euro Truck Simulator 2 v1.13.4.1s (17 DLC)1.13.4.1s" = Euro Truck Simulator 2 v1.13.4.1s (17 DLC)
"FarmingSimulator2015CZ_is1" = Farming Simulator 15
"Google Chrome" = Google Chrome
"Cheat Engine 6.4_is1" = Cheat Engine 6.4
"IObitUninstall" = IObit Uninstaller
"League of Legends 3.0.1" = League of Legends
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.1.8.1057
"MediaCoder" = MediaCoder 0.8.34.5716
"Mozilla Firefox 39.0 (x86 sk)" = Mozilla Firefox 39.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Opera 31.0.1889.174" = Opera Stable 31.0.1889.174
"PROPLUS" = Microsoft Office Professional Plus 2007
"Raptr" = Raptr
"Swords and Sandals Full Pack" = Swords and Sandals Full Pack
"The Sims 4_is1" = The Sims 4
"VGhlU2ltczQ=_is1" = The Sims 4 Luxury Party Stuff DLC
"VLC media player" = VLC media player
"WinPcapInst" = WinPcap 4.1.3
"Wireshark" = Wireshark 1.12.3 (64-bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Аrdаmаx Keylogger 4.3.1" = Аrdаmаx Keylogger 4.3.1
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23. 8. 2015 5:14:35 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
Error - 23. 8. 2015 16:17:55 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
Error - 24. 8. 2015 0:54:27 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
Error - 24. 8. 2015 6:48:19 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
Error - 24. 8. 2015 8:36:12 | Computer Name = Marek-PC | Source = Application Hang | ID = 1002
Description = The program setup_magicdisc.exe version 2.5.0.77 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: fe8 Start
Time: 01d0de695c38f524 Termination Time: 10 Application Path: C:\Users\Marek\Downloads\setup_magicdisc.exe
Report
Id: b0a0f8fa-4a5c-11e5-b5c7-8c89a56adb1c
Error - 24. 8. 2015 8:50:22 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
Error - 24. 8. 2015 9:35:39 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
Error - 24. 8. 2015 15:48:13 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
Error - 25. 8. 2015 4:38:27 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
Error - 25. 8. 2015 4:46:23 | Computer Name = Marek-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 24. 8. 2015 15:47:13 | Computer Name = Marek-PC | Source = Service Control Manager | ID = 7000
Description = The atksgt service failed to start due to the following error: %%577
Error - 24. 8. 2015 15:47:14 | Computer Name = Marek-PC | Source = Service Control Manager | ID = 7000
Description = The lirsgt service failed to start due to the following error: %%577
Error - 24. 8. 2015 16:03:24 | Computer Name = Marek-PC | Source = DCOM | ID = 10010
Description =
Error - 25. 8. 2015 4:38:06 | Computer Name = Marek-PC | Source = Service Control Manager | ID = 7000
Description = The atksgt service failed to start due to the following error: %%577
Error - 25. 8. 2015 4:38:07 | Computer Name = Marek-PC | Source = Service Control Manager | ID = 7000
Description = The lirsgt service failed to start due to the following error: %%577
Error - 25. 8. 2015 4:38:48 | Computer Name = Marek-PC | Source = Service Control Manager | ID = 7034
Description = The hpqcxs08 service terminated unexpectedly. It has done this 1
time(s).
Error - 25. 8. 2015 4:38:48 | Computer Name = Marek-PC | Source = Service Control Manager | ID = 7034
Description = The HP CUE DeviceDiscovery Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 25. 8. 2015 4:46:05 | Computer Name = Marek-PC | Source = Service Control Manager | ID = 7000
Description = The atksgt service failed to start due to the following error: %%577
Error - 25. 8. 2015 4:46:07 | Computer Name = Marek-PC | Source = Service Control Manager | ID = 7000
Description = The lirsgt service failed to start due to the following error: %%577
Error - 25. 8. 2015 4:46:41 | Computer Name = Marek-PC | Source = WMPNetworkSvc | ID = 866300
Description =
< End of report >
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Аrdаmаx Keylogger tam máš schválně?
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
FF - prefs.js..browser.search.countryCode: "SK"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll File not found
[2014/12/18 02:06:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marek\AppData\Roaming\Mozilla\Extensions
[2015/08/24 15:05:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\kbhmwv7t.default\extensions
[2015/07/04 15:38:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
File not found (No name found) -- C:\USERS\MAREK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KBHMWV7T.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Program Files (x86)\*.tmp
C:\Users\Marek\Desktop\keygen.exe
:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Аrdаmаx Keylogger tam máš schválně?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: "SK" removed from browser.search.countryCode
Prefs.js: false removed from browser.search.isUS
Prefs.js: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.2 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0 removed from extensions.enabledAddons
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
C:\Users\Marek\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\kbhmwv7t.default\extensions folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
C:\Users\Marek\Desktop\keygen.exe moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Marek
->Temp folder emptied: 193494 bytes
->Temporary Internet Files folder emptied: 149 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 25256 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 08252015_172556
Files\Folders moved on Reboot...
C:\Users\Marek\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Marek\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Ardamax mám schválne
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: "SK" removed from browser.search.countryCode
Prefs.js: false removed from browser.search.isUS
Prefs.js: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.2 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0 removed from extensions.enabledAddons
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
C:\Users\Marek\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\kbhmwv7t.default\extensions folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Se&nd to OneNote\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
C:\Users\Marek\Desktop\keygen.exe moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Marek
->Temp folder emptied: 193494 bytes
->Temporary Internet Files folder emptied: 149 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 25256 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 08252015_172556
Files\Folders moved on Reboot...
C:\Users\Marek\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Marek\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Ardamax mám schválne
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
Co problémy? + nový log z HJT
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: Prosím o kontrolu
Sekanie trocha zoslabilo ale stále ho cítiť
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:14:39, on 25. 8. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
FIREFOX: 39.0 (x86 sk)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Marek\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 5204 bytes
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:14:39, on 25. 8. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
FIREFOX: 39.0 (x86 sk)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Marek\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 5204 bytes
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit Farbar Recovery Scan Tool (FRST)
32bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
64bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
a ulož jej na plochu. ,pak spusť FRST jako správce
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
32bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
64bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
a ulož jej na plochu. ,pak spusť FRST jako správce
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: Prosím o kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-08-2015
Ran by Marek (administrator) on MAREK-PC (25-08-2015 21:46:43)
Running from C:\Users\Marek\Desktop
Loaded Profiles: Marek (Available Profiles: Marek)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3296281421-397883660-745250294-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3296281421-397883660-745250294-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-04] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-04] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A0D066BF-65C4-4FE6-B14D-2C661AAA58A6}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\kbhmwv7t.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3296281421-397883660-745250294-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-09-20]
FF HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: No Name - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\kbhmwv7t.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [not found]
Chrome:
=======
CHR Profile: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-26]
CHR Extension: (Google Docs) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-26]
CHR Extension: (Google Drive) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-26]
CHR Extension: (YouTube) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-26]
CHR Extension: (Google Search) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-26]
CHR Extension: (Google Sheets) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-26]
CHR Extension: (AdBlock) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-13]
CHR Extension: (Gmail) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-26]
Opera:
=======
OPR Extension: (adblockforopera) - C:\Users\Marek\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2014-12-05]
OPR Extension: (Adblock Plus) - C:\Users\Marek\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-04-03]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-09-15] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2015-02-19] () [File not signed]
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation)
S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-24] (Etron Technology Inc)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-22] (REALiX(tm))
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2015-02-19] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-25 21:46 - 2015-08-25 21:47 - 00011156 _____ C:\Users\Marek\Desktop\FRST.txt
2015-08-25 21:46 - 2015-08-25 21:46 - 00000000 ____D C:\FRST
2015-08-25 19:21 - 2015-08-25 19:21 - 02186752 _____ (Farbar) C:\Users\Marek\Desktop\FRST64.exe
2015-08-25 17:25 - 2015-08-25 17:25 - 00000000 ____D C:\_OTL
2015-08-25 16:01 - 2015-08-25 16:01 - 00129940 _____ C:\Users\Marek\Desktop\OTL.Txt
2015-08-25 16:01 - 2015-08-25 16:01 - 00081556 _____ C:\Users\Marek\Desktop\Extras.Txt
2015-08-25 15:52 - 2015-08-25 15:52 - 00602112 _____ (OldTimer Tools) C:\Users\Marek\Desktop\OTL.exe
2015-08-25 15:45 - 2015-08-25 15:46 - 12016711 _____ C:\Users\Marek\Downloads\ATKPackage_Win7_32_Z100023.zip
2015-08-25 13:23 - 2015-08-25 13:28 - 165329515 _____ C:\Users\Marek\Downloads\VGA_ATI_Win7_32_Z884.zip
2015-08-25 10:47 - 2015-08-25 19:14 - 00005205 _____ C:\Users\Marek\Desktop\hijackthis.log
2015-08-24 22:03 - 2015-08-24 22:03 - 00000512 _____ C:\Users\Marek\Desktop\MBR.dat
2015-08-24 22:02 - 2015-08-24 22:02 - 00981728 _____ (SlimWare Utilities, Inc.) C:\Users\Marek\Downloads\SlimDrivers-setup (1).exe
2015-08-24 15:35 - 2015-08-24 15:35 - 00016241 _____ C:\Users\Marek\Desktop\zoek-results.txt
2015-08-24 15:33 - 2015-08-25 10:43 - 00002256 _____ C:\Windows\PFRO.log
2015-08-24 15:26 - 2015-08-24 15:06 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-08-24 15:07 - 2015-06-27 11:38 - 00007218 _____ C:\zoek-results2015-06-27-093858.log
2015-08-24 15:06 - 2015-08-24 15:06 - 00002998 _____ C:\Users\Marek\Desktop\rogue.txt
2015-08-24 14:40 - 2015-08-24 14:40 - 00183544 _____ C:\Users\Marek\Downloads\grub4dos.zip
2015-08-24 14:35 - 2015-08-24 14:35 - 01352435 _____ C:\Users\Marek\Downloads\setup_magicdisc.exe
2015-08-24 14:35 - 2009-02-24 18:35 - 00255552 _____ (MagicISO, Inc.) C:\Windows\SysWOW64\Drivers\mcdbus.sys
2015-08-24 14:35 - 2009-02-24 18:35 - 00255552 _____ (MagicISO, Inc.) C:\Windows\system32\Drivers\mcdbus.sys
2015-08-24 14:06 - 2015-08-24 14:25 - 621283886 _____ C:\Users\Marek\Downloads\Hirens.BootCD.15.2.zip
2015-08-24 14:03 - 2009-10-04 12:47 - 00037888 _____ C:\Users\Marek\Desktop\usb_format.exe
2015-08-24 14:02 - 2015-08-24 14:02 - 00035228 _____ C:\Users\Marek\Downloads\USBFormat.zip
2015-08-24 13:41 - 2015-08-24 13:41 - 06146198 _____ (LinuxLive USB Creator) C:\Users\Marek\Downloads\LinuxLive USB Creator 2.9.3 (1).exe
2015-08-24 13:36 - 2015-08-24 13:40 - 06146198 _____ (LinuxLive USB Creator) C:\Users\Marek\Downloads\LinuxLive USB Creator 2.9.3.exe
2015-08-24 00:56 - 2015-08-24 00:56 - 00086089 _____ C:\Users\Marek\Downloads\NeedToKnow_3_1_7 (1).zip
2015-08-24 00:56 - 2015-08-24 00:56 - 00053849 _____ C:\Users\Marek\Downloads\MoveAnything (1).zip
2015-08-24 00:55 - 2015-08-24 00:55 - 00309311 _____ C:\Users\Marek\Downloads\ShockAndAwe-v5.92.zip
2015-08-23 22:22 - 2015-08-24 12:45 - 00000000 ____D C:\AdwCleaner
2015-08-22 18:13 - 2015-08-22 19:35 - 732973056 _____ C:\Users\Marek\Desktop\Insidious-2-2013-CZ-titulky.avi
2015-08-22 11:06 - 2015-08-22 11:06 - 00000000 ____D C:\ProgramData\ATI
2015-08-22 11:05 - 2015-08-22 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-08-22 11:03 - 2015-08-22 11:18 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Raptr
2015-08-22 11:03 - 2015-08-22 11:05 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-22 11:03 - 2015-08-22 11:03 - 00053615 _____ C:\Windows\SysWOW64\CCCInstall_201508221103232609.log
2015-08-22 11:03 - 2015-08-22 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-22 10:44 - 2015-08-22 10:53 - 300806184 _____ (AMD Inc.) C:\Users\Marek\Downloads\amd-catalyst-15.7.1-with-dotnet45-win7-64bit.exe
2015-08-21 13:29 - 2015-08-21 13:29 - 00135635 _____ C:\Users\Marek\Downloads\MrPlow-v10.2.10-Beta.zip
2015-08-21 12:51 - 2015-08-21 12:51 - 00065218 _____ C:\Users\Marek\Downloads\LootFilter3.20.zip
2015-08-19 12:07 - 2015-08-25 17:27 - 00002455 _____ C:\Windows\setupact.log
2015-08-19 12:07 - 2015-08-19 12:07 - 00000000 _____ C:\Windows\setuperr.log
2015-08-18 21:43 - 2015-08-19 17:12 - 1619147764 _____ C:\Users\Marek\Desktop\Insidious-1.-cz-tit..avi
2015-08-18 20:04 - 2015-08-19 16:45 - 00000000 ____D C:\Users\Marek\Downloads\Wrong Turn 1, 2, 3, 4, 5, 6 - Complete Slasher Saga Eng Subs 720p [H264-mp4]
2015-08-18 20:03 - 2015-08-18 20:04 - 00014874 _____ C:\Users\Marek\Downloads\[kat.cr]wrong.turn.1.2.3.4.5.6.complete.slasher.saga.eng.subs.720p.h264.mp4.torrent
2015-08-18 01:30 - 2015-08-18 01:30 - 00092262 _____ C:\Users\Marek\Downloads\NeedToKnow_4_2_04.zip
2015-08-18 01:20 - 2015-08-18 01:20 - 00397722 _____ C:\Users\Marek\Downloads\Quartz-3.0.8.zip
2015-08-18 01:15 - 2015-08-18 01:15 - 00079574 _____ C:\Users\Marek\Downloads\MoveAnything.zip
2015-08-17 16:44 - 2015-08-17 16:44 - 00437598 _____ C:\Users\Marek\Desktop\4.3 Patch.zip
2015-08-17 16:43 - 2015-08-17 16:43 - 00385645 _____ C:\Users\Marek\Downloads\PQR 4.3.4.7z
2015-08-17 16:43 - 2013-10-28 13:17 - 00000000 ____D C:\Users\Marek\Desktop\PQR 4.3.4
2015-08-17 15:04 - 2015-08-17 15:04 - 00154056 _____ C:\Users\Marek\Downloads\Reforgenator-v1.3.19.zip
2015-08-17 14:56 - 2015-08-17 14:56 - 00187796 _____ C:\Users\Marek\Downloads\RaidChecklist-4.2.0.zip
2015-08-17 14:53 - 2015-08-17 14:53 - 00005303 _____ C:\Users\Marek\Downloads\GreenRange-v1.0.3.zip
2015-08-17 14:52 - 2015-08-17 14:52 - 00235316 _____ C:\Users\Marek\Downloads\JSHB.zip
2015-08-14 18:39 - 2015-08-14 18:39 - 01106481 _____ C:\Users\Marek\Downloads\DBM-4.10.14-r7705-Core-and-Cataclysm-Mods.zip
2015-08-14 18:37 - 2015-08-14 18:37 - 00852879 _____ C:\Users\Marek\Downloads\ArkInventory-3.02.95.zip
2015-08-14 07:42 - 2015-08-15 23:11 - 00000000 ____D C:\Users\Marek\Desktop\2
2015-08-14 07:36 - 2015-08-14 07:42 - 04818474 _____ C:\Users\Marek\Downloads\WoW Admin Panel Cracked by 0x22 (1).rar
2015-08-14 07:33 - 2015-08-14 07:34 - 01012996 _____ C:\Users\Marek\Downloads\adminpanel (1).zip
2015-08-14 07:04 - 2015-08-14 07:04 - 01700554 _____ C:\Users\Marek\Downloads\adminpanel.rar
2015-08-14 01:43 - 2015-08-14 01:43 - 01978527 _____ C:\Users\Marek\Downloads\MrFishIt_4.4.3.rar
2015-08-14 01:40 - 2015-08-14 01:40 - 02058092 _____ C:\Users\Marek\Downloads\MrFishIt-4.0.135.zip
2015-08-14 01:40 - 2015-08-14 01:40 - 00000000 ____D C:\Users\Marek\Downloads\MrFishIt-4.0.135
2015-08-13 20:15 - 2015-08-13 20:15 - 01012996 _____ C:\Users\Marek\Downloads\adminpanel.zip
2015-08-11 10:08 - 2015-08-11 10:09 - 04818574 _____ C:\Users\Marek\Downloads\WoW Admin Panel Cracked by 0x22.rar
2015-08-10 13:52 - 2015-08-10 13:52 - 04540935 _____ C:\Users\Marek\Downloads\TPB_TNB-1.1.3.zip
2015-08-10 13:42 - 2015-08-10 13:42 - 01978527 _____ C:\Users\Marek\Downloads\MrFishIt4.3.4.rar
2015-08-10 13:41 - 2015-08-10 13:41 - 00889416 _____ (Microsoft Corporation) C:\Users\Marek\Downloads\dotNetFx40_Full_setup.exe
2015-08-09 18:53 - 2015-08-09 18:54 - 00026863 _____ C:\Users\Marek\Documents\HWMonitor.txt
2015-08-06 16:01 - 2015-08-06 16:01 - 00731495 _____ C:\Users\Marek\Downloads\d3d11.zip
2015-08-06 11:29 - 2015-08-06 12:13 - 779235328 _____ C:\Users\Marek\Desktop\Až-vyjde-měsíc.avi
2015-08-04 08:29 - 2015-08-04 08:29 - 00107784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-08-04 08:29 - 2015-08-04 08:29 - 00100568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 11948704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 10094152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 07929616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 07408936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 01193904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-08-04 08:25 - 2015-08-04 08:25 - 00297672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-08-04 08:23 - 2015-08-04 08:23 - 21622784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-08-04 08:19 - 2015-08-04 08:19 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-08-04 08:18 - 2015-08-04 08:18 - 47785472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-08-04 08:14 - 2015-08-04 08:14 - 39714304 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-08-04 08:09 - 2015-08-04 08:09 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-04 08:09 - 2015-08-04 08:09 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-08-04 07:58 - 2015-08-04 07:58 - 27535872 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-08-04 07:57 - 2015-08-04 07:57 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-08-04 06:12 - 2015-08-04 06:12 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-08-04 06:12 - 2015-08-04 06:12 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-08-04 06:11 - 2015-08-04 06:11 - 06477312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-08-04 05:43 - 2015-08-04 05:43 - 05068288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-08-04 05:21 - 2015-08-04 05:21 - 00093696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-08-04 05:21 - 2015-08-04 05:21 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-08-04 04:55 - 2015-08-04 04:55 - 30752256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-08-04 04:32 - 2015-08-04 04:32 - 25299968 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-08-04 04:25 - 2015-08-04 04:25 - 00660928 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-08-04 04:25 - 2015-08-04 04:25 - 00660928 _____ C:\Windows\system32\atiapfxx.blb
2015-08-04 04:25 - 2015-08-04 04:25 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-08-04 04:25 - 2015-08-04 04:25 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-08-04 04:25 - 2015-08-04 04:25 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-08-04 04:24 - 2015-08-04 04:24 - 15716864 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-08-04 04:24 - 2015-08-04 04:24 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-08-04 04:24 - 2015-08-04 04:24 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-08-04 04:21 - 2015-08-04 04:21 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-08-04 04:21 - 2015-08-04 04:21 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-08-04 04:21 - 2015-08-04 04:21 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-08-04 04:16 - 2015-08-04 04:16 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-08-04 04:07 - 2015-08-04 04:07 - 00672768 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-08-04 04:07 - 2015-08-04 04:07 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-08-04 04:07 - 2015-08-04 04:07 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-08-04 04:07 - 2015-08-04 04:07 - 00160256 _____ C:\Windows\system32\atieah64.exe
2015-08-04 04:07 - 2015-08-04 04:07 - 00143872 _____ C:\Windows\SysWOW64\atieah32.exe
2015-08-04 04:07 - 2015-08-04 04:07 - 00029696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-08-04 04:06 - 2015-08-04 04:06 - 00246784 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-08-04 04:05 - 2015-08-04 04:05 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-08-04 04:00 - 2015-08-04 04:00 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-08-04 03:48 - 2015-08-04 03:48 - 00865792 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2015-08-04 03:48 - 2015-08-04 03:48 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-08-04 03:47 - 2015-08-04 03:47 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-08-04 03:42 - 2015-08-04 03:42 - 00665088 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-08-04 03:42 - 2015-08-04 03:42 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-08-04 03:42 - 2015-08-04 03:42 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-08-04 03:37 - 2015-08-04 03:37 - 00102912 _____ C:\Windows\system32\hsa-thunk64.dll
2015-08-04 03:37 - 2015-08-04 03:37 - 00102400 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-08-04 03:35 - 2015-08-04 03:35 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-08-02 14:46 - 2015-08-02 14:46 - 05972007 _____ C:\Users\Marek\Downloads\QuestHelper-4.3.0.244r.zip
2015-08-02 14:45 - 2015-08-02 14:45 - 00291693 _____ C:\Users\Marek\Downloads\Loremaster-v4.3.0.5.zip
2015-08-01 22:32 - 2015-08-01 22:32 - 00526904 _____ C:\Users\Marek\Downloads\TradeSkillMaster-v1.4.zip
2015-08-01 21:39 - 2015-08-01 21:39 - 00187554 _____ C:\Users\Marek\Downloads\TinyDPS.zip
2015-08-01 21:38 - 2015-08-01 21:38 - 00960625 _____ C:\Users\Marek\Downloads\AckisRecipeList-2.3.3.zip
2015-08-01 21:36 - 2015-08-01 21:36 - 00424627 _____ C:\Users\Marek\Downloads\Spy-2.0.2-release.zip
2015-08-01 21:34 - 2015-08-01 21:34 - 01291226 _____ C:\Users\Marek\Downloads\AtlasLoot-v6.05.04.zip
2015-08-01 21:32 - 2015-08-01 21:32 - 00135164 _____ C:\Users\Marek\Downloads\Bagnon_4.3.25.zip
2015-08-01 21:31 - 2015-08-01 21:31 - 00626258 _____ C:\Users\Marek\Downloads\Gatherer-3.3.0.zip
2015-08-01 21:29 - 2015-08-01 21:29 - 00094731 _____ C:\Users\Marek\Downloads\TradeSkillMaster_Shopping-v1.3.2.zip
2015-08-01 21:28 - 2015-08-01 21:28 - 00168355 _____ C:\Users\Marek\Downloads\TradeSkillMaster_Auctioning-v1.2.4.zip
2015-08-01 21:28 - 2015-08-01 21:28 - 00145545 _____ C:\Users\Marek\Downloads\TradeSkillMaster_AuctionDB-v1.3.1.zip
2015-08-01 21:26 - 2015-08-01 21:26 - 00825829 _____ C:\Users\Marek\Downloads\QuestCompletist_v0.99.7.zip
2015-08-01 19:55 - 2015-08-01 20:02 - 00000000 ____D C:\Users\Marek\Desktop\Nová složka (4)
2015-08-01 18:19 - 2015-08-01 18:19 - 00000000 ____D C:\Users\Marek\AppData\Roaming\TradeSkillMaster
2015-08-01 18:16 - 2015-08-01 18:17 - 07703999 _____ C:\Users\Marek\Downloads\TSMApplication.zip
2015-08-01 17:16 - 2015-08-01 17:20 - 00000000 ____D C:\Users\Marek\Desktop\ebook
2015-08-01 17:13 - 2015-08-01 19:59 - 922727644 _____ C:\Users\Marek\Desktop\Nezvratný-osud-5.avi
2015-08-01 17:12 - 2015-08-01 19:39 - 1095997214 _____ C:\Users\Marek\Desktop\Nezvratný-osud-3-=2006-Horor-DVD-CZ.avi
2015-08-01 17:12 - 2015-08-01 19:37 - 1012630188 _____ C:\Users\Marek\Desktop\Nezvratný-osud-4-(2009)-(CZ+CZ-tit.)-(Horor,-Thriller).avi
2015-08-01 17:11 - 2015-08-01 19:32 - 1008260308 _____ C:\Users\Marek\Desktop\Nezvratný-osud_2.AVI
2015-08-01 17:06 - 2015-08-01 19:15 - 943520774 _____ C:\Users\Marek\Desktop\Nezvratný-osud-1.avi
2015-08-01 12:21 - 2015-08-01 12:21 - 00000050 _____ C:\Users\Marek\Desktop\EnergyFM.m3u
2015-08-01 09:59 - 2015-08-18 21:57 - 00000000 ____D C:\ProgramData\UPV
2015-08-01 09:59 - 2015-08-01 09:59 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdаmаx Keylogger 4.3.1
2015-07-30 19:12 - 2015-07-30 19:12 - 00298857 _____ C:\Users\Marek\Downloads\SexyMap-v1.8.4-28-g0303f3d.zip
2015-07-30 19:09 - 2015-07-30 19:09 - 00446477 _____ C:\Users\Marek\Downloads\SexyMap-v2.4.25.zip
2015-07-30 19:09 - 2015-07-30 19:09 - 00378804 _____ C:\Users\Marek\Downloads\Recount-v4.3.0d_release.zip
2015-07-30 19:09 - 2015-07-30 19:09 - 00060846 _____ C:\Users\Marek\Downloads\OmniCC_4.3.2.zip
2015-07-30 19:08 - 2015-07-30 19:08 - 03576304 _____ C:\Users\Marek\Downloads\AuctioneerSuite-5.13.5258.zip
2015-07-30 19:06 - 2015-07-30 19:06 - 00078475 _____ C:\Users\Marek\Downloads\Postal-r366.zip
2015-07-28 19:35 - 2015-08-25 16:31 - 00000000 ____D C:\Users\Marek\Desktop\Deffender.eu_CATA_client_4.3.4
2015-07-28 19:31 - 2015-07-28 19:31 - 11581763 _____ C:\Users\Marek\Downloads\Deffender.eu_CATA_client_4.3.4.rar
2015-07-28 17:49 - 2015-07-28 20:57 - 1791969280 _____ C:\Users\Marek\Desktop\Vlk-z-Wall-Street-_-The-Wolf-of-Wall-Street-2013,-CZ.avi
2015-07-27 00:45 - 2015-07-27 00:45 - 01318500 _____ C:\Users\Marek\Downloads\Wpe_Ass_beta2_x64.rar
2015-07-26 17:08 - 2015-08-03 20:12 - 00001027 _____ C:\Users\Marek\Desktop\HeavyLoad.lnk
2015-07-26 17:08 - 2015-07-26 17:08 - 00000000 ____D C:\Users\Marek\AppData\Roaming\JAM Software
2015-07-26 17:08 - 2015-07-26 17:08 - 00000000 ____D C:\Program Files\JAM Software
2015-07-26 12:09 - 2015-07-26 12:10 - 03907296 _____ (Crystal Dew World ) C:\Users\Marek\Downloads\CrystalDiskInfo6_5_2-en.exe
2015-07-26 12:05 - 2015-07-26 12:10 - 00001186 _____ C:\Users\Marek\Desktop\CrystalDiskInfo.lnk
2015-07-26 12:05 - 2015-07-26 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-07-26 12:05 - 2015-07-26 12:10 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-25 20:42 - 2014-09-20 13:07 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-25 20:19 - 2014-11-05 12:55 - 01609661 _____ C:\Windows\WindowsUpdate.log
2015-08-25 17:35 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-25 17:35 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-25 17:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-25 17:25 - 2014-10-19 17:22 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Mozilla
2015-08-25 16:26 - 2015-02-16 19:59 - 00000000 ____D C:\Users\Marek\Desktop\World of Warcraft 3.3.5a
2015-08-25 10:46 - 2014-12-07 12:38 - 00000000 ____D C:\Users\Marek\Desktop\HJT
2015-08-25 10:40 - 2014-12-07 11:51 - 00000000 ____D C:\Windows\erdnt
2015-08-24 21:47 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-24 21:45 - 2009-07-14 04:34 - 88866816 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-08-24 21:45 - 2009-07-14 04:34 - 18612224 _____ C:\Windows\system32\config\SYSTEM.bak
2015-08-24 21:45 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-08-24 21:45 - 2009-07-14 04:34 - 00225280 _____ C:\Windows\system32\config\DEFAULT.bak
2015-08-24 21:45 - 2009-07-14 04:34 - 00024576 _____ C:\Windows\system32\config\SECURITY.bak
2015-08-24 15:50 - 2014-09-20 13:16 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-24 15:34 - 2015-04-03 17:51 - 00016238 _____ C:\zoek-results.log
2015-08-24 15:18 - 2015-04-03 17:50 - 00000000 ____D C:\zoek_backup
2015-08-24 14:58 - 2014-12-03 18:07 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-08-24 13:39 - 2009-07-14 07:13 - 00794254 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-24 12:57 - 2014-12-03 18:07 - 00000000 ____D C:\ProgramData\RogueKiller
2015-08-24 12:50 - 2014-09-20 13:28 - 00000000 ____D C:\ProgramData\IObit
2015-08-24 12:50 - 2014-09-20 13:26 - 00000000 ____D C:\Users\Marek\AppData\Roaming\IObit
2015-08-24 12:43 - 2014-10-12 13:31 - 00000000 ____D C:\Users\Marek\AppData\Roaming\TS3Client
2015-08-23 22:56 - 2015-05-05 02:21 - 00000000 ____D C:\Users\Marek\Desktop\Skola
2015-08-22 10:58 - 2014-09-20 12:46 - 00000000 ____D C:\Program Files\AMD
2015-08-22 10:54 - 2014-09-20 12:36 - 00000000 ____D C:\AMD
2015-08-21 12:41 - 2014-09-20 14:01 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Skype
2015-08-21 11:32 - 2014-09-20 13:20 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-20 10:53 - 2015-02-27 14:48 - 00000000 ____D C:\Users\Marek\AppData\Roaming\BitTorrent
2015-08-19 12:36 - 2015-02-15 01:47 - 00003830 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1423957675
2015-08-19 12:28 - 2014-09-20 20:05 - 00007607 _____ C:\Users\Marek\AppData\Local\Resmon.ResmonCfg
2015-08-14 06:46 - 2009-07-14 07:08 - 00032598 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-11 22:00 - 2015-01-31 11:54 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-11 22:00 - 2014-09-20 14:30 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-11 22:00 - 2014-09-20 14:30 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-04 08:28 - 2014-04-18 04:42 - 01445224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-08-04 08:28 - 2014-04-18 04:42 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-08-04 08:27 - 2014-04-18 04:42 - 08893160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-08-04 08:27 - 2014-04-18 04:42 - 08779872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-08-04 04:07 - 2014-04-18 03:30 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-08-04 03:43 - 2014-04-18 03:09 - 01247744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-08-03 21:10 - 2015-04-09 10:55 - 00000000 ____D C:\Users\Marek\Documents\My Scans
2015-07-28 13:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-26 18:58 - 2015-02-22 12:59 - 00000000 ____D C:\Users\Marek\AppData\Roaming\vlc
2015-07-26 11:54 - 2015-07-24 08:17 - 00000000 ____D C:\Users\Public\Documents\Sports Interactive
2015-07-26 11:54 - 2015-07-24 08:17 - 00000000 ____D C:\Users\Marek\Documents\Sports Interactive
2015-07-26 11:54 - 2015-07-24 08:17 - 00000000 ____D C:\Users\Marek\AppData\Local\Sports Interactive
==================== Files in the root of some directories =======
2015-01-14 21:36 - 2015-01-14 21:36 - 1065984 _____ () C:\Users\Marek\AppData\Local\file__0.localstorage
2014-09-20 20:05 - 2015-08-19 12:28 - 0007607 _____ () C:\Users\Marek\AppData\Local\Resmon.ResmonCfg
2014-09-20 13:56 - 2014-11-11 13:49 - 0001809 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-22 13:19
==================== End of FRST.txt ============================
Ran by Marek (administrator) on MAREK-PC (25-08-2015 21:46:43)
Running from C:\Users\Marek\Desktop
Loaded Profiles: Marek (Available Profiles: Marek)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3296281421-397883660-745250294-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3296281421-397883660-745250294-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-04] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-04] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A0D066BF-65C4-4FE6-B14D-2C661AAA58A6}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\kbhmwv7t.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3296281421-397883660-745250294-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-09-20]
FF HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: No Name - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\kbhmwv7t.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [not found]
Chrome:
=======
CHR Profile: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-26]
CHR Extension: (Google Docs) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-26]
CHR Extension: (Google Drive) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-26]
CHR Extension: (YouTube) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-26]
CHR Extension: (Google Search) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-26]
CHR Extension: (Google Sheets) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-26]
CHR Extension: (AdBlock) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-13]
CHR Extension: (Gmail) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-26]
Opera:
=======
OPR Extension: (adblockforopera) - C:\Users\Marek\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2014-12-05]
OPR Extension: (Adblock Plus) - C:\Users\Marek\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-04-03]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-09-15] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2015-02-19] () [File not signed]
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation)
S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-24] (Etron Technology Inc)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-22] (REALiX(tm))
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2015-02-19] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-25 21:46 - 2015-08-25 21:47 - 00011156 _____ C:\Users\Marek\Desktop\FRST.txt
2015-08-25 21:46 - 2015-08-25 21:46 - 00000000 ____D C:\FRST
2015-08-25 19:21 - 2015-08-25 19:21 - 02186752 _____ (Farbar) C:\Users\Marek\Desktop\FRST64.exe
2015-08-25 17:25 - 2015-08-25 17:25 - 00000000 ____D C:\_OTL
2015-08-25 16:01 - 2015-08-25 16:01 - 00129940 _____ C:\Users\Marek\Desktop\OTL.Txt
2015-08-25 16:01 - 2015-08-25 16:01 - 00081556 _____ C:\Users\Marek\Desktop\Extras.Txt
2015-08-25 15:52 - 2015-08-25 15:52 - 00602112 _____ (OldTimer Tools) C:\Users\Marek\Desktop\OTL.exe
2015-08-25 15:45 - 2015-08-25 15:46 - 12016711 _____ C:\Users\Marek\Downloads\ATKPackage_Win7_32_Z100023.zip
2015-08-25 13:23 - 2015-08-25 13:28 - 165329515 _____ C:\Users\Marek\Downloads\VGA_ATI_Win7_32_Z884.zip
2015-08-25 10:47 - 2015-08-25 19:14 - 00005205 _____ C:\Users\Marek\Desktop\hijackthis.log
2015-08-24 22:03 - 2015-08-24 22:03 - 00000512 _____ C:\Users\Marek\Desktop\MBR.dat
2015-08-24 22:02 - 2015-08-24 22:02 - 00981728 _____ (SlimWare Utilities, Inc.) C:\Users\Marek\Downloads\SlimDrivers-setup (1).exe
2015-08-24 15:35 - 2015-08-24 15:35 - 00016241 _____ C:\Users\Marek\Desktop\zoek-results.txt
2015-08-24 15:33 - 2015-08-25 10:43 - 00002256 _____ C:\Windows\PFRO.log
2015-08-24 15:26 - 2015-08-24 15:06 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-08-24 15:07 - 2015-06-27 11:38 - 00007218 _____ C:\zoek-results2015-06-27-093858.log
2015-08-24 15:06 - 2015-08-24 15:06 - 00002998 _____ C:\Users\Marek\Desktop\rogue.txt
2015-08-24 14:40 - 2015-08-24 14:40 - 00183544 _____ C:\Users\Marek\Downloads\grub4dos.zip
2015-08-24 14:35 - 2015-08-24 14:35 - 01352435 _____ C:\Users\Marek\Downloads\setup_magicdisc.exe
2015-08-24 14:35 - 2009-02-24 18:35 - 00255552 _____ (MagicISO, Inc.) C:\Windows\SysWOW64\Drivers\mcdbus.sys
2015-08-24 14:35 - 2009-02-24 18:35 - 00255552 _____ (MagicISO, Inc.) C:\Windows\system32\Drivers\mcdbus.sys
2015-08-24 14:06 - 2015-08-24 14:25 - 621283886 _____ C:\Users\Marek\Downloads\Hirens.BootCD.15.2.zip
2015-08-24 14:03 - 2009-10-04 12:47 - 00037888 _____ C:\Users\Marek\Desktop\usb_format.exe
2015-08-24 14:02 - 2015-08-24 14:02 - 00035228 _____ C:\Users\Marek\Downloads\USBFormat.zip
2015-08-24 13:41 - 2015-08-24 13:41 - 06146198 _____ (LinuxLive USB Creator) C:\Users\Marek\Downloads\LinuxLive USB Creator 2.9.3 (1).exe
2015-08-24 13:36 - 2015-08-24 13:40 - 06146198 _____ (LinuxLive USB Creator) C:\Users\Marek\Downloads\LinuxLive USB Creator 2.9.3.exe
2015-08-24 00:56 - 2015-08-24 00:56 - 00086089 _____ C:\Users\Marek\Downloads\NeedToKnow_3_1_7 (1).zip
2015-08-24 00:56 - 2015-08-24 00:56 - 00053849 _____ C:\Users\Marek\Downloads\MoveAnything (1).zip
2015-08-24 00:55 - 2015-08-24 00:55 - 00309311 _____ C:\Users\Marek\Downloads\ShockAndAwe-v5.92.zip
2015-08-23 22:22 - 2015-08-24 12:45 - 00000000 ____D C:\AdwCleaner
2015-08-22 18:13 - 2015-08-22 19:35 - 732973056 _____ C:\Users\Marek\Desktop\Insidious-2-2013-CZ-titulky.avi
2015-08-22 11:06 - 2015-08-22 11:06 - 00000000 ____D C:\ProgramData\ATI
2015-08-22 11:05 - 2015-08-22 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-08-22 11:03 - 2015-08-22 11:18 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Raptr
2015-08-22 11:03 - 2015-08-22 11:05 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-22 11:03 - 2015-08-22 11:03 - 00053615 _____ C:\Windows\SysWOW64\CCCInstall_201508221103232609.log
2015-08-22 11:03 - 2015-08-22 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-22 10:44 - 2015-08-22 10:53 - 300806184 _____ (AMD Inc.) C:\Users\Marek\Downloads\amd-catalyst-15.7.1-with-dotnet45-win7-64bit.exe
2015-08-21 13:29 - 2015-08-21 13:29 - 00135635 _____ C:\Users\Marek\Downloads\MrPlow-v10.2.10-Beta.zip
2015-08-21 12:51 - 2015-08-21 12:51 - 00065218 _____ C:\Users\Marek\Downloads\LootFilter3.20.zip
2015-08-19 12:07 - 2015-08-25 17:27 - 00002455 _____ C:\Windows\setupact.log
2015-08-19 12:07 - 2015-08-19 12:07 - 00000000 _____ C:\Windows\setuperr.log
2015-08-18 21:43 - 2015-08-19 17:12 - 1619147764 _____ C:\Users\Marek\Desktop\Insidious-1.-cz-tit..avi
2015-08-18 20:04 - 2015-08-19 16:45 - 00000000 ____D C:\Users\Marek\Downloads\Wrong Turn 1, 2, 3, 4, 5, 6 - Complete Slasher Saga Eng Subs 720p [H264-mp4]
2015-08-18 20:03 - 2015-08-18 20:04 - 00014874 _____ C:\Users\Marek\Downloads\[kat.cr]wrong.turn.1.2.3.4.5.6.complete.slasher.saga.eng.subs.720p.h264.mp4.torrent
2015-08-18 01:30 - 2015-08-18 01:30 - 00092262 _____ C:\Users\Marek\Downloads\NeedToKnow_4_2_04.zip
2015-08-18 01:20 - 2015-08-18 01:20 - 00397722 _____ C:\Users\Marek\Downloads\Quartz-3.0.8.zip
2015-08-18 01:15 - 2015-08-18 01:15 - 00079574 _____ C:\Users\Marek\Downloads\MoveAnything.zip
2015-08-17 16:44 - 2015-08-17 16:44 - 00437598 _____ C:\Users\Marek\Desktop\4.3 Patch.zip
2015-08-17 16:43 - 2015-08-17 16:43 - 00385645 _____ C:\Users\Marek\Downloads\PQR 4.3.4.7z
2015-08-17 16:43 - 2013-10-28 13:17 - 00000000 ____D C:\Users\Marek\Desktop\PQR 4.3.4
2015-08-17 15:04 - 2015-08-17 15:04 - 00154056 _____ C:\Users\Marek\Downloads\Reforgenator-v1.3.19.zip
2015-08-17 14:56 - 2015-08-17 14:56 - 00187796 _____ C:\Users\Marek\Downloads\RaidChecklist-4.2.0.zip
2015-08-17 14:53 - 2015-08-17 14:53 - 00005303 _____ C:\Users\Marek\Downloads\GreenRange-v1.0.3.zip
2015-08-17 14:52 - 2015-08-17 14:52 - 00235316 _____ C:\Users\Marek\Downloads\JSHB.zip
2015-08-14 18:39 - 2015-08-14 18:39 - 01106481 _____ C:\Users\Marek\Downloads\DBM-4.10.14-r7705-Core-and-Cataclysm-Mods.zip
2015-08-14 18:37 - 2015-08-14 18:37 - 00852879 _____ C:\Users\Marek\Downloads\ArkInventory-3.02.95.zip
2015-08-14 07:42 - 2015-08-15 23:11 - 00000000 ____D C:\Users\Marek\Desktop\2
2015-08-14 07:36 - 2015-08-14 07:42 - 04818474 _____ C:\Users\Marek\Downloads\WoW Admin Panel Cracked by 0x22 (1).rar
2015-08-14 07:33 - 2015-08-14 07:34 - 01012996 _____ C:\Users\Marek\Downloads\adminpanel (1).zip
2015-08-14 07:04 - 2015-08-14 07:04 - 01700554 _____ C:\Users\Marek\Downloads\adminpanel.rar
2015-08-14 01:43 - 2015-08-14 01:43 - 01978527 _____ C:\Users\Marek\Downloads\MrFishIt_4.4.3.rar
2015-08-14 01:40 - 2015-08-14 01:40 - 02058092 _____ C:\Users\Marek\Downloads\MrFishIt-4.0.135.zip
2015-08-14 01:40 - 2015-08-14 01:40 - 00000000 ____D C:\Users\Marek\Downloads\MrFishIt-4.0.135
2015-08-13 20:15 - 2015-08-13 20:15 - 01012996 _____ C:\Users\Marek\Downloads\adminpanel.zip
2015-08-11 10:08 - 2015-08-11 10:09 - 04818574 _____ C:\Users\Marek\Downloads\WoW Admin Panel Cracked by 0x22.rar
2015-08-10 13:52 - 2015-08-10 13:52 - 04540935 _____ C:\Users\Marek\Downloads\TPB_TNB-1.1.3.zip
2015-08-10 13:42 - 2015-08-10 13:42 - 01978527 _____ C:\Users\Marek\Downloads\MrFishIt4.3.4.rar
2015-08-10 13:41 - 2015-08-10 13:41 - 00889416 _____ (Microsoft Corporation) C:\Users\Marek\Downloads\dotNetFx40_Full_setup.exe
2015-08-09 18:53 - 2015-08-09 18:54 - 00026863 _____ C:\Users\Marek\Documents\HWMonitor.txt
2015-08-06 16:01 - 2015-08-06 16:01 - 00731495 _____ C:\Users\Marek\Downloads\d3d11.zip
2015-08-06 11:29 - 2015-08-06 12:13 - 779235328 _____ C:\Users\Marek\Desktop\Až-vyjde-měsíc.avi
2015-08-04 08:29 - 2015-08-04 08:29 - 00107784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-08-04 08:29 - 2015-08-04 08:29 - 00100568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 11948704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 10094152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 07929616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 07408936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 01193904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-08-04 08:28 - 2015-08-04 08:28 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-08-04 08:25 - 2015-08-04 08:25 - 00297672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-08-04 08:23 - 2015-08-04 08:23 - 21622784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-08-04 08:19 - 2015-08-04 08:19 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-08-04 08:18 - 2015-08-04 08:18 - 47785472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-08-04 08:14 - 2015-08-04 08:14 - 39714304 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-08-04 08:09 - 2015-08-04 08:09 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-04 08:09 - 2015-08-04 08:09 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-08-04 07:58 - 2015-08-04 07:58 - 27535872 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-08-04 07:57 - 2015-08-04 07:57 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-08-04 06:12 - 2015-08-04 06:12 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-08-04 06:12 - 2015-08-04 06:12 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-08-04 06:11 - 2015-08-04 06:11 - 06477312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-08-04 05:43 - 2015-08-04 05:43 - 05068288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-08-04 05:21 - 2015-08-04 05:21 - 00093696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-08-04 05:21 - 2015-08-04 05:21 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-08-04 04:55 - 2015-08-04 04:55 - 30752256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-08-04 04:32 - 2015-08-04 04:32 - 25299968 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-08-04 04:25 - 2015-08-04 04:25 - 00660928 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-08-04 04:25 - 2015-08-04 04:25 - 00660928 _____ C:\Windows\system32\atiapfxx.blb
2015-08-04 04:25 - 2015-08-04 04:25 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-08-04 04:25 - 2015-08-04 04:25 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-08-04 04:25 - 2015-08-04 04:25 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-08-04 04:24 - 2015-08-04 04:24 - 15716864 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-08-04 04:24 - 2015-08-04 04:24 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-08-04 04:24 - 2015-08-04 04:24 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-08-04 04:21 - 2015-08-04 04:21 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-08-04 04:21 - 2015-08-04 04:21 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-08-04 04:21 - 2015-08-04 04:21 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-08-04 04:16 - 2015-08-04 04:16 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-08-04 04:07 - 2015-08-04 04:07 - 00672768 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-08-04 04:07 - 2015-08-04 04:07 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-08-04 04:07 - 2015-08-04 04:07 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-08-04 04:07 - 2015-08-04 04:07 - 00160256 _____ C:\Windows\system32\atieah64.exe
2015-08-04 04:07 - 2015-08-04 04:07 - 00143872 _____ C:\Windows\SysWOW64\atieah32.exe
2015-08-04 04:07 - 2015-08-04 04:07 - 00029696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-08-04 04:06 - 2015-08-04 04:06 - 00246784 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-08-04 04:05 - 2015-08-04 04:05 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-08-04 04:00 - 2015-08-04 04:00 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-08-04 03:48 - 2015-08-04 03:48 - 00865792 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2015-08-04 03:48 - 2015-08-04 03:48 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-08-04 03:47 - 2015-08-04 03:47 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-08-04 03:43 - 2015-08-04 03:43 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-08-04 03:42 - 2015-08-04 03:42 - 00665088 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-08-04 03:42 - 2015-08-04 03:42 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-08-04 03:42 - 2015-08-04 03:42 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-08-04 03:37 - 2015-08-04 03:37 - 00102912 _____ C:\Windows\system32\hsa-thunk64.dll
2015-08-04 03:37 - 2015-08-04 03:37 - 00102400 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-08-04 03:35 - 2015-08-04 03:35 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-08-02 14:46 - 2015-08-02 14:46 - 05972007 _____ C:\Users\Marek\Downloads\QuestHelper-4.3.0.244r.zip
2015-08-02 14:45 - 2015-08-02 14:45 - 00291693 _____ C:\Users\Marek\Downloads\Loremaster-v4.3.0.5.zip
2015-08-01 22:32 - 2015-08-01 22:32 - 00526904 _____ C:\Users\Marek\Downloads\TradeSkillMaster-v1.4.zip
2015-08-01 21:39 - 2015-08-01 21:39 - 00187554 _____ C:\Users\Marek\Downloads\TinyDPS.zip
2015-08-01 21:38 - 2015-08-01 21:38 - 00960625 _____ C:\Users\Marek\Downloads\AckisRecipeList-2.3.3.zip
2015-08-01 21:36 - 2015-08-01 21:36 - 00424627 _____ C:\Users\Marek\Downloads\Spy-2.0.2-release.zip
2015-08-01 21:34 - 2015-08-01 21:34 - 01291226 _____ C:\Users\Marek\Downloads\AtlasLoot-v6.05.04.zip
2015-08-01 21:32 - 2015-08-01 21:32 - 00135164 _____ C:\Users\Marek\Downloads\Bagnon_4.3.25.zip
2015-08-01 21:31 - 2015-08-01 21:31 - 00626258 _____ C:\Users\Marek\Downloads\Gatherer-3.3.0.zip
2015-08-01 21:29 - 2015-08-01 21:29 - 00094731 _____ C:\Users\Marek\Downloads\TradeSkillMaster_Shopping-v1.3.2.zip
2015-08-01 21:28 - 2015-08-01 21:28 - 00168355 _____ C:\Users\Marek\Downloads\TradeSkillMaster_Auctioning-v1.2.4.zip
2015-08-01 21:28 - 2015-08-01 21:28 - 00145545 _____ C:\Users\Marek\Downloads\TradeSkillMaster_AuctionDB-v1.3.1.zip
2015-08-01 21:26 - 2015-08-01 21:26 - 00825829 _____ C:\Users\Marek\Downloads\QuestCompletist_v0.99.7.zip
2015-08-01 19:55 - 2015-08-01 20:02 - 00000000 ____D C:\Users\Marek\Desktop\Nová složka (4)
2015-08-01 18:19 - 2015-08-01 18:19 - 00000000 ____D C:\Users\Marek\AppData\Roaming\TradeSkillMaster
2015-08-01 18:16 - 2015-08-01 18:17 - 07703999 _____ C:\Users\Marek\Downloads\TSMApplication.zip
2015-08-01 17:16 - 2015-08-01 17:20 - 00000000 ____D C:\Users\Marek\Desktop\ebook
2015-08-01 17:13 - 2015-08-01 19:59 - 922727644 _____ C:\Users\Marek\Desktop\Nezvratný-osud-5.avi
2015-08-01 17:12 - 2015-08-01 19:39 - 1095997214 _____ C:\Users\Marek\Desktop\Nezvratný-osud-3-=2006-Horor-DVD-CZ.avi
2015-08-01 17:12 - 2015-08-01 19:37 - 1012630188 _____ C:\Users\Marek\Desktop\Nezvratný-osud-4-(2009)-(CZ+CZ-tit.)-(Horor,-Thriller).avi
2015-08-01 17:11 - 2015-08-01 19:32 - 1008260308 _____ C:\Users\Marek\Desktop\Nezvratný-osud_2.AVI
2015-08-01 17:06 - 2015-08-01 19:15 - 943520774 _____ C:\Users\Marek\Desktop\Nezvratný-osud-1.avi
2015-08-01 12:21 - 2015-08-01 12:21 - 00000050 _____ C:\Users\Marek\Desktop\EnergyFM.m3u
2015-08-01 09:59 - 2015-08-18 21:57 - 00000000 ____D C:\ProgramData\UPV
2015-08-01 09:59 - 2015-08-01 09:59 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdаmаx Keylogger 4.3.1
2015-07-30 19:12 - 2015-07-30 19:12 - 00298857 _____ C:\Users\Marek\Downloads\SexyMap-v1.8.4-28-g0303f3d.zip
2015-07-30 19:09 - 2015-07-30 19:09 - 00446477 _____ C:\Users\Marek\Downloads\SexyMap-v2.4.25.zip
2015-07-30 19:09 - 2015-07-30 19:09 - 00378804 _____ C:\Users\Marek\Downloads\Recount-v4.3.0d_release.zip
2015-07-30 19:09 - 2015-07-30 19:09 - 00060846 _____ C:\Users\Marek\Downloads\OmniCC_4.3.2.zip
2015-07-30 19:08 - 2015-07-30 19:08 - 03576304 _____ C:\Users\Marek\Downloads\AuctioneerSuite-5.13.5258.zip
2015-07-30 19:06 - 2015-07-30 19:06 - 00078475 _____ C:\Users\Marek\Downloads\Postal-r366.zip
2015-07-28 19:35 - 2015-08-25 16:31 - 00000000 ____D C:\Users\Marek\Desktop\Deffender.eu_CATA_client_4.3.4
2015-07-28 19:31 - 2015-07-28 19:31 - 11581763 _____ C:\Users\Marek\Downloads\Deffender.eu_CATA_client_4.3.4.rar
2015-07-28 17:49 - 2015-07-28 20:57 - 1791969280 _____ C:\Users\Marek\Desktop\Vlk-z-Wall-Street-_-The-Wolf-of-Wall-Street-2013,-CZ.avi
2015-07-27 00:45 - 2015-07-27 00:45 - 01318500 _____ C:\Users\Marek\Downloads\Wpe_Ass_beta2_x64.rar
2015-07-26 17:08 - 2015-08-03 20:12 - 00001027 _____ C:\Users\Marek\Desktop\HeavyLoad.lnk
2015-07-26 17:08 - 2015-07-26 17:08 - 00000000 ____D C:\Users\Marek\AppData\Roaming\JAM Software
2015-07-26 17:08 - 2015-07-26 17:08 - 00000000 ____D C:\Program Files\JAM Software
2015-07-26 12:09 - 2015-07-26 12:10 - 03907296 _____ (Crystal Dew World ) C:\Users\Marek\Downloads\CrystalDiskInfo6_5_2-en.exe
2015-07-26 12:05 - 2015-07-26 12:10 - 00001186 _____ C:\Users\Marek\Desktop\CrystalDiskInfo.lnk
2015-07-26 12:05 - 2015-07-26 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-07-26 12:05 - 2015-07-26 12:10 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-25 20:42 - 2014-09-20 13:07 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-25 20:19 - 2014-11-05 12:55 - 01609661 _____ C:\Windows\WindowsUpdate.log
2015-08-25 17:35 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-25 17:35 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-25 17:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-25 17:25 - 2014-10-19 17:22 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Mozilla
2015-08-25 16:26 - 2015-02-16 19:59 - 00000000 ____D C:\Users\Marek\Desktop\World of Warcraft 3.3.5a
2015-08-25 10:46 - 2014-12-07 12:38 - 00000000 ____D C:\Users\Marek\Desktop\HJT
2015-08-25 10:40 - 2014-12-07 11:51 - 00000000 ____D C:\Windows\erdnt
2015-08-24 21:47 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-24 21:45 - 2009-07-14 04:34 - 88866816 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-08-24 21:45 - 2009-07-14 04:34 - 18612224 _____ C:\Windows\system32\config\SYSTEM.bak
2015-08-24 21:45 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-08-24 21:45 - 2009-07-14 04:34 - 00225280 _____ C:\Windows\system32\config\DEFAULT.bak
2015-08-24 21:45 - 2009-07-14 04:34 - 00024576 _____ C:\Windows\system32\config\SECURITY.bak
2015-08-24 15:50 - 2014-09-20 13:16 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-24 15:34 - 2015-04-03 17:51 - 00016238 _____ C:\zoek-results.log
2015-08-24 15:18 - 2015-04-03 17:50 - 00000000 ____D C:\zoek_backup
2015-08-24 14:58 - 2014-12-03 18:07 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-08-24 13:39 - 2009-07-14 07:13 - 00794254 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-24 12:57 - 2014-12-03 18:07 - 00000000 ____D C:\ProgramData\RogueKiller
2015-08-24 12:50 - 2014-09-20 13:28 - 00000000 ____D C:\ProgramData\IObit
2015-08-24 12:50 - 2014-09-20 13:26 - 00000000 ____D C:\Users\Marek\AppData\Roaming\IObit
2015-08-24 12:43 - 2014-10-12 13:31 - 00000000 ____D C:\Users\Marek\AppData\Roaming\TS3Client
2015-08-23 22:56 - 2015-05-05 02:21 - 00000000 ____D C:\Users\Marek\Desktop\Skola
2015-08-22 10:58 - 2014-09-20 12:46 - 00000000 ____D C:\Program Files\AMD
2015-08-22 10:54 - 2014-09-20 12:36 - 00000000 ____D C:\AMD
2015-08-21 12:41 - 2014-09-20 14:01 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Skype
2015-08-21 11:32 - 2014-09-20 13:20 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-20 10:53 - 2015-02-27 14:48 - 00000000 ____D C:\Users\Marek\AppData\Roaming\BitTorrent
2015-08-19 12:36 - 2015-02-15 01:47 - 00003830 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1423957675
2015-08-19 12:28 - 2014-09-20 20:05 - 00007607 _____ C:\Users\Marek\AppData\Local\Resmon.ResmonCfg
2015-08-14 06:46 - 2009-07-14 07:08 - 00032598 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-11 22:00 - 2015-01-31 11:54 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-11 22:00 - 2014-09-20 14:30 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-11 22:00 - 2014-09-20 14:30 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-04 08:28 - 2014-04-18 04:42 - 01445224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-08-04 08:28 - 2014-04-18 04:42 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-08-04 08:27 - 2014-04-18 04:42 - 08893160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-08-04 08:27 - 2014-04-18 04:42 - 08779872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-08-04 04:07 - 2014-04-18 03:30 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-08-04 03:43 - 2014-04-18 03:09 - 01247744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-08-03 21:10 - 2015-04-09 10:55 - 00000000 ____D C:\Users\Marek\Documents\My Scans
2015-07-28 13:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-26 18:58 - 2015-02-22 12:59 - 00000000 ____D C:\Users\Marek\AppData\Roaming\vlc
2015-07-26 11:54 - 2015-07-24 08:17 - 00000000 ____D C:\Users\Public\Documents\Sports Interactive
2015-07-26 11:54 - 2015-07-24 08:17 - 00000000 ____D C:\Users\Marek\Documents\Sports Interactive
2015-07-26 11:54 - 2015-07-24 08:17 - 00000000 ____D C:\Users\Marek\AppData\Local\Sports Interactive
==================== Files in the root of some directories =======
2015-01-14 21:36 - 2015-01-14 21:36 - 1065984 _____ () C:\Users\Marek\AppData\Local\file__0.localstorage
2014-09-20 20:05 - 2015-08-19 12:28 - 0007607 _____ () C:\Users\Marek\AppData\Local\Resmon.ResmonCfg
2014-09-20 13:56 - 2014-11-11 13:49 - 0001809 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-22 13:19
==================== End of FRST.txt ============================
Re: Prosím o kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-08-2015
Ran by Marek (2015-08-25 21:48:12)
Running from C:\Users\Marek\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3296281421-397883660-745250294-500 - Administrator - Disabled)
Guest (S-1-5-21-3296281421-397883660-745250294-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3296281421-397883660-745250294-1008 - Limited - Enabled)
Marek (S-1-5-21-3296281421-397883660-745250294-1001 - Administrator - Enabled) => C:\Users\Marek
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Any Video Converter 5.8.1 (HKLM-x32\...\Any Video Converter) (Version: 5.8.1 - Anvsoft)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BitTorrent (HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\BitTorrent) (Version: 7.9.4.40912 - BitTorrent Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Car Mechanic Simulator 2015 (HKLM-x32\...\Car Mechanic Simulator 2015_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Cok Free Auto Clicker 2.0 (HKLM-x32\...\Cok Free Auto Clicker_is1) (Version: 2.0 - Cok Software)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Crusader Kings II Horse Lords (HKLM-x32\...\Crusader Kings II Horse Lords_is1) (Version: - )
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.2 - Bloodshed Software)
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DJ_AIO_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Euro Truck Simulator 2 v1.13.4.1s (17 DLC) (HKLM-x32\...\Euro Truck Simulator 2 v1.13.4.1s (17 DLC)1.13.4.1s) (Version: 1.13.4.1s - Friends in War)
F2100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
F2100_Help (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015CZ_is1) (Version: 1.2.0.0 - GIANTS Software)
Football Manager 2015 version 15.3.2 (HKLM-x32\...\{BD2F10CE-5561-4A0A-BD82-EB56E87D4FFB}_is1) (Version: 15.3.2 - SEGA)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HeavyLoad V3.3 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.3 - JAM Software)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet All-In-One Driver Software 13.0 Rel. 1 (HKLM\...\{EB773820-0871-46A8-9B96-F2B04F8B34F0}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
iResizer 3.0 (HKLM\...\{FD071DBA-2994-4350-93BB-EC245D0D3C74}_is1) (Version: - teorex)
Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
MailWasher (HKLM-x32\...\{70D674B0-9F48-4A5D-B83E-943DC5D26CDD}) (Version: 7.5 - Firetrust)
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
MediaCoder 0.8.34.5716 (HKLM-x32\...\MediaCoder) (Version: 0.8.34.5716 - Mediatronic)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MioMore Desktop 7.50 (HKLM-x32\...\{A2804FE8-4101-48a0-AE1A-575B99014BF4}-Mio-7.50) (Version: 7.50.0110.129 - Mio Technology)
Mozilla Firefox 39.0 (x86 sk) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 sk)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Opera Stable 31.0.1889.174 (HKLM-x32\...\Opera 31.0.1889.174) (Version: 31.0.1889.174 - Opera Software)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.90.826.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Swords and Sandals Full Pack (HKLM-x32\...\Swords and Sandals Full Pack) (Version: - )
TeamSpeak 3 Client (HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: 1.5.139.1020 - Релиз от R.G. Steamgames)
The Sims 4 Luxury Party Stuff DLC (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wireshark 1.12.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.3 - The Wireshark developer community, http://www.wireshark.org)
Аrdаmаx Keylogger 4.3.1 (HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\Аrdаmаx Keylogger 4.3.1) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
25-08-2015 10:41:16 ComboFix created restore point
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-08-24 21:47 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1DF5E449-B1E8-4880-97CB-ABEB84305EA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {465C04C5-D662-4786-B611-E74765AF6BDF} - System32\Tasks\Opera scheduled Autoupdate 1423957675 => C:\Program Files (x86)\Opera\launcher.exe [2015-08-17] (Opera Software)
Task: {5F4CB9AB-E783-4B52-BCA2-02B2237C5C22} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {7FE3626E-DE48-4937-8B4C-A257E2C7B73E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {9FCC310B-6A3D-46F9-A05F-2FC01DDF76D6} - System32\Tasks\Opera scheduled Autoupdate 1411211768 => C:\Program Files (x86)\Opera\launcher.exe [2015-08-17] (Opera Software)
Task: {C8425ED1-3EF2-4BD5-8797-4B6AD6A1A8E4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {F9246BB3-D130-4BB6-9BBB-283B5C03833A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Loaded Modules (Whitelisted) ==============
2014-09-20 13:05 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\100sexlinks.com -> 100sexlinks.com
There are 4788 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3296281421-397883660-745250294-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UPV Start => C:\ProgramData\UPV\UPV.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{70F0CF24-D563-4050-9040-7C4206CD566A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{24AF5842-7641-4365-AAFC-021E2004E368}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6A225FC2-7A37-4DF8-8855-03F17C24D0E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{32E4DE77-E97F-4202-8D3F-293EF13AC678}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7058B30D-58A4-49F9-8151-DBA6D66FB771}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{151D4EEB-B219-426D-A81B-DA294F77A41C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{D58688E2-3764-42FB-A9D0-B1B3EC6BFF18}] => (Allow) C:\Users\Marek\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{49016210-EB1C-4B7A-B102-202AF4458270}] => (Allow) C:\Users\Marek\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{FE844C22-A695-4EC2-8AF6-FB73DF13D2D2}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F80EB9AD-0973-43F1-8B98-86E2641F5FDE}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{37630920-796F-46F8-A778-538B3DF69F05}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{EF7BD257-6B66-4A08-B27B-BAD9B9D88A36}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{98BE1240-8A1A-4826-A3EF-C2401D31F15D}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{F795A6F6-E948-45E5-BE17-01A4517BBEEE}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{99665348-244D-44D8-809C-1D0044674845}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{AF085AB7-D79A-4AA1-A19B-ED7E9E43A7A4}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{288E4AE4-953F-4753-B49C-6F5488E071F5}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{DAB8CF36-C72E-4C8C-AAE4-A75CBB0679EF}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{E5F01E20-0E7F-4B86-81E4-0DCE499798C2}] => (Allow) LPort=500
FirewallRules: [{308B4286-10D7-41B1-9B3D-8C3569B6B874}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{D9CB1D43-FBC1-4B0E-B610-4EC8BE510E6D}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{1CCDFEAE-7A9D-4A4C-99BA-6216161E4055}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{30B94452-A148-4504-BEA4-1D9E552C4A44}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{A6F965DF-5B3F-439C-85E3-EB7DD3AAF3CC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0DAD132B-74EE-4AE7-BDA3-D050D1FD8D7C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{354F2D15-4D84-4447-A651-56ABBBB3BA84}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B2AEA14D-1A92-4872-84B8-76B6048AAA21}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{5AF70C67-880C-4366-8166-60608E0EBDE5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
==================== Faulty Device Manager Devices =============
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/25/2015 05:28:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/25/2015 10:46:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/25/2015 10:38:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/24/2015 09:48:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/24/2015 03:35:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/24/2015 02:50:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/24/2015 02:36:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program setup_magicdisc.exe version 2.5.0.77 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: fe8
Start Time: 01d0de695c38f524
Termination Time: 10
Application Path: C:\Users\Marek\Downloads\setup_magicdisc.exe
Report Id: b0a0f8fa-4a5c-11e5-b5c7-8c89a56adb1c
Error: (08/24/2015 12:48:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/24/2015 06:54:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/23/2015 10:17:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (08/25/2015 05:27:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The lirsgt service failed to start due to the following error:
%%577
Error: (08/25/2015 05:27:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The atksgt service failed to start due to the following error:
%%577
Error: (08/25/2015 05:25:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).
Error: (08/25/2015 10:46:41 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
Error: (08/25/2015 10:46:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The lirsgt service failed to start due to the following error:
%%577
Error: (08/25/2015 10:46:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The atksgt service failed to start due to the following error:
%%577
Error: (08/25/2015 10:38:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
Error: (08/25/2015 10:38:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).
Error: (08/25/2015 10:38:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The lirsgt service failed to start due to the following error:
%%577
Error: (08/25/2015 10:38:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The atksgt service failed to start due to the following error:
%%577
Microsoft Office:
=========================
CodeIntegrity:
===================================
Date: 2015-08-25 17:27:57.990
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 17:27:57.928
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 17:27:56.836
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 17:27:56.789
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 10:46:07.864
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 10:46:07.848
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 10:46:05.228
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 10:46:05.113
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 10:38:07.019
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 10:38:06.780
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU G860 @ 3.00GHz
Percentage of memory in use: 25%
Total physical RAM: 4077.97 MB
Available physical RAM: 3018.36 MB
Total Virtual: 8154.13 MB
Available Virtual: 6609.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.75 GB) (Free:150.8 GB) NTFS ==>[drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 465.8 GB) (Disk ID: 446C446B)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Marek (2015-08-25 21:48:12)
Running from C:\Users\Marek\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3296281421-397883660-745250294-500 - Administrator - Disabled)
Guest (S-1-5-21-3296281421-397883660-745250294-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3296281421-397883660-745250294-1008 - Limited - Enabled)
Marek (S-1-5-21-3296281421-397883660-745250294-1001 - Administrator - Enabled) => C:\Users\Marek
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Any Video Converter 5.8.1 (HKLM-x32\...\Any Video Converter) (Version: 5.8.1 - Anvsoft)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BitTorrent (HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\BitTorrent) (Version: 7.9.4.40912 - BitTorrent Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Car Mechanic Simulator 2015 (HKLM-x32\...\Car Mechanic Simulator 2015_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Cok Free Auto Clicker 2.0 (HKLM-x32\...\Cok Free Auto Clicker_is1) (Version: 2.0 - Cok Software)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Crusader Kings II Horse Lords (HKLM-x32\...\Crusader Kings II Horse Lords_is1) (Version: - )
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.2 - Bloodshed Software)
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DJ_AIO_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Euro Truck Simulator 2 v1.13.4.1s (17 DLC) (HKLM-x32\...\Euro Truck Simulator 2 v1.13.4.1s (17 DLC)1.13.4.1s) (Version: 1.13.4.1s - Friends in War)
F2100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
F2100_Help (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015CZ_is1) (Version: 1.2.0.0 - GIANTS Software)
Football Manager 2015 version 15.3.2 (HKLM-x32\...\{BD2F10CE-5561-4A0A-BD82-EB56E87D4FFB}_is1) (Version: 15.3.2 - SEGA)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HeavyLoad V3.3 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.3 - JAM Software)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet All-In-One Driver Software 13.0 Rel. 1 (HKLM\...\{EB773820-0871-46A8-9B96-F2B04F8B34F0}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
iResizer 3.0 (HKLM\...\{FD071DBA-2994-4350-93BB-EC245D0D3C74}_is1) (Version: - teorex)
Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
MailWasher (HKLM-x32\...\{70D674B0-9F48-4A5D-B83E-943DC5D26CDD}) (Version: 7.5 - Firetrust)
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
MediaCoder 0.8.34.5716 (HKLM-x32\...\MediaCoder) (Version: 0.8.34.5716 - Mediatronic)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MioMore Desktop 7.50 (HKLM-x32\...\{A2804FE8-4101-48a0-AE1A-575B99014BF4}-Mio-7.50) (Version: 7.50.0110.129 - Mio Technology)
Mozilla Firefox 39.0 (x86 sk) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 sk)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Opera Stable 31.0.1889.174 (HKLM-x32\...\Opera 31.0.1889.174) (Version: 31.0.1889.174 - Opera Software)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.90.826.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Swords and Sandals Full Pack (HKLM-x32\...\Swords and Sandals Full Pack) (Version: - )
TeamSpeak 3 Client (HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: 1.5.139.1020 - Релиз от R.G. Steamgames)
The Sims 4 Luxury Party Stuff DLC (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wireshark 1.12.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.3 - The Wireshark developer community, http://www.wireshark.org)
Аrdаmаx Keylogger 4.3.1 (HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\Аrdаmаx Keylogger 4.3.1) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
25-08-2015 10:41:16 ComboFix created restore point
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-08-24 21:47 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1DF5E449-B1E8-4880-97CB-ABEB84305EA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {465C04C5-D662-4786-B611-E74765AF6BDF} - System32\Tasks\Opera scheduled Autoupdate 1423957675 => C:\Program Files (x86)\Opera\launcher.exe [2015-08-17] (Opera Software)
Task: {5F4CB9AB-E783-4B52-BCA2-02B2237C5C22} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {7FE3626E-DE48-4937-8B4C-A257E2C7B73E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {9FCC310B-6A3D-46F9-A05F-2FC01DDF76D6} - System32\Tasks\Opera scheduled Autoupdate 1411211768 => C:\Program Files (x86)\Opera\launcher.exe [2015-08-17] (Opera Software)
Task: {C8425ED1-3EF2-4BD5-8797-4B6AD6A1A8E4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {F9246BB3-D130-4BB6-9BBB-283B5C03833A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Loaded Modules (Whitelisted) ==============
2014-09-20 13:05 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3296281421-397883660-745250294-1001\...\100sexlinks.com -> 100sexlinks.com
There are 4788 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3296281421-397883660-745250294-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UPV Start => C:\ProgramData\UPV\UPV.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{70F0CF24-D563-4050-9040-7C4206CD566A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{24AF5842-7641-4365-AAFC-021E2004E368}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6A225FC2-7A37-4DF8-8855-03F17C24D0E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{32E4DE77-E97F-4202-8D3F-293EF13AC678}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7058B30D-58A4-49F9-8151-DBA6D66FB771}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{151D4EEB-B219-426D-A81B-DA294F77A41C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{D58688E2-3764-42FB-A9D0-B1B3EC6BFF18}] => (Allow) C:\Users\Marek\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{49016210-EB1C-4B7A-B102-202AF4458270}] => (Allow) C:\Users\Marek\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{FE844C22-A695-4EC2-8AF6-FB73DF13D2D2}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{F80EB9AD-0973-43F1-8B98-86E2641F5FDE}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{37630920-796F-46F8-A778-538B3DF69F05}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{EF7BD257-6B66-4A08-B27B-BAD9B9D88A36}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{98BE1240-8A1A-4826-A3EF-C2401D31F15D}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{F795A6F6-E948-45E5-BE17-01A4517BBEEE}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{99665348-244D-44D8-809C-1D0044674845}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{AF085AB7-D79A-4AA1-A19B-ED7E9E43A7A4}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{288E4AE4-953F-4753-B49C-6F5488E071F5}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{DAB8CF36-C72E-4C8C-AAE4-A75CBB0679EF}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{E5F01E20-0E7F-4B86-81E4-0DCE499798C2}] => (Allow) LPort=500
FirewallRules: [{308B4286-10D7-41B1-9B3D-8C3569B6B874}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{D9CB1D43-FBC1-4B0E-B610-4EC8BE510E6D}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{1CCDFEAE-7A9D-4A4C-99BA-6216161E4055}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{30B94452-A148-4504-BEA4-1D9E552C4A44}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{A6F965DF-5B3F-439C-85E3-EB7DD3AAF3CC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0DAD132B-74EE-4AE7-BDA3-D050D1FD8D7C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{354F2D15-4D84-4447-A651-56ABBBB3BA84}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B2AEA14D-1A92-4872-84B8-76B6048AAA21}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{5AF70C67-880C-4366-8166-60608E0EBDE5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
==================== Faulty Device Manager Devices =============
Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/25/2015 05:28:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/25/2015 10:46:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/25/2015 10:38:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/24/2015 09:48:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/24/2015 03:35:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/24/2015 02:50:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/24/2015 02:36:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program setup_magicdisc.exe version 2.5.0.77 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: fe8
Start Time: 01d0de695c38f524
Termination Time: 10
Application Path: C:\Users\Marek\Downloads\setup_magicdisc.exe
Report Id: b0a0f8fa-4a5c-11e5-b5c7-8c89a56adb1c
Error: (08/24/2015 12:48:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/24/2015 06:54:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/23/2015 10:17:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (08/25/2015 05:27:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The lirsgt service failed to start due to the following error:
%%577
Error: (08/25/2015 05:27:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The atksgt service failed to start due to the following error:
%%577
Error: (08/25/2015 05:25:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s).
Error: (08/25/2015 10:46:41 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
Error: (08/25/2015 10:46:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The lirsgt service failed to start due to the following error:
%%577
Error: (08/25/2015 10:46:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The atksgt service failed to start due to the following error:
%%577
Error: (08/25/2015 10:38:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
Error: (08/25/2015 10:38:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).
Error: (08/25/2015 10:38:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The lirsgt service failed to start due to the following error:
%%577
Error: (08/25/2015 10:38:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The atksgt service failed to start due to the following error:
%%577
Microsoft Office:
=========================
CodeIntegrity:
===================================
Date: 2015-08-25 17:27:57.990
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 17:27:57.928
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 17:27:56.836
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 17:27:56.789
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 10:46:07.864
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 10:46:07.848
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 10:46:05.228
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 10:46:05.113
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 10:38:07.019
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-25 10:38:06.780
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU G860 @ 3.00GHz
Percentage of memory in use: 25%
Total physical RAM: 4077.97 MB
Available physical RAM: 3018.36 MB
Total Virtual: 8154.13 MB
Available Virtual: 6609.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.75 GB) (Free:150.8 GB) NTFS ==>[drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 465.8 GB) (Disk ID: 446C446B)Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 57 hostů