Zasekaný ntb HP 635

MrAnnix99 · Příspěvekod **MrAnnix99** » 02 říj 2013 18:46

ComboFix 13-09-28.02 - JAKUB 02.10.2013 17:49:38.9.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3835.2253 [GMT 2:00]
Spuštěný z: c:\users\JAKUB\Desktop\aplikace\ComboFix.exe
Použité ovládací přepínače :: c:\users\JAKUB\Desktop\CFScript.txt
.
FILE ::
"c:\windows\inf\msnmlek.vbe"
"c:\windows\SysWow64\TempWmicBatchFile.bat"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\inf\msnmlek.vbe
c:\windows\msdownld.tmp
c:\windows\SysWow64\TempWmicBatchFile.bat
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-02 do 2013-10-02 )))))))))))))))))))))))))))))))
.
.
2013-10-02 16:07 . 2013-10-02 16:07 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-10-02 16:07 . 2013-10-02 16:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-02 15:41 . 2013-10-02 15:41 -------- d-----w- c:\users\JAKUB\AppData\Local\Facebook
2013-09-29 18:49 . 2013-09-29 19:47 -------- d-----w- c:\program files (x86)\Sniper Ghost Warrior 2
2013-09-27 15:45 . 2013-09-27 19:14 -------- d-----w- C:\AdwCleaner
2013-09-26 13:47 . 2013-09-26 13:47 -------- d-----w- c:\programdata\SystemRequirementsLab
2013-09-22 15:53 . 2013-09-22 15:53 -------- d-----w- c:\program files\Windows Doctor
2013-09-22 15:52 . 2013-09-22 16:05 -------- d-----w- c:\program files (x86)\Windows Doctor
2013-09-22 11:39 . 2013-09-22 11:46 -------- d-----w- c:\windows\system32\MRT
2013-09-22 10:46 . 2013-07-26 02:24 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-09-22 10:46 . 2013-07-26 02:24 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-09-22 10:45 . 2013-07-09 05:46 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-09-22 10:45 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-09-22 10:45 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-09-22 10:45 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-09-22 10:45 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-09-22 10:45 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-09-22 10:45 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-09-22 10:45 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-09-22 10:45 . 2013-06-15 04:32 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-09-22 10:45 . 2013-07-19 01:58 2048 ----a-w- c:\windows\system32\tzres.dll
2013-09-22 10:45 . 2013-07-19 01:41 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-09-22 10:44 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-09-22 10:44 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-09-22 10:44 . 2013-07-06 06:03 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-22 10:42 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
2013-09-22 10:42 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-09-22 10:41 . 2013-08-08 01:20 3155456 ----a-w- c:\windows\system32\win32k.sys
2013-09-22 10:41 . 2013-07-09 05:51 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-09-22 10:41 . 2013-07-09 04:52 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-09-22 10:41 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-09-22 10:41 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-09-22 10:41 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-09-22 10:41 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-09-22 10:41 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-09-22 10:41 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-09-22 10:41 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-09-22 10:41 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-09-22 10:41 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-09-20 19:03 . 2013-09-20 19:03 -------- d-----w- c:\users\JAKUB\AppData\Local\Criterion Games
2013-09-20 18:21 . 2013-09-20 18:21 -------- d-----w- c:\programdata\EA Core
2013-09-20 18:14 . 2013-09-20 18:59 6774 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg
2013-09-20 18:12 . 2013-09-20 18:12 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Šablony
2013-09-20 18:12 . 2013-09-20 18:12 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Soubory cookie
2013-09-20 18:12 . 2013-09-20 18:12 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Poslední
2013-09-20 18:12 . 2013-09-20 18:12 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Okolní tiskárny
2013-09-20 18:12 . 2013-09-20 18:12 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Okolní síť
2013-09-20 18:12 . 2013-09-20 18:12 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Nabídka Start
2013-09-20 18:12 . 2013-09-20 18:12 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Dokumenty
2013-09-20 18:12 . 2013-09-20 18:12 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Data aplikací
2013-09-19 19:59 . 2013-09-19 19:59 -------- d-----w- c:\programdata\KONAMI
2013-09-19 19:59 . 2013-09-19 19:59 -------- d-----w- c:\program files (x86)\KONAMI
2013-09-19 19:17 . 2013-09-21 03:27 -------- d-----w- c:\program files\Crashday
2013-09-17 19:42 . 2013-09-17 19:42 -------- d-----w- c:\users\JAKUB\AppData\Roaming\SUPERAntiSpyware.com
2013-09-17 19:42 . 2013-09-17 19:42 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-09-17 19:42 . 2013-09-17 19:42 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-09-16 16:23 . 2013-09-16 16:23 -------- d-----w- c:\program files (x86)\Milestone
2013-09-16 14:11 . 2013-10-02 15:47 -------- d-----w- c:\windows\system32\catroot2
2013-09-15 10:10 . 2013-09-15 11:05 181064 ----a-w- c:\windows\PSEXESVC.EXE
2013-09-15 10:08 . 2013-09-15 10:08 -------- d-----w- C:\RegBackup
2013-09-15 08:43 . 2013-09-15 08:43 -------- d-----w- c:\program files (x86)\Tweaking.com
2013-09-14 09:19 . 2013-09-14 09:19 834544 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-09-14 09:19 . 2013-09-21 03:26 -------- d-----w- c:\program files (x86)\LSoft Technologies
2013-09-11 14:46 . 2013-09-11 15:09 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-09-10 17:39 . 2013-09-10 17:39 -------- d-----w- c:\users\JAKUB\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2013-09-10 16:48 . 2013-09-10 16:49 -------- d-----w- c:\program files (x86)\OCCTPT
2013-09-10 16:19 . 2013-09-10 16:19 -------- d-sh--w- c:\programdata\DSS
2013-09-09 19:02 . 2013-09-21 03:26 -------- d-----w- c:\program files (x86)\Counter-Strike Global Offensive
2013-09-08 16:52 . 2013-09-08 16:52 -------- d-----w- c:\users\JAKUB\AppData\Roaming\OpenOffice
2013-09-08 08:29 . 2013-09-08 08:29 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-09-08 07:37 . 2013-09-08 07:37 -------- d-----w- c:\program files (x86)\OpenOffice 4
2013-09-08 07:16 . 2013-09-22 15:23 -------- d-----w- c:\program files (x86)\The Bureau
2013-09-07 17:30 . 2013-09-07 17:30 -------- d-----w- c:\users\JAKUB\AppData\Local\Microsoft Help
2013-09-06 20:13 . 2013-09-06 20:17 -------- d-----w- c:\users\JAKUB\AppData\Roaming\SpinTires
2013-09-06 19:34 . 2013-09-06 19:34 -------- d-----w- c:\program files (x86)\Oovee
2013-09-06 13:20 . 2013-09-07 17:45 -------- d-----w- c:\program files\WhoCrashed
2013-09-06 13:01 . 2013-09-06 13:01 81112 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-09-05 13:38 . 2013-09-05 13:38 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Avira
2013-09-05 13:31 . 2013-09-05 13:31 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-09-05 13:31 . 2013-09-05 13:31 132088 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-09-05 13:31 . 2013-09-05 13:31 105344 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-09-04 18:36 . 2013-10-02 16:11 -------- d-----w- c:\programdata\PDFC
2013-09-04 18:23 . 2013-09-08 15:29 -------- d-----w- c:\program files\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-02 16:11 . 2013-10-02 16:11 29 ----a-w- c:\windows\SysWow64\TempWmicBatchFile.bat
2013-10-02 16:10 . 2013-08-02 18:29 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-09-01 15:08 . 2013-05-04 08:44 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-25 16:46 . 2013-08-25 16:47 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-25 16:46 . 2013-04-29 17:23 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-08-25 16:46 . 2011-08-03 09:50 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-24 14:31 . 2013-08-24 14:31 286720 ----a-w- c:\windows\Setup1.exe
2013-08-24 14:31 . 2013-08-24 14:31 73216 ----a-w- c:\windows\ST6UNST.EXE
2013-08-21 13:55 . 2013-02-19 17:35 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-21 13:55 . 2013-02-19 17:35 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-21 13:55 . 2013-08-21 13:55 17737608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-08-02 01:48 . 2013-09-22 10:43 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-20 08:46 . 2013-07-20 08:46 19138 ----a-w- C:\64to32Sidebar.zip
2013-07-19 17:10 . 2013-07-02 09:21 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-07-19 17:10 . 2013-07-02 09:19 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-07-15 01:34 . 2013-07-25 16:58 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1E892985-19D2-46F0-B3FC-97E66B7E8369}\mpengine.dll
2013-07-05 11:36 . 2013-07-01 15:56 106224 ----a-w- c:\windows\SysWow64\drivers\GRD.sys
2013-07-05 08:40 . 2013-07-05 08:40 110080 ----a-w- c:\windows\system32\DelayAPO.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"GoogleChromeAutoLaunch_57DD1B16058AFF1345802979550FEA3C"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2013-08-24 829392]
"Facebook Update"="c:\users\JAKUB\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-10-02 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-09-05 347192]
.
c:\users\JAKUB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\JAKUB\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe [2013-3-7 248240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R2 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 atillk64;atillk64; [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 EagleX64;EagleX64; [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 GDPkIcpt;GDPkIcpt; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTCore64;RTCore64;c:\program files (x86)\RMClock\RTCore64.sys;c:\program files (x86)\RMClock\RTCore64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe;c:\prey\platform\windows\cronsvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-29 18:32 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1617569673-3034970362-4137664275-1001Core.job
- c:\users\JAKUB\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-02 15:41]
.
2013-10-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1617569673-3034970362-4137664275-1001UA.job
- c:\users\JAKUB\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-02 15:41]
.
2013-09-30 c:\windows\Tasks\HPCeeScheduleForJAKUB.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
2013-10-02 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-07-10 06:58]
.
2013-09-18 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 61fbbc79-f56c-4356-8701-8751edd81983.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
2013-09-30 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 966938ec-7619-4d9b-99cb-4a2dae4186c1.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-05-09 379552]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2000-01-01 6548112]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\users\JAKUB\AppData\Roaming\Mozilla\Firefox\Profiles\4anqzj7d.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\DriverUninstall\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1617569673-3034970362-4137664275-1001\Software\SecuROM\License information*]
"datasecu"=hex:04,b9,74,fd,fb,dc,0a,15,da,5d,5c,22,69,4b,b2,d0,78,c2,01,18,b3,
c9,8b,4e,07,b9,cd,2d,f5,8c,2f,2d,4d,38,4f,ac,d6,47,4c,b1,19,14,24,9f,bf,de,\
"rkeysecu"=hex:94,ed,81,1b,be,2d,c9,67,ab,39,6f,58,6f,64,c9,f9
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
.
**************************************************************************
.
Celkový čas: 2013-10-02 18:28:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-02 16:27
ComboFix2.txt 2013-09-29 11:07
.
Před spuštěním: Volných bajtů: 162 622 078 976
Po spuštění: Volných bajtů: 162 557 833 216
.
- - End Of File - - E2F48571E2360463DD1E3E252CDD86D8
A36C5E4F47E84449FF07ED3517B43A31

Reklama

MrAnnix99 · Příspěvekod **MrAnnix99** » 02 říj 2013 18:57

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:56:55, on 2.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Users\JAKUB\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Users\JAKUB\Desktop\aplikace\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_57DD1B16058AFF1345802979550FEA3C] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\JAKUB\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - Startup: Facebook Messenger.lnk = JAKUB\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lokátor vzdáleného volání procedur (RPC) (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Zachytávání pro službu SNMP (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8514 bytes

Příspěvekod **jaro3** » 03 říj 2013 10:26

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\JAKUB\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll:
File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1617569673-3034970362-4137664275-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1617569673-3034970362-4137664275-1001UA.job

Folder::
c:\users\JAKUB\AppData\Local\Facebook\Update

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-
 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000000

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

MrAnnix99 · Příspěvekod **MrAnnix99** » 03 říj 2013 15:18

ComboFix 13-09-28.02 - JAKUB 03.10.2013 14:30:18.10.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3835.2730 [GMT 2:00]
Spuštěný z: c:\users\JAKUB\Desktop\aplikace\ComboFix.exe
Použité ovládací přepínače :: c:\users\JAKUB\Desktop\CFScript.txt
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1617569673-3034970362-4137664275-1001Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1617569673-3034970362-4137664275-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\JAKUB\AppData\Local\Facebook\Update
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\JAKUB\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1617569673-3034970362-4137664275-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1617569673-3034970362-4137664275-1001UA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-03 do 2013-10-03 )))))))))))))))))))))))))))))))
.
.
2013-10-03 12:49 . 2013-10-03 12:49 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-10-03 12:49 . 2013-10-03 12:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-02 19:29 . 2013-10-02 19:29 -------- d-----w- c:\users\JAKUB\AppData\Local\Creshex_-_Go!
2013-10-02 16:11 . 2013-10-03 12:49 29 ----a-w- c:\windows\SysWow64\TempWmicBatchFile.bat
2013-10-02 15:41 . 2013-10-02 15:41 -------- d-----w- c:\users\JAKUB\AppData\Local\Facebook
2013-09-29 18:49 . 2013-09-29 19:47 -------- d-----w- c:\program files (x86)\Sniper Ghost Warrior 2
2013-09-27 15:45 . 2013-09-27 19:14 -------- d-----w- C:\AdwCleaner
2013-09-26 13:47 . 2013-09-26 13:47 -------- d-----w- c:\programdata\SystemRequirementsLab
2013-09-22 15:53 . 2013-09-22 15:53 -------- d-----w- c:\program files\Windows Doctor
2013-09-22 15:52 . 2013-09-22 16:05 -------- d-----w- c:\program files (x86)\Windows Doctor
2013-09-22 11:39 . 2013-09-22 11:46 -------- d-----w- c:\windows\system32\MRT
2013-09-22 10:46 . 2013-07-26 02:24 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-09-22 10:46 . 2013-07-26 02:24 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-09-22 10:45 . 2013-07-09 05:46 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-09-22 10:45 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-09-22 10:45 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-09-22 10:45 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-09-22 10:45 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-09-22 10:45 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-09-22 10:45 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-09-22 10:45 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-09-22 10:45 . 2013-06-15 04:32 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-09-22 10:45 . 2013-07-19 01:58 2048 ----a-w- c:\windows\system32\tzres.dll
2013-09-22 10:45 . 2013-07-19 01:41 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-09-22 10:44 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-09-22 10:44 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-09-22 10:44 . 2013-07-06 06:03 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-22 10:42 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
2013-09-22 10:42 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-09-22 10:41 . 2013-08-08 01:20 3155456 ----a-w- c:\windows\system32\win32k.sys
2013-09-22 10:41 . 2013-07-09 05:51 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-09-22 10:41 . 2013-07-09 04:52 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-09-22 10:41 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-09-22 10:41 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-09-22 10:41 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-09-22 10:41 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-09-22 10:41 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-09-22 10:41 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-09-22 10:41 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-09-22 10:41 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-09-22 10:41 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-09-20 19:03 . 2013-09-20 19:03 -------- d-----w- c:\users\JAKUB\AppData\Local\Criterion Games
2013-09-20 18:21 . 2013-09-20 18:21 -------- d-----w- c:\programdata\EA Core
2013-09-20 18:14 . 2013-09-20 18:59 6774 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg
2013-09-20 18:12 . 2013-09-20 18:12 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Šablony
2013-09-20 18:12 . 2013-09-20 18:12 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Soubory cookie
2013-09-20 18:12 . 2013-09-20 18:12 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Poslední
2013-09-20 18:12 . 2013-09-20 18:12 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Okolní tiskárny
2013-09-20 18:12 . 2013-09-20 18:12 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Okolní síť
2013-09-20 18:12 . 2013-09-20 18:12 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Nabídka Start
2013-09-20 18:12 . 2013-09-20 18:12 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Dokumenty
2013-09-20 18:12 . 2013-09-20 18:12 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Data aplikací
2013-09-19 19:59 . 2013-09-19 19:59 -------- d-----w- c:\programdata\KONAMI
2013-09-19 19:59 . 2013-09-19 19:59 -------- d-----w- c:\program files (x86)\KONAMI
2013-09-19 19:17 . 2013-09-21 03:27 -------- d-----w- c:\program files\Crashday
2013-09-17 19:42 . 2013-09-17 19:42 -------- d-----w- c:\users\JAKUB\AppData\Roaming\SUPERAntiSpyware.com
2013-09-17 19:42 . 2013-09-17 19:42 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-09-17 19:42 . 2013-09-17 19:42 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-09-16 16:23 . 2013-09-16 16:23 -------- d-----w- c:\program files (x86)\Milestone
2013-09-16 14:11 . 2013-10-02 15:47 -------- d-----w- c:\windows\system32\catroot2
2013-09-15 10:10 . 2013-09-15 11:05 181064 ----a-w- c:\windows\PSEXESVC.EXE
2013-09-15 10:08 . 2013-09-15 10:08 -------- d-----w- C:\RegBackup
2013-09-15 08:43 . 2013-09-15 08:43 -------- d-----w- c:\program files (x86)\Tweaking.com
2013-09-14 09:19 . 2013-09-14 09:19 834544 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-09-14 09:19 . 2013-09-21 03:26 -------- d-----w- c:\program files (x86)\LSoft Technologies
2013-09-11 14:46 . 2013-09-11 15:09 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-09-10 17:39 . 2013-09-10 17:39 -------- d-----w- c:\users\JAKUB\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2013-09-10 16:48 . 2013-09-10 16:49 -------- d-----w- c:\program files (x86)\OCCTPT
2013-09-10 16:19 . 2013-09-10 16:19 -------- d-sh--w- c:\programdata\DSS
2013-09-09 19:02 . 2013-09-21 03:26 -------- d-----w- c:\program files (x86)\Counter-Strike Global Offensive
2013-09-08 16:52 . 2013-09-08 16:52 -------- d-----w- c:\users\JAKUB\AppData\Roaming\OpenOffice
2013-09-08 08:29 . 2013-09-08 08:29 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-09-08 07:37 . 2013-09-08 07:37 -------- d-----w- c:\program files (x86)\OpenOffice 4
2013-09-08 07:16 . 2013-09-22 15:23 -------- d-----w- c:\program files (x86)\The Bureau
2013-09-07 17:30 . 2013-09-07 17:30 -------- d-----w- c:\users\JAKUB\AppData\Local\Microsoft Help
2013-09-06 20:13 . 2013-09-06 20:17 -------- d-----w- c:\users\JAKUB\AppData\Roaming\SpinTires
2013-09-06 19:34 . 2013-09-06 19:34 -------- d-----w- c:\program files (x86)\Oovee
2013-09-06 13:20 . 2013-09-07 17:45 -------- d-----w- c:\program files\WhoCrashed
2013-09-06 13:01 . 2013-09-06 13:01 81112 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-09-05 13:38 . 2013-09-05 13:38 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Avira
2013-09-05 13:31 . 2013-09-05 13:31 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-09-05 13:31 . 2013-09-05 13:31 132088 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-09-05 13:31 . 2013-09-05 13:31 105344 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-09-04 18:36 . 2013-10-03 12:51 -------- d-----w- c:\programdata\PDFC
2013-09-04 18:23 . 2013-09-08 15:29 -------- d-----w- c:\program files\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-03 12:51 . 2013-08-02 18:29 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-09-01 15:08 . 2013-05-04 08:44 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-25 16:46 . 2013-08-25 16:47 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-25 16:46 . 2013-04-29 17:23 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-08-25 16:46 . 2011-08-03 09:50 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-24 14:31 . 2013-08-24 14:31 286720 ----a-w- c:\windows\Setup1.exe
2013-08-24 14:31 . 2013-08-24 14:31 73216 ----a-w- c:\windows\ST6UNST.EXE
2013-08-21 13:55 . 2013-02-19 17:35 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-21 13:55 . 2013-02-19 17:35 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-21 13:55 . 2013-08-21 13:55 17737608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-08-02 01:48 . 2013-09-22 10:43 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-20 08:46 . 2013-07-20 08:46 19138 ----a-w- C:\64to32Sidebar.zip
2013-07-19 17:10 . 2013-07-02 09:21 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-07-19 17:10 . 2013-07-02 09:19 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-07-15 01:34 . 2013-07-25 16:58 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1E892985-19D2-46F0-B3FC-97E66B7E8369}\mpengine.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"GoogleChromeAutoLaunch_57DD1B16058AFF1345802979550FEA3C"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2013-08-24 829392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-09-05 347192]
.
c:\users\JAKUB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\JAKUB\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe [2013-3-7 248240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R2 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 atillk64;atillk64; [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 EagleX64;EagleX64; [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 GDPkIcpt;GDPkIcpt; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTCore64;RTCore64;c:\program files (x86)\RMClock\RTCore64.sys;c:\program files (x86)\RMClock\RTCore64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe;c:\prey\platform\windows\cronsvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-29 18:32 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-30 c:\windows\Tasks\HPCeeScheduleForJAKUB.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
2013-10-03 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-07-10 06:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-05-09 379552]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2000-01-01 6548112]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\SYSTEM32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\users\JAKUB\AppData\Roaming\Mozilla\Firefox\Profiles\4anqzj7d.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\DriverUninstall\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1617569673-3034970362-4137664275-1001\Software\SecuROM\License information*]
"datasecu"=hex:04,b9,74,fd,fb,dc,0a,15,da,5d,5c,22,69,4b,b2,d0,78,c2,01,18,b3,
c9,8b,4e,07,b9,cd,2d,f5,8c,2f,2d,4d,38,4f,ac,d6,47,4c,b1,19,14,24,9f,bf,de,\
"rkeysecu"=hex:94,ed,81,1b,be,2d,c9,67,ab,39,6f,58,6f,64,c9,f9
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
.
**************************************************************************
.
Celkový čas: 2013-10-03 15:08:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-03 13:07
ComboFix2.txt 2013-10-02 16:28
ComboFix3.txt 2013-09-29 11:07
.
Před spuštěním: Volných bajtů: 162 216 046 592
Po spuštění: Volných bajtů: 162 234 982 400
.
- - End Of File - - CF51374190688F6DF7A294CFF8D4C817
A36C5E4F47E84449FF07ED3517B43A31

MrAnnix99 · Příspěvekod **MrAnnix99** » 03 říj 2013 15:18

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:18:31, on 3.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Users\JAKUB\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Users\JAKUB\Desktop\aplikace\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_57DD1B16058AFF1345802979550FEA3C] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: Facebook Messenger.lnk = JAKUB\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lokátor vzdáleného volání procedur (RPC) (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Zachytávání pro službu SNMP (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8113 bytes

Příspěvekod **jaro3** » 04 říj 2013 09:47

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_57DD1B16058AFF1345802979550FEA3C] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\PSEXESVC.EXE

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

MrAnnix99 · Příspěvekod **MrAnnix99** » 04 říj 2013 15:12

https://www.virustotal.com/cs/file/1d4d ... 380892300/

MrAnnix99 · Příspěvekod **MrAnnix99** » 04 říj 2013 19:15

Teď mi pořáď vyskakuje: fkwlbkbk.exe přestal pracovat co 3 minuty.

Příspěvekod **jaro3** » 05 říj 2013 11:27

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

MrAnnix99 · Příspěvekod **MrAnnix99** » 05 říj 2013 20:21

OTL logfile created on: 5.10.2013 20:08:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JAKUB\Desktop\aplikace
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,75 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 59,53% Memory free
9,36 Gb Paging File | 7,70 Gb Available in Paging File | 82,26% Paging File free
Paging file location(s): C:\pagefile.sys 5751 5751 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449,46 Gb Total Space | 146,87 Gb Free Space | 32,68% Space Free | Partition Type: NTFS
Drive D: | 16,01 Gb Total Space | 1,95 Gb Free Space | 12,15% Space Free | Partition Type: NTFS
Drive E: | 7,47 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 7,01 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: JAKUB-HP | User Name: JAKUB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\JAKUB\AppData\Roaming\uTorrent\msdn.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Users\JAKUB\Desktop\aplikace\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe (SlimWare Utilities, Inc.)
PRC - C:\Prey\platform\windows\cronsvc.exe (Fork Ltd.)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Users\JAKUB\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)

========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll ()
MOD - C:\Users\JAKUB\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll ()
MOD - C:\Users\JAKUB\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll ()
MOD - C:\Users\JAKUB\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll ()

========== Services (All) ==========

SRV:64bit: - (CryptSvc) -- C:\Windows\SysNative\cryptsvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (Appinfo) -- C:\Windows\SysNative\appinfo.dll (Microsoft Corporation)
SRV:64bit: - (WatAdminSvc) -- C:\Windows\SysNative\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (NlaSvc) -- C:\Windows\SysNative\nlasvc.dll (Microsoft Corporation)
SRV:64bit: - (iphlpsvc) -- C:\Windows\SysNative\iphlpsvc.dll (Microsoft Corporation)
SRV:64bit: - (wudfsvc) -- C:\Windows\SysNative\WUDFSvc.dll (Microsoft Corporation)
SRV:64bit: - (Browser) -- C:\Windows\SysNative\browser.dll (Microsoft Corporation)
SRV:64bit: - (wuauserv) -- C:\Windows\SysNative\wuaueng.dll (Microsoft Corporation)
SRV:64bit: - (ProfSvc) -- C:\Windows\SysNative\profsvc.dll (Microsoft Corporation)
SRV:64bit: - (Spooler) -- C:\Windows\SysNative\spoolsv.exe (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (SamSs) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (ProtectedStorage) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:64bit: - (Dnscache) -- C:\Windows\SysNative\dnsrslvr.dll (Microsoft Corporation)
SRV:64bit: - (PlugPlay) -- C:\Windows\SysNative\umpnpmgr.dll (Microsoft Corporation)
SRV:64bit: - (WSearch) -- C:\Windows\SysNative\SearchIndexer.exe (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV:64bit: - (TabletInputService) -- C:\Windows\SysNative\TabSvc.dll (Microsoft Corporation)
SRV:64bit: - (SDRSVC) -- C:\Windows\SysNative\sdrsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV:64bit: - (WPDBusEnum) -- C:\Windows\SysNative\wpdbusenum.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (stisvc) -- C:\Windows\SysNative\wiaservc.dll (Microsoft Corporation)
SRV:64bit: - (Mcx2Svc) -- C:\Windows\SysNative\Mcx2Svc.dll (Microsoft Corporation)
SRV:64bit: - (SysMain) -- C:\Windows\SysNative\sysmain.dll (Microsoft Corporation)
SRV:64bit: - (wcncsvc) -- C:\Windows\SysNative\wcncsvc.dll (Microsoft Corporation)
SRV:64bit: - (WebClient) -- C:\Windows\SysNative\WebClnt.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (SessionEnv) -- C:\Windows\SysNative\SessEnv.dll (Microsoft Corporation)
SRV:64bit: - (gpsvc) -- C:\Windows\SysNative\gpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AudioSrv) -- C:\Windows\SysNative\audiosrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\audiosrv.dll (Microsoft Corporation)
SRV:64bit: - (TapiSrv) -- C:\Windows\SysNative\tapisrv.dll (Microsoft Corporation)
SRV:64bit: - (LanmanWorkstation) -- C:\Windows\SysNative\wkssvc.dll (Microsoft Corporation)
SRV:64bit: - (MpsSvc) -- C:\Windows\SysNative\MPSSVC.dll (Microsoft Corporation)
SRV:64bit: - (WinRM) -- C:\Windows\SysNative\WsmSvc.dll (Microsoft Corporation)
SRV:64bit: - (RasMan) -- C:\Windows\SysNative\rasmans.dll (Microsoft Corporation)
SRV:64bit: - (Schedule) -- C:\Windows\SysNative\schedsvc.dll (Microsoft Corporation)
SRV:64bit: - (DPS) -- C:\Windows\SysNative\dps.dll (Microsoft Corporation)
SRV:64bit: - (hkmsvc) -- C:\Windows\SysNative\KMSVC.DLL (Microsoft Corporation)
SRV:64bit: - (seclogon) -- C:\Windows\SysNative\seclogon.dll (Microsoft Corporation)
SRV:64bit: - (msiserver) -- C:\Windows\SysNative\msiexec.exe (Microsoft Corporation)
SRV:64bit: - (dot3svc) -- C:\Windows\SysNative\dot3svc.dll (Microsoft Corporation)
SRV:64bit: - (SCPolicySvc) -- C:\Windows\SysNative\certprop.dll (Microsoft Corporation)
SRV:64bit: - (CertPropSvc) -- C:\Windows\SysNative\certprop.dll (Microsoft Corporation)
SRV:64bit: - (TermService) -- C:\Windows\SysNative\termsrv.dll (Microsoft Corporation)
SRV:64bit: - (RpcSs) -- C:\Windows\SysNative\rpcss.dll (Microsoft Corporation)
SRV:64bit: - (DcomLaunch) -- C:\Windows\SysNative\rpcss.dll (Microsoft Corporation)
SRV:64bit: - (pla) -- C:\Windows\SysNative\pla.dll (Microsoft Corporation)
SRV:64bit: - (IKEEXT) -- C:\Windows\SysNative\IKEEXT.DLL (Microsoft Corporation)
SRV:64bit: - (BFE) -- C:\Windows\SysNative\BFE.DLL (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (WinHttpAutoProxySvc) -- C:\Windows\SysNative\winhttp.dll (Microsoft Corporation)
SRV:64bit: - (eventlog) -- C:\Windows\SysNative\wevtsvc.dll (Microsoft Corporation)
SRV:64bit: - (VSS) -- C:\Windows\SysNative\VSSVC.exe (Microsoft Corporation)
SRV:64bit: - (ShellHWDetection) -- C:\Windows\SysNative\shsvcs.dll (Microsoft Corporation)
SRV:64bit: - (BITS) -- C:\Windows\SysNative\qmgr.dll (Microsoft Corporation)
SRV:64bit: - (vds) -- C:\Windows\SysNative\vds.exe (Microsoft Corporation)
SRV:64bit: - (PolicyAgent) -- C:\Windows\SysNative\IPSECSVC.DLL (Microsoft Corporation)
SRV:64bit: - (napagent) -- C:\Windows\SysNative\QAGENTRT.DLL (Microsoft Corporation)
SRV:64bit: - (LanmanServer) -- C:\Windows\SysNative\srvsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard Company)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (wscsvc) -- C:\Windows\SysNative\wscsvc.dll (Microsoft Corporation)
SRV:64bit: - (WPCSvc) -- C:\Windows\SysNative\wpcsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wlansvc) -- C:\Windows\SysNative\wlansvc.dll (Microsoft Corporation)
SRV:64bit: - (W32Time) -- C:\Windows\SysNative\w32time.dll (Microsoft Corporation)
SRV:64bit: - (upnphost) -- C:\Windows\SysNative\upnphost.dll (Microsoft Corporation)
SRV:64bit: - (Winmgmt) -- C:\Windows\SysNative\wbem\WMIsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wecsvc) -- C:\Windows\SysNative\wecsvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (WdiSystemHost) -- C:\Windows\SysNative\wdi.dll (Microsoft Corporation)
SRV:64bit: - (WdiServiceHost) -- C:\Windows\SysNative\wdi.dll (Microsoft Corporation)
SRV:64bit: - (wercplsupport) -- C:\Windows\SysNative\wercplsupport.dll (Microsoft Corporation)
SRV:64bit: - (WerSvc) -- C:\Windows\SysNative\wersvc.dll (Microsoft Corporation)
SRV:64bit: - (WcsPlugInService) -- C:\Windows\SysNative\WcsPlugInService.dll (Microsoft Corporation)
SRV:64bit: - (UxSms) -- C:\Windows\SysNative\uxsms.dll (Microsoft Corporation)
SRV:64bit: - (TrkWks) -- C:\Windows\SysNative\trkwks.dll (Microsoft Corporation)
SRV:64bit: - (TBS) -- C:\Windows\SysNative\tbssvc.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (swprv) -- C:\Windows\SysNative\swprv.dll (Microsoft Corporation)
SRV:64bit: - (SSDPSRV) -- C:\Windows\SysNative\ssdpsrv.dll (Microsoft Corporation)
SRV:64bit: - (SstpSvc) -- C:\Windows\SysNative\sstpsvc.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2psvc) -- C:\Windows\SysNative\p2psvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (QWAVE) -- C:\Windows\SysNative\qwave.dll (Microsoft Corporation)
SRV:64bit: - (SCardSvr) -- C:\Windows\SysNative\SCardSvr.dll (Microsoft Corporation)
SRV:64bit: - (PcaSvc) -- C:\Windows\SysNative\pcasvc.dll (Microsoft Corporation)
SRV:64bit: - (RemoteRegistry) -- C:\Windows\SysNative\regsvc.dll (Microsoft Corporation)
SRV:64bit: - (RasAuto) -- C:\Windows\SysNative\rasauto.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (SENS) -- C:\Windows\SysNative\Sens.dll (Microsoft Corporation)
SRV:64bit: - (nsi) -- C:\Windows\SysNative\nsisvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofm.dll (Microsoft Corporation)
SRV:64bit: - (Netman) -- C:\Windows\SysNative\netman.dll (Microsoft Corporation)
SRV:64bit: - (KtmRm) -- C:\Windows\SysNative\msdtckrm.dll (Microsoft Corporation)
SRV:64bit: - (RemoteAccess) -- C:\Windows\SysNative\mprdim.dll (Microsoft Corporation)
SRV:64bit: - (THREADORDER) -- C:\Windows\SysNative\mmcss.dll (Microsoft Corporation)
SRV:64bit: - (MMCSS) -- C:\Windows\SysNative\mmcss.dll (Microsoft Corporation)
SRV:64bit: - (lltdsvc) -- C:\Windows\SysNative\lltdsvc.dll (Microsoft Corporation)
SRV:64bit: - (lmhosts) -- C:\Windows\SysNative\lmhsvc.dll (Microsoft Corporation)
SRV:64bit: - (MSiSCSI) -- C:\Windows\SysNative\iscsiexe.dll (Microsoft Corporation)
SRV:64bit: - (SharedAccess) -- C:\Windows\SysNative\ipnathlp.dll (Microsoft Corporation)
SRV:64bit: - (IPBusEnum) -- C:\Windows\SysNative\IPBusEnum.dll (Microsoft Corporation)
SRV:64bit: - (hidserv) -- C:\Windows\SysNative\hidserv.dll (Microsoft Corporation)
SRV:64bit: - (FDResPub) -- C:\Windows\SysNative\FDResPub.dll (Microsoft Corporation)
SRV:64bit: - (fdPHost) -- C:\Windows\SysNative\fdPHost.dll (Microsoft Corporation)
SRV:64bit: - (EventSystem) -- C:\Windows\SysNative\es.dll (Microsoft Corporation)
SRV:64bit: - (EapHost) -- C:\Windows\SysNative\eapsvc.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AeLookupSvc) -- C:\Windows\SysNative\aelupsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wmiApSrv) -- C:\Windows\SysNative\wbem\WmiApSrv.exe (Microsoft Corporation)
SRV:64bit: - (UI0Detect) -- C:\Windows\SysNative\UI0Detect.exe (Microsoft Corporation)
SRV:64bit: - (SNMPTRAP) -- C:\Windows\SysNative\snmptrap.exe (Microsoft Corporation)
SRV:64bit: - (MSDTC) -- C:\Windows\SysNative\msdtc.exe (Microsoft Corporation)
SRV:64bit: - (RpcLocator) -- C:\Windows\SysNative\Locator.exe (Microsoft Corporation)
SRV:64bit: - (COMSysApp) -- C:\Windows\SysNative\dllhost.exe (Microsoft Corporation)
SRV:64bit: - (ALG) -- C:\Windows\SysNative\alg.exe (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (CryptSvc) -- C:\Windows\SysWOW64\cryptsvc.dll (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWow64\PnkBstrA.exe ()
SRV - (CronService) -- C:\Prey\platform\windows\cronsvc.exe (Fork Ltd.)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (hpqwmiex) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Hewlett-Packard Company)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (HPWMISVC) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
SRV - (Atheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros Commnucations)
SRV - (WSearch) -- C:\Windows\SysWow64\SearchIndexer.exe (Microsoft Corporation)
SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (idsvc) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (wcncsvc) -- C:\Windows\SysWOW64\wcncsvc.dll (Microsoft Corporation)
SRV - (WebClient) -- C:\Windows\SysWOW64\WebClnt.dll (Microsoft Corporation)
SRV - (ehRecvr) -- C:\Windows\ehome\ehrecvr.exe (Microsoft Corporation)
SRV - (WinRM) -- C:\Windows\SysWOW64\WsmSvc.dll (Microsoft Corporation)
SRV - (msiserver) -- C:\Windows\SysWow64\msiexec.exe (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (pla) -- C:\Windows\SysWOW64\pla.dll (Microsoft Corporation)
SRV - (WinHttpAutoProxySvc) -- C:\Windows\SysWow64\winhttp.dll (Microsoft Corporation)
SRV - (ShellHWDetection) -- C:\Windows\SysWOW64\shsvcs.dll (Microsoft Corporation)
SRV - (TrustedInstaller) -- C:\Windows\servicing\TrustedInstaller.exe (Microsoft Corporation)
SRV - (TapiSrv) -- C:\Windows\SysWOW64\tapisrv.dll (Microsoft Corporation)
SRV - (SessionEnv) -- C:\Windows\SysWOW64\SessEnv.dll (Microsoft Corporation)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (ehSched) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (WPCSvc) -- C:\Windows\SysWOW64\wpcsvc.dll (Microsoft Corporation)
SRV - (WdiSystemHost) -- C:\Windows\SysWOW64\wdi.dll (Microsoft Corporation)
SRV - (WdiServiceHost) -- C:\Windows\SysWOW64\wdi.dll (Microsoft Corporation)
SRV - (WcsPlugInService) -- C:\Windows\SysWOW64\WcsPlugInService.dll (Microsoft Corporation)
SRV - (upnphost) -- C:\Windows\SysWOW64\upnphost.dll (Microsoft Corporation)
SRV - (SENS) -- C:\Windows\SysWOW64\Sens.dll (Microsoft Corporation)
SRV - (QWAVE) -- C:\Windows\SysWOW64\qwave.dll (Microsoft Corporation)
SRV - (netprofm) -- C:\Windows\SysWOW64\netprofm.dll (Microsoft Corporation)
SRV - (RemoteAccess) -- C:\Windows\SysWOW64\mprdim.dll (Microsoft Corporation)
SRV - (hidserv) -- C:\Windows\SysWOW64\hidserv.dll (Microsoft Corporation)
SRV - (EventSystem) -- C:\Windows\SysWOW64\es.dll (Microsoft Corporation)
SRV - (PerfHost) -- C:\Windows\SysWOW64\perfhost.exe (Microsoft Corporation)
SRV - (COMSysApp) -- C:\Windows\SysWow64\dllhost.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IDriverT) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)

========== Driver Services (SafeList) ==========

DRV:64bit: - (SWDUMon) -- C:\Windows\SysNative\drivers\SWDUMon.sys ()
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (teamviewervpn) -- C:\Windows\SysNative\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (AODDriver4.2) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (AR5416) -- C:\Windows\SysNative\drivers\athwx.sys (Atheros Communications, Inc.)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (GearAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\drivers\MarvinBus64.sys (Pinnacle Systems GmbH)
DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.)
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (RTCore64) -- C:\Program Files (x86)\RMClock\RTCore64.sys ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before =
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: true
FF - prefs.js..extensions.enabledAddons: ffaddon%40vagex.com:1.5.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@live.heroesandgenerals.com/npretox: C:\Program Files (x86)\Heroes & Generals\live\npretoxlive.dll (Reto-Moto ApS)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\JAKUB\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\JAKUB\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\JAKUB\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\JAKUB\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\JAKUB\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\JAKUB\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2013.08.27 19:32:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.28 18:56:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013.08.27 19:32:04 | 000,000,000 | ---D | M]

[2013.08.25 19:35:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JAKUB\AppData\Roaming\Mozilla\Extensions
[2013.08.29 10:08:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JAKUB\AppData\Roaming\Mozilla\Firefox\Profiles\4anqzj7d.default\Extensions
[2013.07.25 11:00:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JAKUB\AppData\Roaming\Mozilla\Firefox\Profiles\4anqzj7d.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}
[2013.07.25 11:00:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JAKUB\AppData\Roaming\Mozilla\Firefox\Profiles\4anqzj7d.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013.07.25 11:00:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JAKUB\AppData\Roaming\Mozilla\Firefox\Profiles\4anqzj7d.default\Extensions\ffaddon@vagex.com
[2013.07.05 13:53:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.08.19 19:27:10 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.06.28 11:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.08.19 19:27:09 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF
File not found (No name found) -- C:\USERS\JAKUB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4ANQZJ7D.DEFAULT\EXTENSIONS\ASCSURFINGPROTECTION@IOBIT.COM
[2013.04.13 08:09:59 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.16 10:25:21 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.16 10:25:21 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.16 10:25:21 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.16 10:25:21 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.16 10:25:21 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: AdobeExManDetect (Enabled) = C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Heroes & Generals live (Enabled) = C:\Program Files (x86)\Heroes & Generals\live\npretoxlive.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\JAKUB\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Users\JAKUB\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\JAKUB\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\JAKUB\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\JAKUB\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Dokumenty Google = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Dokumenty Google = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_1\
CHR - Extension: Dokumenty Google = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dokumenty Google = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1\
CHR - Extension: Disk Google = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Disk Google = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_1\
CHR - Extension: Disk Google = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Disk Google = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: No name found = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdlfdaajmclngiomogmleihllaejcnni\2.1.0_0\
CHR - Extension: YouTube = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: YouTube = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: YouTube = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: No name found = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: No name found = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: No name found = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0\
CHR - Extension: Skype Click to Call = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_0\
CHR - Extension: Skype Click to Call = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_1\
CHR - Extension: No name found = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk\1.1.48_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\
CHR - Extension: Chrome In-App Payments service = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_2\
CHR - Extension: Gmail = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gmail = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Gmail = C:\Users\JAKUB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\

O1 HOSTS File: ([2013.10.03 14:50:52 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [Keyboard Inf.] C:\Users\JAKUB\AppData\Roaming\uTorrent\msdn.exe ()
O4 - Startup: C:\Users\JAKUB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\JAKUB\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 78.157.167.7
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{459DDA32-60F6-4889-8E3B-BAFEFB4FBD76}: DhcpNameServer = 78.157.167.7
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.08.16 08:37:15 | 003,893,056 | R--- | M] (Electronic Arts, Inc.) - E:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2013.08.31 15:31:23 | 000,000,000 | R--D | M] - E:\Autorun -- [ UDF ]
O32 - AutoRun File - [2013.08.14 10:28:14 | 000,048,240 | R--- | M] () - E:\Autorun.ico -- [ UDF ]
O32 - AutoRun File - [2013.08.31 15:31:21 | 000,000,096 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2013.08.30 07:40:50 | 000,000,054 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

MrAnnix99 · Příspěvekod **MrAnnix99** » 05 říj 2013 20:22

[2013.10.05 19:48:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.10.04 15:37:08 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\Documents\FIFA 14
[2013.10.04 15:27:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14
[2013.10.04 15:10:09 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\Desktop\FIFA14
[2013.10.03 16:57:46 | 000,000,000 | ---D | C] -- C:\AW-Manager
[2013.10.03 16:51:56 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\AppData\Roaming\RBotPlus
[2013.10.03 16:51:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roulette Bot Plus
[2013.10.03 16:51:48 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\AppData\Local\MigsUpdater
[2013.10.03 16:51:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RBPlus
[2013.10.03 16:35:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro-Happy
[2013.10.03 16:34:59 | 000,000,000 | ---D | C] -- C:\agia3d
[2013.10.03 15:08:38 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.10.02 21:29:56 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\AppData\Local\Creshex_-_Go!
[2013.10.02 17:41:54 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2013.10.02 17:41:29 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\AppData\Local\Facebook
[2013.09.29 20:49:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sniper Ghost Warrior 2
[2013.09.29 12:45:30 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.09.29 09:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Milestone
[2013.09.27 17:45:07 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.26 15:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\SystemRequirementsLab
[2013.09.22 17:53:17 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Doctor
[2013.09.22 17:52:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Doctor
[2013.09.22 17:52:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Doctor
[2013.09.22 15:57:56 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\Desktop\Kahanec
[2013.09.22 13:47:55 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.09.22 13:47:54 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.09.22 13:47:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.09.22 13:47:50 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.09.22 13:47:50 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.09.22 13:47:50 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.09.22 13:47:50 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.09.22 13:47:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.09.22 13:47:50 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.09.22 13:47:50 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.09.22 13:47:50 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.09.22 13:47:46 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.09.22 13:47:43 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.09.22 13:47:43 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.09.22 13:47:42 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.09.22 13:39:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013.09.22 12:46:40 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.09.22 12:45:59 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.09.22 12:45:58 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013.09.22 12:45:56 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.09.22 12:44:22 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.09.22 12:44:22 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.09.22 12:43:22 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.09.22 12:43:19 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.09.22 12:43:18 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.09.22 12:43:16 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.09.22 12:43:15 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.09.22 12:43:14 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.09.22 12:43:13 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.09.22 12:43:12 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.09.22 12:43:12 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.09.22 12:43:11 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.09.22 12:43:11 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.09.22 12:43:11 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.09.22 12:43:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.09.22 12:43:11 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.09.22 12:43:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.09.22 12:43:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.09.22 12:43:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.09.22 12:43:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.09.22 12:43:10 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.09.22 12:43:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.22 12:43:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.09.22 12:43:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.09.22 12:43:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.22 12:43:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.22 12:43:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.22 12:43:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.09.22 12:43:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.22 12:43:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.09.22 12:43:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.22 12:43:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.22 12:43:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.09.22 12:43:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.22 12:43:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.22 12:43:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.22 12:43:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.22 12:43:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.09.22 12:43:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.09.22 12:43:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.22 12:43:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.09.22 12:43:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.09.22 12:43:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.09.22 12:43:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.22 12:43:07 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.22 12:43:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.09.22 12:43:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.22 12:43:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.22 12:43:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.22 12:43:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.09.22 12:43:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.09.22 12:43:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.09.22 12:43:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.22 12:43:06 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.09.22 12:43:06 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.22 12:43:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.22 12:43:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.09.22 12:43:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.09.22 12:43:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.09.22 12:43:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.22 12:43:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.22 12:43:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.22 12:43:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.22 12:43:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.22 12:43:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.22 12:43:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.09.22 12:43:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.09.22 12:43:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.22 12:43:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.22 12:43:05 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.09.22 12:43:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.09.22 12:43:05 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.09.22 12:43:05 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2013.09.22 12:43:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.09.22 12:43:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.09.22 12:43:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.09.22 12:43:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.09.22 12:43:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.09.22 12:43:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.09.22 12:42:59 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013.09.22 12:42:59 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013.09.22 12:41:41 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013.09.22 12:41:22 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.09.20 21:03:50 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\AppData\Local\Criterion Games
[2013.09.20 20:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2013.09.20 15:49:11 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\Documents\KONAMI
[2013.09.19 21:59:29 | 000,000,000 | ---D | C] -- C:\ProgramData\KONAMI
[2013.09.19 21:59:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KONAMI
[2013.09.19 21:26:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopCD
[2013.09.19 21:17:25 | 000,000,000 | ---D | C] -- C:\Program Files\Crashday
[2013.09.17 21:42:37 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\AppData\Roaming\SUPERAntiSpyware.com
[2013.09.17 21:42:24 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013.09.17 21:42:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013.09.17 21:42:21 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013.09.16 18:23:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Milestone
[2013.09.16 16:11:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2013.09.15 13:18:26 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.09.15 12:10:35 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013.09.15 12:08:51 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013.09.15 10:43:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2013.09.15 10:43:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2013.09.14 11:19:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LSoft Technologies
[2013.09.14 11:19:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
[2013.09.12 17:36:47 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\Desktop\PHOTOSHOP VĚCI
[2013.09.11 16:46:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013.09.11 16:34:15 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\Documents\OCCT
[2013.09.10 19:39:06 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
[2013.09.10 18:48:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT
[2013.09.10 18:48:53 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT
[2013.09.10 18:48:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OCCTPT
[2013.09.10 18:19:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2013.09.10 18:19:11 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\Documents\FIFA 14 DEMO
[2013.09.10 15:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14 Demo
[2013.09.09 21:25:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike Global Offensive
[2013.09.09 21:02:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Counter-Strike Global Offensive
[2013.09.08 18:52:41 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\AppData\Roaming\OpenOffice
[2013.09.08 10:29:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.09.08 09:38:47 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.0
[2013.09.08 09:37:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice 4
[2013.09.08 09:16:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Bureau
[2013.09.07 19:30:43 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\AppData\Local\Microsoft Help
[2013.09.06 22:13:16 | 000,000,000 | ---D | C] -- C:\Users\JAKUB\AppData\Roaming\SpinTires
[2013.09.06 21:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oovee
[2013.09.06 21:34:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oovee
[2013.09.06 15:20:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
[2013.09.06 15:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed
[2013.09.06 15:01:52 | 000,081,112 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.10.05 20:09:07 | 000,032,064 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.10.05 20:09:07 | 000,032,064 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.10.05 20:06:11 | 000,000,029 | ---- | M] () -- C:\Windows\SysWow64\TempWmicBatchFile.bat
[2013.10.05 20:05:18 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2013.10.05 20:04:11 | 000,016,152 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2013.10.05 20:03:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.10.05 20:03:07 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2013.10.05 19:53:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.10.05 19:40:25 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.10.04 19:44:05 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJAKUB.job
[2013.10.04 15:53:27 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.10.04 15:53:27 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.10.04 15:36:27 | 000,000,876 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 14.lnk
[2013.10.03 17:09:05 | 000,001,025 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\20Dollars2Surf.lnk
[2013.10.03 17:09:05 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\20Dollars2Surf.lnk
[2013.10.03 16:51:48 | 000,001,003 | ---- | M] () -- C:\Users\Public\Desktop\Roulette Bot Plus.lnk
[2013.10.03 14:50:52 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.10.02 21:36:39 | 000,453,120 | ---- | M] () -- C:\Users\JAKUB\Desktop\FreeVK.exe
[2013.10.02 20:54:09 | 000,027,436 | ---- | M] () -- C:\Users\JAKUB\Desktop\g1nzk6.jpg
[2013.10.02 20:27:28 | 000,392,524 | ---- | M] () -- C:\Users\JAKUB\Desktop\Bez názvu.png
[2013.10.02 17:42:12 | 000,001,320 | ---- | M] () -- C:\Users\JAKUB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2013.10.02 17:21:59 | 000,001,040 | ---- | M] () -- C:\Users\JAKUB\Desktop\ComboFix – zástupce.lnk
[2013.09.30 18:47:31 | 000,002,124 | ---- | M] () -- C:\Users\JAKUB\Desktop\Minecraft.lnk
[2013.09.28 11:54:37 | 001,588,894 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.09.28 11:54:37 | 000,659,188 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.09.28 11:54:37 | 000,652,348 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.09.28 11:54:37 | 000,138,262 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.09.28 11:54:37 | 000,118,690 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.09.27 19:12:38 | 001,540,756 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.09.22 17:52:03 | 000,001,078 | ---- | M] () -- C:\Users\JAKUB\Desktop\Windows Doctor.lnk
[2013.09.22 15:11:16 | 005,174,360 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.09.21 12:51:51 | 000,001,629 | ---- | M] () -- C:\Users\JAKUB\Desktop\pes2014 – zástupce.lnk
[2013.09.20 20:59:41 | 000,006,774 | ---- | M] () -- C:\Windows\SysWow64\ealregsnapshot1.reg
[2013.09.20 20:18:11 | 000,000,838 | ---- | M] () -- C:\Users\JAKUB\Desktop\Burnout(TM) Paradise The Ultimate Box – zástupce.lnk
[2013.09.16 20:04:09 | 000,000,132 | ---- | M] () -- C:\Users\JAKUB\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
[2013.09.15 13:05:33 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013.09.15 12:09:33 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-JAKUB-HP-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2013.09.14 11:19:35 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2013.09.10 15:31:51 | 000,001,312 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 14 Demo.lnk
[2013.09.09 21:08:52 | 000,000,206 | ---- | M] () -- C:\Users\JAKUB\Desktop\Dead Space.url
[2013.09.09 20:59:44 | 000,000,207 | ---- | M] () -- C:\Users\JAKUB\Desktop\Crysis 2 Maximum Edition.url
[2013.09.08 13:34:46 | 000,000,739 | ---- | M] () -- C:\Users\JAKUB\Desktop\FIFA 13.lnk
[2013.09.06 21:34:11 | 000,002,641 | ---- | M] () -- C:\Users\Public\Desktop\SpinTires Tech Demo (June 060613).lnk
[2013.09.06 15:01:16 | 000,081,112 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.10.05 19:40:25 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.10.04 15:27:40 | 000,000,876 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 14.lnk
[2013.10.04 15:06:43 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.10.03 17:09:05 | 000,001,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\20Dollars2Surf.lnk
[2013.10.03 17:09:05 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\20Dollars2Surf.lnk
[2013.10.03 16:51:48 | 000,001,003 | ---- | C] () -- C:\Users\Public\Desktop\Roulette Bot Plus.lnk
[2013.10.02 21:38:52 | 000,453,120 | ---- | C] () -- C:\Users\JAKUB\Desktop\FreeVK.exe
[2013.10.02 20:54:08 | 000,027,436 | ---- | C] () -- C:\Users\JAKUB\Desktop\g1nzk6.jpg
[2013.10.02 20:27:28 | 000,392,524 | ---- | C] () -- C:\Users\JAKUB\Desktop\Bez názvu.png
[2013.10.02 18:11:59 | 000,000,029 | ---- | C] () -- C:\Windows\SysWow64\TempWmicBatchFile.bat
[2013.10.02 17:41:54 | 000,001,320 | ---- | C] () -- C:\Users\JAKUB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
[2013.10.02 17:21:59 | 000,001,040 | ---- | C] () -- C:\Users\JAKUB\Desktop\ComboFix – zástupce.lnk
[2013.09.30 18:47:31 | 000,002,124 | ---- | C] () -- C:\Users\JAKUB\Desktop\Minecraft.lnk
[2013.09.22 17:52:03 | 000,001,078 | ---- | C] () -- C:\Users\JAKUB\Desktop\Windows Doctor.lnk
[2013.09.21 12:51:51 | 000,001,629 | ---- | C] () -- C:\Users\JAKUB\Desktop\pes2014 – zástupce.lnk
[2013.09.20 20:18:11 | 000,000,838 | ---- | C] () -- C:\Users\JAKUB\Desktop\Burnout(TM) Paradise The Ultimate Box – zástupce.lnk
[2013.09.20 20:14:20 | 000,006,774 | ---- | C] () -- C:\Windows\SysWow64\ealregsnapshot1.reg
[2013.09.15 12:09:33 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-JAKUB-HP-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2013.09.14 21:14:13 | 000,000,132 | ---- | C] () -- C:\Users\JAKUB\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
[2013.09.14 11:19:35 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2013.09.10 15:31:51 | 000,001,312 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 14 Demo.lnk
[2013.09.09 21:08:51 | 000,000,206 | ---- | C] () -- C:\Users\JAKUB\Desktop\Dead Space.url
[2013.09.09 20:59:43 | 000,000,207 | ---- | C] () -- C:\Users\JAKUB\Desktop\Crysis 2 Maximum Edition.url
[2013.09.09 19:44:04 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForJAKUB.job
[2013.09.08 13:34:46 | 000,000,739 | ---- | C] () -- C:\Users\JAKUB\Desktop\FIFA 13.lnk
[2013.09.08 09:24:39 | 000,000,410 | ---- | C] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2013.09.06 21:34:11 | 000,002,641 | ---- | C] () -- C:\Users\Public\Desktop\SpinTires Tech Demo (June 060613).lnk
[2013.08.28 09:15:47 | 000,000,000 | ---- | C] () -- C:\Users\JAKUB\regbcm
[2013.08.12 09:35:28 | 000,000,000 | ---- | C] () -- C:\ProgramData\TEMP
[2013.07.09 20:41:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.05.28 22:22:48 | 000,641,024 | ---- | C] () -- C:\Windows\SysWow64\ficvdec_x86.dll
[2013.05.11 20:04:11 | 000,007,605 | ---- | C] () -- C:\Users\JAKUB\AppData\Local\Resmon.ResmonCfg
[2013.05.06 18:54:57 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2013.04.27 19:48:04 | 000,160,420 | ---- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2013.04.18 21:15:51 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013.04.18 21:15:51 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013.04.14 10:36:13 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2013.04.07 13:58:53 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.03.29 03:38:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.03.29 03:38:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.03.16 12:45:27 | 000,290,776 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.03.16 12:45:26 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.02.22 19:24:29 | 001,540,756 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.02.19 20:05:20 | 000,349,562 | ---- | C] () -- C:\Windows\uninstall Man_City.exe
[2013.02.19 18:35:59 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.11.19 09:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012.11.19 09:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2012.11.11 22:58:46 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe
[2012.11.11 19:42:32 | 003,915,776 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2012.11.11 19:41:14 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2012.11.11 19:40:50 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2012.11.11 19:40:48 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2012.11.11 19:40:48 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2012.11.11 19:40:48 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2012.11.11 19:40:48 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2012.11.11 15:32:34 | 007,870,928 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll
[2012.11.11 15:32:34 | 001,182,696 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll
[2012.11.11 15:32:34 | 000,382,120 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012.11.11 15:32:34 | 000,238,528 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-52.dll
[2012.11.11 15:32:34 | 000,183,976 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012.11.11 15:32:34 | 000,167,728 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll
[2012.11.11 15:32:34 | 000,158,096 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-1.dll
[2012.09.30 00:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\Formats.ini

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.10.05 10:04:28 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\.minecraft
[2013.07.25 11:00:17 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\BANDISOFT
[2013.10.05 19:49:02 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\DAEMON Tools Lite
[2013.09.28 21:47:12 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\DG
[2013.08.12 09:18:26 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\GlarySoft
[2013.07.26 08:37:37 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\HD Tune Pro
[2013.08.29 16:42:24 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\ICQ-Profile
[2013.08.03 20:05:22 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\JAM Software
[2013.07.25 11:00:19 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\LangSoft
[2013.07.25 11:05:23 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\Leadertech
[2013.08.16 09:41:30 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\Milestone
[2013.07.25 11:00:20 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\MINECRAFTinstall.net
[2013.08.12 09:19:15 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\Mirillis
[2013.09.08 18:52:41 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\OpenOffice
[2013.07.25 11:00:26 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\Opera
[2013.08.15 09:05:53 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\Origin
[2013.10.03 16:52:01 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\RBotPlus
[2013.08.31 14:34:32 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\Rublik
[2013.08.24 18:51:05 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\ScanMaster-ELM
[2013.08.18 09:27:33 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\skyz
[2013.09.06 22:17:40 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\SpinTires
[2013.07.20 10:35:40 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\Stardock
[2013.07.25 11:00:27 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\SuperHideIP
[2013.08.26 12:04:06 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\TeamViewer
[2013.08.29 20:37:36 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\TS3Client
[2013.07.25 11:00:27 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\Tunngle
[2013.08.12 10:24:36 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\Ubisoft
[2013.09.28 12:22:50 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\Uniblue
[2013.10.05 19:49:02 | 000,000,000 | ---D | M] -- C:\Users\JAKUB\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Files - Unicode (All) ==========
[2013.10.04 21:04:26 | 099,288,311 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\犂ꞣᵌ
[2013.10.04 21:04:26 | 000,000,000 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\犂ꞣᵌ
[2013.09.27 15:58:37 | 098,267,320 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\䓀ᵌ
[2013.09.27 15:58:37 | 098,267,320 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\䓀ᵌ
[2013.09.24 21:31:46 | 097,540,783 | ---- | M] ()(C:\Windows\SysWow64\???B) -- C:\Windows\SysWow64\紧貮ᵌB
[2013.09.24 21:31:46 | 097,540,783 | ---- | C] ()(C:\Windows\SysWow64\???B) -- C:\Windows\SysWow64\紧貮ᵌB
[2013.09.21 15:06:08 | 098,547,399 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\⪙俋ᵌ
[2013.09.21 15:06:08 | 098,547,399 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\⪙俋ᵌ
[2013.09.19 15:41:02 | 098,378,485 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ʉ頬ᵌ
[2013.09.19 15:41:02 | 098,378,485 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\ʉ頬ᵌ
[2013.09.18 15:13:57 | 098,132,872 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\覀량ᵌ
[2013.09.18 15:13:57 | 098,132,872 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\覀량ᵌ
[2013.09.10 13:58:07 | 096,922,344 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\헜梢ᵌ
[2013.09.10 13:58:07 | 096,922,344 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\헜梢ᵌ
[2013.09.07 08:15:23 | 096,496,803 | ---- | M] ()(C:\Windows\SysWow64\???@) -- C:\Windows\SysWow64\未ᵌ@
[2013.09.07 08:15:23 | 096,496,803 | ---- | C] ()(C:\Windows\SysWow64\???@) -- C:\Windows\SysWow64\未ᵌ@
[2013.09.06 15:02:16 | 096,334,488 | ---- | M] ()(C:\Windows\SysWow64\???{) -- C:\Windows\SysWow64\獢쫈ᵌ{
[2013.09.06 15:02:16 | 096,334,488 | ---- | C] ()(C:\Windows\SysWow64\???{) -- C:\Windows\SysWow64\獢쫈ᵌ{

< End of report >

MrAnnix99 · Příspěvekod **MrAnnix99** » 05 říj 2013 20:23

OTL Extras logfile created on: 5.10.2013 20:08:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JAKUB\Desktop\aplikace
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,75 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 59,53% Memory free
9,36 Gb Paging File | 7,70 Gb Available in Paging File | 82,26% Paging File free
Paging file location(s): C:\pagefile.sys 5751 5751 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449,46 Gb Total Space | 146,87 Gb Free Space | 32,68% Space Free | Partition Type: NTFS
Drive D: | 16,01 Gb Total Space | 1,95 Gb Free Space | 12,15% Space Free | Partition Type: NTFS
Drive E: | 7,47 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 7,01 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: JAKUB-HP | User Name: JAKUB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{011D652F-9FA2-490D-A1E3-79A48047E920}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{04EBF300-F61E-4E74-809D-FA8ADB226E75}" = lport=137 | protocol=17 | dir=in | app=system |
"{0B6ABB5A-1A2E-4980-9F28-8147DC616C66}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{12711470-AC3A-413C-9AE0-740C79239DD3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1F048509-D7A4-40FA-85BD-DF7F5C3D99B8}" = lport=11155 | protocol=6 | dir=in | name=tunngle |
"{21D3D8CA-7EF7-40AC-96A3-ED2C3DCE0590}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{26A2327A-AE55-46AD-8BB5-DA554173DF39}" = lport=138 | protocol=17 | dir=in | app=system |
"{2B42EF2B-ADD0-4CF8-A2C6-9135E1E1FAA7}" = rport=445 | protocol=6 | dir=out | app=system |
"{36F24395-8D72-44DE-BEE2-F17A91EDD4A4}" = lport=139 | protocol=6 | dir=in | app=system |
"{398AD266-7217-45CD-8108-93F7E9465542}" = rport=10243 | protocol=6 | dir=out | app=system |
"{425EF32E-8E66-4633-8865-B823ABDF76E3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{47B81C66-E577-42B3-B114-5EB53AC3A893}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A2C7C37-4351-4456-BC9B-4BBBA883D336}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{725BC0F8-A032-4152-A695-954CB9ED7FF0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7AFB1F74-1450-457B-83E6-DE2384195A12}" = rport=138 | protocol=17 | dir=out | app=system |
"{887A433C-9137-4B65-A4B6-7819C5581762}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8A97F7F3-D50E-45B2-9A03-7B767391650A}" = rport=137 | protocol=17 | dir=out | app=system |
"{A01E5AC7-E67F-4F12-AF6E-8743CBF08CD8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A5E229A6-EA4B-4870-BB44-4D76F90D45D1}" = rport=139 | protocol=6 | dir=out | app=system |
"{B3291B93-7804-485D-9FD2-3E1E54319625}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B99ADA06-7F1B-45E0-97CF-111F9757A78F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C6FE485D-2BC2-453D-96C4-4FF7B9EC248B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CD0FE5FA-C67E-4D72-8DCC-6363053FF1F6}" = lport=445 | protocol=6 | dir=in | app=system |
"{D35FCAD1-99C5-4214-8E47-A2D7ACB638EB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DAE06B4B-F84E-4DE7-A111-D05AE933396E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F1A731B7-F4CC-47AA-A505-4CD949525A99}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02057F43-7079-44C7-B2AF-8841340FEA35}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{0B1CDC14-D622-472B-98FE-EACD84AA1C45}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{0C9DBCDE-8381-4827-A565-AD30B5E5FD44}" = protocol=17 | dir=in | app=c:\users\jakub\desktop\fifa14\fifa 14\game\fifa14.exe |
"{0CF71B7F-CC25-4CC8-AAD1-4DF39F895A07}" = protocol=17 | dir=in | app=c:\program files (x86)\sega\virtua tennis 4\vt4.exe |
"{0EAF9E16-238E-4984-B643-877028DAEDD8}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{0F97E038-51A2-49FA-8905-4906D9142736}" = protocol=17 | dir=in | app=c:\new folder\steamapps\common\dead space\support\ea help\electronic_arts_technical_support.htm |
"{123CF7B2-9DB8-42C2-8D39-D501309ECABB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{19D281E2-B263-43AE-B5D2-5D102DA4BCAB}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{1AAF9C32-4D5B-4488-9CF4-81CAF6132B9D}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{1BFC11E9-16D0-432A-989B-EAD159A1CD29}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{1E84A357-6CC6-4A49-831F-0EFF38032DE8}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{1EDEEDEA-015F-41BF-8AB2-49AD754F90E5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\shaun white snowboarding\shaunwhitesnowboarding.exe |
"{22350B20-5696-4EA0-A28D-F2A997B64F2A}" = protocol=6 | dir=in | app=c:\program files (x86)\heroes & generals\live\hng.exe |
"{22A0C53F-1474-44F3-B72E-13834526CDF9}" = protocol=6 | dir=in | app=c:\new folder\steam.exe |
"{24211B8D-AF2E-4CE6-90A8-A51505C273C4}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{26FB8104-3D1B-4800-9245-8774A6A47B38}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2773FB83-2B25-4680-9496-47C6AC4BE354}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{290D073F-4EE6-407E-822C-6221FC8CE663}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{335E2096-9EF3-4C77-BB34-AC29D0FCF0A9}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\mirrors edge\binaries\mirrorsedge.exe |
"{33B52DE5-FA33-4DF7-AC6D-B430CAE1268E}" = protocol=6 | dir=in | app=c:\program files (x86)\war thunder\launcher.exe |
"{3A05A4C0-C5C4-41B3-B99E-604C76431F7A}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{3A4AB7F7-40F4-4735-9701-EE7BBFDD1DDD}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{43FDEFC1-5183-45F3-8B76-457F7F1167BC}" = protocol=6 | dir=in | app=c:\new folder\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe |
"{4597AAE1-D021-4CE5-8130-F5990B38AB00}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{45CC8890-8015-4BB1-B59E-93E0EA860555}" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2.exe |
"{46DE7043-CF98-45F2-A175-037E43DB16F4}" = protocol=17 | dir=in | app=c:\new folder\steamapps\common\crysis 2 game of the year\bin32\crysis2launcher.exe |
"{49BF9B0A-FEC2-480F-9DCE-68AFE68BE4E1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{49FA8F88-0EC4-446C-945A-79A008352E2C}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{526DA60A-305E-40CA-B3D8-F34BC357950F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{52F72CE9-5523-45DB-8F56-129148A3A22D}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\fifa 14 demo\game\fifa14_demo.exe |
"{53C8416A-D7AE-4622-96D4-AB237565C9FD}" = protocol=17 | dir=in | app=c:\program files (x86)\heroes & generals\live\hng.exe |
"{5495D2E8-F9B9-4FAA-9147-7BAC07DA72EE}" = protocol=17 | dir=in | app=c:\new folder\steam.exe |
"{5BD8DD1E-CCC8-410D-BE7C-AFE0C56B76C1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5D05039F-D6A9-4B10-B2CA-A0487078BC0E}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\shaun white snowboarding\shaunwhitesnowboardinggame.exe |
"{62A5CBB1-CA91-44FD-A424-D6D664678F2C}" = protocol=6 | dir=in | app=c:\program files (x86)\sega\virtua tennis 4\vt4.exe |
"{644B5071-241D-469A-82C7-462AAAD4ACBB}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{66536CC8-53EF-4BB5-9F96-3812B4FF03DB}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{6B676AF1-83E4-4D54-9922-0F9800F7B1F2}" = protocol=6 | dir=in | app=c:\new folder\steamapps\common\dead space\dead space.exe |
"{6F16CFC0-B218-48D5-BB9D-BBBC7C99179D}" = protocol=6 | dir=in | app=c:\new folder\steamapps\common\dead space\support\ea help\electronic_arts_technical_support.htm |
"{71E44E0E-12D4-400A-92CC-11F25AA6757B}" = protocol=6 | dir=in | app=c:\games\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe |
"{72105CE5-F92F-4BF5-A8C1-E5289D7BABD4}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{746F4389-C664-49E9-9675-D223B6875C46}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{79577BFA-4EA3-4552-8DE0-16836ECC4146}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{7D28A5CD-06F9-4CF6-98A4-4A63781FEBAC}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{7EB1B69A-131B-4FFC-A91C-A32C07BF3EC3}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\fifa 14 demo\game\fifa14_demo.exe |
"{894BB627-AAC2-4249-9E68-50A59E2259AB}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{898C4004-7940-4EBD-84B2-A74C841B0DA9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8CBE20C3-CB1D-4C8F-BEFC-6DC85BACD1A4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8D80A89B-EB0C-4EA4-9BD2-50AE39BBDF2E}" = protocol=17 | dir=in | app=c:\new folder\steamapps\common\dead space\dead space.exe |
"{922599F5-F653-4056-9D60-606A90F96CF0}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{92B03FFE-A2F6-4B47-B43D-DD62AEF6537C}" = protocol=17 | dir=in | app=c:\users\jakub\appdata\roaming\utorrent\utorrent.exe |
"{9DBBB559-6144-4CEC-A0AE-AAA9C02ADE1A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 1942\bf1942.exe |
"{A10EAA17-C169-4FA8-822E-A8F8946B8507}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A295592E-8C63-4E4F-861E-8A5710F68B20}" = protocol=6 | dir=in | app=c:\users\jakub\appdata\roaming\utorrent\utorrent.exe |
"{A310B104-8F3A-44CB-A941-30FED040B368}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AFCE9A91-5786-4E9D-97E7-F78916FB5D0B}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{B0EAC05D-229A-4864-B817-859771E0163F}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{B293924D-BDD6-4AEC-B6B0-3BD776270914}" = protocol=6 | dir=out | app=system |
"{B370D51E-2786-4C2E-A794-40F6751882CA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{B4A35641-D379-4D91-BD4C-ED7397BBBFDA}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 1942\bf1942.exe |
"{B810529E-A142-4A50-B431-9204B907DF32}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{B9801875-470C-4101-80BC-5823BAA4DF9B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\shaun white snowboarding\shaunwhitesnowboarding.exe |
"{B999BCED-3625-45A0-B5CA-447672BD4A65}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BB4E0332-7560-4462-B24F-959781E590EB}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\shaun white snowboarding\shaunwhitesnowboardinggame.exe |
"{C02F5772-16D4-4D5B-B1AE-E586E85C421F}" = protocol=17 | dir=in | app=c:\users\jakub\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{C1F4E4AE-E402-4756-A927-D6C9DB03DC59}" = protocol=17 | dir=in | app=c:\program files (x86)\war thunder\launcher.exe |
"{C3C2B66B-13C1-46FE-8BF3-2176C4591A71}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C63E85C4-38A1-4C58-B446-5CCCDA58D4A3}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\mirrors edge\binaries\mirrorsedge.exe |
"{C8E95CF7-7E93-4BF3-9ABD-4FD9F4557A32}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CE1C76E1-A193-4077-AD2A-D832D83B980F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{CE590D70-59FA-433C-B941-24AAF837E099}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{D59656FF-2C27-44FE-80F3-E309B5E215FB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DA3ED773-014C-4A17-B25D-267A686679E7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DDC26C78-DAD7-4A73-B44D-A48069CA1881}" = protocol=17 | dir=in | app=c:\games\sniper - ghost warrior 2\bin32\sniperghostwarrior2.exe |
"{E0B72411-E96B-4A81-BADE-75E4969789CA}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{E2B96344-44EF-47B6-9751-D236506AC7E8}" = protocol=6 | dir=in | app=c:\users\jakub\desktop\fifa14\fifa 14\game\fifa14.exe |
"{E35B039C-4479-4BF6-B58C-E916A0079CA4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E3F24A63-34D2-40E9-81B6-03FFE4CFD8AA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E855C46E-D8CA-477C-8F3A-18C14C7BA6D5}" = protocol=6 | dir=in | app=c:\users\jakub\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{E90D1138-18A7-4CC4-BF91-E36F22278D9A}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{E960D244-F00E-4C7D-98C5-15E3B3C356A2}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{F5351E07-0184-46F1-8A78-8EE31AD83266}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F63B0F2E-36BD-4C4A-A4EA-26AD58C66195}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F7965FEE-D9FC-47A5-9E75-2F344E0B7C8A}" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield 2\bf2.exe |
"{F7D3030F-E7B4-4227-BD32-3A00D2AF9E61}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FAAB6B78-D1E3-49FF-A84E-8BF270D3F4B4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{0B4A16B0-36A1-4A2E-BEE3-36BA58DB4DEF}C:\program files (x86)\mirillis\action!\action.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirillis\action!\action.exe |
"TCP Query User{25F2F824-BCAE-4B6A-B44D-941AFBB6C50F}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{2A5DC43F-BFCE-4087-92B3-4E46506915FF}C:\nexon\combat arms eu\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\engine.exe |
"TCP Query User{302BAF90-42B4-479C-AAB1-DF1BA1F82917}C:\program files (x86)\counter-strike global offensive\steam\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike global offensive\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"TCP Query User{326364CE-EB2A-4442-85CA-F458E4160EB8}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{39BD072C-66BB-4145-8B3F-E946249E37B4}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"TCP Query User{573FFD13-4613-462A-B585-882CE6689177}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{66335623-5E44-4EEF-B909-EA9AF0AE5753}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{6B0E8D8B-8971-431A-B9DE-41313A066FE8}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{6FE0645A-EA92-4EE4-A583-953973D80A73}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{D79E5638-DE88-4E58-AE4F-E86A13331147}C:\users\jakub\desktop\fifa 13\game\fifa13.exe" = protocol=6 | dir=in | app=c:\users\jakub\desktop\fifa 13\game\fifa13.exe |
"TCP Query User{FD60CB93-CEFE-44FE-875E-36B64BE5559E}C:\program files (x86)\milestone\motogp13\motogp13.exe" = protocol=6 | dir=in | app=c:\program files (x86)\milestone\motogp13\motogp13.exe |
"UDP Query User{11783CB5-81B8-4005-B5D0-358942465CD9}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{1C0D323A-C9E2-4FE1-AB68-288027ACAA80}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{2671A82E-AFAB-4C38-BF23-467929610359}C:\program files (x86)\counter-strike global offensive\steam\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike global offensive\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"UDP Query User{4615A58A-9C21-4D5F-A8D7-849078FAA181}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"UDP Query User{547215FC-50E8-4A44-BC31-C91C9EC096B4}C:\program files (x86)\milestone\motogp13\motogp13.exe" = protocol=17 | dir=in | app=c:\program files (x86)\milestone\motogp13\motogp13.exe |
"UDP Query User{5B182934-1662-42B7-91F6-D262CBF2DACB}C:\users\jakub\desktop\fifa 13\game\fifa13.exe" = protocol=17 | dir=in | app=c:\users\jakub\desktop\fifa 13\game\fifa13.exe |
"UDP Query User{6EA23C89-7CFB-4210-8EC7-477C47EA819E}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{74012E81-34B5-4F1B-86C6-4F14CDBFE81E}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{74118394-8B32-4075-8EB4-643DC58438FF}C:\nexon\combat arms eu\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\engine.exe |
"UDP Query User{A9C29F31-9419-4308-8243-82CD0AEDE70C}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{CD0FA8F0-9C78-4C3E-917B-BE5F221A5AC4}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{EFBFCF72-1415-4129-B1FD-8F9695929553}C:\program files (x86)\mirillis\action!\action.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirillis\action!\action.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13351E83-6DCD-4E97-2A8C-5D496259A47F}" = AMD Catalyst Install Manager
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{55B348BE-A3BE-9AE7-58BD-BE45B9A28F82}" = AMD Media Foundation Decoders
"{5B73E1AA-CA9D-E76A-2F2D-E0EFB41CE087}" = AMD Accelerated Video Transcoding
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A70B905D-2E57-66A0-3BFE-66B8E71E0C70}" = AMD Catalyst Install Manager
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B01875AA-1BD4-5B9F-D2B9-23D909F4280B}" = AMD Drag and Drop Transcoding
"{B962DFD6-45C1-49D8-AEBA-197BF6576D29}" = HP Wireless Assistant
"{C2A9F89A-E657-7E78-CF51-5C8934E1D935}" = ccc-utility64
"{CC1FE395-D90F-712C-E013-EBDCC30433B1}" = AMD Fuel
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E54A949B-C4AE-28B6-EC97-FCB9E402D338}" = ccc-utility64
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.23
"ImagenomicPortraiturePlugin" = Imagenomic Portraiture 2.1 Plug-in (build 2105)
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Speccy" = Speccy
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WhoCrashed_is1" = WhoCrashed 4.02
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03046EBB-CB7C-4B98-BEFB-690EB955DA22}" = HP Setup
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{0558D976-2CD9-4056-BB6D-6609578F6FB9}_is1" = Euro-Happy M-B-v2.12e Bęta
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09BC92CC-9D24-28EA-6CE5-7B3400650601}" = CCC Help English
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11F2C5EC-35AA-7237-B62B-A4F041859C2A}" = CCC Help Spanish
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{197816C4-9BF5-4633-BB84-63F03902544E}" = FiatECUScan
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1B72C51C-D60D-4B48-8D54-A4A4C98060ED}" = MotoGP(TM)13
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1EE9BBA1-312F-4EC0-9DEA-A8FE22BBABAA}_is1" = 20Dollars2Surf 1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21045E2A-1BD4-44B3-840B-A0857B4DEE55}" = Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{229EDE35-4677-BDE6-70ED-A5A4C711DDC3}" = CCC Help Norwegian
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{27B56E28-94B2-BDF8-D209-EC8D2FF4838E}" = Catalyst Control Center Graphics Previews Common
"{2BF8B295-A214-42AC-B4EC-2AE15E08B0E7}" = HP Documentation
"{2E52FB79-7F60-4AD7-B946-5ED18B4F274E}" = ShaunWhiteSnowboarding
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30BA90A9-E6B4-4FFC-8BC5-B7F2E014F432}" = Hitman Blood Money
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33D4FA83-02C0-93B3-08ED-5D7378930CFA}" = CCC Help Turkish
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370B8E47-4A33-E9F7-B04A-424A041D23B0}" = CCC Help Turkish
"{37D0F3C2-8FFD-134D-FBDF-2D711E169D78}" = AMD VISION Engine Control Center
"{387A7BC7-577B-4FC9-8337-4DB8F7D34E55}" = MotoGP(TM)13
"{3CF3DEF4-ED15-4F7B-9320-C3E1081EA4DA}" = SlimDrivers
"{3D2253BD-8907-4A0E-B6D1-EBB9723A70B3}_is1" = CPU Časomíra 2.0
"{41564952-412D-5637-00A7-A758B70C0201}" = Avira SearchFree Toolbar plus Web Protection
"{42FECCEF-63CD-DF98-D6BC-DDBB27E4A580}" = CCC Help Japanese
"{44039779-BEA6-BF97-EC73-71FC250D1E42}" = CCC Help Dutch
"{44E28991-33C8-4F24-8506-64BA3FB259D1}" = Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7_2 (c:\SiLabs\MCU\CP210x\Windows_XP_S2K3_Vista_7_2)
"{45160C56-61F6-468D-A5B0-9FAE2C3E68D6}" = Catalyst Control Center - Branding
"{46594DA4-2D0A-B2D4-C0E0-A5CCA3260025}" = CCC Help Hungarian
"{485B8152-C59F-8569-15BC-46BDA2A1E4A9}" = CCC Help Polish
"{490F47E6-585C-531A-1BF8-4DE44ED9AED7}" = CCC Help Russian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B784CE7-7CDB-4AF1-B636-2DC3EA51EA87}" = MotoGP(TM)13
"{4BBC41BE-C6DB-AFDC-E1D4-93D39A7DCDCC}" = Catalyst Control Center Localization All
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{50F87176-7DB3-4C75-D9DC-25CB4561D0F8}" = CCC Help Danish
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52E706AA-B4E9-423A-1651-62E61E06DF9A}" = CCC Help Greek
"{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™
"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch
"{53FAB161-9538-683D-D105-99E734B5FBE6}" = CCC Help Portuguese
"{56C16784-3EC3-CE94-74D1-7D9648DF4B4C}" = CCC Help German
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}" = Battlefield 1942™
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5EFD3544-2371-4900-8ACA-F157BA80FB0C}" = Pro Evolution Soccer 2014
"{5FB51C12-62AE-0990-E419-C6F62B776E5C}" = CCC Help Portuguese
"{63059735-CA97-FDFB-0E7A-3B8D81572EFD}" = Application Profiles
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{66B46617-A156-F25B-3CC0-5E46343AEA95}" = CCC Help Thai
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B04DAD8-71E6-A4D8-2B96-58C2F3534941}" = CCC Help Norwegian
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}" = AMD System Monitor
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{75C3C9C0-6CE6-42FA-A0E9-658E8F539124}" = PCMark 7
"{763360F7-5BE2-00D5-34F9-E2567656B98B}" = CCC Help Japanese
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner
"{779D8CA1-03DD-4AD4-B21F-3E20BFE7BEDE}" = SketchUp 8
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78F4E027-355C-45C0-90DC-F89DFC618761}_is1" = Thread Manager 2.4.0.0
"{7A6577E7-F341-430F-9173-91E14E2DE270}" = FIFA 14 Demo
"{7AF8D74A-82BE-4463-AEFE-280DF7FE5AD5}" = MotoGP(TM)13
"{7D0F4ACC-698A-41B9-B1E2-17594988FBEF}" = Pinnacle Studio 16 - Standard Content Pack
"{80F5C543-1B9F-483E-8C81-F97F30019C2B}_is1" = "Sniper - Ghost Warrior 2"
"{81543139-18AE-703B-D3B1-F6B3A0CB2EAC}" = CCC Help English
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{88C4D8A6-9954-46A0-965D-92E55DAB8734}" = Premium Pack Volumes 1-2
"{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}" = Razer Game Booster
"{89B622E5-326B-6302-982A-BFC17A112B97}_is1" = GPS-Navigace-Sygic-Aura-V11.2.6-Android-CZ-pln-verze version for Windows
"{89EEB101-A1C1-00B3-94C7-5F7864C8A618}" = CCC Help Greek
"{8A9B1F0E-DE51-4625-A90E-4E7BF43EB515}" = Splash PRO EX
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8FA20FAC-719F-7CCD-5790-6B59D691C370}" = CCC Help Chinese Traditional
"{8FB91814-FE42-4B62-9B54-4B677A420715}_is1" = CLEO v3.0.950
"{91E034D3-ACE1-D27A-B9E8-41468391C923}" = CCC Help Czech
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{940B28E7-320B-5AC8-0A8A-32D6A7B404A1}" = CCC Help Swedish
"{962F1328-15D3-0A6A-E8E2-A0BE4FB546AB}" = CCC Help Swedish
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{96F42B8E-0963-4063-B712-4675D704A628}" = CCC Help Thai
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{994D5DF7-DA32-2F0E-3333-B06888235CF3}" = CCC Help Spanish
"{99A016E1-0840-43AE-8434-A18CEDFA833B}" = LogMeIn Hamachi
"{99C382AB-CA1D-8577-66D3-AA850DB5FD00}" = CCC Help Korean

Zasekaný ntb HP 635 Vyřešeno

Re: Zasekaný ntb HP 635

Re: Zasekaný ntb HP 635

Re: Zasekaný ntb HP 635

Re: Zasekaný ntb HP 635

Re: Zasekaný ntb HP 635

Re: Zasekaný ntb HP 635

Re: Zasekaný ntb HP 635

Re: Zasekaný ntb HP 635

Re: Zasekaný ntb HP 635

Re: Zasekaný ntb HP 635

Re: Zasekaný ntb HP 635

Re: Zasekaný ntb HP 635

Kdo je online