A ten soubor?
Udělej ten script znovu , v nouz. režimu. Zase Ti tam toho dost nalezlo.
+
Stáhni Kaspersky VRT
na svojí plochu.
Spusť program Kaspersky VRT, .Program se nainstaluje.
Potvrď licenci a klikni na „Start“ . Pokud program nabídne aktualizaci , klikni dole na na „Download Now“.
- Klikni na ozubené kolečko v pravém horním rohu. V okně vyber kromě již zatržených , svojí jednotku disku , pokud jich máš víc , můžeš zatrhnout všechny.
- zvol „Automatic Scan“ nahoře vlevo. a stiskni tlačítko „Start Scanning“
- Program začne skenovat zatržené jednotky
Zaškrtnuté :
Hidden startup objects
System Memory
Disk boot sectors
Nezašrkrtnuté:
Dokumenty
My email
Počítač
Místní disk C
Místní disk D
Jednotka DVD-Rom (E)
Jednotka BD-ROM (G)
Disketová jednotka
A jiné , např. Flash disky , které máš připojeny.
- povol programu Virus Removal Tool odstranit všechny nalezené infekce
- jakmile sken skončí ,zvol záložku „Report“ , vpravo nahoře (vedle ozubeného kolečka)
- klikni na „Detected Threads“ a klikni na obrázek diskety („Save“)
- ulož do počítače zprávu a vložit ji sem do příspěvku
Havěť - Babylon Search Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43297
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Havěť - Babylon Search
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Speed_dead
- Level 6
- Příspěvky: 3281
- Registrován: duben 10
- Bydliště: Praha
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Havěť - Babylon Search
Nějak se nedaří. Combofix se brání - nechce se spustit. Přitom předtím se spustil a mám to imho správně. Zkoušel jsem to jak v nouzovým, tak v normálním režimu. Možná jsem něco přehlíd.
Kaspesky v té verzi, co si linkoval nejde updatovat - hází to na stažení nové verze,jak jsem se svojí chabou angličtinou snad správně pochopil. To jsem udělal a nic to nenašlo.
P.S. Docela by mě zajímalo, kde jsem ty breberky chytil. Kromě té lišty Babyloon, neinstaluju žádný toolbary, nechodím na warez ani na XXx či jiný pochybný stránky.
- Skript.jpg (17.59 KiB) Zobrazeno 1132 x
Kaspesky v té verzi, co si linkoval nejde updatovat - hází to na stažení nové verze,jak jsem se svojí chabou angličtinou snad správně pochopil. To jsem udělal a nic to nenašlo.
P.S. Docela by mě zajímalo, kde jsem ty breberky chytil. Kromě té lišty Babyloon, neinstaluju žádný toolbary, nechodím na warez ani na XXx či jiný pochybný stránky.
Google ví skoro vše. Ale někdy je problém co tam napsat, aby to našlo to, co hledám.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43297
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Havěť - Babylon Search
Občas se to chytne i na "zabezpečených" stránkách.
Udělej tento script v Combofixu:
Pokud budou problémy , zkus v nouz. režimu.
ESET OnlineScan
Poznámka:
Je doporučeno mít během skenu vypnutý antivirový a antispywarový program .Zároveň se doporučuje mít zavřeny všechny ostatní okna , programy a nesurfovat po netu. Po skončení skenu si nezapomeň zase ochrany antiviru a antispywaru zapnout.Je doporučeno použít pro kontrolu prohlížeč Internet Explorer , jinak je nutno nainstalovat ESET Smart Installer a po skončení skenu vše zase řádně odinstalovat.
1. Klikni na ESET OnlineScan
2. Klikni na tlačítko Run ESET Online Scanner
3. Jen pro jiné prohlížeče než je Internet Explorer ( Ti , co mají spuštěn IE mohou toto přeskočit)
3.1. Klikni na esetsmartinstaller_enu.exe ke stáhnutí ESET Smart Installeru , ulož si soubor na svojí plochu.
3.2. Poklepej na ploše na ikonu esetsmartinstaller_enu
4. Dej zatržítko do čtverečku YES , I accept the Terms of Use. ( k potvrzení podmínek užití)
5. Klikni na tlačítko Start
6. Akceptuj další bezpečnostní varování ze svého prohlížeče. Nainstaluj si ovl.prvek ActiveX
7. Dej zatržítko do čtverečku Scan archives
8. Ujisti se , že volba "Remove found threats" je nezaškrtnuta
9. Když se objeví display nastavení skenu počítače , klikni na Advanced settings , a dej zatržítko na :
Enable Anti-Stealth technology (pokud není již zatržena)
10. Klikni na tlačítko Start
11. ESET si pak stáhne svojí aktualizaci , nainstaluje jí a poté začne skenovat Tvůj počítač
12. Když bude sken hotov , klikni na šipku List of found threads
13. Klikni na tlačítko Export to text file , a soubor si ulož pod nějakým jménem na svojí plochu
14. Klikni na tlačítko Back
15. Klikni na tlačítko Finish
Celý obsah textového souboru , který sis uložil na plochu sem prosím vlož.
Udělej tento script v Combofixu:
Kód: Vybrat vše
KillAll::
File::
C:\Windows\System32\drivers\mrxsmb.sys
Reboot::
Pokud budou problémy , zkus v nouz. režimu.
ESET OnlineScan
Poznámka:
Je doporučeno mít během skenu vypnutý antivirový a antispywarový program .Zároveň se doporučuje mít zavřeny všechny ostatní okna , programy a nesurfovat po netu. Po skončení skenu si nezapomeň zase ochrany antiviru a antispywaru zapnout.Je doporučeno použít pro kontrolu prohlížeč Internet Explorer , jinak je nutno nainstalovat ESET Smart Installer a po skončení skenu vše zase řádně odinstalovat.
1. Klikni na ESET OnlineScan
2. Klikni na tlačítko Run ESET Online Scanner
3. Jen pro jiné prohlížeče než je Internet Explorer ( Ti , co mají spuštěn IE mohou toto přeskočit)
3.1. Klikni na esetsmartinstaller_enu.exe ke stáhnutí ESET Smart Installeru , ulož si soubor na svojí plochu.
3.2. Poklepej na ploše na ikonu esetsmartinstaller_enu
4. Dej zatržítko do čtverečku YES , I accept the Terms of Use. ( k potvrzení podmínek užití)
5. Klikni na tlačítko Start
6. Akceptuj další bezpečnostní varování ze svého prohlížeče. Nainstaluj si ovl.prvek ActiveX
7. Dej zatržítko do čtverečku Scan archives
8. Ujisti se , že volba "Remove found threats" je nezaškrtnuta
9. Když se objeví display nastavení skenu počítače , klikni na Advanced settings , a dej zatržítko na :
Enable Anti-Stealth technology (pokud není již zatržena)
10. Klikni na tlačítko Start
11. ESET si pak stáhne svojí aktualizaci , nainstaluje jí a poté začne skenovat Tvůj počítač
12. Když bude sken hotov , klikni na šipku List of found threads
13. Klikni na tlačítko Export to text file , a soubor si ulož pod nějakým jménem na svojí plochu
14. Klikni na tlačítko Back
15. Klikni na tlačítko Finish
Celý obsah textového souboru , který sis uložil na plochu sem prosím vlož.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Speed_dead
- Level 6
- Příspěvky: 3281
- Registrován: duben 10
- Bydliště: Praha
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Havěť - Babylon Search
ComboFix 13-09-14.01 - User 15.09.2013 10:49:00.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8150.5752 [GMT 2:00]
Spuštěný z: c:\users\User\Desktop\Nová složka (2)\ComboFix.exe
Použité ovládací přepínače :: c:\users\User\Desktop\Nová složka (2)\CFScript.txt
AV: ESET Smart Security 6.0 *Disabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\System32\drivers\mrxsmb.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\User\AppData\Local\Temp\_MEI9882\_ctypes.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\_elementtree.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\_hashlib.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\_multiprocessing.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\_socket.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\_ssl.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\msvcp100.dll
c:\users\User\AppData\Local\Temp\_MEI9882\msvcr100.dll
c:\users\User\AppData\Local\Temp\_MEI9882\pyexpat.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\pysqlite2._sqlite.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\python27.dll
c:\users\User\AppData\Local\Temp\_MEI9882\pythoncom27.dll
c:\users\User\AppData\Local\Temp\_MEI9882\PyWinTypes27.dll
c:\users\User\AppData\Local\Temp\_MEI9882\select.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\unicodedata.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32api.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32com.shell.shell.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32crypt.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32event.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32file.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32inet.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32pdh.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32process.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32profile.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32security.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32ts.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\windows._cacheinvalidation.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\wx._controls_.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\wx._core_.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\wx._gdi_.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\wx._html2.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\wx._misc_.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\wx._windows_.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\wx._wizard.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\wxbase294u_net_vc90.dll
c:\users\User\AppData\Local\Temp\_MEI9882\wxbase294u_vc90.dll
c:\users\User\AppData\Local\Temp\_MEI9882\wxmsw294u_adv_vc90.dll
c:\users\User\AppData\Local\Temp\_MEI9882\wxmsw294u_core_vc90.dll
c:\users\User\AppData\Local\Temp\_MEI9882\wxmsw294u_html_vc90.dll
c:\users\User\AppData\Local\Temp\_MEI9882\wxmsw294u_webview_vc90.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . nemohl být smazán
c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . nemohl být smazán
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-15 do 2013-09-15 )))))))))))))))))))))))))))))))
.
.
2013-09-15 08:53 . 2013-09-15 08:53 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-15 08:53 . 2013-09-15 08:53 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-09-15 08:53 . 2013-09-15 08:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-14 18:17 . 2013-09-14 18:17 -------- d-----w- c:\users\User\AppData\Roaming\Origin
2013-09-14 18:17 . 2013-09-14 18:17 -------- d-----w- c:\users\User\AppData\Local\Origin
2013-09-14 18:16 . 2013-09-14 18:17 -------- d-----w- c:\programdata\Origin
2013-09-14 18:16 . 2013-09-14 18:17 -------- d-----w- c:\program files (x86)\Origin
2013-09-14 18:00 . 2013-09-14 18:00 -------- d-----w- c:\users\User\AppData\Local\Criterion Games
2013-09-14 16:28 . 2013-09-14 16:28 -------- d-----w- c:\program files (x86)\RADVideo
2013-09-14 12:48 . 2013-09-14 12:48 -------- d-----w- c:\users\User\AppData\Roaming\Dexpot
2013-09-14 12:48 . 2013-09-14 12:48 -------- d-----w- c:\program files (x86)\Dexpot
2013-09-14 11:31 . 2013-09-14 11:31 -------- d-----w- c:\programdata\Kaspersky Lab
2013-09-13 16:14 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{521D0DCE-0B15-4E69-B68E-C69557F120B7}\mpengine.dll
2013-09-12 15:45 . 2013-09-12 15:45 162379 ----a-w- c:\windows\Animated Wallpaper Maker Uninstaller.exe
2013-09-11 08:06 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-10 22:11 . 2013-09-10 22:11 -------- d-----w- c:\users\User\AppData\Local\MercurySteam
2013-09-10 09:43 . 2013-09-10 09:45 -------- d-----w- c:\programdata\HiSlider
2013-09-09 20:37 . 2013-09-09 20:37 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-09-09 20:37 . 2013-09-09 20:37 -------- d-----w- c:\users\User\AppData\Local\PunkBuster
2013-09-09 20:34 . 2013-09-09 20:37 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-09-09 20:34 . 2013-09-09 20:34 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-09-09 20:34 . 2013-09-09 20:34 282512 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-09-08 20:28 . 2013-09-08 20:28 -------- d-----w- c:\users\User\AppData\Roaming\CUDA
2013-09-08 20:28 . 2013-09-08 20:28 -------- d-----w- c:\program files (x86)\Free CUDA Video Converter 6
2013-09-08 20:27 . 2013-09-08 23:28 -------- d-----w- c:\program files (x86)\MyPC Backup
2013-09-08 20:27 . 2013-09-08 20:27 -------- d-----w- c:\program files (x86)\lucky leap
2013-09-08 15:48 . 2013-09-08 15:52 -------- d-----w- c:\programdata\boost_interprocess
2013-09-08 15:48 . 2013-09-08 15:48 -------- d-----w- c:\users\User\AppData\Local\UWebKit
2013-09-08 06:34 . 2013-09-08 06:36 -------- d-----w- c:\users\User\AppData\Roaming\OnLive App
2013-09-06 09:14 . 2013-09-06 09:14 -------- d-----w- c:\users\User\AppData\Roaming\Leawo
2013-09-05 18:12 . 2013-09-05 18:12 -------- d-----w- c:\users\User\AppData\Roaming\The Creative Assembly
2013-09-05 18:03 . 2013-09-05 18:03 -------- d-----w- c:\program files (x86)\Microsoft XNA
2013-09-05 08:24 . 2013-09-05 08:24 162564 ----a-w- c:\windows\Animated Screensaver Maker Uninstaller.exe
2013-09-05 08:24 . 2013-09-05 08:24 -------- d-----w- c:\program files (x86)\Common Files\Thraex Software
2013-09-04 18:29 . 2013-09-04 18:29 -------- d-----w- c:\users\User\AppData\Roaming\Arrowhead
2013-09-04 18:29 . 2013-09-04 18:29 -------- d-----w- c:\windows\9530AE42DAE146199594B23487285D17.TMP
2013-09-04 08:37 . 2013-09-04 08:37 -------- d-----w- c:\programdata\Teorex
2013-09-01 21:56 . 2013-09-01 21:57 -------- d-----w- c:\programdata\Balls
2013-09-01 21:32 . 2013-09-15 08:28 -------- d-----r- c:\users\User\Disk Google
2013-09-01 10:41 . 2013-09-01 10:43 -------- d-----w- C:\AdwCleaner
2013-08-16 14:26 . 2013-08-16 14:26 -------- d-----w- c:\users\User\AppData\Roaming\EPSON
2013-08-16 14:17 . 2013-08-16 14:17 -------- d-----w- c:\programdata\Airline Tycoon 2-Demo
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-14 01:56 . 2013-02-12 14:39 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-14 01:56 . 2013-02-12 14:39 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-12 01:03 . 2013-02-12 14:01 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-13 20:49 . 2013-05-11 22:52 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-08-09 07:36 . 2013-08-09 07:36 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-08-02 01:48 . 2013-09-11 08:06 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-28 17:16 . 2013-07-28 17:16 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-07-28 17:16 . 2013-07-28 17:16 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-07-28 17:16 . 2013-07-28 17:16 121880 ----a-w- c:\windows\system32\OpenAL32.dll
2013-07-28 17:16 . 2013-07-28 17:16 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-07-25 09:25 . 2013-08-14 21:29 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 21:29 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-14 21:29 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 21:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-18 07:48 . 2012-12-15 18:39 6946816 ----a-w- c:\windows\SysWow64\common_res.dll
2013-07-09 05:52 . 2013-08-14 21:29 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-14 21:29 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-14 21:29 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-14 21:29 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-14 21:29 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-14 21:29 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-14 21:29 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-14 21:29 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 21:29 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-14 21:29 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-06 06:03 . 2013-08-14 21:29 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-27 14:59 . 2013-06-27 14:59 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-27 14:59 . 2013-02-18 22:04 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-27 14:59 . 2013-02-18 22:04 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-21 12:06 . 2013-07-02 06:35 925648 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-06-21 12:06 . 2013-07-02 06:35 9239344 ----a-w- c:\windows\system32\nvcuda.dll
2013-06-21 12:06 . 2013-07-02 06:35 7687592 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-06-21 12:06 . 2013-07-02 06:35 7641832 ----a-w- c:\windows\system32\nvopencl.dll
2013-06-21 12:06 . 2013-07-02 06:35 6324360 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-06-21 12:06 . 2013-07-02 06:35 572704 ----a-w- c:\windows\system32\NvFBC64.dll
2013-06-21 12:06 . 2013-07-02 06:35 570656 ----a-w- c:\windows\system32\NvIFR64.dll
2013-06-21 12:06 . 2013-07-02 06:35 467232 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-06-21 12:06 . 2013-07-02 06:35 465184 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-06-21 12:06 . 2013-07-02 06:35 2953504 ----a-w- c:\windows\system32\nvcuvid.dll
2013-06-21 12:06 . 2013-07-02 06:35 2777888 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-06-21 12:06 . 2013-07-02 06:35 266448 ----a-w- c:\windows\system32\nvinitx.dll
2013-06-21 12:06 . 2013-07-02 06:35 2363680 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-06-21 12:06 . 2013-07-02 06:35 218592 ----a-w- c:\windows\system32\nvoglshim64.dll
2013-06-21 12:06 . 2013-07-02 06:35 214448 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-06-21 12:06 . 2013-07-02 06:35 21102368 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-06-21 12:06 . 2013-07-02 06:35 2002720 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-06-21 12:06 . 2013-07-02 06:35 1832224 ----a-w- c:\windows\system32\nvdispco6432049.dll
2013-06-21 12:06 . 2013-07-02 06:35 181488 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2013-06-21 12:06 . 2013-07-02 06:35 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2013-07-02 06:35 15144928 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-06-21 12:06 . 2013-07-02 06:35 1511712 ----a-w- c:\windows\system32\nvdispgenco6432049.dll
2013-06-21 12:06 . 2013-07-02 06:35 13411896 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-06-21 12:06 . 2013-07-02 06:35 11235104 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-06-21 12:06 . 2013-07-02 06:35 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2013-06-21 12:06 . 2013-07-02 06:35 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-06-21 12:06 . 2013-03-27 16:27 27781920 ----a-w- c:\windows\system32\nvoglv64.dll
2013-06-21 12:06 . 2013-02-12 13:25 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-06-21 12:06 . 2013-02-12 13:25 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-06-21 12:06 . 2013-02-12 13:25 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-06-21 12:06 . 2013-02-12 13:25 2597856 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-06-21 12:06 . 2013-02-12 13:25 12427240 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-06-21 12:06 . 2013-02-12 13:25 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-06-21 10:23 . 2013-02-12 13:25 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2013-02-12 13:25 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2013-02-12 13:25 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2013-02-12 13:25 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2013-02-12 13:25 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2013-02-12 13:25 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 03:16 . 2013-06-21 03:16 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-06-20 04:17 . 2013-02-12 13:25 3253909 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{d77aa852-def3-43cb-a3f5-bd679de72f32}]
2013-08-30 03:34 149280 ----a-w- c:\program files (x86)\lucky leap\luckyleapBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files (x86)\ICQ7M\ICQ.exe" [2013-02-15 127040]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-09-06 1811368]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"StartMenuX"="c:\program files\Start Menu X\StartMenuX.exe" [2013-02-19 6342976]
"Backup"="c:\program files (x86)\1-abc\Backup\BKPStarter.exe" [2012-10-05 43184]
"AshSnap"="c:\program files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe" [2013-08-19 3781968]
"Logitech Vid"="c:\program files (x86)\Logitech\Logitech Vid\vid.exe" [2009-07-16 5458704]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-08-01 3673696]
"Zoner Photo Studio Autoupdate"="e:\program files 2\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2013-06-07 774680]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-06-27 20097696]
"Dexpot"="c:\program files (x86)\Dexpot\dexpot.exe" [2013-05-02 1437696]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-09-14 3549528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-08-09 5263504]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"Cobian Backup 11"="c:\program files (x86)\Cobian Backup 11\Cobian.exe" [2013-03-07 720896]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll
.
R2 Bacula-fd;Bacula File Backup Service;c:\program files\Bacula\bacula-fd.exe;c:\program files\Bacula\bacula-fd.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 DfSdkS;Defragmentation-Service;e:\program files 2\Ashampoo HDD Control 2\DfsdkS64.exe;e:\program files 2\Ashampoo HDD Control 2\DfsdkS64.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 CH341SER_A64;CH341SER_A64;c:\windows\system32\Drivers\CH341S64.SYS;c:\windows\SYSNATIVE\Drivers\CH341S64.SYS [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 lowcdc;Low-Speed CDC Transfer Interface;c:\windows\system32\DRIVERS\lowcdc.sys;c:\windows\SYSNATIVE\DRIVERS\lowcdc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB;c:\windows\system32\DRIVERS\vpcuxd.sys;c:\windows\SYSNATIVE\DRIVERS\vpcuxd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 diskpt;diskpt;c:\windows\SYSTEM32\drivers\diskpt.sys;c:\windows\SYSNATIVE\drivers\diskpt.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 Uim_VIM;UIM Virtual Image Plugin;c:\windows\system32\Drivers\uim_vimx64.sys;c:\windows\SYSNATIVE\Drivers\uim_vimx64.sys [x]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [x]
S2 ACT2_Service;Ashampoo Core Tuner 2 Service;e:\program files 2\Ashampoo Core Tuner 2\ACT2Service.exe;e:\program files 2\Ashampoo Core Tuner 2\ACT2Service.exe [x]
S2 ACT2PM;Ashampoo CoreTuner 2 ProcessMonitor Driver;e:\program files 2\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys;e:\program files 2\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [x]
S2 AHDDC2;Ashampoo HDD Control 2 Service;e:\program files 2\Ashampoo HDD Control 2\AHDDC2_Service.exe;e:\program files 2\Ashampoo HDD Control 2\AHDDC2_Service.exe [x]
S2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;c:\program files (x86)\Cobian Backup 11\cbVSCService11.exe;c:\program files (x86)\Cobian Backup 11\cbVSCService11.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Update lucky leap;Update lucky leap;c:\program files (x86)\lucky leap\updateluckyleap.exe;c:\program files (x86)\lucky leap\updateluckyleap.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;c:\windows\system32\DRIVERS\LGSUsbFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSUsbFilt.Sys [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 17:40 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-12 01:56]
.
2013-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-15 10:15]
.
2013-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-15 10:15]
.
2013-09-13 c:\windows\Tasks\One-Click Optimizer.job
- e:\program files 2\Ashampoo WinOptimizer 9\WO9.exe [2013-05-29 09:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Shadow Defender Daemon"="c:\program files\Shadow Defender\DefenderDaemon.exe" [2013-04-20 325216]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-04-24 7477016]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-03-21 6330568]
"Ashampoo HDD-Control 2 Guard"="e:\program files 2\Ashampoo HDD Control 2\AHDDC2_Guard.exe" [2012-07-30 3783592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.cz/
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Add to CaptureSaver - c:\program files (x86)\CaptureSaver\\AddFromIE.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\DriverUninstall\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\fraps\fraps.exe
.
**************************************************************************
.
Celkový čas: 2013-09-15 11:11:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-15 09:11
ComboFix2.txt 2013-09-14 03:33
.
Před spuštěním: Volných bajtů: 21 032 562 688
Po spuštění: Volných bajtů: 20 924 321 792
.
- - End Of File - - 74C7204955EC79DED13934BFDEE54F35
A36C5E4F47E84449FF07ED3517B43A31
Esset za chvíli. Udělám to přesto, že používám Smart Esset Seurity
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8150.5752 [GMT 2:00]
Spuštěný z: c:\users\User\Desktop\Nová složka (2)\ComboFix.exe
Použité ovládací přepínače :: c:\users\User\Desktop\Nová složka (2)\CFScript.txt
AV: ESET Smart Security 6.0 *Disabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\System32\drivers\mrxsmb.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\User\AppData\Local\Temp\_MEI9882\_ctypes.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\_elementtree.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\_hashlib.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\_multiprocessing.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\_socket.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\_ssl.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\msvcp100.dll
c:\users\User\AppData\Local\Temp\_MEI9882\msvcr100.dll
c:\users\User\AppData\Local\Temp\_MEI9882\pyexpat.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\pysqlite2._sqlite.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\python27.dll
c:\users\User\AppData\Local\Temp\_MEI9882\pythoncom27.dll
c:\users\User\AppData\Local\Temp\_MEI9882\PyWinTypes27.dll
c:\users\User\AppData\Local\Temp\_MEI9882\select.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\unicodedata.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32api.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32com.shell.shell.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32crypt.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32event.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32file.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32inet.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32pdh.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32process.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32profile.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32security.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\win32ts.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\windows._cacheinvalidation.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\wx._controls_.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\wx._core_.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\wx._gdi_.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\wx._html2.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\wx._misc_.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\wx._windows_.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\wx._wizard.pyd
c:\users\User\AppData\Local\Temp\_MEI9882\wxbase294u_net_vc90.dll
c:\users\User\AppData\Local\Temp\_MEI9882\wxbase294u_vc90.dll
c:\users\User\AppData\Local\Temp\_MEI9882\wxmsw294u_adv_vc90.dll
c:\users\User\AppData\Local\Temp\_MEI9882\wxmsw294u_core_vc90.dll
c:\users\User\AppData\Local\Temp\_MEI9882\wxmsw294u_html_vc90.dll
c:\users\User\AppData\Local\Temp\_MEI9882\wxmsw294u_webview_vc90.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . nemohl být smazán
c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . nemohl být smazán
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-15 do 2013-09-15 )))))))))))))))))))))))))))))))
.
.
2013-09-15 08:53 . 2013-09-15 08:53 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-15 08:53 . 2013-09-15 08:53 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-09-15 08:53 . 2013-09-15 08:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-14 18:17 . 2013-09-14 18:17 -------- d-----w- c:\users\User\AppData\Roaming\Origin
2013-09-14 18:17 . 2013-09-14 18:17 -------- d-----w- c:\users\User\AppData\Local\Origin
2013-09-14 18:16 . 2013-09-14 18:17 -------- d-----w- c:\programdata\Origin
2013-09-14 18:16 . 2013-09-14 18:17 -------- d-----w- c:\program files (x86)\Origin
2013-09-14 18:00 . 2013-09-14 18:00 -------- d-----w- c:\users\User\AppData\Local\Criterion Games
2013-09-14 16:28 . 2013-09-14 16:28 -------- d-----w- c:\program files (x86)\RADVideo
2013-09-14 12:48 . 2013-09-14 12:48 -------- d-----w- c:\users\User\AppData\Roaming\Dexpot
2013-09-14 12:48 . 2013-09-14 12:48 -------- d-----w- c:\program files (x86)\Dexpot
2013-09-14 11:31 . 2013-09-14 11:31 -------- d-----w- c:\programdata\Kaspersky Lab
2013-09-13 16:14 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{521D0DCE-0B15-4E69-B68E-C69557F120B7}\mpengine.dll
2013-09-12 15:45 . 2013-09-12 15:45 162379 ----a-w- c:\windows\Animated Wallpaper Maker Uninstaller.exe
2013-09-11 08:06 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-10 22:11 . 2013-09-10 22:11 -------- d-----w- c:\users\User\AppData\Local\MercurySteam
2013-09-10 09:43 . 2013-09-10 09:45 -------- d-----w- c:\programdata\HiSlider
2013-09-09 20:37 . 2013-09-09 20:37 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-09-09 20:37 . 2013-09-09 20:37 -------- d-----w- c:\users\User\AppData\Local\PunkBuster
2013-09-09 20:34 . 2013-09-09 20:37 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-09-09 20:34 . 2013-09-09 20:34 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-09-09 20:34 . 2013-09-09 20:34 282512 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-09-08 20:28 . 2013-09-08 20:28 -------- d-----w- c:\users\User\AppData\Roaming\CUDA
2013-09-08 20:28 . 2013-09-08 20:28 -------- d-----w- c:\program files (x86)\Free CUDA Video Converter 6
2013-09-08 20:27 . 2013-09-08 23:28 -------- d-----w- c:\program files (x86)\MyPC Backup
2013-09-08 20:27 . 2013-09-08 20:27 -------- d-----w- c:\program files (x86)\lucky leap
2013-09-08 15:48 . 2013-09-08 15:52 -------- d-----w- c:\programdata\boost_interprocess
2013-09-08 15:48 . 2013-09-08 15:48 -------- d-----w- c:\users\User\AppData\Local\UWebKit
2013-09-08 06:34 . 2013-09-08 06:36 -------- d-----w- c:\users\User\AppData\Roaming\OnLive App
2013-09-06 09:14 . 2013-09-06 09:14 -------- d-----w- c:\users\User\AppData\Roaming\Leawo
2013-09-05 18:12 . 2013-09-05 18:12 -------- d-----w- c:\users\User\AppData\Roaming\The Creative Assembly
2013-09-05 18:03 . 2013-09-05 18:03 -------- d-----w- c:\program files (x86)\Microsoft XNA
2013-09-05 08:24 . 2013-09-05 08:24 162564 ----a-w- c:\windows\Animated Screensaver Maker Uninstaller.exe
2013-09-05 08:24 . 2013-09-05 08:24 -------- d-----w- c:\program files (x86)\Common Files\Thraex Software
2013-09-04 18:29 . 2013-09-04 18:29 -------- d-----w- c:\users\User\AppData\Roaming\Arrowhead
2013-09-04 18:29 . 2013-09-04 18:29 -------- d-----w- c:\windows\9530AE42DAE146199594B23487285D17.TMP
2013-09-04 08:37 . 2013-09-04 08:37 -------- d-----w- c:\programdata\Teorex
2013-09-01 21:56 . 2013-09-01 21:57 -------- d-----w- c:\programdata\Balls
2013-09-01 21:32 . 2013-09-15 08:28 -------- d-----r- c:\users\User\Disk Google
2013-09-01 10:41 . 2013-09-01 10:43 -------- d-----w- C:\AdwCleaner
2013-08-16 14:26 . 2013-08-16 14:26 -------- d-----w- c:\users\User\AppData\Roaming\EPSON
2013-08-16 14:17 . 2013-08-16 14:17 -------- d-----w- c:\programdata\Airline Tycoon 2-Demo
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-14 01:56 . 2013-02-12 14:39 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-14 01:56 . 2013-02-12 14:39 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-12 01:03 . 2013-02-12 14:01 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-13 20:49 . 2013-05-11 22:52 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-08-09 07:36 . 2013-08-09 07:36 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-08-02 01:48 . 2013-09-11 08:06 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-28 17:16 . 2013-07-28 17:16 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-07-28 17:16 . 2013-07-28 17:16 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-07-28 17:16 . 2013-07-28 17:16 121880 ----a-w- c:\windows\system32\OpenAL32.dll
2013-07-28 17:16 . 2013-07-28 17:16 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-07-25 09:25 . 2013-08-14 21:29 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 21:29 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-14 21:29 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 21:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-18 07:48 . 2012-12-15 18:39 6946816 ----a-w- c:\windows\SysWow64\common_res.dll
2013-07-09 05:52 . 2013-08-14 21:29 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-14 21:29 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-14 21:29 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-14 21:29 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-14 21:29 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-14 21:29 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-14 21:29 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-14 21:29 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 21:29 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-14 21:29 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-06 06:03 . 2013-08-14 21:29 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-27 14:59 . 2013-06-27 14:59 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-27 14:59 . 2013-02-18 22:04 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-27 14:59 . 2013-02-18 22:04 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-21 12:06 . 2013-07-02 06:35 925648 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-06-21 12:06 . 2013-07-02 06:35 9239344 ----a-w- c:\windows\system32\nvcuda.dll
2013-06-21 12:06 . 2013-07-02 06:35 7687592 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-06-21 12:06 . 2013-07-02 06:35 7641832 ----a-w- c:\windows\system32\nvopencl.dll
2013-06-21 12:06 . 2013-07-02 06:35 6324360 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-06-21 12:06 . 2013-07-02 06:35 572704 ----a-w- c:\windows\system32\NvFBC64.dll
2013-06-21 12:06 . 2013-07-02 06:35 570656 ----a-w- c:\windows\system32\NvIFR64.dll
2013-06-21 12:06 . 2013-07-02 06:35 467232 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-06-21 12:06 . 2013-07-02 06:35 465184 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-06-21 12:06 . 2013-07-02 06:35 2953504 ----a-w- c:\windows\system32\nvcuvid.dll
2013-06-21 12:06 . 2013-07-02 06:35 2777888 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-06-21 12:06 . 2013-07-02 06:35 266448 ----a-w- c:\windows\system32\nvinitx.dll
2013-06-21 12:06 . 2013-07-02 06:35 2363680 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-06-21 12:06 . 2013-07-02 06:35 218592 ----a-w- c:\windows\system32\nvoglshim64.dll
2013-06-21 12:06 . 2013-07-02 06:35 214448 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-06-21 12:06 . 2013-07-02 06:35 21102368 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-06-21 12:06 . 2013-07-02 06:35 2002720 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-06-21 12:06 . 2013-07-02 06:35 1832224 ----a-w- c:\windows\system32\nvdispco6432049.dll
2013-06-21 12:06 . 2013-07-02 06:35 181488 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2013-06-21 12:06 . 2013-07-02 06:35 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2013-07-02 06:35 15144928 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-06-21 12:06 . 2013-07-02 06:35 1511712 ----a-w- c:\windows\system32\nvdispgenco6432049.dll
2013-06-21 12:06 . 2013-07-02 06:35 13411896 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-06-21 12:06 . 2013-07-02 06:35 11235104 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-06-21 12:06 . 2013-07-02 06:35 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2013-06-21 12:06 . 2013-07-02 06:35 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-06-21 12:06 . 2013-03-27 16:27 27781920 ----a-w- c:\windows\system32\nvoglv64.dll
2013-06-21 12:06 . 2013-02-12 13:25 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-06-21 12:06 . 2013-02-12 13:25 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-06-21 12:06 . 2013-02-12 13:25 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-06-21 12:06 . 2013-02-12 13:25 2597856 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-06-21 12:06 . 2013-02-12 13:25 12427240 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-06-21 12:06 . 2013-02-12 13:25 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-06-21 10:23 . 2013-02-12 13:25 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2013-02-12 13:25 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2013-02-12 13:25 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2013-02-12 13:25 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2013-02-12 13:25 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2013-02-12 13:25 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 03:16 . 2013-06-21 03:16 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-06-20 04:17 . 2013-02-12 13:25 3253909 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{d77aa852-def3-43cb-a3f5-bd679de72f32}]
2013-08-30 03:34 149280 ----a-w- c:\program files (x86)\lucky leap\luckyleapBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files (x86)\ICQ7M\ICQ.exe" [2013-02-15 127040]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-09-06 1811368]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"StartMenuX"="c:\program files\Start Menu X\StartMenuX.exe" [2013-02-19 6342976]
"Backup"="c:\program files (x86)\1-abc\Backup\BKPStarter.exe" [2012-10-05 43184]
"AshSnap"="c:\program files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe" [2013-08-19 3781968]
"Logitech Vid"="c:\program files (x86)\Logitech\Logitech Vid\vid.exe" [2009-07-16 5458704]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-08-01 3673696]
"Zoner Photo Studio Autoupdate"="e:\program files 2\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2013-06-07 774680]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-06-27 20097696]
"Dexpot"="c:\program files (x86)\Dexpot\dexpot.exe" [2013-05-02 1437696]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-09-14 3549528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-08-09 5263504]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"Cobian Backup 11"="c:\program files (x86)\Cobian Backup 11\Cobian.exe" [2013-03-07 720896]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll
.
R2 Bacula-fd;Bacula File Backup Service;c:\program files\Bacula\bacula-fd.exe;c:\program files\Bacula\bacula-fd.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 DfSdkS;Defragmentation-Service;e:\program files 2\Ashampoo HDD Control 2\DfsdkS64.exe;e:\program files 2\Ashampoo HDD Control 2\DfsdkS64.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 CH341SER_A64;CH341SER_A64;c:\windows\system32\Drivers\CH341S64.SYS;c:\windows\SYSNATIVE\Drivers\CH341S64.SYS [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 lowcdc;Low-Speed CDC Transfer Interface;c:\windows\system32\DRIVERS\lowcdc.sys;c:\windows\SYSNATIVE\DRIVERS\lowcdc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB;c:\windows\system32\DRIVERS\vpcuxd.sys;c:\windows\SYSNATIVE\DRIVERS\vpcuxd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 diskpt;diskpt;c:\windows\SYSTEM32\drivers\diskpt.sys;c:\windows\SYSNATIVE\drivers\diskpt.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 Uim_VIM;UIM Virtual Image Plugin;c:\windows\system32\Drivers\uim_vimx64.sys;c:\windows\SYSNATIVE\Drivers\uim_vimx64.sys [x]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [x]
S2 ACT2_Service;Ashampoo Core Tuner 2 Service;e:\program files 2\Ashampoo Core Tuner 2\ACT2Service.exe;e:\program files 2\Ashampoo Core Tuner 2\ACT2Service.exe [x]
S2 ACT2PM;Ashampoo CoreTuner 2 ProcessMonitor Driver;e:\program files 2\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys;e:\program files 2\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [x]
S2 AHDDC2;Ashampoo HDD Control 2 Service;e:\program files 2\Ashampoo HDD Control 2\AHDDC2_Service.exe;e:\program files 2\Ashampoo HDD Control 2\AHDDC2_Service.exe [x]
S2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;c:\program files (x86)\Cobian Backup 11\cbVSCService11.exe;c:\program files (x86)\Cobian Backup 11\cbVSCService11.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Update lucky leap;Update lucky leap;c:\program files (x86)\lucky leap\updateluckyleap.exe;c:\program files (x86)\lucky leap\updateluckyleap.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;c:\windows\system32\DRIVERS\LGSUsbFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSUsbFilt.Sys [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 17:40 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-12 01:56]
.
2013-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-15 10:15]
.
2013-09-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-15 10:15]
.
2013-09-13 c:\windows\Tasks\One-Click Optimizer.job
- e:\program files 2\Ashampoo WinOptimizer 9\WO9.exe [2013-05-29 09:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Shadow Defender Daemon"="c:\program files\Shadow Defender\DefenderDaemon.exe" [2013-04-20 325216]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-04-24 7477016]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-03-21 6330568]
"Ashampoo HDD-Control 2 Guard"="e:\program files 2\Ashampoo HDD Control 2\AHDDC2_Guard.exe" [2012-07-30 3783592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.cz/
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Add to CaptureSaver - c:\program files (x86)\CaptureSaver\\AddFromIE.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\DriverUninstall\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\fraps\fraps.exe
.
**************************************************************************
.
Celkový čas: 2013-09-15 11:11:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-15 09:11
ComboFix2.txt 2013-09-14 03:33
.
Před spuštěním: Volných bajtů: 21 032 562 688
Po spuštění: Volných bajtů: 20 924 321 792
.
- - End Of File - - 74C7204955EC79DED13934BFDEE54F35
A36C5E4F47E84449FF07ED3517B43A31
Esset za chvíli. Udělám to přesto, že používám Smart Esset Seurity
Google ví skoro vše. Ale někdy je problém co tam napsat, aby to našlo to, co hledám.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
-
Speed_dead
- Level 6
- Příspěvky: 3281
- Registrován: duben 10
- Bydliště: Praha
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Havěť - Babylon Search
Něco to našlo:
E:\Home store 1\V?ci z cé?ka\zaloha dokumenty - moznna jsou tu 2x\Odlo?eno z p?enosného HDD\R?zné taky UT\pomoc\R?zné\Teamspeak\ts2_client_rc1.exe probably a variant of Win32/Agent.FONUICX trojan
E:\Home store 1\V?ci z cé?ka\zaloha dokumenty - moznna jsou tu 2x\Odlo?eno z p?enosného HDD\R?zné taky UT\pomoc\R?zné\TS2\ts2_client_rc1.exe probably a variant of Win32/Agent.FONUICX trojan
E:\Home store 1\Záloha my book1 jen to zasadni\Programy\Perfect_Uninstaller_6.3.2\PerfectUninstaller_Setup.exe a variant of Win32/Adware.SpywareCease.AA application
Akorát jsem si nemyslel, že to potrvá skoro 10 hodin.
E:\Home store 1\V?ci z cé?ka\zaloha dokumenty - moznna jsou tu 2x\Odlo?eno z p?enosného HDD\R?zné taky UT\pomoc\R?zné\Teamspeak\ts2_client_rc1.exe probably a variant of Win32/Agent.FONUICX trojan
E:\Home store 1\V?ci z cé?ka\zaloha dokumenty - moznna jsou tu 2x\Odlo?eno z p?enosného HDD\R?zné taky UT\pomoc\R?zné\TS2\ts2_client_rc1.exe probably a variant of Win32/Agent.FONUICX trojan
E:\Home store 1\Záloha my book1 jen to zasadni\Programy\Perfect_Uninstaller_6.3.2\PerfectUninstaller_Setup.exe a variant of Win32/Adware.SpywareCease.AA application
Akorát jsem si nemyslel, že to potrvá skoro 10 hodin.
Google ví skoro vše. Ale někdy je problém co tam napsat, aby to našlo to, co hledám.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43297
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Havěť - Babylon Search
Stále nákazy...
+
c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . nemohl být smazán
c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . nemohl být smazán
+
E:\Home store 1\V?ci z cé?ka\zaloha dokumenty - moznna jsou tu 2x\Odlo?eno z p?enosného HDD\R?zné taky UT\pomoc\R?zné\Teamspeak\ts2_client_rc1.exe probably a variant of Win32/Agent.FONUICX trojan
E:\Home store 1\V?ci z cé?ka\zaloha dokumenty - moznna jsou tu 2x\Odlo?eno z p?enosného HDD\R?zné taky UT\pomoc\R?zné\TS2\ts2_client_rc1.exe probably a variant of Win32/Agent.FONUICX trojan
E:\Home store 1\Záloha my book1 jen to zasadni\Programy\Perfect_Uninstaller_6.3.2\PerfectUninstaller_Setup.exe a variant of Win32/Adware.SpywareCease.AA application
+
c:\users\User\AppData\Local\Temp\_MEI9882
c:\users\User\Desktop\Nová složka (2)\ComboFix.exe
ComboFix.exe vyjmi z té složky , musí být na ploše , ne ve složce!!
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Nákazy smažeme v OTL.
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
+
c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . nemohl být smazán
c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . nemohl být smazán
+
E:\Home store 1\V?ci z cé?ka\zaloha dokumenty - moznna jsou tu 2x\Odlo?eno z p?enosného HDD\R?zné taky UT\pomoc\R?zné\Teamspeak\ts2_client_rc1.exe probably a variant of Win32/Agent.FONUICX trojan
E:\Home store 1\V?ci z cé?ka\zaloha dokumenty - moznna jsou tu 2x\Odlo?eno z p?enosného HDD\R?zné taky UT\pomoc\R?zné\TS2\ts2_client_rc1.exe probably a variant of Win32/Agent.FONUICX trojan
E:\Home store 1\Záloha my book1 jen to zasadni\Programy\Perfect_Uninstaller_6.3.2\PerfectUninstaller_Setup.exe a variant of Win32/Adware.SpywareCease.AA application
+
c:\users\User\AppData\Local\Temp\_MEI9882
c:\users\User\Desktop\Nová složka (2)\ComboFix.exe
ComboFix.exe vyjmi z té složky , musí být na ploše , ne ve složce!!
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Nákazy smažeme v OTL.
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Speed_dead
- Level 6
- Příspěvky: 3281
- Registrován: duben 10
- Bydliště: Praha
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Havěť - Babylon Search
ComboFix.exe vyjmi z té složky , musí být na ploše , ne ve složce!!
Když jsem ho měl na ploše a pustil s nový skriptem, tak na mě vyskočilo okno "Combofix nelze přejmenovat na Combofix(1)"
a to i v nouzovém režimu. Proto jsem ho dal do složky na ploše a tam už to běželo bez potíží. Na ploše jsem další Combofix neměl. Combofix správně funguje jen na ploše?
Google ví skoro vše. Ale někdy je problém co tam napsat, aby to našlo to, co hledám.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Havěť - Babylon Search
Pokud nebude na ploše, tak se neprovede uninstall a taky nekorektně maže...
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
-
Speed_dead
- Level 6
- Příspěvky: 3281
- Registrován: duben 10
- Bydliště: Praha
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Havěť - Babylon Search
:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23516416-A205-43FE-A67A-B87C9411AF87}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll) - C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23516416-A205-43FE-A67A-B87C9411AF87}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll) - C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
Google ví skoro vše. Ale někdy je problém co tam napsat, aby to našlo to, co hledám.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
-
Speed_dead
- Level 6
- Příspěvky: 3281
- Registrován: duben 10
- Bydliště: Praha
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Havěť - Babylon Search
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.09.16 18:44:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
[2013.09.16 18:44:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\FilesFrog Update Checker
[2013.09.16 18:24:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2013.09.16 18:23:19 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.09.16 00:03:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Red Alert 3 Demo
[2013.09.15 12:44:49 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\ZombieDriverHD
[2013.09.15 12:28:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kakuro
[2013.09.15 12:28:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kakuro
[2013.09.15 10:47:28 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Nová složka (2)
[2013.09.14 20:17:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Origin
[2013.09.14 20:17:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Origin
[2013.09.14 20:16:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2013.09.14 20:16:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2013.09.14 20:16:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2013.09.14 20:00:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Criterion Games
[2013.09.14 19:21:26 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Euro Truck Simulator 2
[2013.09.14 18:28:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bink and Smacker
[2013.09.14 18:28:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bink and Smacker
[2013.09.14 18:28:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RADVideo
[2013.09.14 18:16:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoRotator
[2013.09.14 14:48:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Dexpot
[2013.09.14 14:48:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot
[2013.09.14 14:48:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dexpot
[2013.09.14 14:06:01 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Nová složka
[2013.09.14 13:31:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.09.12 17:45:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Animated Wallpaper Maker
[2013.09.12 17:45:34 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Animated Wallpaper Examples
[2013.09.12 03:05:13 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.09.12 03:05:13 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.09.12 03:05:12 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.09.12 03:05:12 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.09.12 03:05:12 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.09.12 03:05:12 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.09.12 03:05:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.09.12 03:05:12 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.09.12 03:05:12 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.09.12 03:05:12 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.09.12 03:05:12 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.09.12 03:05:11 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.09.12 03:05:11 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.09.12 03:05:11 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.09.12 03:05:11 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.09.11 10:06:59 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.09.11 10:06:59 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.09.11 10:06:59 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.09.11 10:06:59 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2013.09.11 10:06:58 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.09.11 10:06:58 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.09.11 10:06:58 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.09.11 10:06:58 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.09.11 10:06:58 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.09.11 10:06:58 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.09.11 10:06:58 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.09.11 10:06:58 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.09.11 10:06:58 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.09.11 10:06:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.09.11 10:06:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.09.11 10:06:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.09.11 10:06:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.09.11 10:06:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.09.11 10:06:58 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.09.11 10:06:58 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2013.09.11 10:06:58 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.09.11 10:06:58 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.09.11 10:06:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.09.11 10:06:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.09.11 10:06:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.09.11 10:06:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.09.11 10:06:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.09.11 10:06:56 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.09.11 00:11:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\MercurySteam
[2013.09.10 21:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2013.09.10 11:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\HiSlider
[2013.09.10 11:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi Slider
[2013.09.09 22:37:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\PunkBuster
[2013.09.08 22:28:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\CUDA
[2013.09.08 22:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free CUDA Video Converter 6
[2013.09.08 22:28:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free CUDA Video Converter 6
[2013.09.08 22:27:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013.09.08 22:27:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\lucky leap
[2013.09.08 21:18:03 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Vir
[2013.09.08 17:48:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\UWebKit
[2013.09.08 17:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013.09.08 09:05:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ainishare
[2013.09.08 08:59:19 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Rayman Legends (Demo)
[2013.09.08 08:35:17 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\OnLive App
[2013.09.08 08:34:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\OnLive App
[2013.09.06 11:14:34 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Leawo
[2013.09.06 11:14:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Leawo
[2013.09.05 20:12:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\The Creative Assembly
[2013.09.05 20:03:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2013.09.05 10:24:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Thraex Software
[2013.09.05 10:24:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Animated Screensaver Maker
[2013.09.05 10:24:16 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Animated Screensaver Examples
[2013.09.04 20:29:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Arrowhead
[2013.09.04 10:37:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Teorex
[2013.09.04 10:37:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FolderIco
[2013.09.03 16:50:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileStream Web Boomerang
[2013.09.01 23:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Balls
[2013.09.01 23:32:34 | 000,000,000 | R--D | C] -- C:\Users\User\Disk Google
[2013.09.01 23:31:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013.09.01 12:41:46 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.01 12:38:27 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\--- Clenan
[2013.08.30 01:29:09 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Pokuta
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.09.16 18:46:42 | 000,049,728 | ---- | M] () -- C:\Users\User\Documents\cc_20130916_184637.reg
[2013.09.16 18:45:54 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.09.16 18:40:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.09.16 18:24:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2013.09.16 18:23:24 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.09.16 17:56:49 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.16 17:56:49 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.16 17:56:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.09.16 17:53:57 | 003,073,826 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.09.16 17:53:57 | 001,470,196 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.09.16 17:53:57 | 000,977,374 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.09.16 17:53:57 | 000,906,488 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.09.16 17:53:57 | 000,006,248 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.09.16 17:49:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.15 21:14:49 | 000,051,469 | ---- | M] () -- C:\Users\User\Documents\Eset2.jpg
[2013.09.15 21:10:08 | 000,053,975 | ---- | M] () -- C:\Users\User\Documents\Eset.jpg
[2013.09.15 11:10:07 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.09.14 23:37:21 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013.09.14 23:23:37 | 000,007,611 | ---- | M] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2013.09.14 23:04:11 | 000,007,168 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.09.14 20:16:48 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.09.14 18:48:10 | 000,072,183 | ---- | M] () -- C:\Users\User\Documents\MOV.jpg
[2013.09.14 18:16:43 | 000,000,666 | ---- | M] () -- C:\Users\Public\Desktop\Video Rotator.lnk
[2013.09.14 17:46:20 | 000,000,933 | ---- | M] () -- C:\Users\User\Desktop\Steam.lnk
[2013.09.14 14:29:39 | 000,435,601 | ---- | M] () -- C:\Users\User\Documents\Skript5.jpg
[2013.09.14 14:29:00 | 000,095,379 | ---- | M] () -- C:\Users\User\Documents\Skript4.jpg
[2013.09.14 13:37:59 | 000,100,229 | ---- | M] () -- C:\Users\User\Documents\Ashampoo_Snap_2013.09.14_13h37m49s_001_Kaspersky Virus Removal Tool.jpg
[2013.09.14 03:56:16 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.09.14 03:56:16 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.09.13 16:17:56 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\One-Click Optimizer.job
[2013.09.12 17:45:35 | 000,162,379 | ---- | M] () -- C:\Windows\Animated Wallpaper Maker Uninstaller.exe
[2013.09.12 03:21:46 | 000,441,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.09.10 23:08:16 | 000,032,063 | ---- | M] () -- C:\Users\User\Documents\Tray.jpg
[2013.09.09 22:37:15 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.09.09 22:37:15 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.09.09 22:35:56 | 000,618,752 | ---- | M] () -- C:\Users\User\Documents\Ashampoo_Snap_2013.09.09_22h35m40s_003_.jpg
[2013.09.09 22:34:18 | 000,282,512 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.09.09 22:34:18 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.09.05 10:24:17 | 000,162,564 | ---- | M] () -- C:\Windows\Animated Screensaver Maker Uninstaller.exe
[2013.08.31 09:23:31 | 000,000,851 | ---- | M] () -- C:\Users\User\Desktop\UnrealTournament.lnk
[2013.08.29 14:59:10 | 000,000,108 | ---- | M] () -- C:\Users\User\Zajímavý elektroweb.url
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.09.16 18:46:39 | 000,049,728 | ---- | C] () -- C:\Users\User\Documents\cc_20130916_184637.reg
[2013.09.16 18:45:54 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.09.15 21:14:49 | 000,051,469 | ---- | C] () -- C:\Users\User\Documents\Eset2.jpg
[2013.09.15 21:10:08 | 000,053,975 | ---- | C] () -- C:\Users\User\Documents\Eset.jpg
[2013.09.14 20:16:48 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.09.14 18:48:09 | 000,072,183 | ---- | C] () -- C:\Users\User\Documents\MOV.jpg
[2013.09.14 18:16:43 | 000,000,666 | ---- | C] () -- C:\Users\Public\Desktop\Video Rotator.lnk
[2013.09.14 17:46:20 | 000,000,933 | ---- | C] () -- C:\Users\User\Desktop\Steam.lnk
[2013.09.14 14:29:39 | 000,435,601 | ---- | C] () -- C:\Users\User\Documents\Skript5.jpg
[2013.09.14 14:29:00 | 000,095,379 | ---- | C] () -- C:\Users\User\Documents\Skript4.jpg
[2013.09.14 13:37:59 | 000,100,229 | ---- | C] () -- C:\Users\User\Documents\Ashampoo_Snap_2013.09.14_13h37m49s_001_Kaspersky Virus Removal Tool.jpg
[2013.09.12 17:45:35 | 000,162,379 | ---- | C] () -- C:\Windows\Animated Wallpaper Maker Uninstaller.exe
[2013.09.10 23:07:08 | 000,032,063 | ---- | C] () -- C:\Users\User\Documents\Tray.jpg
[2013.09.09 22:37:15 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.09.09 22:35:56 | 000,618,752 | ---- | C] () -- C:\Users\User\Documents\Ashampoo_Snap_2013.09.09_22h35m40s_003_.jpg
[2013.09.09 22:34:18 | 000,282,512 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.09.09 22:34:18 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.09.09 22:34:18 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.09.05 10:24:16 | 000,162,564 | ---- | C] () -- C:\Windows\Animated Screensaver Maker Uninstaller.exe
[2013.08.29 14:58:57 | 000,000,108 | ---- | C] () -- C:\Users\User\Zajímavý elektroweb.url
[2013.08.15 10:11:53 | 000,000,141 | ---- | C] () -- C:\Users\User\Hvězdná strategie free.url
[2013.06.11 19:21:44 | 000,007,611 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2013.06.09 01:18:21 | 000,007,168 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.25 16:43:40 | 000,290,904 | ---- | C] () -- C:\Windows\SysWow64\vc6-re200l.dll
[2013.05.01 23:47:37 | 000,000,000 | ---- | C] () -- C:\Windows\diskpt.dat
[2013.03.20 17:53:07 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\ZLIB.DLL
[2013.02.24 11:07:32 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xwsindex.exe
[2013.02.15 15:04:58 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2013.02.15 15:04:58 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2013.02.15 15:04:58 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2013.02.15 15:04:58 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2013.02.15 15:04:58 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2013.02.15 15:04:58 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2013.02.15 15:04:58 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2013.02.15 15:04:58 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2013.02.15 15:04:58 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2013.02.15 15:04:58 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2013.02.15 15:04:58 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2013.02.15 15:04:58 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2013.02.15 15:04:58 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2013.02.15 15:04:58 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2013.02.15 15:04:58 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2013.02.15 15:04:58 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2013.02.15 15:04:58 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2013.02.15 15:04:58 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2013.02.15 15:04:58 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2013.02.12 14:50:45 | 001,554,840 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.02.12 14:48:30 | 000,000,090 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.12.15 20:39:34 | 006,946,816 | ---- | C] () -- C:\Windows\SysWow64\common_res.dll
[2012.12.05 11:07:10 | 000,315,392 | ---- | C] () -- C:\Windows\SysWow64\EMRegSys.dll
[2012.07.17 15:22:04 | 000,179,200 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.07.03 03:28:06 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.05.22 01:28:58 | 000,155,648 | ---- | C] () -- C:\Windows\SysWow64\mlc.dll
[2012.04.20 14:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.12.08 06:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 05:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.04.10 06:00:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\1-abc
[2013.07.28 19:59:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Alawar
[2013.08.04 17:24:56 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AlderGames
[2013.04.20 16:03:41 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Anvsoft
[2013.04.04 01:40:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Arduino
[2013.09.04 20:29:30 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Arrowhead
[2013.02.15 15:27:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ashampoo
[2013.06.26 10:45:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ashampoo Slideshow Studio 2012
[2013.06.26 10:47:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ashampoo Slideshow Studio 2013
[2013.05.28 23:16:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Atari
[2013.04.29 19:37:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Atmel
[2013.02.24 11:04:36 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\CadSoft
[2013.03.19 19:42:34 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\CaptureSaver
[2013.09.08 22:28:49 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\CUDA
[2013.08.09 18:53:10 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite
[2013.05.11 12:32:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DesignSpark PCB
[2013.09.14 14:48:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Dexpot
[2013.07.20 12:25:47 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DikobrazGames
[2013.09.16 18:23:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Dropbox
[2013.05.29 10:17:41 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\EMCO
[2013.07.06 09:21:14 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Engelmann Media
[2013.04.15 23:24:58 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Enplase
[2013.08.16 16:26:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\EPSON
[2013.05.27 18:57:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ESET
[2013.02.28 21:39:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Fatshark
[2013.02.27 21:52:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\HoolappForAndroid
[2013.09.16 18:26:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ICQ
[2013.06.03 10:07:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\iRecordMax Sound Recorder
[2013.03.10 12:19:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\IrfanView
[2013.08.10 10:04:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\KC Softwares
[2013.04.30 23:24:56 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\LAVA SoftWorks
[2013.05.12 00:52:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2013.09.06 11:14:34 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leawo
[2013.03.20 17:53:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Likno Software
[2013.03.17 16:57:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Magic Landscape Filter
[2013.06.04 22:45:03 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MCS Electronics
[2013.08.13 23:35:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Milestone
[2013.05.28 19:00:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Obsidium
[2013.09.08 08:36:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OnLive App
[2013.09.14 20:17:20 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Origin
[2013.05.08 09:07:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PearlMountain
[2013.06.27 20:36:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Presentation Assistant
[2013.05.16 18:18:18 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ProcessLasso
[2013.09.16 00:04:01 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Red Alert 3 Demo
[2013.03.05 02:08:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Seznam.cz
[2013.08.05 18:47:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SoftMaker
[2013.07.15 09:15:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SpaceMonger
[2013.02.22 01:47:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\StartMenuX
[2013.03.24 23:41:45 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Subversion
[2013.03.22 20:17:36 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SuperEasy Software
[2013.09.05 20:12:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\The Creative Assembly
[2013.04.07 22:23:03 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TreeCardGames
[2013.02.18 02:22:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TuneUp Software
[2013.02.15 16:28:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Unigraphics Solutions
[2013.03.10 12:37:43 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\uTorrent
[2013.06.05 11:53:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\VisualAssistAtmel
[2013.06.06 19:22:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Wargaming.net
[2013.06.07 00:29:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Win7codecs
[2013.06.19 23:25:45 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Zoner
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 187 bytes -> C:\ProgramData\TEMP:0A8E2C33
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:76650B61
< End of report >
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.09.16 18:44:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
[2013.09.16 18:44:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\FilesFrog Update Checker
[2013.09.16 18:24:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2013.09.16 18:23:19 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.09.16 00:03:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Red Alert 3 Demo
[2013.09.15 12:44:49 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\ZombieDriverHD
[2013.09.15 12:28:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kakuro
[2013.09.15 12:28:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kakuro
[2013.09.15 10:47:28 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Nová složka (2)
[2013.09.14 20:17:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Origin
[2013.09.14 20:17:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Origin
[2013.09.14 20:16:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2013.09.14 20:16:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2013.09.14 20:16:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2013.09.14 20:00:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Criterion Games
[2013.09.14 19:21:26 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Euro Truck Simulator 2
[2013.09.14 18:28:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bink and Smacker
[2013.09.14 18:28:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bink and Smacker
[2013.09.14 18:28:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RADVideo
[2013.09.14 18:16:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoRotator
[2013.09.14 14:48:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Dexpot
[2013.09.14 14:48:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot
[2013.09.14 14:48:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dexpot
[2013.09.14 14:06:01 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Nová složka
[2013.09.14 13:31:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.09.12 17:45:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Animated Wallpaper Maker
[2013.09.12 17:45:34 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Animated Wallpaper Examples
[2013.09.12 03:05:13 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.09.12 03:05:13 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.09.12 03:05:12 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.09.12 03:05:12 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.09.12 03:05:12 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.09.12 03:05:12 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.09.12 03:05:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.09.12 03:05:12 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.09.12 03:05:12 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.09.12 03:05:12 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.09.12 03:05:12 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.09.12 03:05:11 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.09.12 03:05:11 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.09.12 03:05:11 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.09.12 03:05:11 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.09.11 10:06:59 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.09.11 10:06:59 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.09.11 10:06:59 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.09.11 10:06:59 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2013.09.11 10:06:58 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.09.11 10:06:58 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.09.11 10:06:58 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.09.11 10:06:58 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.09.11 10:06:58 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.09.11 10:06:58 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.09.11 10:06:58 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.09.11 10:06:58 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.09.11 10:06:58 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.09.11 10:06:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.09.11 10:06:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.09.11 10:06:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.09.11 10:06:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.09.11 10:06:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.09.11 10:06:58 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.09.11 10:06:58 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2013.09.11 10:06:58 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.09.11 10:06:58 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.09.11 10:06:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.09.11 10:06:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.09.11 10:06:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.09.11 10:06:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.09.11 10:06:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.09.11 10:06:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.09.11 10:06:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.09.11 10:06:56 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.09.11 00:11:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\MercurySteam
[2013.09.10 21:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2013.09.10 11:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\HiSlider
[2013.09.10 11:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi Slider
[2013.09.09 22:37:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\PunkBuster
[2013.09.08 22:28:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\CUDA
[2013.09.08 22:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free CUDA Video Converter 6
[2013.09.08 22:28:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free CUDA Video Converter 6
[2013.09.08 22:27:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013.09.08 22:27:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\lucky leap
[2013.09.08 21:18:03 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Vir
[2013.09.08 17:48:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\UWebKit
[2013.09.08 17:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013.09.08 09:05:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ainishare
[2013.09.08 08:59:19 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Rayman Legends (Demo)
[2013.09.08 08:35:17 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\OnLive App
[2013.09.08 08:34:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\OnLive App
[2013.09.06 11:14:34 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Leawo
[2013.09.06 11:14:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Leawo
[2013.09.05 20:12:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\The Creative Assembly
[2013.09.05 20:03:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2013.09.05 10:24:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Thraex Software
[2013.09.05 10:24:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Animated Screensaver Maker
[2013.09.05 10:24:16 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Animated Screensaver Examples
[2013.09.04 20:29:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Arrowhead
[2013.09.04 10:37:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Teorex
[2013.09.04 10:37:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FolderIco
[2013.09.03 16:50:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileStream Web Boomerang
[2013.09.01 23:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Balls
[2013.09.01 23:32:34 | 000,000,000 | R--D | C] -- C:\Users\User\Disk Google
[2013.09.01 23:31:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013.09.01 12:41:46 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.01 12:38:27 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\--- Clenan
[2013.08.30 01:29:09 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Pokuta
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.09.16 18:46:42 | 000,049,728 | ---- | M] () -- C:\Users\User\Documents\cc_20130916_184637.reg
[2013.09.16 18:45:54 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.09.16 18:40:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.09.16 18:24:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2013.09.16 18:23:24 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.09.16 17:56:49 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.16 17:56:49 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.16 17:56:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.09.16 17:53:57 | 003,073,826 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.09.16 17:53:57 | 001,470,196 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.09.16 17:53:57 | 000,977,374 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.09.16 17:53:57 | 000,906,488 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.09.16 17:53:57 | 000,006,248 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.09.16 17:49:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.15 21:14:49 | 000,051,469 | ---- | M] () -- C:\Users\User\Documents\Eset2.jpg
[2013.09.15 21:10:08 | 000,053,975 | ---- | M] () -- C:\Users\User\Documents\Eset.jpg
[2013.09.15 11:10:07 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.09.14 23:37:21 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2013.09.14 23:23:37 | 000,007,611 | ---- | M] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2013.09.14 23:04:11 | 000,007,168 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.09.14 20:16:48 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.09.14 18:48:10 | 000,072,183 | ---- | M] () -- C:\Users\User\Documents\MOV.jpg
[2013.09.14 18:16:43 | 000,000,666 | ---- | M] () -- C:\Users\Public\Desktop\Video Rotator.lnk
[2013.09.14 17:46:20 | 000,000,933 | ---- | M] () -- C:\Users\User\Desktop\Steam.lnk
[2013.09.14 14:29:39 | 000,435,601 | ---- | M] () -- C:\Users\User\Documents\Skript5.jpg
[2013.09.14 14:29:00 | 000,095,379 | ---- | M] () -- C:\Users\User\Documents\Skript4.jpg
[2013.09.14 13:37:59 | 000,100,229 | ---- | M] () -- C:\Users\User\Documents\Ashampoo_Snap_2013.09.14_13h37m49s_001_Kaspersky Virus Removal Tool.jpg
[2013.09.14 03:56:16 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.09.14 03:56:16 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.09.13 16:17:56 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\One-Click Optimizer.job
[2013.09.12 17:45:35 | 000,162,379 | ---- | M] () -- C:\Windows\Animated Wallpaper Maker Uninstaller.exe
[2013.09.12 03:21:46 | 000,441,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.09.10 23:08:16 | 000,032,063 | ---- | M] () -- C:\Users\User\Documents\Tray.jpg
[2013.09.09 22:37:15 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.09.09 22:37:15 | 000,281,688 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.09.09 22:35:56 | 000,618,752 | ---- | M] () -- C:\Users\User\Documents\Ashampoo_Snap_2013.09.09_22h35m40s_003_.jpg
[2013.09.09 22:34:18 | 000,282,512 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.09.09 22:34:18 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.09.05 10:24:17 | 000,162,564 | ---- | M] () -- C:\Windows\Animated Screensaver Maker Uninstaller.exe
[2013.08.31 09:23:31 | 000,000,851 | ---- | M] () -- C:\Users\User\Desktop\UnrealTournament.lnk
[2013.08.29 14:59:10 | 000,000,108 | ---- | M] () -- C:\Users\User\Zajímavý elektroweb.url
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.09.16 18:46:39 | 000,049,728 | ---- | C] () -- C:\Users\User\Documents\cc_20130916_184637.reg
[2013.09.16 18:45:54 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.09.15 21:14:49 | 000,051,469 | ---- | C] () -- C:\Users\User\Documents\Eset2.jpg
[2013.09.15 21:10:08 | 000,053,975 | ---- | C] () -- C:\Users\User\Documents\Eset.jpg
[2013.09.14 20:16:48 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2013.09.14 18:48:09 | 000,072,183 | ---- | C] () -- C:\Users\User\Documents\MOV.jpg
[2013.09.14 18:16:43 | 000,000,666 | ---- | C] () -- C:\Users\Public\Desktop\Video Rotator.lnk
[2013.09.14 17:46:20 | 000,000,933 | ---- | C] () -- C:\Users\User\Desktop\Steam.lnk
[2013.09.14 14:29:39 | 000,435,601 | ---- | C] () -- C:\Users\User\Documents\Skript5.jpg
[2013.09.14 14:29:00 | 000,095,379 | ---- | C] () -- C:\Users\User\Documents\Skript4.jpg
[2013.09.14 13:37:59 | 000,100,229 | ---- | C] () -- C:\Users\User\Documents\Ashampoo_Snap_2013.09.14_13h37m49s_001_Kaspersky Virus Removal Tool.jpg
[2013.09.12 17:45:35 | 000,162,379 | ---- | C] () -- C:\Windows\Animated Wallpaper Maker Uninstaller.exe
[2013.09.10 23:07:08 | 000,032,063 | ---- | C] () -- C:\Users\User\Documents\Tray.jpg
[2013.09.09 22:37:15 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.09.09 22:35:56 | 000,618,752 | ---- | C] () -- C:\Users\User\Documents\Ashampoo_Snap_2013.09.09_22h35m40s_003_.jpg
[2013.09.09 22:34:18 | 000,282,512 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.09.09 22:34:18 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.09.09 22:34:18 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.09.05 10:24:16 | 000,162,564 | ---- | C] () -- C:\Windows\Animated Screensaver Maker Uninstaller.exe
[2013.08.29 14:58:57 | 000,000,108 | ---- | C] () -- C:\Users\User\Zajímavý elektroweb.url
[2013.08.15 10:11:53 | 000,000,141 | ---- | C] () -- C:\Users\User\Hvězdná strategie free.url
[2013.06.11 19:21:44 | 000,007,611 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2013.06.09 01:18:21 | 000,007,168 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.25 16:43:40 | 000,290,904 | ---- | C] () -- C:\Windows\SysWow64\vc6-re200l.dll
[2013.05.01 23:47:37 | 000,000,000 | ---- | C] () -- C:\Windows\diskpt.dat
[2013.03.20 17:53:07 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\ZLIB.DLL
[2013.02.24 11:07:32 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xwsindex.exe
[2013.02.15 15:04:58 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2013.02.15 15:04:58 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2013.02.15 15:04:58 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2013.02.15 15:04:58 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2013.02.15 15:04:58 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2013.02.15 15:04:58 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2013.02.15 15:04:58 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2013.02.15 15:04:58 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2013.02.15 15:04:58 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2013.02.15 15:04:58 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2013.02.15 15:04:58 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2013.02.15 15:04:58 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2013.02.15 15:04:58 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2013.02.15 15:04:58 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2013.02.15 15:04:58 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2013.02.15 15:04:58 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2013.02.15 15:04:58 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2013.02.15 15:04:58 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2013.02.15 15:04:58 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2013.02.12 14:50:45 | 001,554,840 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.02.12 14:48:30 | 000,000,090 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.12.15 20:39:34 | 006,946,816 | ---- | C] () -- C:\Windows\SysWow64\common_res.dll
[2012.12.05 11:07:10 | 000,315,392 | ---- | C] () -- C:\Windows\SysWow64\EMRegSys.dll
[2012.07.17 15:22:04 | 000,179,200 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.07.03 03:28:06 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.05.22 01:28:58 | 000,155,648 | ---- | C] () -- C:\Windows\SysWow64\mlc.dll
[2012.04.20 14:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.12.08 06:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 05:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.04.10 06:00:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\1-abc
[2013.07.28 19:59:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Alawar
[2013.08.04 17:24:56 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AlderGames
[2013.04.20 16:03:41 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Anvsoft
[2013.04.04 01:40:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Arduino
[2013.09.04 20:29:30 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Arrowhead
[2013.02.15 15:27:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ashampoo
[2013.06.26 10:45:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ashampoo Slideshow Studio 2012
[2013.06.26 10:47:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ashampoo Slideshow Studio 2013
[2013.05.28 23:16:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Atari
[2013.04.29 19:37:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Atmel
[2013.02.24 11:04:36 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\CadSoft
[2013.03.19 19:42:34 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\CaptureSaver
[2013.09.08 22:28:49 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\CUDA
[2013.08.09 18:53:10 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite
[2013.05.11 12:32:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DesignSpark PCB
[2013.09.14 14:48:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Dexpot
[2013.07.20 12:25:47 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DikobrazGames
[2013.09.16 18:23:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Dropbox
[2013.05.29 10:17:41 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\EMCO
[2013.07.06 09:21:14 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Engelmann Media
[2013.04.15 23:24:58 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Enplase
[2013.08.16 16:26:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\EPSON
[2013.05.27 18:57:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ESET
[2013.02.28 21:39:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Fatshark
[2013.02.27 21:52:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\HoolappForAndroid
[2013.09.16 18:26:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ICQ
[2013.06.03 10:07:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\iRecordMax Sound Recorder
[2013.03.10 12:19:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\IrfanView
[2013.08.10 10:04:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\KC Softwares
[2013.04.30 23:24:56 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\LAVA SoftWorks
[2013.05.12 00:52:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2013.09.06 11:14:34 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leawo
[2013.03.20 17:53:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Likno Software
[2013.03.17 16:57:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Magic Landscape Filter
[2013.06.04 22:45:03 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MCS Electronics
[2013.08.13 23:35:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Milestone
[2013.05.28 19:00:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Obsidium
[2013.09.08 08:36:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OnLive App
[2013.09.14 20:17:20 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Origin
[2013.05.08 09:07:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PearlMountain
[2013.06.27 20:36:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Presentation Assistant
[2013.05.16 18:18:18 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ProcessLasso
[2013.09.16 00:04:01 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Red Alert 3 Demo
[2013.03.05 02:08:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Seznam.cz
[2013.08.05 18:47:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SoftMaker
[2013.07.15 09:15:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SpaceMonger
[2013.02.22 01:47:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\StartMenuX
[2013.03.24 23:41:45 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Subversion
[2013.03.22 20:17:36 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SuperEasy Software
[2013.09.05 20:12:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\The Creative Assembly
[2013.04.07 22:23:03 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TreeCardGames
[2013.02.18 02:22:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TuneUp Software
[2013.02.15 16:28:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Unigraphics Solutions
[2013.03.10 12:37:43 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\uTorrent
[2013.06.05 11:53:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\VisualAssistAtmel
[2013.06.06 19:22:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Wargaming.net
[2013.06.07 00:29:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Win7codecs
[2013.06.19 23:25:45 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Zoner
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 187 bytes -> C:\ProgramData\TEMP:0A8E2C33
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:76650B61
< End of report >
Google ví skoro vše. Ale někdy je problém co tam napsat, aby to našlo to, co hledám.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
-
Speed_dead
- Level 6
- Příspěvky: 3281
- Registrován: duben 10
- Bydliště: Praha
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Havěť - Babylon Search
OTL Extras logfile created on: 16.9.2013 18:47:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,96 Gb Total Physical Memory | 6,15 Gb Available Physical Memory | 77,23% Memory free
15,92 Gb Paging File | 14,18 Gb Available in Paging File | 89,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 25,18 Gb Free Space | 22,55% Space Free | Partition Type: NTFS
Drive E: | 2794,39 Gb Total Space | 1704,56 Gb Free Space | 61,00% Space Free | Partition Type: NTFS
Drive J: | 1,19 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: SPEEDEAD | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [icomancer_imbue] -- "C:\Program Files (x86)\icomancer\icomancer.exe" /imbue "%1" (LAVA SoftWorks)
Directory [icomancer_remove] -- "C:\Program Files (x86)\icomancer\icomancer.exe" /nosplash /remove "%1" (LAVA SoftWorks)
Directory [SpaceMonger] -- "E:\Program FIles 2\SpaceMonger\SpaceMonger.exe" ; show-free-space false ; show-system-space false ; set-root "%l" (Sixty-Five Software, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [icomancer_imbue] -- "C:\Program Files (x86)\icomancer\icomancer.exe" /imbue "%1" (LAVA SoftWorks)
Directory [icomancer_remove] -- "C:\Program Files (x86)\icomancer\icomancer.exe" /nosplash /remove "%1" (LAVA SoftWorks)
Directory [SpaceMonger] -- "E:\Program FIles 2\SpaceMonger\SpaceMonger.exe" ; show-free-space false ; show-system-space false ; set-root "%l" (Sixty-Five Software, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C852675-5C43-4028-A7C3-35FC53673042}" = lport=12972 | protocol=6 | dir=in | name=audials localhttpserver 12972 |
"{0F564492-87F4-4FBA-BED3-2B9FD2998BB4}" = rport=445 | protocol=6 | dir=out | app=system |
"{11233ADE-9909-4CA9-9789-6D5C2A7DE5E3}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{1B26419C-E8E4-4F37-AE76-885F4C848F0A}" = lport=445 | protocol=6 | dir=in | app=system |
"{1BACDB9C-F74D-4EC5-A0D2-CB317185B3ED}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3A3D49B7-616C-4842-803D-60D20190BDDA}" = lport=14714 | protocol=6 | dir=in | name=audials localhttpserver 14714 |
"{4380B1D3-D0D6-419B-9F04-13F3AF8E0ADB}" = lport=137 | protocol=17 | dir=in | app=system |
"{52308A72-2EFF-4385-A3AF-F06AF6E61C27}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{525B8DAF-CB90-4E1F-ABE9-6C8F7648FDF9}" = lport=138 | protocol=17 | dir=in | app=system |
"{68142A32-89B4-4E9D-B9E6-C73311F3D8A8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9179A144-7FCF-4852-A02D-D7D99FBC1B05}" = rport=139 | protocol=6 | dir=out | app=system |
"{9CD88D47-00E3-4A84-869E-6C83A14C4E25}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A0155D65-3087-461F-8E48-A11A86B312E4}" = lport=31931 | protocol=6 | dir=in | name=audials localhttpserver 31931 |
"{A3D1FDC7-9667-41B8-BA36-CC73A6A84FFC}" = rport=137 | protocol=17 | dir=out | app=system |
"{A4EC6F47-B611-47A1-875D-925FD9E6E2F4}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{BB9F790E-A881-4C0B-A67D-56D524C10E45}" = lport=139 | protocol=6 | dir=in | app=system |
"{BBBC4B6F-DC94-4F20-B245-A5A90184D8FE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E8EB9140-5175-4426-B9F7-C850C9008FFB}" = rport=138 | protocol=17 | dir=out | app=system |
"{F9787E62-968D-4486-9B8E-E33AE6960688}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08468D92-740F-4271-AAF5-02C51DF61BF1}" = dir=in | app=c:\program files (x86)\audials\audials 10\audials.exe |
"{084F0807-4B84-426B-9CF9-5D8DF7110912}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"{09797042-4690-42E6-B836-D465AE93CD8F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\townsdemo\towns.exe |
"{0B265429-CCCA-4BE2-B571-1057BA310B77}" = protocol=17 | dir=in | app=e:\steam2\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{1586C2F3-9F98-4871-9B72-C1816178CEBC}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{178A795B-6DEB-42CD-B59F-AB8F58AA1CFA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{19375F81-B236-4780-9B3D-2110F7FE3169}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1FA292C6-CD5E-420E-9615-4C636CE0007A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{23873414-A34F-44B5-AD9B-A122D56F7B14}" = protocol=17 | dir=in | app=e:\program files 2\pinacle 14\programs\rm.exe |
"{273BE996-D02C-42C0-AEE0-1251952A0232}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{27BD9883-BEE8-4472-A604-06F3A1162133}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{292D5D53-9BE1-4293-967C-43D5B71E0B36}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\duke nukem 3d\bin\duke3d.exe |
"{29842123-E390-46E3-B9EA-913BBED616E6}" = protocol=6 | dir=in | app=e:\program files 2\pinacle 14\programs\rm.exe |
"{2AA12A32-44E7-4EC6-AE30-689B45A9DFE3}" = protocol=6 | dir=in | app=e:\program files 2\pinacle 14\programs\umi.exe |
"{2BABF581-A653-4147-A6F8-4F4BC85067D7}" = protocol=17 | dir=in | app=e:\steam2\far cry 3 blood dragon\bin\fc3bdupdater.exe |
"{31A9D3EC-8B26-4A2B-89E6-22DEDC30E465}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{32C74343-D610-45E3-99B1-A42AD366463B}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{39A49D46-8056-4AF8-87DD-8AEC5BC16477}" = protocol=17 | dir=in | app=e:\program files 2\pinacle 14\programs\umi.exe |
"{3AE06E1C-F9C6-499E-82C3-1A7F27E9A4ED}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{3CBE7179-062E-4E2F-AD55-37378E2E675C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\duke nukem 3d\bin\dosbox\dosbox.exe |
"{3D0F4075-83A5-46DB-BBA5-A4BDA5FE954D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{484BD82D-998A-48BF-AB67-ADF0E15A0D41}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{495D0C87-218D-4C5C-9F5A-63055AF78900}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{495EE438-4AE3-41E1-894B-5E65CD9A294F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4E247800-6E09-4D74-BC90-A528331B1C46}" = protocol=6 | dir=in | app=e:\steam2\steamapps\common\far cry 3\bin\farcry3.exe |
"{51EBC1B1-8622-428B-A51A-91CC01D1866A}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\utorrent\utorrent.exe |
"{54D5A870-FA8B-48A3-8F3C-1D52FDAA59AA}" = protocol=6 | dir=in | app=e:\steam2\race driver grid\grid.exe |
"{590A70F3-E93D-4A3F-BC61-7B0A9628278E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5D8030DF-D7A4-4D98-A106-5BB0A585325D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\duke nukem 3d\bin\dosbox\dosbox.exe |
"{5DA440B6-D7F4-4D9E-A426-7F9226982183}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{67FB7B23-8DAF-4A5D-AB1D-DE57AC16FE69}" = protocol=17 | dir=in | app=e:\steam2\race driver grid\grid.exe |
"{6B3AB897-8388-4B52-8CC3-0BDE5735B311}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ultratron\ultratron.exe |
"{794FDEA9-D7DF-4E39-ACA2-BDC7F3509EFF}" = protocol=6 | dir=in | app=e:\steam2\far cry 3 blood dragon\bin\fc3_blooddragon.exe |
"{80DC3F96-8A4B-43CB-8B01-6684815BE5E8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{839B3753-35EF-473C-90B8-3E6447A18AB9}" = protocol=6 | dir=in | app=e:\steam2\far cry 3 blood dragon\bin\fc3bdupdater.exe |
"{8D6F30A6-6F72-4B07-BE9B-C5A88AF6A172}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ultratron\ultratron.exe |
"{97673F09-5FAF-4709-8A9A-810E5AFBC519}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{9C335F74-32A1-40A1-9BC3-2FF123350028}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ultratron\ultratron.exe |
"{A2C95776-D59E-43DE-9C9E-947F6677CDAA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A30515D9-BF57-4D13-B45F-B50C2CC15DE7}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"{A9887474-1ED3-48F8-BDB1-0D72633B3CF9}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{ABA4ADDF-DC40-4F34-B5CB-93D4F89C60BE}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\utorrent\utorrent.exe |
"{B5D8E711-C832-483D-A60C-A880462181C5}" = protocol=17 | dir=in | app=e:\steam2\far cry 3 blood dragon\bin\fc3_blooddragon.exe |
"{B6490291-0EEA-4455-B41A-A7B7637CE363}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B9B6B106-3908-4A37-BF6A-6E6173AD5DED}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BEBA4D60-8158-4701-928A-E393AA22D3EB}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{BEED4101-FD96-4CAB-98FD-474CD12E5435}" = protocol=17 | dir=in | app=e:\steam2\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe |
"{C4F6B1BB-5E37-4024-97DF-6DBB003D83B8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{CF09BF4D-67E9-4116-B23C-CC902BB854CC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DC738213-0E49-4E59-A02B-B644DAC5C347}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ultratron\ultratron.exe |
"{E5EF17DC-EFE1-4CC0-BD6D-2682E0925E71}" = protocol=6 | dir=in | app=e:\steam2\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe |
"{F036D1CF-3F84-4875-A57F-56C879CD4015}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\townsdemo\towns.exe |
"{F4D8E0C5-AABC-4111-AD59-8C0EEDA74FA9}" = protocol=17 | dir=in | app=e:\steam2\steamapps\common\far cry 3\bin\farcry3.exe |
"{F5AE564C-2E26-4362-8A6F-5FD976F0F3B3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\duke nukem 3d\bin\duke3d.exe |
"{F72A1556-C9FA-4E39-B6DD-50824E3BA655}" = protocol=6 | dir=in | app=e:\steam2\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{F7C1346E-4A56-4196-8EBF-5098247730CF}" = protocol=17 | dir=in | app=e:\program files 2\pinacle 14\programs\studio.exe |
"{FA575305-6D7B-442A-8040-E117173871FB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FBAC9026-E26C-4EB0-8631-E6A6970E5569}" = protocol=6 | dir=in | app=e:\program files 2\pinacle 14\programs\studio.exe |
"TCP Query User{1B1187CD-BFAD-46A8-BF69-7F357160370A}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{65036220-83D7-4BD0-B500-F3E6B33F7A32}C:\windows\syswow64\java.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\java.exe |
"TCP Query User{8AE9E7B4-762D-4ABE-A389-E40216344831}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{18F6EB28-54B0-4F09-9451-79CF0A326542}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{1B305343-B141-41F1-BA56-D4D26224D997}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{FDD55777-CDC1-4485-A949-E10FC894AECA}C:\windows\syswow64\java.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\java.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Prostředí Windows XP Mode
"{14297226-E0A0-3781-8911-E9D529552663}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E3CA1C4-1E90-401B-8CC0-911DF018D8D8}" = AllWebMenus PRO 5.3.908
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{22C37D82-6137-40BF-8625-7A846ED65F3A}_is1" = FolderIco 1.0
"{26A24AE4-039D-4CA4-87B4-2F86417013FF}" = Java 7 Update 13 (64-bit)
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{3E494002-985C-4908-B72C-5B4DD15BE090}_is1" = Start Menu X verze 4.66
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{85153CE3-6356-407F-A672-C1FA085FB031}" = JLink OB CDC Driver Package
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E2D6BBF-8372-4B53-B006-E24DCE64753A}_is1" = PT Portrait version 1.0.0
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{93A07A0D-454E-43d1-86A9-5DE9C5F4411A}" = Shadow Defender
"{983073CD-FAAF-4907-AA07-037DBA73B8EE}" = ESET Smart Security
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 7.2.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.1
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}" = WinZip 17.5
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"419546AE8E4244C647A348987F769803F43B9C4F" = Balíček ovladače systému Windows - Segger (jlink) USB (04/11/2012 2.6.8.2)
"BD6BF8BBF7BE0D0091163F649A1A423B7EB9D4F1" = Balíček ovladače systému Windows - SEGGER (usbser) Ports (01/25/2012 6.0.2600.4)
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.66.1
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.22
"EPSON PX710W Series" = EPSON PX710W Series Printer Uninstall
"Logitech Gaming Software" = Logitech Gaming Software 8.46
"lucky leap" = lucky leap 3.0.0
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Software Informer_is1" = Software Informer 1.2
"ZonerPhotoStudio15_EN_is1" = Zoner Photo Studio 15
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{039BC111-5D42-BD22-5D57-C7073E40209A}_is1" = SuperEasy Video Converter 2 v.2.1.2296
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04B9429C-6D4C-462A-A062-2206D96306BB}_is1" = NTFS to FAT32 Wizard 2.3.1 version 2.3.1
"{0DA77807-8CC9-4026-A318-64B863E34BAA}_is1" = Project Dogwaffle Howler version 8.2
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{156C3E4C-4C12-4BD3-9CD4-F2F858A2458B}" = GRID
"{1760F404-9A2B-4CD5-9A5C-7F9DCC627741}" = MechWarrior Online
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{299EB32D-0525-4482-A8B5-1F30725AB6F1}_is1" = PhotoStitcher 1.2
"{30AB2FCD-FBF2-4bed-3333-13E6A1468621}_is1" = Ainishare Audio Recorder 1.5.0
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{414D143D-7DB6-47A6-9E23-1914FD1B535A}_is1" = Incomedia WebSite X5 v9 - Compact
"{4209F371-2541-6C11-55DB-6103A83FCB9B}_is1" = Ashampoo Core Tuner 2 v.2.0.1
"{4209F371-29A2-6661-598F-36C7BBD65D31}_is1" = Ashampoo WinOptimizer 9 v.9.04.31
"{4209F371-A431-385E-2D7E-ACDA5DA3BA0B}_is1" = Ashampoo HDD Control 2 v.2.1.0
"{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.6
"{4304ADDC-824B-4888-A6E7-F8E48D7FDBBD}_is1" = icomancer 1.3.3.103
"{476D4A09-85AE-4243-8A1C-688F22F0D29F}" = AVR macro Assembler
"{47F94730-ABD2-47F6-920E-EA8CDB6DD0C6}_is1" = BASCOM-AVR
"{485DF5E7-8379-4BFA-BAE1-9B8DBFE0D6B4}" = Paragon Backup and Recovery™ 12 Compact
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D1A0101-17A2-4fca-9119-4734EDBDA12D}_is1" = Ashampoo Home Designer Pro v.1.0.1
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{4F66DCB3-5DF5-4E4C-8805-0AC29856256C}" = Atmel AVR (8 bit) GNU Toolchain
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}" = DiRT
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{5E0EE694-E5B8-4D94-A52D-2F3271C8CF26}" = Atmel ARM GNU Toolchain
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{675F65BF-F58A-44DD-9555-6F439759C4E4}" = SOAP3 and XML4
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71D5A296-D77E-4BC5-BB75-12AD20001A61}" = Atmel Studio 6.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7534AD6F-A485-42A4-AE5A-43828817F29A}_is1" = Free CUDA Video Converter 6
"{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}" = Microsoft SQL Server 2008 R2 Management Objects
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{877B76B2-F83F-4F5A-B28D-3F398641ADB6}" = Microsoft SQL Server System CLR Types
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8C4B905C-81E8-4192-A67B-2C46FE8D38C7}" = Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91B33C97-3197-5D05-4176-1BD0B43C7AD8}_is1" = Ashampoo Video Styler v.1.0.1
"{91B33C97-34D2-9841-084D-BE4849F6A38F}_is1" = Ashampoo Slideshow Studio 2013 v.1.0.2
"{91B33C97-54B3-9CEB-E911-246EDA9BDC9A}_is1" = Ashampoo Movie Studio v.1.0.3
"{91B33C97-5A0B-2CB7-3038-22701B2F2CED}_is1" = Ashampoo Gadge It v.1.0.1
"{91B33C97-65E9-BC54-E48F-B5E531F7886F}_is1" = Ashampoo Slideshow Studio 2012 v.1.0.2
"{91B33C97-7650-0EB0-B6C7-DDBA2932B7B4}_is1" = Ashampoo Music Studio 4 v.4.0.8
"{91B33C97-93EB-244C-F687-71D85E45A206}_is1" = Ashampoo Burning Studio 12 v.12.0.5
"{91B33C97-DCEF-0E4D-99BB-A2132C762E93}_is1" = Ashampoo Media Sync v.1.0.0
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.7
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A071F478-73E0-4143-AE55-4DD6BABD74F5}" = Far Cry 3 Blood Dragon
"{A44721BB-80BE-45A0-8679-F71E94400CAC}" = UT Cache Cleaner v3.0
"{A4C063A5-8A17-41B0-AD6B-FCD5CA69683F}" = Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7_2 (c:\SiLabs\MCU\CP210x\Windows_XP_S2K3_Vista_7_2)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA5009F6-E65C-4DBD-92B8-988F0ADD1E99}" = SlimDrivers
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.04) - Czech
"{AD88DF59-7FD3-4A41-9F52-EC673AB80378}_is1" = Epubor Ultimate version 1.50.5.4
"{BA376736-0D2C-4FDF-86DE-E9799D3D5D0B}" = SliceMaker Standard
"{BA3A4E83-7935-4939-A6FF-435423A416A9}_is1" = DigiBand version 1.6
"{BA413735-865A-4BF5-AAD2-B4D2998ED019}}_is1" = BatchInpaint 2.0
"{BD446D04-7426-4a27-9B0B-33B0C386F71B}_is1" = Aiseesoft Video Converter Ultimate 6.3.60
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C1AC4F7A-4B50-4903-882A-D61D3D13782D}" = AVR Studio 4.19
"{C2D4CD4A-AE20-40B3-8726-8ED1C03E8C15}" = Google Drive
"{C4B28974-0790-463B-9C11-C8516DE309DB}" = AtmelSoftwareFramework
"{C92AB6F1-2490-D7C3-A45D-23F3C33ECFA5}_is1" = Ashampoo GetBack Photo v.1.0.1
"{C92AB6F1-4B66-808A-D77C-25EF81C0176A}_is1" = Ashampoo Photo Commander 10 v.10.2.1
"{C92AB6F1-770F-EA32-6CF7-8A0792FA1A4B}_is1" = Ashampoo Snap 6 v.6.0.5
"{CCE60D92-F3EC-4EF7-0001-C8949A33B608}" = Photomizer Scan 2
"{CDA91A28-4350-4885-944F-88908A0E3BBC}" = Audials
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D50500AA-D25A-463B-98BF-E09585325711}" = DesignSpark PCB 5.0
"{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}" = AVR Studio 4.19
"{D64B6984-242F-32BC-B008-752806E5FC44}" = Microsoft Visual Studio 2010 Shell (Isolated) - ENU
"{D73DC791-E28C-40FA-B008-D1A1C3A3B41B}" = Atmel AVR (32 bit) GNU Toolchain
"{D7BCF606-5821-4D1D-889E-76AE9D00E439}" = Solid Edge ST
"{D9757258-30B2-496E-86F2-84920C5858E1}_is1" = CollageIt 1.9.3
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}" = Atmel USB
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{ED784556-66AA-3F17-9B58-7246ACB5C7E4}" = Microsoft Visual Basic 2010 Express - ENU
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4A43B47-0518-4a39-B377-15DC62076AC0}_is1" = Tipard Video Converter Platinum 6.2.16
"{F5C372A1-40F3-49DA-A049-F75CDE9177DC}" = Pinnacle Studio Ultimate Collection Plugins
"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition
"{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}" = Quake Live Mozilla Plugin
"{ffbbd184-8eba-469f-bb26-ea4e1f6bfd4c}" = MechWarrior Online
"18 Wheels of Steel: American Long Haul" = 18 Wheels of Steel: American Long Haul
"1-abc.net Backup" = 1-abc.net Backup (Remove only)
"4 Elements_is1" = 4 Elements
"5513-1208-7298-9440" = JDownloader 0.9
"ACPsoft PDF Converter" = ACPsoft PDF Converter
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Adrianne" = Adrianne demo by NVIDIA (remove only)
"AllMedia Grabber6.1" = AllMedia Grabber
"Alone Stars_is1" = Alone Stars 1.02a
"Animated Screensaver Maker" = Animated Screensaver Maker
"Animated Wallpaper Maker" = Animated Wallpaper Maker
"AnvSoft Photo Slideshow Maker Professional" = AnvSoft Photo Slideshow Maker Professional 5.56
"Around the World: New York_is1" = Around the World: New York 1.0
"Atlantis - Pearls of the Deep" = Atlantis - Pearls of the Deep
"Automatizovaný docházkový systém_is1" = Automatizovaný docházkový systém verze 3.96.5.1128
"Bacula" = Bacula
"bi_uninstaller" = Bundled software uninstaller
"Cascades" = Cascades demo by NVIDIA (remove only)
"Celestia_is1" = Celestia 1.6.1
"CobBackup11" = Cobian Backup 11 Gravity
"DAEMON Tools Lite" = DAEMON Tools Lite
"Digital Physiognomy" = Digital Physiognomy (remove only)
"EAGLE 6.2.0" = EAGLE 6.2.0
"Easy Office Recovery" = Easy Office Recovery
"eFlip Lite_is1" = eFlip Lite
"EMCO UnLock IT 2_is1" = EMCO UnLock IT 2.0
"EPSON Scanner" = EPSON Scan
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60
"FilesFrog Update Checker" = FilesFrog Update Checker
"FileStream Web Boomerang" = FileStream Web Boomerang
"Fraps" = Fraps (remove only)
"GameParkClient_is1" = GamePark
"GOGPACKTYRIAN2000_is1" = Tyrian 2000
"Google Chrome" = Google Chrome
"Hi Slider_is1" = Hi Slider
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IconLover" = IconLover
"IFX-Supreme 1.0" = IFX-Supreme
"ImageMagick 6.8.0 Q16_is1" = ImageMagick 6.8.0-8 Q16 (2012-12-01)
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{D50500AA-D25A-463B-98BF-E09585325711}" = DesignSpark PCB Version 5.0
"iRecordMax Sound Recorder_is1" = iRecordMax Sound Recorder v7.1.3
"IrfanView" = IrfanView (remove only)
"Kakuro" = Kakuro
"KC Softwares PhotoToFilm_is1" = KC Softwares PhotoToFilm
"Knoll Light Factory EZ Studio" = Knoll Light Factory EZ Studio
"Live Aquarium HD_is1" = Live Aquarium HD
"Magic Bullet Looks Studio" = Magic Bullet Looks Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft Visual Basic 2010 Express - ENU" = Microsoft Visual Basic 2010 Express - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"mIRC" = mIRC
"NavyField2 EU" = NavyField2
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"OpenTTD" = OpenTTD 1.3.0
"Origin" = Origin
"PDF Rotator_is1" = PDF Rotator 1.0.2
"Picasa 3" = Picasa 3
"Presentation Assistant_is1" = Presentation Assistant V2.7.2
"ProcessLasso" = Process Lasso
"PunkBusterSvc" = PunkBuster Services
"Race Driver - GRID 2_is1" = Race Driver - GRID 2 1.0.82.5097
"RADVideo" = RAD Video Tools
"Red Giant ToonIt Studio" = Red Giant ToonIt Studio
"Royal Envoy_is1" = Royal Envoy
"SequoiaView" = SequoiaView
"Shadowgun DeadZone" = Shadowgun: DeadZone
"Sim Aquarium 3_is1" = Sim Aquarium 3
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"SoftOrbits Photo Retoucher_is1" = SoftOrbits Photo Retoucher 1.3
"Solitaire Mystery - Stolen Power_is1" = Solitaire Mystery - Stolen Power
"SpaceMonger" = SpaceMonger 2.1.1
"Steam App 102600" = Orcs Must Die!
"Steam App 105450" = Age of Empires® III: Complete Collection
"Steam App 10620" = Empire: Total War Demo
"Steam App 11250" = Pacific Storm
"Steam App 11260" = Pacific Storm: Allies
"Steam App 13260" = Unreal Development Kit
"Steam App 13500" = Prince of Persia: Warrior Within
"Steam App 13530" = Prince of Persia: The Two Thrones
"Steam App 13600" = Prince of Persia: The Sands of Time
"Steam App 17480" = Command and Conquer: Red Alert 3
"Steam App 19980" = Prince of Persia
"Steam App 200170" = Worms Revolution
"Steam App 201790" = Orcs Must Die! 2
"Steam App 202270" = Leviathan: Warships
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 203160" = Tomb Raider
"Steam App 203630" = Warlock - Master of the Arcane
"Steam App 203770" = Crusader Kings II
"Steam App 204080" = The Showdown Effect
"Steam App 204300" = Awesomenauts
"Steam App 205370" = Airline Tycoon 2 Demo
"Steam App 206980" = War of the Roses Balance Beta
"Steam App 207190" = Fireburst
"Steam App 209330" = A Valley Without Wind
"Steam App 210290" = Naval War: Arctic Circle Demo
"Steam App 211160" = Viking: Battle for Asgard
"Steam App 211940" = F1 2012 Demo
"Steam App 212680" = FTL: Faster Than Light
"Steam App 214360" = Tower Wars
"Steam App 214550" = Eets Munchies
"Steam App 214560" = Mark of the Ninja
"Steam App 219190" = Ultratron
"Steam App 2200" = Quake III Arena
"Steam App 220160" = Trials Evolution Gold Edition
"Steam App 220240" = Far Cry® 3
"Steam App 220820" = Zombie Driver HD
"Steam App 221030" = Towns Demo
"Steam App 221380" = Age of Empires II: HD Edition
"Steam App 224760" = FEZ
"Steam App 224960" = Tomb Raider I
"Steam App 224980" = Tomb Raider: The Last Revelation
"Steam App 225000" = Tomb Raider: Chronicles
"Steam App 225020" = Tomb Raider (VI): The Angel of Darkness
"Steam App 225140" = Duke Nukem 3D: Megaton Edition
"Steam App 225260" = Brütal Legend
"Steam App 225300" = Tomb Raider II
"Steam App 225320" = Tomb Raider III: Adventures of Lara Croft
"Steam App 228320" = A Valley Without Wind 2
"Steam App 231120" = Euro Truck Simulator 2 Demo
"Steam App 231410" = Kerbal Space Program Demo
"Steam App 233410" = Final Hours of Tomb Raider
"Steam App 234370" = Shattered Haven
"Steam App 234740" = Tower Wars Editor
"Steam App 2350" = Quake III: Team Arena
"Steam App 235640" = Sanctum 2 Demo
"Steam App 238210" = System Shock 2
"Steam App 238510" = Castlevania: Lords of Shadow - Ultimate Edition DEMO
"Steam App 238890" = Skyward Collapse
"Steam App 243340" = Rayman Legends Demo
"Steam App 243820" = MotoGP™13 Demo
"Steam App 246460" = FORCED Demo
"Steam App 24740" = Burnout Paradise: The Ultimate Box
"Steam App 25800" = Europa Universalis III
"Steam App 33320" = Prince of Persia: The Forgotten Sands
"Steam App 34880" = Sniper Ghost Warrior 2 Demo
"Steam App 35710" = Trine Demo
"Steam App 35720" = Trine 2
"Steam App 40400" = AI War: Fleet Command
"Steam App 40420" = Tidalis
"Steam App 41000" = Serious Sam HD: The First Encounter
"Steam App 41010" = Serious Sam HD: The Second Encounter
"Steam App 41040" = Serious Sam HD: The Second Encounter Editor
"Steam App 41070" = Serious Sam 3: BFE
"Steam App 42160" = War of the Roses
"Steam App 42910" = Magicka
"Steam App 43110" = Metro 2033
"Steam App 4460" = City Life 2008
"Steam App 47790" = Medal of Honor(TM) Single Player
"Steam App 47830" = Medal of Honor(TM) Multiplayer
"Steam App 49520" = Borderlands 2
"Steam App 65740" = Carrier Command: Gaea Mission
"Steam App 7000" = Tomb Raider: Legend
"Steam App 8000" = Tomb Raider: Anniversary
"Steam App 8190" = Just Cause 2
"Steam App 98400" = Hard Reset
"Sudoku Up_is1" = Sudoku Up 2012 v6.0
"TC PowerPack" = TC PowerPack 1.7
"TeamViewer 8" = TeamViewer 8
"Trapcode 3DStroke Studio" = Trapcode 3DStroke Studio
"Trapcode Particular Studio" = Trapcode Particular Studio
"Trapcode Shine Studio" = Trapcode Shine Studio
"TreeSize Free_is1" = TreeSize Free V1.7.9
"Ultima Steganography_is1" = Ultima Steganography 1.7
"UnrealTournament" = Unreal Tournament G.O.T.Y. Edition
"Uplay" = Uplay
"uTorrent" = µTorrent
"Video Rotator_is1" = Video Rotator V1.0
"WinAVR-20100110" = WinAVR 20100110 (remove only)
"Yacht Animated Wallpaper_is1" = Yacht Animated Wallpaper version 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"917fb2dcd1e84e28" = Výpočet hmotnosti polotovaru 1.3
"Dexpot" = Dexpot
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 15.9.2013 7:01:09 | Computer Name = Speedead | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.
Error - 15.9.2013 18:52:42 | Computer Name = Speedead | Source = SideBySide | ID = 16842761
Description = Generování kontextu aktivace pro C:\Program Files\WinZip\adxloader.dll.Manifest
se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files\WinZip\adxloader.dll.Manifest
na řádku 2. Kořenový prvek souboru manifestu musí být symbolická adresa.
Error - 16.9.2013 11:48:48 | Computer Name = Speedead | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\User\Downloads\esetsmartinstaller_enu.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 16.9.2013 11:49:45 | Computer Name = Speedead | Source = NvStreamSvc | ID = 131073
Description =
Error - 16.9.2013 11:50:05 | Computer Name = Speedead | Source = NvStreamSvc | ID = 131073
Description =
Error - 16.9.2013 11:50:05 | Computer Name = Speedead | Source = NvStreamSvc | ID = 131073
Description =
Error - 16.9.2013 11:50:05 | Computer Name = Speedead | Source = NvStreamSvc | ID = 131073
Description =
Error - 16.9.2013 11:53:54 | Computer Name = Speedead | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.
Error - 16.9.2013 11:53:54 | Computer Name = Speedead | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.
Error - 16.9.2013 11:53:54 | Computer Name = Speedead | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.
[ OSession Events ]
Error - 26.2.2013 16:22:56 | Computer Name = Speedead | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 840
seconds with 780 seconds of active time. This session ended with a crash.
Error - 26.2.2013 16:23:36 | Computer Name = Speedead | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.
Error - 26.2.2013 16:34:28 | Computer Name = Speedead | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 1.3.2013 14:07:36 | Computer Name = Speedead | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2.3.2013 14:54:34 | Computer Name = Speedead | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2548
seconds with 240 seconds of active time. This session ended with a crash.
Error - 2.3.2013 14:55:21 | Computer Name = Speedead | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 39
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 15.9.2013 4:55:27 | Computer Name = Speedead | Source = Service Control Manager | ID = 7000
Description = Služba TVicPort neuspěla při spuštění v důsledku následující chyby:
%%1275
Error - 15.9.2013 4:55:30 | Computer Name = Speedead | Source = Service Control Manager | ID = 7034
Description = Služba Bacula File Backup Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 15.9.2013 6:57:53 | Computer Name = Speedead | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk6\DR6.
Error - 15.9.2013 6:57:54 | Computer Name = Speedead | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk6\DR6.
Error - 15.9.2013 6:57:54 | Computer Name = Speedead | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk6\DR6.
Error - 15.9.2013 6:57:55 | Computer Name = Speedead | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk6\DR6.
Error - 15.9.2013 13:00:50 | Computer Name = Speedead | Source = DCOM | ID = 10010
Description =
Error - 16.9.2013 11:49:43 | Computer Name = Speedead | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\TVicPort.SYS bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 16.9.2013 11:49:43 | Computer Name = Speedead | Source = Service Control Manager | ID = 7000
Description = Služba TVicPort neuspěla při spuštění v důsledku následující chyby:
%%1275
Error - 16.9.2013 11:49:46 | Computer Name = Speedead | Source = Service Control Manager | ID = 7034
Description = Služba Bacula File Backup Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
7,96 Gb Total Physical Memory | 6,15 Gb Available Physical Memory | 77,23% Memory free
15,92 Gb Paging File | 14,18 Gb Available in Paging File | 89,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 25,18 Gb Free Space | 22,55% Space Free | Partition Type: NTFS
Drive E: | 2794,39 Gb Total Space | 1704,56 Gb Free Space | 61,00% Space Free | Partition Type: NTFS
Drive J: | 1,19 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: SPEEDEAD | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [icomancer_imbue] -- "C:\Program Files (x86)\icomancer\icomancer.exe" /imbue "%1" (LAVA SoftWorks)
Directory [icomancer_remove] -- "C:\Program Files (x86)\icomancer\icomancer.exe" /nosplash /remove "%1" (LAVA SoftWorks)
Directory [SpaceMonger] -- "E:\Program FIles 2\SpaceMonger\SpaceMonger.exe" ; show-free-space false ; show-system-space false ; set-root "%l" (Sixty-Five Software, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [icomancer_imbue] -- "C:\Program Files (x86)\icomancer\icomancer.exe" /imbue "%1" (LAVA SoftWorks)
Directory [icomancer_remove] -- "C:\Program Files (x86)\icomancer\icomancer.exe" /nosplash /remove "%1" (LAVA SoftWorks)
Directory [SpaceMonger] -- "E:\Program FIles 2\SpaceMonger\SpaceMonger.exe" ; show-free-space false ; show-system-space false ; set-root "%l" (Sixty-Five Software, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C852675-5C43-4028-A7C3-35FC53673042}" = lport=12972 | protocol=6 | dir=in | name=audials localhttpserver 12972 |
"{0F564492-87F4-4FBA-BED3-2B9FD2998BB4}" = rport=445 | protocol=6 | dir=out | app=system |
"{11233ADE-9909-4CA9-9789-6D5C2A7DE5E3}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{1B26419C-E8E4-4F37-AE76-885F4C848F0A}" = lport=445 | protocol=6 | dir=in | app=system |
"{1BACDB9C-F74D-4EC5-A0D2-CB317185B3ED}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3A3D49B7-616C-4842-803D-60D20190BDDA}" = lport=14714 | protocol=6 | dir=in | name=audials localhttpserver 14714 |
"{4380B1D3-D0D6-419B-9F04-13F3AF8E0ADB}" = lport=137 | protocol=17 | dir=in | app=system |
"{52308A72-2EFF-4385-A3AF-F06AF6E61C27}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{525B8DAF-CB90-4E1F-ABE9-6C8F7648FDF9}" = lport=138 | protocol=17 | dir=in | app=system |
"{68142A32-89B4-4E9D-B9E6-C73311F3D8A8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9179A144-7FCF-4852-A02D-D7D99FBC1B05}" = rport=139 | protocol=6 | dir=out | app=system |
"{9CD88D47-00E3-4A84-869E-6C83A14C4E25}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A0155D65-3087-461F-8E48-A11A86B312E4}" = lport=31931 | protocol=6 | dir=in | name=audials localhttpserver 31931 |
"{A3D1FDC7-9667-41B8-BA36-CC73A6A84FFC}" = rport=137 | protocol=17 | dir=out | app=system |
"{A4EC6F47-B611-47A1-875D-925FD9E6E2F4}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{BB9F790E-A881-4C0B-A67D-56D524C10E45}" = lport=139 | protocol=6 | dir=in | app=system |
"{BBBC4B6F-DC94-4F20-B245-A5A90184D8FE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E8EB9140-5175-4426-B9F7-C850C9008FFB}" = rport=138 | protocol=17 | dir=out | app=system |
"{F9787E62-968D-4486-9B8E-E33AE6960688}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08468D92-740F-4271-AAF5-02C51DF61BF1}" = dir=in | app=c:\program files (x86)\audials\audials 10\audials.exe |
"{084F0807-4B84-426B-9CF9-5D8DF7110912}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"{09797042-4690-42E6-B836-D465AE93CD8F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\townsdemo\towns.exe |
"{0B265429-CCCA-4BE2-B571-1057BA310B77}" = protocol=17 | dir=in | app=e:\steam2\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{1586C2F3-9F98-4871-9B72-C1816178CEBC}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{178A795B-6DEB-42CD-B59F-AB8F58AA1CFA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{19375F81-B236-4780-9B3D-2110F7FE3169}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1FA292C6-CD5E-420E-9615-4C636CE0007A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{23873414-A34F-44B5-AD9B-A122D56F7B14}" = protocol=17 | dir=in | app=e:\program files 2\pinacle 14\programs\rm.exe |
"{273BE996-D02C-42C0-AEE0-1251952A0232}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{27BD9883-BEE8-4472-A604-06F3A1162133}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{292D5D53-9BE1-4293-967C-43D5B71E0B36}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\duke nukem 3d\bin\duke3d.exe |
"{29842123-E390-46E3-B9EA-913BBED616E6}" = protocol=6 | dir=in | app=e:\program files 2\pinacle 14\programs\rm.exe |
"{2AA12A32-44E7-4EC6-AE30-689B45A9DFE3}" = protocol=6 | dir=in | app=e:\program files 2\pinacle 14\programs\umi.exe |
"{2BABF581-A653-4147-A6F8-4F4BC85067D7}" = protocol=17 | dir=in | app=e:\steam2\far cry 3 blood dragon\bin\fc3bdupdater.exe |
"{31A9D3EC-8B26-4A2B-89E6-22DEDC30E465}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{32C74343-D610-45E3-99B1-A42AD366463B}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{39A49D46-8056-4AF8-87DD-8AEC5BC16477}" = protocol=17 | dir=in | app=e:\program files 2\pinacle 14\programs\umi.exe |
"{3AE06E1C-F9C6-499E-82C3-1A7F27E9A4ED}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{3CBE7179-062E-4E2F-AD55-37378E2E675C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\duke nukem 3d\bin\dosbox\dosbox.exe |
"{3D0F4075-83A5-46DB-BBA5-A4BDA5FE954D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{484BD82D-998A-48BF-AB67-ADF0E15A0D41}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{495D0C87-218D-4C5C-9F5A-63055AF78900}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{495EE438-4AE3-41E1-894B-5E65CD9A294F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4E247800-6E09-4D74-BC90-A528331B1C46}" = protocol=6 | dir=in | app=e:\steam2\steamapps\common\far cry 3\bin\farcry3.exe |
"{51EBC1B1-8622-428B-A51A-91CC01D1866A}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\utorrent\utorrent.exe |
"{54D5A870-FA8B-48A3-8F3C-1D52FDAA59AA}" = protocol=6 | dir=in | app=e:\steam2\race driver grid\grid.exe |
"{590A70F3-E93D-4A3F-BC61-7B0A9628278E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5D8030DF-D7A4-4D98-A106-5BB0A585325D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\duke nukem 3d\bin\dosbox\dosbox.exe |
"{5DA440B6-D7F4-4D9E-A426-7F9226982183}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{67FB7B23-8DAF-4A5D-AB1D-DE57AC16FE69}" = protocol=17 | dir=in | app=e:\steam2\race driver grid\grid.exe |
"{6B3AB897-8388-4B52-8CC3-0BDE5735B311}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ultratron\ultratron.exe |
"{794FDEA9-D7DF-4E39-ACA2-BDC7F3509EFF}" = protocol=6 | dir=in | app=e:\steam2\far cry 3 blood dragon\bin\fc3_blooddragon.exe |
"{80DC3F96-8A4B-43CB-8B01-6684815BE5E8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{839B3753-35EF-473C-90B8-3E6447A18AB9}" = protocol=6 | dir=in | app=e:\steam2\far cry 3 blood dragon\bin\fc3bdupdater.exe |
"{8D6F30A6-6F72-4B07-BE9B-C5A88AF6A172}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ultratron\ultratron.exe |
"{97673F09-5FAF-4709-8A9A-810E5AFBC519}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{9C335F74-32A1-40A1-9BC3-2FF123350028}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ultratron\ultratron.exe |
"{A2C95776-D59E-43DE-9C9E-947F6677CDAA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A30515D9-BF57-4D13-B45F-B50C2CC15DE7}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"{A9887474-1ED3-48F8-BDB1-0D72633B3CF9}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{ABA4ADDF-DC40-4F34-B5CB-93D4F89C60BE}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\utorrent\utorrent.exe |
"{B5D8E711-C832-483D-A60C-A880462181C5}" = protocol=17 | dir=in | app=e:\steam2\far cry 3 blood dragon\bin\fc3_blooddragon.exe |
"{B6490291-0EEA-4455-B41A-A7B7637CE363}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B9B6B106-3908-4A37-BF6A-6E6173AD5DED}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BEBA4D60-8158-4701-928A-E393AA22D3EB}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\logitech vid\vid.exe |
"{BEED4101-FD96-4CAB-98FD-474CD12E5435}" = protocol=17 | dir=in | app=e:\steam2\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe |
"{C4F6B1BB-5E37-4024-97DF-6DBB003D83B8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{CF09BF4D-67E9-4116-B23C-CC902BB854CC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DC738213-0E49-4E59-A02B-B644DAC5C347}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ultratron\ultratron.exe |
"{E5EF17DC-EFE1-4CC0-BD6D-2682E0925E71}" = protocol=6 | dir=in | app=e:\steam2\far cry 3 blood dragon\bin\fc3_blooddragon_d3d11.exe |
"{F036D1CF-3F84-4875-A57F-56C879CD4015}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\townsdemo\towns.exe |
"{F4D8E0C5-AABC-4111-AD59-8C0EEDA74FA9}" = protocol=17 | dir=in | app=e:\steam2\steamapps\common\far cry 3\bin\farcry3.exe |
"{F5AE564C-2E26-4362-8A6F-5FD976F0F3B3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\duke nukem 3d\bin\duke3d.exe |
"{F72A1556-C9FA-4E39-B6DD-50824E3BA655}" = protocol=6 | dir=in | app=e:\steam2\steamapps\common\far cry 3\bin\farcry3_d3d11.exe |
"{F7C1346E-4A56-4196-8EBF-5098247730CF}" = protocol=17 | dir=in | app=e:\program files 2\pinacle 14\programs\studio.exe |
"{FA575305-6D7B-442A-8040-E117173871FB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FBAC9026-E26C-4EB0-8631-E6A6970E5569}" = protocol=6 | dir=in | app=e:\program files 2\pinacle 14\programs\studio.exe |
"TCP Query User{1B1187CD-BFAD-46A8-BF69-7F357160370A}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{65036220-83D7-4BD0-B500-F3E6B33F7A32}C:\windows\syswow64\java.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\java.exe |
"TCP Query User{8AE9E7B4-762D-4ABE-A389-E40216344831}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{18F6EB28-54B0-4F09-9451-79CF0A326542}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{1B305343-B141-41F1-BA56-D4D26224D997}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{FDD55777-CDC1-4485-A949-E10FC894AECA}C:\windows\syswow64\java.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\java.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Prostředí Windows XP Mode
"{14297226-E0A0-3781-8911-E9D529552663}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E3CA1C4-1E90-401B-8CC0-911DF018D8D8}" = AllWebMenus PRO 5.3.908
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{22C37D82-6137-40BF-8625-7A846ED65F3A}_is1" = FolderIco 1.0
"{26A24AE4-039D-4CA4-87B4-2F86417013FF}" = Java 7 Update 13 (64-bit)
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{3E494002-985C-4908-B72C-5B4DD15BE090}_is1" = Start Menu X verze 4.66
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{85153CE3-6356-407F-A672-C1FA085FB031}" = JLink OB CDC Driver Package
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E2D6BBF-8372-4B53-B006-E24DCE64753A}_is1" = PT Portrait version 1.0.0
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{93A07A0D-454E-43d1-86A9-5DE9C5F4411A}" = Shadow Defender
"{983073CD-FAAF-4907-AA07-037DBA73B8EE}" = ESET Smart Security
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 7.2.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.1
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}" = WinZip 17.5
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"419546AE8E4244C647A348987F769803F43B9C4F" = Balíček ovladače systému Windows - Segger (jlink) USB (04/11/2012 2.6.8.2)
"BD6BF8BBF7BE0D0091163F649A1A423B7EB9D4F1" = Balíček ovladače systému Windows - SEGGER (usbser) Ports (01/25/2012 6.0.2600.4)
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.66.1
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.22
"EPSON PX710W Series" = EPSON PX710W Series Printer Uninstall
"Logitech Gaming Software" = Logitech Gaming Software 8.46
"lucky leap" = lucky leap 3.0.0
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Software Informer_is1" = Software Informer 1.2
"ZonerPhotoStudio15_EN_is1" = Zoner Photo Studio 15
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{039BC111-5D42-BD22-5D57-C7073E40209A}_is1" = SuperEasy Video Converter 2 v.2.1.2296
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04B9429C-6D4C-462A-A062-2206D96306BB}_is1" = NTFS to FAT32 Wizard 2.3.1 version 2.3.1
"{0DA77807-8CC9-4026-A318-64B863E34BAA}_is1" = Project Dogwaffle Howler version 8.2
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{156C3E4C-4C12-4BD3-9CD4-F2F858A2458B}" = GRID
"{1760F404-9A2B-4CD5-9A5C-7F9DCC627741}" = MechWarrior Online
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{299EB32D-0525-4482-A8B5-1F30725AB6F1}_is1" = PhotoStitcher 1.2
"{30AB2FCD-FBF2-4bed-3333-13E6A1468621}_is1" = Ainishare Audio Recorder 1.5.0
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{414D143D-7DB6-47A6-9E23-1914FD1B535A}_is1" = Incomedia WebSite X5 v9 - Compact
"{4209F371-2541-6C11-55DB-6103A83FCB9B}_is1" = Ashampoo Core Tuner 2 v.2.0.1
"{4209F371-29A2-6661-598F-36C7BBD65D31}_is1" = Ashampoo WinOptimizer 9 v.9.04.31
"{4209F371-A431-385E-2D7E-ACDA5DA3BA0B}_is1" = Ashampoo HDD Control 2 v.2.1.0
"{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.6
"{4304ADDC-824B-4888-A6E7-F8E48D7FDBBD}_is1" = icomancer 1.3.3.103
"{476D4A09-85AE-4243-8A1C-688F22F0D29F}" = AVR macro Assembler
"{47F94730-ABD2-47F6-920E-EA8CDB6DD0C6}_is1" = BASCOM-AVR
"{485DF5E7-8379-4BFA-BAE1-9B8DBFE0D6B4}" = Paragon Backup and Recovery™ 12 Compact
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D1A0101-17A2-4fca-9119-4734EDBDA12D}_is1" = Ashampoo Home Designer Pro v.1.0.1
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{4F66DCB3-5DF5-4E4C-8805-0AC29856256C}" = Atmel AVR (8 bit) GNU Toolchain
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}" = DiRT
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{5E0EE694-E5B8-4D94-A52D-2F3271C8CF26}" = Atmel ARM GNU Toolchain
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{675F65BF-F58A-44DD-9555-6F439759C4E4}" = SOAP3 and XML4
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71D5A296-D77E-4BC5-BB75-12AD20001A61}" = Atmel Studio 6.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7534AD6F-A485-42A4-AE5A-43828817F29A}_is1" = Free CUDA Video Converter 6
"{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}" = Microsoft SQL Server 2008 R2 Management Objects
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{877B76B2-F83F-4F5A-B28D-3F398641ADB6}" = Microsoft SQL Server System CLR Types
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8C4B905C-81E8-4192-A67B-2C46FE8D38C7}" = Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91B33C97-3197-5D05-4176-1BD0B43C7AD8}_is1" = Ashampoo Video Styler v.1.0.1
"{91B33C97-34D2-9841-084D-BE4849F6A38F}_is1" = Ashampoo Slideshow Studio 2013 v.1.0.2
"{91B33C97-54B3-9CEB-E911-246EDA9BDC9A}_is1" = Ashampoo Movie Studio v.1.0.3
"{91B33C97-5A0B-2CB7-3038-22701B2F2CED}_is1" = Ashampoo Gadge It v.1.0.1
"{91B33C97-65E9-BC54-E48F-B5E531F7886F}_is1" = Ashampoo Slideshow Studio 2012 v.1.0.2
"{91B33C97-7650-0EB0-B6C7-DDBA2932B7B4}_is1" = Ashampoo Music Studio 4 v.4.0.8
"{91B33C97-93EB-244C-F687-71D85E45A206}_is1" = Ashampoo Burning Studio 12 v.12.0.5
"{91B33C97-DCEF-0E4D-99BB-A2132C762E93}_is1" = Ashampoo Media Sync v.1.0.0
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.7
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A071F478-73E0-4143-AE55-4DD6BABD74F5}" = Far Cry 3 Blood Dragon
"{A44721BB-80BE-45A0-8679-F71E94400CAC}" = UT Cache Cleaner v3.0
"{A4C063A5-8A17-41B0-AD6B-FCD5CA69683F}" = Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7_2 (c:\SiLabs\MCU\CP210x\Windows_XP_S2K3_Vista_7_2)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA5009F6-E65C-4DBD-92B8-988F0ADD1E99}" = SlimDrivers
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.04) - Czech
"{AD88DF59-7FD3-4A41-9F52-EC673AB80378}_is1" = Epubor Ultimate version 1.50.5.4
"{BA376736-0D2C-4FDF-86DE-E9799D3D5D0B}" = SliceMaker Standard
"{BA3A4E83-7935-4939-A6FF-435423A416A9}_is1" = DigiBand version 1.6
"{BA413735-865A-4BF5-AAD2-B4D2998ED019}}_is1" = BatchInpaint 2.0
"{BD446D04-7426-4a27-9B0B-33B0C386F71B}_is1" = Aiseesoft Video Converter Ultimate 6.3.60
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C1AC4F7A-4B50-4903-882A-D61D3D13782D}" = AVR Studio 4.19
"{C2D4CD4A-AE20-40B3-8726-8ED1C03E8C15}" = Google Drive
"{C4B28974-0790-463B-9C11-C8516DE309DB}" = AtmelSoftwareFramework
"{C92AB6F1-2490-D7C3-A45D-23F3C33ECFA5}_is1" = Ashampoo GetBack Photo v.1.0.1
"{C92AB6F1-4B66-808A-D77C-25EF81C0176A}_is1" = Ashampoo Photo Commander 10 v.10.2.1
"{C92AB6F1-770F-EA32-6CF7-8A0792FA1A4B}_is1" = Ashampoo Snap 6 v.6.0.5
"{CCE60D92-F3EC-4EF7-0001-C8949A33B608}" = Photomizer Scan 2
"{CDA91A28-4350-4885-944F-88908A0E3BBC}" = Audials
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D50500AA-D25A-463B-98BF-E09585325711}" = DesignSpark PCB 5.0
"{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}" = AVR Studio 4.19
"{D64B6984-242F-32BC-B008-752806E5FC44}" = Microsoft Visual Studio 2010 Shell (Isolated) - ENU
"{D73DC791-E28C-40FA-B008-D1A1C3A3B41B}" = Atmel AVR (32 bit) GNU Toolchain
"{D7BCF606-5821-4D1D-889E-76AE9D00E439}" = Solid Edge ST
"{D9757258-30B2-496E-86F2-84920C5858E1}_is1" = CollageIt 1.9.3
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}" = Atmel USB
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{ED784556-66AA-3F17-9B58-7246ACB5C7E4}" = Microsoft Visual Basic 2010 Express - ENU
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4A43B47-0518-4a39-B377-15DC62076AC0}_is1" = Tipard Video Converter Platinum 6.2.16
"{F5C372A1-40F3-49DA-A049-F75CDE9177DC}" = Pinnacle Studio Ultimate Collection Plugins
"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition
"{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}" = Quake Live Mozilla Plugin
"{ffbbd184-8eba-469f-bb26-ea4e1f6bfd4c}" = MechWarrior Online
"18 Wheels of Steel: American Long Haul" = 18 Wheels of Steel: American Long Haul
"1-abc.net Backup" = 1-abc.net Backup (Remove only)
"4 Elements_is1" = 4 Elements
"5513-1208-7298-9440" = JDownloader 0.9
"ACPsoft PDF Converter" = ACPsoft PDF Converter
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Adrianne" = Adrianne demo by NVIDIA (remove only)
"AllMedia Grabber6.1" = AllMedia Grabber
"Alone Stars_is1" = Alone Stars 1.02a
"Animated Screensaver Maker" = Animated Screensaver Maker
"Animated Wallpaper Maker" = Animated Wallpaper Maker
"AnvSoft Photo Slideshow Maker Professional" = AnvSoft Photo Slideshow Maker Professional 5.56
"Around the World: New York_is1" = Around the World: New York 1.0
"Atlantis - Pearls of the Deep" = Atlantis - Pearls of the Deep
"Automatizovaný docházkový systém_is1" = Automatizovaný docházkový systém verze 3.96.5.1128
"Bacula" = Bacula
"bi_uninstaller" = Bundled software uninstaller
"Cascades" = Cascades demo by NVIDIA (remove only)
"Celestia_is1" = Celestia 1.6.1
"CobBackup11" = Cobian Backup 11 Gravity
"DAEMON Tools Lite" = DAEMON Tools Lite
"Digital Physiognomy" = Digital Physiognomy (remove only)
"EAGLE 6.2.0" = EAGLE 6.2.0
"Easy Office Recovery" = Easy Office Recovery
"eFlip Lite_is1" = eFlip Lite
"EMCO UnLock IT 2_is1" = EMCO UnLock IT 2.0
"EPSON Scanner" = EPSON Scan
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60
"FilesFrog Update Checker" = FilesFrog Update Checker
"FileStream Web Boomerang" = FileStream Web Boomerang
"Fraps" = Fraps (remove only)
"GameParkClient_is1" = GamePark
"GOGPACKTYRIAN2000_is1" = Tyrian 2000
"Google Chrome" = Google Chrome
"Hi Slider_is1" = Hi Slider
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IconLover" = IconLover
"IFX-Supreme 1.0" = IFX-Supreme
"ImageMagick 6.8.0 Q16_is1" = ImageMagick 6.8.0-8 Q16 (2012-12-01)
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{D50500AA-D25A-463B-98BF-E09585325711}" = DesignSpark PCB Version 5.0
"iRecordMax Sound Recorder_is1" = iRecordMax Sound Recorder v7.1.3
"IrfanView" = IrfanView (remove only)
"Kakuro" = Kakuro
"KC Softwares PhotoToFilm_is1" = KC Softwares PhotoToFilm
"Knoll Light Factory EZ Studio" = Knoll Light Factory EZ Studio
"Live Aquarium HD_is1" = Live Aquarium HD
"Magic Bullet Looks Studio" = Magic Bullet Looks Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft Visual Basic 2010 Express - ENU" = Microsoft Visual Basic 2010 Express - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"mIRC" = mIRC
"NavyField2 EU" = NavyField2
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"OpenTTD" = OpenTTD 1.3.0
"Origin" = Origin
"PDF Rotator_is1" = PDF Rotator 1.0.2
"Picasa 3" = Picasa 3
"Presentation Assistant_is1" = Presentation Assistant V2.7.2
"ProcessLasso" = Process Lasso
"PunkBusterSvc" = PunkBuster Services
"Race Driver - GRID 2_is1" = Race Driver - GRID 2 1.0.82.5097
"RADVideo" = RAD Video Tools
"Red Giant ToonIt Studio" = Red Giant ToonIt Studio
"Royal Envoy_is1" = Royal Envoy
"SequoiaView" = SequoiaView
"Shadowgun DeadZone" = Shadowgun: DeadZone
"Sim Aquarium 3_is1" = Sim Aquarium 3
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"SoftOrbits Photo Retoucher_is1" = SoftOrbits Photo Retoucher 1.3
"Solitaire Mystery - Stolen Power_is1" = Solitaire Mystery - Stolen Power
"SpaceMonger" = SpaceMonger 2.1.1
"Steam App 102600" = Orcs Must Die!
"Steam App 105450" = Age of Empires® III: Complete Collection
"Steam App 10620" = Empire: Total War Demo
"Steam App 11250" = Pacific Storm
"Steam App 11260" = Pacific Storm: Allies
"Steam App 13260" = Unreal Development Kit
"Steam App 13500" = Prince of Persia: Warrior Within
"Steam App 13530" = Prince of Persia: The Two Thrones
"Steam App 13600" = Prince of Persia: The Sands of Time
"Steam App 17480" = Command and Conquer: Red Alert 3
"Steam App 19980" = Prince of Persia
"Steam App 200170" = Worms Revolution
"Steam App 201790" = Orcs Must Die! 2
"Steam App 202270" = Leviathan: Warships
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 203160" = Tomb Raider
"Steam App 203630" = Warlock - Master of the Arcane
"Steam App 203770" = Crusader Kings II
"Steam App 204080" = The Showdown Effect
"Steam App 204300" = Awesomenauts
"Steam App 205370" = Airline Tycoon 2 Demo
"Steam App 206980" = War of the Roses Balance Beta
"Steam App 207190" = Fireburst
"Steam App 209330" = A Valley Without Wind
"Steam App 210290" = Naval War: Arctic Circle Demo
"Steam App 211160" = Viking: Battle for Asgard
"Steam App 211940" = F1 2012 Demo
"Steam App 212680" = FTL: Faster Than Light
"Steam App 214360" = Tower Wars
"Steam App 214550" = Eets Munchies
"Steam App 214560" = Mark of the Ninja
"Steam App 219190" = Ultratron
"Steam App 2200" = Quake III Arena
"Steam App 220160" = Trials Evolution Gold Edition
"Steam App 220240" = Far Cry® 3
"Steam App 220820" = Zombie Driver HD
"Steam App 221030" = Towns Demo
"Steam App 221380" = Age of Empires II: HD Edition
"Steam App 224760" = FEZ
"Steam App 224960" = Tomb Raider I
"Steam App 224980" = Tomb Raider: The Last Revelation
"Steam App 225000" = Tomb Raider: Chronicles
"Steam App 225020" = Tomb Raider (VI): The Angel of Darkness
"Steam App 225140" = Duke Nukem 3D: Megaton Edition
"Steam App 225260" = Brütal Legend
"Steam App 225300" = Tomb Raider II
"Steam App 225320" = Tomb Raider III: Adventures of Lara Croft
"Steam App 228320" = A Valley Without Wind 2
"Steam App 231120" = Euro Truck Simulator 2 Demo
"Steam App 231410" = Kerbal Space Program Demo
"Steam App 233410" = Final Hours of Tomb Raider
"Steam App 234370" = Shattered Haven
"Steam App 234740" = Tower Wars Editor
"Steam App 2350" = Quake III: Team Arena
"Steam App 235640" = Sanctum 2 Demo
"Steam App 238210" = System Shock 2
"Steam App 238510" = Castlevania: Lords of Shadow - Ultimate Edition DEMO
"Steam App 238890" = Skyward Collapse
"Steam App 243340" = Rayman Legends Demo
"Steam App 243820" = MotoGP™13 Demo
"Steam App 246460" = FORCED Demo
"Steam App 24740" = Burnout Paradise: The Ultimate Box
"Steam App 25800" = Europa Universalis III
"Steam App 33320" = Prince of Persia: The Forgotten Sands
"Steam App 34880" = Sniper Ghost Warrior 2 Demo
"Steam App 35710" = Trine Demo
"Steam App 35720" = Trine 2
"Steam App 40400" = AI War: Fleet Command
"Steam App 40420" = Tidalis
"Steam App 41000" = Serious Sam HD: The First Encounter
"Steam App 41010" = Serious Sam HD: The Second Encounter
"Steam App 41040" = Serious Sam HD: The Second Encounter Editor
"Steam App 41070" = Serious Sam 3: BFE
"Steam App 42160" = War of the Roses
"Steam App 42910" = Magicka
"Steam App 43110" = Metro 2033
"Steam App 4460" = City Life 2008
"Steam App 47790" = Medal of Honor(TM) Single Player
"Steam App 47830" = Medal of Honor(TM) Multiplayer
"Steam App 49520" = Borderlands 2
"Steam App 65740" = Carrier Command: Gaea Mission
"Steam App 7000" = Tomb Raider: Legend
"Steam App 8000" = Tomb Raider: Anniversary
"Steam App 8190" = Just Cause 2
"Steam App 98400" = Hard Reset
"Sudoku Up_is1" = Sudoku Up 2012 v6.0
"TC PowerPack" = TC PowerPack 1.7
"TeamViewer 8" = TeamViewer 8
"Trapcode 3DStroke Studio" = Trapcode 3DStroke Studio
"Trapcode Particular Studio" = Trapcode Particular Studio
"Trapcode Shine Studio" = Trapcode Shine Studio
"TreeSize Free_is1" = TreeSize Free V1.7.9
"Ultima Steganography_is1" = Ultima Steganography 1.7
"UnrealTournament" = Unreal Tournament G.O.T.Y. Edition
"Uplay" = Uplay
"uTorrent" = µTorrent
"Video Rotator_is1" = Video Rotator V1.0
"WinAVR-20100110" = WinAVR 20100110 (remove only)
"Yacht Animated Wallpaper_is1" = Yacht Animated Wallpaper version 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"917fb2dcd1e84e28" = Výpočet hmotnosti polotovaru 1.3
"Dexpot" = Dexpot
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 15.9.2013 7:01:09 | Computer Name = Speedead | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.
Error - 15.9.2013 18:52:42 | Computer Name = Speedead | Source = SideBySide | ID = 16842761
Description = Generování kontextu aktivace pro C:\Program Files\WinZip\adxloader.dll.Manifest
se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files\WinZip\adxloader.dll.Manifest
na řádku 2. Kořenový prvek souboru manifestu musí být symbolická adresa.
Error - 16.9.2013 11:48:48 | Computer Name = Speedead | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Users\User\Downloads\esetsmartinstaller_enu.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 16.9.2013 11:49:45 | Computer Name = Speedead | Source = NvStreamSvc | ID = 131073
Description =
Error - 16.9.2013 11:50:05 | Computer Name = Speedead | Source = NvStreamSvc | ID = 131073
Description =
Error - 16.9.2013 11:50:05 | Computer Name = Speedead | Source = NvStreamSvc | ID = 131073
Description =
Error - 16.9.2013 11:50:05 | Computer Name = Speedead | Source = NvStreamSvc | ID = 131073
Description =
Error - 16.9.2013 11:53:54 | Computer Name = Speedead | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.
Error - 16.9.2013 11:53:54 | Computer Name = Speedead | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.
Error - 16.9.2013 11:53:54 | Computer Name = Speedead | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.
[ OSession Events ]
Error - 26.2.2013 16:22:56 | Computer Name = Speedead | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 840
seconds with 780 seconds of active time. This session ended with a crash.
Error - 26.2.2013 16:23:36 | Computer Name = Speedead | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.
Error - 26.2.2013 16:34:28 | Computer Name = Speedead | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 1.3.2013 14:07:36 | Computer Name = Speedead | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2.3.2013 14:54:34 | Computer Name = Speedead | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2548
seconds with 240 seconds of active time. This session ended with a crash.
Error - 2.3.2013 14:55:21 | Computer Name = Speedead | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 39
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 15.9.2013 4:55:27 | Computer Name = Speedead | Source = Service Control Manager | ID = 7000
Description = Služba TVicPort neuspěla při spuštění v důsledku následující chyby:
%%1275
Error - 15.9.2013 4:55:30 | Computer Name = Speedead | Source = Service Control Manager | ID = 7034
Description = Služba Bacula File Backup Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 15.9.2013 6:57:53 | Computer Name = Speedead | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk6\DR6.
Error - 15.9.2013 6:57:54 | Computer Name = Speedead | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk6\DR6.
Error - 15.9.2013 6:57:54 | Computer Name = Speedead | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk6\DR6.
Error - 15.9.2013 6:57:55 | Computer Name = Speedead | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk6\DR6.
Error - 15.9.2013 13:00:50 | Computer Name = Speedead | Source = DCOM | ID = 10010
Description =
Error - 16.9.2013 11:49:43 | Computer Name = Speedead | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\TVicPort.SYS bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 16.9.2013 11:49:43 | Computer Name = Speedead | Source = Service Control Manager | ID = 7000
Description = Služba TVicPort neuspěla při spuštění v důsledku následující chyby:
%%1275
Error - 16.9.2013 11:49:46 | Computer Name = Speedead | Source = Service Control Manager | ID = 7034
Description = Služba Bacula File Backup Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
< End of report >
Google ví skoro vše. Ale někdy je problém co tam napsat, aby to našlo to, co hledám.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
Pokud se to nepovede, vypadne tuna nepoužitelných odkazů a nebo taky nic.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43297
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Havěť - Babylon Search
Má tam dva Combofixy...
Nech to smažeme v OTL.
Ten OTL dej znovu a celý , chybí začátek.
Nech to smažeme v OTL.
Ten OTL dej znovu a celý , chybí začátek.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Seznam[Bot] a 1 host