PC se seká - kontrola logu Vyřešeno

[tomikzlesa]

tu je

ComboFix 13-12-13.01 - Tom 13.12.2013 22:16:08.5.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4092.2454 [GMT 1:00]
Spuštěný z: c:\download\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tom\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.22.3\goopdate.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.22.3\psmachine.dll
c:\program files (x86)\Google\Update\1.3.22.3\psuser.dll
c:\program files (x86)\Google\Update\Download\{2BF2CA35-CCAF-4E58-BAB7-4163BFA03B88}\7.1.1.1888\GoogleEarth-Win-Plugin-7.1.1.1888.exe
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Seznam.cz
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.autoupdate-1.0.5-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.chromelisticka-1.4.2.1-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.szninstall-1.1.3-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.sznsetup-1.1.1-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\packages.inf
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-base-1.0.0-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-core-4-4.1.2-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-email-4-4.0.4-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-fflisticka-2.5.4-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-ielisticka-2.6.2-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-listicka-2.6.2-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-seznamdesktop-1.0.4-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-srank-4.1.1-win32.zip
c:\program files (x86)\Seznam.cz\distribution\partner.conf
c:\program files (x86)\Seznam.cz\distribution\sources.inf
c:\program files (x86)\Seznam.cz\distribution\szninstall.exe
c:\program files (x86)\Seznam.cz\distribution\sznsetup.exe
c:\program files (x86)\Spybot - Search & Destroy
c:\program files (x86)\Spybot - Search & Destroy\advcheck.dll
c:\program files (x86)\Spybot - Search & Destroy\AGTQQOTGI.scr
c:\program files (x86)\Spybot - Search & Destroy\aports.dll
c:\program files (x86)\Spybot - Search & Destroy\blindman.exe
c:\program files (x86)\Spybot - Search & Destroy\Default configuration.ini
c:\program files (x86)\Spybot - Search & Destroy\DelZip179.dll
c:\program files (x86)\Spybot - Search & Destroy\Dummies\dummy.cd_clint.dll
c:\program files (x86)\Spybot - Search & Destroy\Dummies\dummy.dap.gif
c:\program files (x86)\Spybot - Search & Destroy\Dummies\dummy.data.xml
c:\program files (x86)\Spybot - Search & Destroy\Dummies\dummy.default.gif
c:\program files (x86)\Spybot - Search & Destroy\Dummies\dummy.related.htm
c:\program files (x86)\Spybot - Search & Destroy\Help\Brasil.license.txt
c:\program files (x86)\Spybot - Search & Destroy\Help\Cesky.license.txt
c:\program files (x86)\Spybot - Search & Destroy\Help\Cesky.Resident.chm
c:\program files (x86)\Spybot - Search & Destroy\Help\Deutsch.license.txt
c:\program files (x86)\Spybot - Search & Destroy\Help\English.chm
c:\program files (x86)\Spybot - Search & Destroy\Help\English.license.txt
c:\program files (x86)\Spybot - Search & Destroy\Help\Espanol.license.txt
c:\program files (x86)\Spybot - Search & Destroy\Help\Francais.license.txt
c:\program files (x86)\Spybot - Search & Destroy\Help\Hellenic.license.txt
c:\program files (x86)\Spybot - Search & Destroy\Help\Italiano.license.txt
c:\program files (x86)\Spybot - Search & Destroy\Help\Japanese.license.ansi.txt
c:\program files (x86)\Spybot - Search & Destroy\Help\Japanese.license.txt
c:\program files (x86)\Spybot - Search & Destroy\Help\Korean.license.txt
c:\program files (x86)\Spybot - Search & Destroy\Help\Nederlands.license.txt
c:\program files (x86)\Spybot - Search & Destroy\Help\Polski.license.txt
c:\program files (x86)\Spybot - Search & Destroy\Help\Russkiy.license.txt
c:\program files (x86)\Spybot - Search & Destroy\Help\Slovensky.license.txt
c:\program files (x86)\Spybot - Search & Destroy\Help\Srpski.license.txt
c:\program files (x86)\Spybot - Search & Destroy\Help\Suomi.license.txt
c:\program files (x86)\Spybot - Search & Destroy\Includes\AdvWhite.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\Adware.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\AdwareC.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\Browserpages.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\CLSIDs.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\Cookies.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\Cookies.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\Dialer.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\Dialer.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\DialerC.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\Domains.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\HeavyDuty.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\Hijackers.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\HijackersC.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\HintOfTheDay.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\iPhone.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\Keyloggers.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\KeyloggersC.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\Logs.uts
c:\program files (x86)\Spybot - Search & Destroy\Includes\LSP.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\LSP.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\Malware.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\MalwareC.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\OperaPlugins.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\ProcWatch.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\PUPS.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\PUPSC.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\RegDFLinks.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\RegWatch.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\RegXLinks.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\Revision.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\Revision.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\Searchpages.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\Security.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\SecurityC.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\Services.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\Spybots.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\SpybotsC.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\Spyware.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\SpywareC.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\Startup.tnfo
c:\program files (x86)\Spybot - Search & Destroy\Includes\Targets.nfo
c:\program files (x86)\Spybot - Search & Destroy\Includes\Tracks.uti
c:\program files (x86)\Spybot - Search & Destroy\Includes\Trojans.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\TrojansC-02.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\TrojansC-03.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\TrojansC-04.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\TrojansC-05.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\TrojansC.sbi
c:\program files (x86)\Spybot - Search & Destroy\Includes\TTLASSH.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\URL-Blacklist.sbs
c:\program files (x86)\Spybot - Search & Destroy\Includes\X509White.sbs
c:\program files (x86)\Spybot - Search & Destroy\Languages\Afrikaans.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Arabic.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Azeri.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Bahasa Indonesia.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Belarusskiy.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Bosanski.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Brasil.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Bulgarski.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Catalan.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Cesky.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Dansk.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Deutsch.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Eesti.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\English.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Espanol.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Esperanto.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Euskera.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Farsi.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Francais.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Furlan.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Galego.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Hebrew.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Hellenic.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Hindi.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Hrvatski.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Chinese (simplified).sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Chinese (traditional).sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Islenska.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Italiano.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Japanese.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Korean.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Latvian.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Letzebuergesch.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Lietuviu.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Magyar.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Makedonski.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Melayu.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Nederlands.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Norsk.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Polski.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Portugues.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Romaneste.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Russkiy.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Shqip.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Slovenscina.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Slovensky.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Srpski.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Suomi.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Svenska.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Thai.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Turkce.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Ukrainian.sbl
c:\program files (x86)\Spybot - Search & Destroy\Languages\Uzbek.sbl
c:\program files (x86)\Spybot - Search & Destroy\messages.zres
c:\program files (x86)\Spybot - Search & Destroy\OptOut.ini
c:\program files (x86)\Spybot - Search & Destroy\Plugins\Fennel.dll
c:\program files (x86)\Spybot - Search & Destroy\Plugins\Chai.dll
c:\program files (x86)\Spybot - Search & Destroy\Plugins\Mate.dll
c:\program files (x86)\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll
c:\program files (x86)\Spybot - Search & Destroy\PRFFDHFW.scr
c:\program files (x86)\Spybot - Search & Destroy\SDFiles.exe
c:\program files (x86)\Spybot - Search & Destroy\SDMain.exe
c:\program files (x86)\Spybot - Search & Destroy\SDShred.exe
c:\program files (x86)\Spybot - Search & Destroy\SDUpdate.exe
c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe
c:\program files (x86)\Spybot - Search & Destroy\Skins\Colorblind.ini
c:\program files (x86)\Spybot - Search & Destroy\Skins\Italia.ini
c:\program files (x86)\Spybot - Search & Destroy\Skins\Italia.jpg
c:\program files (x86)\Spybot - Search & Destroy\Skins\Peace.ini
c:\program files (x86)\Spybot - Search & Destroy\Skins\Peace.jpg
c:\program files (x86)\Spybot - Search & Destroy\SMMRYIGQKSQNSTQOQ.scr
c:\program files (x86)\Spybot - Search & Destroy\SpybotSD.exe
c:\program files (x86)\Spybot - Search & Destroy\sqlite3.dll
c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe
c:\program files (x86)\Spybot - Search & Destroy\Tools.dll
c:\program files (x86)\Spybot - Search & Destroy\unins000.dat
c:\program files (x86)\Spybot - Search & Destroy\unins000.exe
c:\program files (x86)\Spybot - Search & Destroy\unins000.msg
c:\program files (x86)\Spybot - Search & Destroy\UninsSrv.dll
c:\program files (x86)\Spybot - Search & Destroy\Update.exe
c:\program files (x86)\Spybot - Search & Destroy\Updates\advcheck165.exe
c:\program files (x86)\Spybot - Search & Destroy\Updates\advcheck165.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\clsid.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\desc.english.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\downloaded.ini
c:\program files (x86)\Spybot - Search & Destroy\Updates\help.cesky.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\helpres.cesky.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\includes.dialer.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\includes.hijackers.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\includes.iPhone.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\includes.keyloggers.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\includes.malware.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\includes.pups.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\includes.security.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\includes.spybots.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\includes.trojans.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\lang.cesky.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\online.ini
c:\program files (x86)\Spybot - Search & Destroy\Updates\online.ini.uiz
c:\program files (x86)\Spybot - Search & Destroy\Updates\startup.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\supplemental.zip
c:\program files (x86)\Spybot - Search & Destroy\Updates\teatimer166.exe
c:\program files (x86)\Spybot - Search & Destroy\Updates\teatimer166.zip
c:\program files (x86)\Spybot - Search & Destroy\XTSHWCPOJ.scr
c:\users\Tom\AppData\Roaming\Seznam.cz
c:\users\Tom\AppData\Roaming\Seznam.cz\bin\6302libfoxloader-x64.dll
c:\users\Tom\AppData\Roaming\Seznam.cz\bin\6302libfoxloader.dll
c:\users\Tom\AppData\Roaming\Seznam.cz\bin\ffkill.exe
c:\users\Tom\AppData\Roaming\Seznam.cz\bin\libfoxcub-x64.dll
c:\users\Tom\AppData\Roaming\Seznam.cz\bin\libfoxcub.dll
c:\users\Tom\AppData\Roaming\Seznam.cz\bin\libchinst.dll
c:\users\Tom\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
c:\users\Tom\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
c:\users\Tom\AppData\Roaming\Seznam.cz\bin\msvcp100.dll
c:\users\Tom\AppData\Roaming\Seznam.cz\bin\msvcr100.dll
c:\users\Tom\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
c:\users\Tom\AppData\Roaming\Seznam.cz\bin\unlockInstance.dll
c:\users\Tom\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
c:\users\Tom\AppData\Roaming\Seznam.cz\conf\libfoxcub\foxcub.conf
c:\users\Tom\AppData\Roaming\Seznam.cz\conf\libfoxcub\regcfg.conf
c:\users\Tom\AppData\Roaming\Seznam.cz\conf\libfoxcub\remote.conf
c:\users\Tom\AppData\Roaming\Seznam.cz\conf\szndesktop.conf
c:\users\Tom\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxcub.conf
c:\users\Tom\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
c:\users\Tom\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libchinst.conf
c:\users\Tom\AppData\Roaming\Seznam.cz\conf\szndesktop.d\unlockInstance.conf
c:\users\Tom\AppData\Roaming\Seznam.cz\data\chrome\partner.conf
c:\users\Tom\AppData\Roaming\Seznam.cz\data\listickaconfig.webpak
c:\users\Tom\AppData\Roaming\Seznam.cz\data\listickanastaveni.webpak
c:\users\Tom\AppData\Roaming\Seznam.cz\data\speeddial.webpak
c:\users\Tom\AppData\Roaming\Seznam.cz\data\szndesktop.webpak
c:\users\Tom\AppData\Roaming\Seznam.cz\install.log
c:\users\Tom\AppData\Roaming\Seznam.cz\install\cz.seznam.software.autoupdate-1.0.5-win32.zip
c:\users\Tom\AppData\Roaming\Seznam.cz\install\cz.seznam.software.chromelisticka-1.4.2.1-win32.zip
c:\users\Tom\AppData\Roaming\Seznam.cz\install\cz.seznam.software.szninstall-1.1.3-win32.zip
c:\users\Tom\AppData\Roaming\Seznam.cz\install\cz.seznam.software.sznsetup-1.1.1-win32.zip
c:\users\Tom\AppData\Roaming\Seznam.cz\install\packages.inf
c:\users\Tom\AppData\Roaming\Seznam.cz\install\szn-software-base-1.0.0-win32.zip
c:\users\Tom\AppData\Roaming\Seznam.cz\install\szn-software-core-4-4.1.2-win32.zip
c:\users\Tom\AppData\Roaming\Seznam.cz\install\szn-software-email-4-4.0.4-win32.zip
c:\users\Tom\AppData\Roaming\Seznam.cz\install\szn-software-fflisticka-2.5.4-win32.zip
c:\users\Tom\AppData\Roaming\Seznam.cz\install\szn-software-ielisticka-2.6.2-win32.zip
c:\users\Tom\AppData\Roaming\Seznam.cz\install\szn-software-listicka-2.6.2-win32.zip
c:\users\Tom\AppData\Roaming\Seznam.cz\install\szn-software-seznamdesktop-1.0.4-win32.zip
c:\users\Tom\AppData\Roaming\Seznam.cz\install\szn-software-srank-4.1.1-win32.zip
c:\users\Tom\AppData\Roaming\Seznam.cz\packages.inf
c:\users\Tom\AppData\Roaming\Seznam.cz\partner.conf
c:\users\Tom\AppData\Roaming\Seznam.cz\sources.inf
c:\users\Tom\AppData\Roaming\Seznam.cz\szninstall.exe
c:\users\Tom\AppData\Roaming\Seznam.cz\sznsetup.exe
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\com_microsoft_msdn_msvcr100_10_0_40219_325.install.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\com_microsoft_msdn_msvcr100_10_0_40219_325.uninstall.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_autoupdate_1_0_8.install.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_autoupdate_1_0_8.uninstall.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_chromelisticka_1_7_1.install.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_chromelisticka_1_7_1.uninstall.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_ielisticka3_3_1_5.install.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_ielisticka3_3_1_5.uninstall.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxcub_3_1_5.install.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxcub_3_1_5.uninstall.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxcub64_3_1_5.install.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxcub64_3_1_5.uninstall.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libszndesktop_2_0_26.install.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libszndesktop_2_0_26.reconfigure.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libszndesktop_2_0_26.uninstall.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_lightspeed_1210_12_10_12.install.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_lightspeed_1210_12_10_12.uninstall.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_pp_1_0_2.install.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_pp_1_0_2.uninstall.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_szndesktop_2_0_26.install.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_szndesktop_2_0_26.uninstall.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_szninstall_1_1_14.install.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_szninstall_1_1_14.uninstall.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_sznsetup_1_2_6.install.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_sznsetup_1_2_6.uninstall.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\szn_software_base_1_0_0.install.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\szn_software_base_1_0_0.uninstall.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\szn_software_fflisticka_2_5_16.install.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\szn_software_fflisticka_2_5_16.uninstall.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\szn_software_listicka_3_0_0.install.bat
c:\users\Tom\AppData\Roaming\Seznam.cz\uninstall\szn_software_listicka_3_0_0.uninstall.bat
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SBSDWSCService
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-13 do 2013-12-13 )))))))))))))))))))))))))))))))
.
.
2013-12-13 21:18 . 2013-12-13 21:18 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-12-13 21:18 . 2013-12-13 21:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-13 18:05 . 2013-12-13 18:07 -------- d-----w- c:\programdata\RegCure
2013-12-13 18:05 . 2013-12-13 18:07 -------- d-----w- c:\program files (x86)\RegCure
2013-12-13 18:01 . 2013-12-13 18:01 -------- d-----w- c:\users\Tom\AppData\Roaming\ParetoLogic
2013-12-13 18:01 . 2013-12-13 18:01 -------- d-----w- c:\users\Tom\AppData\Roaming\DriverCure
2013-12-13 18:01 . 2013-12-13 18:01 -------- d-----w- c:\program files (x86)\Common Files\ParetoLogic
2013-12-13 18:01 . 2013-12-13 18:01 -------- d-----w- c:\programdata\ParetoLogic
2013-12-13 18:01 . 2013-12-13 18:01 -------- d-----w- c:\program files (x86)\ParetoLogic
2013-12-13 11:22 . 2013-12-13 11:22 -------- d-----w- c:\windows\ERUNT
2013-12-11 17:52 . 2006-11-16 18:28 1147904 ----a-w- c:\windows\SysWow64\BDGE.ocx
2013-12-11 17:52 . 2004-03-08 23:00 662288 ----a-w- c:\windows\SysWow64\Mscomct2.ocx
2013-12-11 17:52 . 2004-03-08 21:00 152848 ----a-w- c:\windows\SysWow64\comdlg32.ocx
2013-12-11 17:52 . 2004-03-08 21:00 1081616 ----a-w- c:\windows\SysWow64\mscomctl.ocx
2013-12-11 17:52 . 2003-07-28 02:11 65536 ----a-w- c:\windows\SysWow64\wh2robo.dll
2013-12-11 17:52 . 2003-01-18 17:32 49152 ----a-w- c:\windows\SysWow64\INETWH32.dll
2013-12-11 17:52 . 1998-08-04 23:00 63488 ----a-w- c:\windows\SysWow64\MsCc2IT.dll
2013-12-11 17:52 . 1998-08-04 23:00 33792 ----a-w- c:\windows\SysWow64\CmDlgIT.dll
2013-12-11 17:52 . 1998-08-04 23:00 150528 ----a-w- c:\windows\SysWow64\MsCmCIT.dll
2013-12-11 17:52 . 1997-10-08 19:30 30720 ----a-w- c:\windows\SysWow64\linkweb.ocx
2013-12-11 17:52 . 2013-12-11 17:52 -------- d-----w- c:\program files (x86)\Pianeta Musica
2013-12-11 17:52 . 2003-07-28 00:50 1044480 ----a-w- c:\windows\SysWow64\ROBOEX32.dll
2013-12-11 17:34 . 2013-12-11 17:34 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-12-11 17:34 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-12-11 17:26 . 2013-12-13 17:42 -------- d-----w- C:\AdwCleaner
2013-12-09 18:11 . 2013-12-09 18:11 388096 ----a-r- c:\users\Tom\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-12-09 18:11 . 2013-12-09 18:11 -------- d-----w- c:\program files (x86)\Trend Micro
2013-12-08 08:10 . 2013-12-13 11:30 -------- d-----w- c:\users\UpdatusUser
2013-12-08 07:39 . 2013-12-08 07:39 -------- d-----w- c:\windows\Migration
2013-12-08 07:38 . 2013-11-08 03:12 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2B05070F-ED55-4BD7-80E9-518686B49AE0}\mpengine.dll
2013-12-08 07:38 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-12-08 07:38 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-12-08 07:38 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-12-08 07:38 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-12-08 07:38 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-12-08 07:38 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-12-08 07:38 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-12-08 07:38 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-12-08 07:38 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-12-06 17:00 . 2013-12-06 17:00 -------- d-----w- c:\users\Tom\AppData\Local\3DMGAME
2013-12-04 20:41 . 2013-12-04 20:41 -------- d-----w- c:\users\Tom\AppData\Roaming\AVG
2013-12-04 20:40 . 2013-12-04 20:41 -------- d-----w- c:\programdata\AVG
2013-12-04 20:40 . 2013-12-04 20:40 -------- d-sh--w- c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-12-04 20:23 . 2013-12-04 20:23 -------- d-----w- c:\program files\CPUID
2013-12-04 17:13 . 2013-12-04 17:13 -------- d-----w- c:\users\Tom\.android
2013-12-04 17:13 . 2013-12-04 17:13 -------- d-----w- c:\users\Tom\AppData\Local\cache
2013-12-04 17:13 . 2013-12-04 20:46 -------- d-----w- c:\users\Tom\AppData\Local\Mobogenie
2013-12-04 17:13 . 2013-12-04 17:13 -------- d-----w- c:\users\Tom\AppData\Local\genienext
2013-11-25 17:22 . 2013-11-25 17:23 -------- d-----w- c:\program files (x86)\Dead Island
2013-11-20 18:03 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-11-20 18:03 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-11-20 17:57 . 2013-09-28 01:09 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-11-20 17:56 . 2013-10-04 02:28 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-11-20 17:56 . 2013-10-04 02:25 197120 ----a-w- c:\windows\system32\credui.dll
2013-11-20 17:56 . 2013-10-04 02:24 1930752 ----a-w- c:\windows\system32\authui.dll
2013-11-20 17:56 . 2013-10-04 01:58 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-11-20 17:56 . 2013-10-04 01:56 168960 ----a-w- c:\windows\SysWow64\credui.dll
2013-11-20 17:56 . 2013-10-04 01:56 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-11-20 17:48 . 2013-10-03 02:23 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-11-20 17:48 . 2013-10-03 02:00 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-11-20 17:46 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-20 17:46 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-20 17:45 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-11-20 17:45 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-20 17:45 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-11-20 17:45 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-11-20 17:45 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-11-18 17:35 . 2013-11-29 14:47 -------- d-----w- c:\program files (x86)\FreeRapid-0.9u3
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-11 18:20 . 2012-08-08 18:58 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 18:20 . 2012-08-08 18:58 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-20 18:31 . 2012-08-08 18:04 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-11-19 02:33 . 2012-08-08 17:56 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-14 11:55 . 2012-08-08 17:32 18293608 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-11-14 11:55 . 2013-11-06 17:15 15862272 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-11-14 11:55 . 2012-08-08 17:32 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-11-14 11:55 . 2013-04-17 06:40 2697248 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-11-14 11:55 . 2012-08-08 17:32 3069608 ----a-w- c:\windows\system32\nvapi64.dll
2013-11-11 15:02 . 2012-08-08 17:32 6674208 ----a-w- c:\windows\system32\nvcpl.dll
2013-11-11 15:02 . 2012-08-08 17:32 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-11-11 15:01 . 2012-08-08 17:32 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-11-11 15:01 . 2012-08-08 17:32 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-11-11 15:01 . 2012-08-08 17:32 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-11-11 15:01 . 2012-08-08 17:32 3467927 ----a-w- c:\windows\system32\nvcoproc.bin
2013-11-11 07:59 . 2013-11-11 07:59 590112 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-10-23 10:30 . 2013-11-06 17:15 1884448 ----a-w- c:\windows\system32\nvdispco6433165.dll
2013-10-23 10:30 . 2013-11-06 17:15 1511712 ----a-w- c:\windows\system32\nvdispgenco6433165.dll
2013-10-20 13:37 . 2013-10-20 13:37 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-10-20 13:37 . 2013-10-20 13:37 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-10-20 13:37 . 2013-10-20 13:37 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-10-20 13:37 . 2013-10-20 13:37 81408 ----a-w- c:\windows\system32\icardie.dll
2013-10-20 13:37 . 2013-10-20 13:37 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-10-20 13:37 . 2013-10-20 13:37 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-10-20 13:37 . 2013-10-20 13:37 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-10-20 13:37 . 2013-10-20 13:37 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-10-20 13:37 . 2013-10-20 13:37 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-10-20 13:37 . 2013-10-20 13:37 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-10-20 13:37 . 2013-10-20 13:37 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-10-20 13:37 . 2013-10-20 13:37 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-10-20 13:37 . 2013-10-20 13:37 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-10-20 13:37 . 2013-10-20 13:37 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-10-20 13:37 . 2013-10-20 13:37 441856 ----a-w- c:\windows\system32\html.iec
2013-10-20 13:37 . 2013-10-20 13:37 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-10-20 13:37 . 2013-10-20 13:37 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-10-20 13:37 . 2013-10-20 13:37 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-10-20 13:37 . 2013-10-20 13:37 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-20 13:37 . 2013-10-20 13:37 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-10-20 13:37 . 2013-10-20 13:37 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-10-20 13:37 . 2013-10-20 13:37 235008 ----a-w- c:\windows\system32\url.dll
2013-10-20 13:37 . 2013-10-20 13:37 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-10-20 13:37 . 2013-10-20 13:37 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-10-20 13:37 . 2013-10-20 13:37 216064 ----a-w- c:\windows\system32\msls31.dll
2013-10-20 13:37 . 2013-10-20 13:37 197120 ----a-w- c:\windows\system32\msrating.dll
2013-10-20 13:37 . 2013-10-20 13:37 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-10-20 13:37 . 2013-10-20 13:37 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-10-20 13:37 . 2013-10-20 13:37 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-10-20 13:37 . 2013-10-20 13:37 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-10-20 13:37 . 2013-10-20 13:37 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-20 13:37 . 2013-10-20 13:37 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-10-20 13:37 . 2013-10-20 13:37 149504 ----a-w- c:\windows\system32\occache.dll
2013-10-20 13:37 . 2013-10-20 13:37 144896 ----a-w- c:\windows\system32\wextract.exe
2013-10-20 13:37 . 2013-10-20 13:37 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-10-20 13:37 . 2013-10-20 13:37 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-10-20 13:37 . 2013-10-20 13:37 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-10-20 13:37 . 2013-10-20 13:37 13824 ----a-w- c:\windows\system32\mshta.exe
2013-10-20 13:37 . 2013-10-20 13:37 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-10-20 13:37 . 2013-10-20 13:37 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-10-20 13:37 . 2013-10-20 13:37 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-10-20 13:37 . 2013-10-20 13:37 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-10-20 13:37 . 2013-10-20 13:37 102912 ----a-w- c:\windows\system32\inseng.dll
2013-10-20 13:37 . 2013-10-20 13:37 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-10-20 13:37 . 2013-10-20 13:37 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-10-20 13:37 . 2013-10-20 13:37 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-10-20 13:37 . 2013-10-20 13:37 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-10-20 13:37 . 2013-10-20 13:37 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-10-20 13:37 . 2013-10-20 13:37 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-10-20 13:35 . 2013-10-20 13:35 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-10-20 13:35 . 2013-10-20 13:35 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-10-20 13:35 . 2013-10-20 13:35 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-10-20 13:35 . 2013-10-20 13:35 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-10-20 13:35 . 2013-10-20 13:35 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-10-20 13:35 . 2013-10-20 13:35 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-10-20 13:35 . 2013-10-20 13:35 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-10-20 13:35 . 2013-10-20 13:35 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-10-20 13:35 . 2013-10-20 13:35 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-10-20 13:35 . 2013-10-20 13:35 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-10-20 13:35 . 2013-10-20 13:35 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-10-20 13:35 . 2013-10-20 13:35 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-10-20 13:35 . 2013-10-20 13:35 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-10-20 13:35 . 2013-10-20 13:35 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-10-20 13:35 . 2013-10-20 13:35 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-10-20 13:35 . 2013-10-20 13:35 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-10-20 13:35 . 2013-10-20 13:35 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-10-20 13:35 . 2013-10-20 13:35 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-10-20 13:35 . 2013-10-20 13:35 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-10-20 13:35 . 2013-10-20 13:35 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-10-20 13:35 . 2013-10-20 13:35 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-10-20 13:35 . 2013-10-20 13:35 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-10-20 13:35 . 2013-10-20 13:35 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-10-20 13:35 . 2013-10-20 13:35 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-10-20 13:35 . 2013-10-20 13:35 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-10-20 13:35 . 2013-10-20 13:35 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-10-20 13:35 . 2013-10-20 13:35 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-10-20 13:35 . 2013-10-20 13:35 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-10-20 13:35 . 2013-10-20 13:35 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-10-20 13:35 . 2013-10-20 13:35 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-10-20 13:35 . 2013-10-20 13:35 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-10-20 13:35 . 2013-10-20 13:35 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-10-20 13:35 . 2013-10-20 13:35 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-04-26 3111744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files (x86)\Logitech\SetPoint\SetPoint.exe [2012-8-8 1207312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys;c:\windows\SYSNATIVE\DRIVERS\adusbser.sys [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XICTAMDM;CELOT-W USB MODEM Driver;c:\windows\system32\DRIVERS\XICTAMDM.sys;c:\windows\SYSNATIVE\DRIVERS\XICTAMDM.sys [x]
R3 XICTANmea;CELOT-W NMEA Device Driver(WDM);c:\windows\system32\DRIVERS\XICTANmea.sys;c:\windows\SYSNATIVE\DRIVERS\XICTANmea.sys [x]
R3 XICTAVSP;CELOT-W DM Interface Driver(WDM);c:\windows\system32\DRIVERS\XICTAVSP.sys;c:\windows\SYSNATIVE\DRIVERS\XICTAVSP.sys [x]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 WinRing0_1_2_0;WinRing0_1_2_0;e:\instal\OpenHardwareMonitor\WinRing0x64.sys;e:\instal\OpenHardwareMonitor\WinRing0x64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WINRING0_1_2_0
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-08 18:20]
.
2013-12-13 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2013-12-13 c:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-20 20:52]
.
2013-12-13 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-20 20:52]
.
2013-12-13 c:\windows\Tasks\RegCure Pro.job
- c:\program files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe [2012-10-22 20:06]
.
2013-12-13 c:\windows\Tasks\RegCure Program Check.job
- c:\program files (x86)\RegCure\RegCure.exe [2012-07-13 11:45]
.
2013-12-13 c:\windows\Tasks\RegCure.job
- c:\program files (x86)\RegCure\RegCure.exe [2012-07-13 11:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.20.3.1 192.168.20.9
TCP: Interfaces\{675DA55C-CF9B-447B-8BDF-C7B8BA3B9EA6}: NameServer = 160.218.161.60 160.218.167.5
TCP: Interfaces\{8FC1770C-3A85-4356-9DA8-23D7513444D6}: NameServer = 160.218.161.60 160.218.167.5
TCP: Interfaces\{C5373C0F-ACD8-4441-B153-92D593275B89}: NameServer = 160.218.161.60 160.218.167.5
FF - ProfilePath - c:\users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - ExtSQL: 2013-12-06 18:00; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 - c:\program files (x86)\Spybot - Search & Destroy\unins000.exe
AddRemove-SeznamInstall - c:\users\Tom\AppData\Roaming\Seznam.cz\szninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1233362422-2132673313-2214222441-1000\Software\SecuROM\License information*]
"datasecu"=hex:78,2d,09,58,d7,c5,8b,7b,3b,de,b5,c0,2d,79,d2,0e,13,6d,9a,08,76,
19,7f,b5,21,bf,b9,7b,d4,41,96,55,bc,30,a6,06,e2,cf,72,00,b2,ec,a3,50,84,87,\
"rkeysecu"=hex:1b,b5,52,6d,b9,b0,2c,c1,55,51,23,8c,25,8e,a7,8c
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2013-12-13 22:20:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-13 21:20
ComboFix2.txt 2013-12-13 20:55
.
Před spuštěním: Volných bajtů: 31 828 930 560
Po spuštění: Volných bajtů: 31 442 178 048
.
- - End Of File - - 200BF66049DD58433C7FACEF0B522F52
A36C5E4F47E84449FF07ED3517B43A31

[Reklama]

[memphisto]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

+ Nový log z HJT

Jak se chová PC?

[tomikzlesa]

od doby co to řešíme se pc nesekl, takže zatím v pořádku

log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:15:02, on 14.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16736)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{675DA55C-CF9B-447B-8BDF-C7B8BA3B9EA6}: NameServer = 160.218.161.60 160.218.167.5
O17 - HKLM\System\CCS\Services\Tcpip\..\{8FC1770C-3A85-4356-9DA8-23D7513444D6}: NameServer = 160.218.161.60 160.218.167.5
O17 - HKLM\System\CCS\Services\Tcpip\..\{C5373C0F-ACD8-4441-B153-92D593275B89}: NameServer = 160.218.161.60 160.218.167.5
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6908 bytes

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"



Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[tomikzlesa]

díky za pomoc a ochotu

[tomikzlesa]

Tak bohužel ani po vyčišteni problém nepřestal, pc se při práci ve win seká a zamrzá. Při problému nelze vypnout PC, jen se jakoby uspí ale neustále běží.

[Orcus]

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[tomikzlesa]

jen se zeptám, nemuže to být třeba přeplněným system HD ?

Extras

OTL Extras logfile created on: 3.1.2014 12:03:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Download
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,70 Gb Available Physical Memory | 67,54% Memory free
7,99 Gb Paging File | 6,47 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 18,26 Gb Free Space | 15,31% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 36,62 Gb Free Space | 3,93% Space Free | Partition Type: NTFS
Drive F: | 39,06 Gb Total Space | 9,29 Gb Free Space | 23,77% Space Free | Partition Type: NTFS
Drive G: | 193,82 Gb Total Space | 14,19 Gb Free Space | 7,32% Space Free | Partition Type: NTFS

Computer Name: SHIT | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = ComFile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.pif [@ = piffile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2008530F-3AD3-4978-B22C-7269E1A567FF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{3992B228-D7EF-4377-8D10-638B5B832566}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{79708FCF-769F-4B2E-8EEE-0F46B77D4D3E}" = protocol=17 | dir=in | app=c:\games\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe |
"{99004B2A-6CB7-4304-A57E-768634A3FA81}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9A4EBEDD-76A7-4062-A7B3-0C4E23529FAE}" = protocol=17 | dir=in | app=c:\games\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe |
"{BD12C438-73C0-43A0-9D17-C3BF0F19D7D6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C0EDEB2E-BB2A-4359-95D7-8F85280D74A1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D736D0F1-E3D8-421F-80E7-D3D1EE42D492}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F1EFB02C-59B7-4F54-AD92-4A6B72D8229F}" = protocol=6 | dir=in | app=c:\games\s.t.a.l.k.e.r. - call of pripyat\bin\dedicated\xrengine.exe |
"{FA2217E1-5368-4045-B7D4-5287A6FE5282}" = protocol=6 | dir=in | app=c:\games\s.t.a.l.k.e.r. - call of pripyat\bin\xrengine.exe |
"TCP Query User{146C00E8-7F86-44AF-A205-1E2FDCE6D9D6}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\launch4j-tmp\frd.exe |
"TCP Query User{2E27CA88-2B58-441B-BF6D-A47E5951D040}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\launch4j-tmp\frd.exe |
"TCP Query User{3B335CBD-C199-490B-8646-370F9AACB591}C:\games\assassin's creed iii\ac3sp.exe" = protocol=6 | dir=in | app=c:\games\assassin's creed iii\ac3sp.exe |
"TCP Query User{40BDB96E-8456-4651-8F52-20CF1BC8FC91}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{56789155-5E49-4396-A15A-304A72960AFA}C:\games\gothic ii gold\_work\tools\zspy\zspy.exe" = protocol=6 | dir=in | app=c:\games\gothic ii gold\_work\tools\zspy\zspy.exe |
"TCP Query User{64B50433-3C36-4275-A847-D271AEEC9CE8}C:\games\dead island riptide\deadislandgame_x86_rwdi.exe" = protocol=6 | dir=in | app=c:\games\dead island riptide\deadislandgame_x86_rwdi.exe |
"TCP Query User{64E1CC34-06EE-4241-9F22-A04E8CB59F6A}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{834E8924-F11A-4436-8CB4-0257C5F0859F}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{94F7DADA-CA92-4524-8957-8774C92CE60D}C:\games\assassin's creed iii\ac3sp.exe" = protocol=6 | dir=in | app=c:\games\assassin's creed iii\ac3sp.exe |
"UDP Query User{003BC228-9A6E-4A2B-9C30-87C8A34A6536}C:\games\gothic ii gold\_work\tools\zspy\zspy.exe" = protocol=17 | dir=in | app=c:\games\gothic ii gold\_work\tools\zspy\zspy.exe |
"UDP Query User{2985512B-0471-4C58-A7AD-F651CF43824A}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{4C2043CE-A0A1-4250-8ACE-6EE4271556D3}C:\games\assassin's creed iii\ac3sp.exe" = protocol=17 | dir=in | app=c:\games\assassin's creed iii\ac3sp.exe |
"UDP Query User{60C77D01-7954-42B4-BD74-79AF0FDB57C6}C:\games\assassin's creed iii\ac3sp.exe" = protocol=17 | dir=in | app=c:\games\assassin's creed iii\ac3sp.exe |
"UDP Query User{95C9DBA4-FCBF-4739-A674-3A33E2EF62DD}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{9D97A4D3-3878-43D5-9B3E-590C17A79175}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\launch4j-tmp\frd.exe |
"UDP Query User{BBE409F8-A165-41A1-8FC1-4FAF7DE57474}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\launch4j-tmp\frd.exe |
"UDP Query User{CB710C82-D506-44F3-8867-DCD2AC8AFD0C}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{D989AB0A-1F20-4F07-8F91-24DCA12F3095}C:\games\dead island riptide\deadislandgame_x86_rwdi.exe" = protocol=17 | dir=in | app=c:\games\dead island riptide\deadislandgame_x86_rwdi.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{14D10AAC-9737-454E-A247-8075C26C30E1}" = SILENT HILL 3
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{26A24AE4-039D-4CA4-87B4-2F83217010F0}" = Java 7 Update 10
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0427.1
"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call of Pripyat [v1.6.01]
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{60c18d2f-01e1-4cce-bfb1-de8573ffcb84}" = Nero 9
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8B95673D-2D4C-4216-ADA2-3660973700BF}" = Gothic II Gold
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}" = Browser Configuration Utility
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1. - Czech
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"7-Zip" = 7-Zip 4.65
"Absolute Nature Texture Pack 2_is1" = Absolute Nature 2 for S.T.A.L.K.E.R - Call of Pripyat
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Disk Catalog" = Advanced Disk Catalog
"ArtMoney SE_is1" = ArtMoney SE v7.40.2
"ContentMod_2.4" = ContentMod2.4
"DAEMON Tools Pro" = DAEMON Tools Pro
"G2MDK" = Gothic II - Modification Development Kit
"G3QP231012008_is1" = Questpaket 4 Update 2 Deinstallation
"GOM Player" = GOM Player
"GOTHIC2 - ADDON_RETURNING" = GOTHIC2 - ADDON_RETURNING
"InstallShield_{14D10AAC-9737-454E-A247-8075C26C30E1}" = SILENT HILL 3
"InstallShield_{8B95673D-2D4C-4216-ADA2-3660973700BF}" = Gothic II Gold
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.2.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mozilla Firefox 26.0 (x86 cs)" = Mozilla Firefox 26.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OrkMod2.0" = OrkMod2.0
"RGVhZCBJc2xhbmQgUmlwdGlkZSAoYykgRGVlcCBTaWx2ZXI=_is1" = Dead Island Riptide (c) Deep Silver version 1
"Torchlight II (c) Runic Games_is1" = Torchlight II (c) Runic Games version 1
"Totalcmd" = Total Commander (Remove or Repair)
"Usb Game Pad" = Usb Game Pad
"VGhlIEluY3JlZGlibGUgQWR2ZW50dXJlcyBvZiBWYW4gSGVsc2luZw==_is1" = The Incredible Adventures of Van Helsing (c) NeocoreGames version 1
"VGhlSW5jcmVkaWJsZUFkdmVudHVyZXNvZlZhbkhlbHNpbmc=_is1" = The Incredible Adventures of Van Helsing Update v1.1.25 incl DLC
"VL Sound 5.1" = VL Sound 5.1
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"7f4182272b52fd8f" = CZShare Manager
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 24.12.2013 9:54:52 | Computer Name = SHIT | Source = Application Error | ID = 1000
Description = Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové
razítko: 0x524d488f Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1,
časové razítko: 0x524d488f Kód výjimky: 0xc0000005 Posun chyby: 0x00000000003ce3c2
ID
chybujícího procesu: 0xe74 Čas spuštění chybující aplikace: 0x01cf00afb814a41c Cesta
k chybující aplikaci: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
Cesta
k chybujícímu modulu: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
ID
zprávy: f6099243-6ca2-11e3-9acb-1c6f65a7d698

Error - 24.12.2013 9:54:57 | Computer Name = SHIT | Source = Application Error | ID = 1000
Description = Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové
razítko: 0x524d488f Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1,
časové razítko: 0x524d488f Kód výjimky: 0xc0000005 Posun chyby: 0x00000000003ce3c2
ID
chybujícího procesu: 0xe08 Čas spuštění chybující aplikace: 0x01cf00afbb35ba85 Cesta
k chybující aplikaci: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
Cesta
k chybujícímu modulu: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
ID
zprávy: f8f3ba26-6ca2-11e3-9acb-1c6f65a7d698

Error - 24.12.2013 11:04:39 | Computer Name = SHIT | Source = Application Error | ID = 1000
Description = Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové
razítko: 0x524d488f Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1,
časové razítko: 0x524d488f Kód výjimky: 0xc0000005 Posun chyby: 0x00000000003ce3c2
ID
chybujícího procesu: 0x120c Čas spuštění chybující aplikace: 0x01cf00b976c4c753 Cesta
k chybující aplikaci: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
Cesta
k chybujícímu modulu: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
ID
zprávy: b5388557-6cac-11e3-9acb-1c6f65a7d698

Error - 24.12.2013 12:39:12 | Computer Name = SHIT | Source = Application Error | ID = 1000
Description = Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové
razítko: 0x52614a03 Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1,
časové razítko: 0x52614a03 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000003de742
ID
chybujícího procesu: 0xf28 Čas spuštění chybující aplikace: 0x01cf00c6abf3ce09 Cesta
k chybující aplikaci: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
Cesta
k chybujícímu modulu: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
ID
zprávy: eb13af94-6cb9-11e3-9acb-1c6f65a7d698

Error - 24.12.2013 12:39:19 | Computer Name = SHIT | Source = Application Error | ID = 1000
Description = Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové
razítko: 0x52614a03 Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1,
časové razítko: 0x52614a03 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000003de742
ID
chybujícího procesu: 0xf98 Čas spuštění chybující aplikace: 0x01cf00c6b14c8545 Cesta
k chybující aplikaci: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
Cesta
k chybujícímu modulu: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
ID
zprávy: ef15a0a9-6cb9-11e3-9acb-1c6f65a7d698

Error - 24.12.2013 12:40:17 | Computer Name = SHIT | Source = Application Error | ID = 1000
Description = Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové
razítko: 0x519ce103 Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1,
časové razítko: 0x519ce103 Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000423617
ID
chybujícího procesu: 0xfb4 Čas spuštění chybující aplikace: 0x01cf00c6bc07793f Cesta
k chybující aplikaci: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
Cesta
k chybujícímu modulu: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
ID
zprávy: 11b8a6c9-6cba-11e3-9acb-1c6f65a7d698

Error - 24.12.2013 12:41:49 | Computer Name = SHIT | Source = Application Error | ID = 1000
Description = Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové
razítko: 0x519ce103 Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1,
časové razítko: 0x519ce103 Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000423617
ID
chybujícího procesu: 0xf0 Čas spuštění chybující aplikace: 0x01cf00c6eefdab5d Cesta
k chybující aplikaci: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
Cesta
k chybujícímu modulu: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
ID
zprávy: 48894318-6cba-11e3-9acb-1c6f65a7d698

Error - 24.12.2013 12:44:12 | Computer Name = SHIT | Source = Application Error | ID = 1000
Description = Název chybující aplikace: VanHelsing_x86.exe, verze: 1.0.0.1, časové
razítko: 0x519ce10f Název chybujícího modulu: VanHelsing_x86.exe, verze: 1.0.0.1,
časové razítko: 0x519ce10f Kód výjimky: 0xc0000005 Posun chyby: 0x0036b221 ID chybujícího
procesu: 0x1268 Čas spuštění chybující aplikace: 0x01cf00c738dd6613 Cesta k chybující
aplikaci: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x86.exe Cesta
k chybujícímu modulu: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x86.exe
ID
zprávy: 9dcaf20e-6cba-11e3-9acb-1c6f65a7d698

Error - 24.12.2013 12:44:49 | Computer Name = SHIT | Source = Application Error | ID = 1000
Description = Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové
razítko: 0x519ce103 Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1,
časové razítko: 0x519ce103 Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000423617
ID
chybujícího procesu: 0x670 Čas spuštění chybující aplikace: 0x01cf00c763d74d58 Cesta
k chybující aplikaci: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
Cesta
k chybujícímu modulu: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
ID
zprávy: b3662b5c-6cba-11e3-9acb-1c6f65a7d698

Error - 24.12.2013 12:46:50 | Computer Name = SHIT | Source = Application Error | ID = 1000
Description = Název chybující aplikace: VanHelsing_x64.exe, verze: 1.0.0.1, časové
razítko: 0x519ce103 Název chybujícího modulu: VanHelsing_x64.exe, verze: 1.0.0.1,
časové razítko: 0x519ce103 Kód výjimky: 0xc0000005 Posun chyby: 0x0000000000423617
ID
chybujícího procesu: 0x59c Čas spuštění chybující aplikace: 0x01cf00c7aac6b8c8 Cesta
k chybující aplikaci: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
Cesta
k chybujícímu modulu: C:\GAMES\The Incredible Adventures of Van Helsing\VanHelsing_x64.exe
ID
zprávy: fbf5f6cd-6cba-11e3-9acb-1c6f65a7d698

[ System Events ]
Error - 2.1.2014 11:59:47 | Computer Name = SHIT | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.

Error - 2.1.2014 11:59:50 | Computer Name = SHIT | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.

Error - 2.1.2014 11:59:52 | Computer Name = SHIT | Source = Application Popup | ID = 875
Description = Načtení ovladače atksgt.sys je blokováno.

Error - 2.1.2014 11:59:52 | Computer Name = SHIT | Source = Service Control Manager | ID = 7000
Description = Služba atksgt neuspěla při spuštění v důsledku následující chyby:
%%1275

Error - 2.1.2014 17:37:15 | Computer Name = SHIT | Source = nvlddmkm | ID = 11141134
Description =

Error - 3.1.2014 4:27:17 | Computer Name = SHIT | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.

Error - 3.1.2014 4:27:17 | Computer Name = SHIT | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.

Error - 3.1.2014 4:27:20 | Computer Name = SHIT | Source = volmgr | ID = 262190
Description = Inicializace výpisu stavu systému se nezdařila.

Error - 3.1.2014 4:27:22 | Computer Name = SHIT | Source = Application Popup | ID = 875
Description = Načtení ovladače atksgt.sys je blokováno.

Error - 3.1.2014 4:27:22 | Computer Name = SHIT | Source = Service Control Manager | ID = 7000
Description = Služba atksgt neuspěla při spuštění v důsledku následující chyby:
%%1275


< End of report >

[tomikzlesa]

OTL

OTL logfile created on: 3.1.2014 12:03:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Download
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,70 Gb Available Physical Memory | 67,54% Memory free
7,99 Gb Paging File | 6,47 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 18,26 Gb Free Space | 15,31% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 36,62 Gb Free Space | 3,93% Space Free | Partition Type: NTFS
Drive F: | 39,06 Gb Total Space | 9,29 Gb Free Space | 23,77% Space Free | Partition Type: NTFS
Drive G: | 193,82 Gb Total Space | 14,19 Gb Free Space | 7,32% Space Free | Partition Type: NTFS

Computer Name: SHIT | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Download\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
PRC - C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\winamp.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\vis_milk2.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\vis_avs.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\burnlib.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_local.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_disc.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_pmp.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_jumpex.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_mp3.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_ff.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_midi.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_ml.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_mod.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\out_ds.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_classicart.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_wm.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_wire.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_online.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_cdda.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\dsp_sps.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_playlists.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_plg.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_vorbis.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_nsv.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_hotkeys.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\auth.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\pmp_usb.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\pmp_android.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ombrowser.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\enc_aacplus.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_downloads.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_timerestore.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_history.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_tray.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\vis_nsfs.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\out_wave.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_transcode.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_orgler.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_crasher.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_autotag.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_dshow.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\pmp_ipod.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\out_disk.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_wav.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\enc_wma.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\tagz.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_wv.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_wave.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_flac.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_rg.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_impex.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_bookmarks.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_avi.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\enc_lame.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_mp4.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_mkv.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\pmp_p4s.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\pmp_activesync.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\gen_find_on_disk.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\enc_vorbis.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\enc_flac.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\winampa.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\pmp_njb.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\playlist.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_orb.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_nowplaying.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\ml_addons.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_swf.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_linein.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\in_flv.lng ()
MOD - C:\Users\Tom\AppData\Local\Temp\WLZ672D.tmp\enc_wav.lng ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll ()
MOD - C:\Program Files (x86)\Winamp\System\jnetlib.w5s ()
MOD - C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac ()
MOD - C:\Program Files (x86)\Winamp\Plugins\in_wm.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\ml_local.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll ()
MOD - C:\Program Files (x86)\Winamp\libsndfile.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll ()
MOD - C:\Program Files (x86)\Winamp\System\aacPlusDecoder.w5s ()
MOD - C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll ()
MOD - C:\Program Files (x86)\Winamp\System\auth.w5s ()
MOD - C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\in_mod.dll ()
MOD - C:\Program Files (x86)\Winamp\System\jpeg.w5s ()
MOD - C:\Program Files (x86)\Winamp\Plugins\ml_online.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\pmp_wifi.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\in_midi.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll ()
MOD - C:\Program Files (x86)\Winamp\System\xml.w5s ()
MOD - C:\Program Files (x86)\Winamp\System\png.w5s ()
MOD - C:\Program Files (x86)\Winamp\System\playlist.w5s ()
MOD - C:\Program Files (x86)\Winamp\tataki.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\ml_plg.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll ()
MOD - C:\Program Files (x86)\Winamp\nde.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\in_avi.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\pmp_android.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\in_flac.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\gen_orgler.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll ()
MOD - C:\Program Files (x86)\Winamp\nsutil.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\out_ds.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\ml_history.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll ()
MOD - C:\Program Files (x86)\Winamp\zlib.dll ()
MOD - C:\Program Files (x86)\Winamp\System\devices.w5s ()
MOD - C:\Program Files (x86)\Winamp\Plugins\in_flv.dll ()
MOD - C:\Program Files (x86)\Winamp\System\timer.w5s ()
MOD - C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\in_swf.dll ()
MOD - C:\Program Files (x86)\Winamp\System\albumart.w5s ()
MOD - C:\Program Files (x86)\Winamp\Plugins\out_disk.dll ()
MOD - C:\Program Files (x86)\Winamp\System\tagz.w5s ()
MOD - C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll ()
MOD - C:\Program Files (x86)\Winamp\System\gif.w5s ()
MOD - C:\Program Files (x86)\Winamp\System\bmp.w5s ()
MOD - C:\Program Files (x86)\Winamp\Plugins\out_wave.dll ()
MOD - C:\Program Files (x86)\Winamp\Plugins\in_wave.dll ()
MOD - C:\Program Files (x86)\Winamp\System\dlmgr.w5s ()
MOD - C:\Program Files (x86)\Winamp\System\gracenote.w5s ()
MOD - C:\Program Files (x86)\Winamp\System\filereader.w5s ()
MOD - C:\Program Files (x86)\Winamp\System\primo.w5s ()
MOD - C:\Program Files (x86)\Winamp\Plugins\in_linein.dll ()
MOD - C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll ()
MOD - C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe ()


========== Services (SafeList) ==========

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppleChargerSrv) -- C:\Windows\SysNative\AppleChargerSrv.exe ()
SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (AppleCharger) -- C:\Windows\SysNative\drivers\AppleCharger.sys ()
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (adusbser) -- C:\Windows\SysNative\drivers\adusbser.sys (QUALCOMM Incorporated)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (WinRing0_1_2_0) -- E:\INSTAL\OpenHardwareMonitor\WinRing0x64.sys (OpenLibSys.org)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{74352B3E-1377-4276-9574-3FE03D989F26}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
IE - HKCU\..\SearchScopes\{99A30B05-D66E-4103-B288-12D9ECEAB95A}: "URL" = http://www.google.com/custom?client=pub ... 1&hl=cs&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "seznam.cz"
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\GAMES\Assassin's Creed III\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.12.25 23:42:50 | 000,000,000 | ---D | M]

[2012.08.08 18:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Extensions
[2012.08.08 18:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013.12.06 18:00:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions
[2013.12.06 18:00:01 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.10.26 23:03:19 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\translator@zoli.bod.xpi
[2013.10.15 17:35:03 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.08.09 15:45:00 | 000,001,780 | ---- | M] () -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\searchplugins\google-cz.xml
[2012.08.08 19:21:58 | 000,000,629 | ---- | M] () -- C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\oj23w72w.default\searchplugins\yahoo.xml
[2013.12.25 23:42:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.12.25 23:42:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007.04.10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll
[2013.09.03 14:53:52 | 000,187,248 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2010.11.30 14:20:46 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll

O1 HOSTS File: ([2013.12.13 22:19:33 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.20.3.1 192.168.20.9
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{675DA55C-CF9B-447B-8BDF-C7B8BA3B9EA6}: NameServer = 160.218.161.60 160.218.167.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FC1770C-3A85-4356-9DA8-23D7513444D6}: NameServer = 160.218.161.60 160.218.167.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5373C0F-ACD8-4441-B153-92D593275B89}: NameServer = 160.218.161.60 160.218.167.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE6B5D71-242D-47DB-AE12-57FC7E92A7D2}: DhcpNameServer = 10.20.3.1 192.168.20.9
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\http\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\https\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.12.25 23:42:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.12.24 16:10:36 | 000,000,000 | ---D | C] -- C:\Users\Tom\Documents\NeocoreGames
[2013.12.24 15:41:42 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\NeocoreGames
[2013.12.24 14:26:58 | 000,000,000 | ---D | C] -- C:\Users\Tom\Documents\Nová složka
[2013.12.24 14:24:00 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\CrashDumps
[2013.12.13 22:19:34 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013.12.13 22:18:50 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.12.13 21:50:56 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.12.13 19:05:41 | 000,000,000 | ---D | C] -- C:\ProgramData\RegCure
[2013.12.13 19:01:41 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\ParetoLogic
[2013.12.13 19:01:41 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\DriverCure
[2013.12.13 19:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2013.12.13 12:22:26 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.12.13 12:14:10 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\Nová složka (3)
[2013.12.13 12:13:09 | 001,045,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet35.dll
[2013.12.13 12:13:09 | 000,407,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrepl35.dll
[2013.12.13 12:13:09 | 000,251,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSRD2X35.DLL
[2013.12.13 12:13:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ODBCTL32.DLL
[2013.12.13 12:13:09 | 000,037,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSJINT35.DLL
[2013.12.13 12:13:09 | 000,024,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSJTER35.DLL
[2013.12.13 12:13:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HT Audio
[2013.12.13 12:11:09 | 000,000,000 | ---D | C] -- C:\Users\Tom\Desktop\BassBoxPro v6.0
[2013.12.11 18:52:25 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomctl.ocx
[2013.12.11 18:52:25 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsCmCIT.dll
[2013.12.11 18:52:25 | 000,065,536 | ---- | C] (eHelp Corporation.) -- C:\Windows\SysWow64\wh2robo.dll
[2013.12.11 18:52:25 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsCc2IT.dll
[2013.12.11 18:52:25 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\SysWow64\INETWH32.dll
[2013.12.11 18:52:25 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CmDlgIT.dll
[2013.12.11 18:52:24 | 001,044,480 | ---- | C] (eHelp Corporation.) -- C:\Windows\SysWow64\ROBOEX32.dll
[2013.12.11 18:34:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.12.11 18:34:38 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.12.11 18:34:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.12.11 18:26:55 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.12.09 19:11:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2013.12.09 19:11:49 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013.12.08 09:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.12.08 09:09:12 | 030,361,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013.12.08 09:09:12 | 022,951,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013.12.08 09:09:12 | 018,208,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013.12.08 09:09:12 | 015,218,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013.12.08 09:09:12 | 011,514,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013.12.08 09:09:12 | 009,691,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013.12.08 09:09:12 | 009,619,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013.12.08 09:09:12 | 003,132,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013.12.08 09:09:12 | 003,125,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013.12.08 09:09:12 | 002,947,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013.12.08 09:09:12 | 002,747,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013.12.08 09:09:12 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433182.dll
[2013.12.08 09:09:12 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433182.dll
[2013.12.08 09:09:12 | 001,242,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2013.12.08 09:09:12 | 000,707,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013.12.08 09:09:12 | 000,657,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013.12.08 09:09:12 | 000,609,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013.12.08 09:09:12 | 000,562,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013.12.08 09:09:12 | 000,317,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2013.12.08 09:09:12 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2013.12.08 09:09:12 | 000,168,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2013.12.08 09:09:12 | 000,141,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2013.12.08 09:09:11 | 025,257,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013.12.08 09:09:11 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013.12.08 09:09:11 | 011,600,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013.12.08 08:39:17 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013.12.08 08:38:03 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.12.08 08:38:02 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013.12.08 08:38:02 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013.12.07 13:14:22 | 000,000,000 | ---D | C] -- C:\Users\Tom\Documents\BloodKnights
[2013.12.06 18:00:23 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\3DMGAME
[2013.12.04 21:41:00 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Roaming\AVG
[2013.12.04 21:40:52 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2013.12.04 21:40:51 | 000,000,000 | -HSD | C] -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2013.12.04 21:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2013.12.04 18:13:29 | 000,000,000 | ---D | C] -- C:\Users\Tom\.android
[2013.12.04 18:13:28 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\cache
[2013.12.04 18:13:27 | 000,000,000 | ---D | C] -- C:\Users\Tom\Documents\Mobogenie
[2013.12.04 18:13:27 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\Mobogenie
[2013.12.04 18:13:27 | 000,000,000 | ---D | C] -- C:\Users\Tom\AppData\Local\genienext

========== Files - Modified Within 30 Days ==========

[2014.01.03 11:20:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.03 09:34:29 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.03 09:34:29 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.03 09:31:42 | 001,584,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.01.03 09:31:42 | 000,668,866 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.01.03 09:31:42 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.01.03 09:31:42 | 000,141,526 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.01.03 09:31:42 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.01.03 09:27:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.03 09:27:18 | 3218,202,624 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.02 12:08:05 | 000,000,731 | ---- | M] () -- C:\Users\Tom\Desktop\PathOfExile.exe – zástupce.lnk
[2013.12.24 14:08:14 | 000,001,358 | ---- | M] () -- C:\Users\Tom\Desktop\VanHelsing_x64.exe – zástupce.lnk
[2013.12.14 14:12:05 | 000,242,102 | ---- | M] () -- C:\Users\Tom\Documents\cc_20131214_141201.reg
[2013.12.13 22:19:33 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.12.13 19:01:52 | 000,001,070 | ---- | M] () -- C:\Users\Tom\Desktop\Reckoning – zástupce.lnk
[2013.12.13 12:13:01 | 000,000,034 | ---- | M] () -- C:\Windows\DAOCONV.T1C
[2013.12.11 19:20:14 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.12.11 19:20:14 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.12.11 18:34:39 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.12.08 08:39:57 | 001,559,268 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.12.06 18:13:31 | 000,000,645 | ---- | M] () -- C:\Users\Tom\Desktop\Grim Dawn.exe – zástupce.lnk
[2013.12.04 21:24:58 | 000,392,760 | ---- | M] () -- C:\Users\Tom\Desktop\Bez názvu.jpg

========== Files Created - No Company Name ==========

[2014.01.02 12:08:05 | 000,000,731 | ---- | C] () -- C:\Users\Tom\Desktop\PathOfExile.exe – zástupce.lnk
[2013.12.24 18:06:31 | 000,000,785 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Incredible Adventures of Van Helsing.lnk
[2013.12.24 14:08:14 | 000,001,358 | ---- | C] () -- C:\Users\Tom\Desktop\VanHelsing_x64.exe – zástupce.lnk
[2013.12.14 14:12:03 | 000,242,102 | ---- | C] () -- C:\Users\Tom\Documents\cc_20131214_141201.reg
[2013.12.13 12:13:01 | 000,000,034 | ---- | C] () -- C:\Windows\DAOCONV.T1C
[2013.12.11 18:34:39 | 000,001,122 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.12.06 18:13:31 | 000,000,645 | ---- | C] () -- C:\Users\Tom\Desktop\Grim Dawn.exe – zástupce.lnk
[2013.12.04 21:24:57 | 000,392,760 | ---- | C] () -- C:\Users\Tom\Desktop\Bez názvu.jpg
[2013.02.13 18:32:03 | 001,559,268 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.24 19:50:21 | 000,000,000 | ---- | C] () -- C:\Windows\zSpy.INI
[2012.12.15 11:48:41 | 000,012,288 | ---- | C] () -- C:\Windows\d3dx.dat
[2012.08.27 17:32:19 | 000,029,696 | ---- | C] () -- C:\Windows\SysWow64\pthread.dll
[2012.08.26 08:55:36 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.08.26 08:38:27 | 000,078,085 | ---- | C] () -- C:\Windows\SysWow64\pattern.dat
[2012.08.26 08:38:25 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\fxstudio.dll
[2012.08.26 08:38:24 | 000,282,624 | ---- | C] () -- C:\Windows\SysWow64\animation2.dll
[2012.08.09 15:31:06 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.08.08 17:41:16 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.06.19 13:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe

[tomikzlesa]

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.12.04 21:41:00 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\AVG
[2012.12.04 17:18:16 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\DAEMON Tools Lite
[2013.12.20 09:43:13 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\DAEMON Tools Pro
[2012.10.24 20:55:04 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\DeadMage
[2013.12.13 19:01:41 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\DriverCure
[2012.12.10 12:20:48 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\fltk.org
[2012.08.09 15:15:41 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\GHISLER
[2012.08.08 19:49:56 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\ICQ
[2013.02.23 14:18:51 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\IObit
[2012.12.07 23:28:51 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\IonFx
[2013.11.06 18:30:12 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Kalypso Media
[2012.08.08 20:15:30 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Leadertech
[2013.11.02 23:06:42 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Opera Software
[2013.10.03 18:37:12 | 000,000,000 | -H-D | M] -- C:\Users\Tom\AppData\Roaming\Origin
[2013.12.13 19:01:41 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\ParetoLogic
[2012.10.16 21:39:39 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Photo DVD Maker
[2012.09.17 21:37:08 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\runic games
[2012.11.23 16:26:35 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Theta
[2012.09.09 20:41:37 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Trine2
[2013.04.09 20:25:53 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\TuneUp Software
[2012.08.10 15:26:44 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Ulozto File Manager
[2012.08.08 20:31:44 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\VitySoft
[2012.08.11 18:39:54 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\XRay Engine
[2012.08.09 15:20:41 | 000,000,000 | ---D | M] -- C:\Users\Tom\AppData\Roaming\Zoner

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 184 bytes -> C:\ProgramData\TEMP:A31FAD21

< End of report >

[Orcus]

Ještě poprosím o protokoly událostí.
1. Spusťte "Prohlížeč událostí" ("eventvwr" do vyhledávacího pole) -> "Protokoly systému Windows".
2. Označte pravým "Systém" -> "Uložit všechny události jako... system.evtx".
3. "system.evtx" nahrejte na http://leteckaposta.cz
4. Označte pravým "Aplikace" -> "Uložit všechny události jako... aplikace.evtx".
5. "aplikace.evtx" nahrejte na http://leteckaposta.cz

Snad v tom bude vidět, co za službu při vypínání mrzne.

[tomikzlesa]

tady jsou

http://leteckaposta.cz/uploaded/874780154
http://leteckaposta.cz/uploaded/353940935

diky za ochotu