OTL logfile created on: 28.3.2014 19:45:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Roman Pícha\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 71,46% Memory free
8,00 Gb Paging File | 6,86 Gb Available in Paging File | 85,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 64,79 Gb Free Space | 54,38% Space Free | Partition Type: NTFS
Drive F: | 298,08 Gb Total Space | 74,54 Gb Free Space | 25,01% Space Free | Partition Type: NTFS
Computer Name: DOMA | User Name: Roman Pícha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Roman Pícha\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe (ZONER software)
PRC - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Sony PC Companion) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (Disc Soft Ltd)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
DRV:64bit: - (EpfwLWF) -- C:\Windows\SysNative\drivers\EpfwLWF.sys (ESET)
DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\drivers\epfwwfp.sys (ESET)
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (xnacc) -- C:\Windows\SysNative\drivers\xnacc.sys (Microsoft Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B11483926-db67-4190-91b1-ef20fcec5f33%7D:0.4.7.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014.02.15 08:35:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.02.15 08:35:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013.02.19 13:54:43 | 000,000,000 | ---D | M]
[2013.02.19 11:59:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Extensions
[2014.03.21 17:40:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions
[2013.02.23 14:15:14 | 000,000,000 | ---D | M] (ÄŚeskĂ˝ slovnĂk pro kontrolu pravopisu) -- C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions\cs@dictionaries.addons.mozilla.org
[2013.07.23 15:59:51 | 000,078,359 | ---- | M] () (No name found) -- C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi
[2014.02.27 16:56:10 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.02.15 08:35:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.02.15 08:35:27 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014.02.15 08:35:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\Mozilla Firefox\extensions
[2014.02.15 08:35:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\ROMAN PĂCHA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2G36VQ3S.DEFAULT\EXTENSIONS\{11483926-DB67-4190-91B1-EF20FCEC5F33}.XPI
[2007.04.10 16:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll
[2012.09.23 19:43:40 | 000,208,008 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2013.04.28 15:08:10 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2013.04.28 15:08:10 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2013.04.28 15:08:10 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2013.04.28 15:08:10 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2013.04.28 15:08:10 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2013.04.28 15:08:10 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2013.04.28 15:08:10 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2012.06.28 16:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
O1 HOSTS File: ([2014.03.25 13:45:54 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe (ZONER software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~2\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~2\Office15\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 100.64.0.2 100.64.0.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADF1A68A-E884-4C80-9E80-C20DBD14C87E}: DhcpNameServer = 100.64.0.2 100.64.0.3
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014.03.28 19:44:22 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Roman Pícha\Desktop\OTL.exe
[2014.03.28 19:41:15 | 000,000,000 | ---D | C] -- C:\Users\Roman Pícha\Desktop\backups
[2014.03.27 19:00:26 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.03.27 19:00:23 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014.03.25 16:49:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
[2014.03.25 16:49:03 | 000,408,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2014.03.25 16:48:49 | 000,000,000 | ---D | C] -- C:\Users\Roman Pícha\AppData\Roaming\InstallShield
[2014.03.25 13:40:11 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014.03.23 16:09:47 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014.03.23 10:19:34 | 000,000,000 | ---D | C] -- C:\Users\Roman Pícha\AppData\Local\CrashDumps
[2014.03.22 20:18:46 | 000,000,000 | ---D | C] -- C:\Users\Roman Pícha\AppData\Roaming\AVG
[2014.03.22 20:18:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2014.03.22 20:18:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2014.03.22 20:18:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014.03.22 20:15:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014.03.22 20:15:26 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2014.03.22 20:15:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2014.03.22 19:48:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
[2014.03.22 16:27:01 | 000,000,000 | ---D | C] -- C:\Users\Roman Pícha\AppData\Local\ElevatedDiagnostics
[2014.03.22 16:20:10 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2014.03.22 16:20:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2014.03.22 16:20:01 | 000,000,000 | ---D | C] -- C:\Intel
[2014.03.21 22:09:46 | 001,179,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014.03.21 22:09:46 | 001,048,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014.03.21 22:09:46 | 000,000,000 | ---D | C] -- C:\Users\Roman Pícha\AppData\Local\NVIDIA
[2014.03.21 22:09:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014.03.21 22:09:01 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014.03.21 22:06:18 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014.03.21 22:06:18 | 000,035,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014.03.21 22:06:18 | 000,033,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014.03.21 22:06:17 | 031,474,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.03.21 22:06:17 | 025,255,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.03.21 22:06:17 | 023,716,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.03.21 22:06:17 | 018,302,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014.03.21 22:06:17 | 017,755,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.03.21 22:06:17 | 017,561,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.03.21 22:06:17 | 014,709,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014.03.21 22:06:17 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.03.21 22:06:17 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.03.21 22:06:17 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.03.21 22:06:17 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.03.21 22:06:17 | 003,143,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.03.21 22:06:17 | 002,958,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.03.21 22:06:17 | 002,783,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.03.21 22:06:17 | 002,411,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.03.21 22:06:17 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433523.dll
[2014.03.21 22:06:17 | 001,516,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433523.dll
[2014.03.21 22:06:17 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.03.21 22:06:17 | 000,877,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.03.21 22:06:17 | 000,863,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.03.21 22:06:17 | 000,846,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.03.21 22:06:17 | 000,832,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014.03.21 22:06:17 | 000,353,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014.03.21 22:06:17 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014.03.21 22:06:17 | 000,197,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2014.03.21 22:06:17 | 000,174,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014.03.21 22:06:17 | 000,148,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014.03.21 22:06:17 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2014.03.21 22:03:29 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014.03.20 18:24:37 | 000,000,000 | ---D | C] -- C:\Users\Roman Pícha\AppData\Local\Kosata6
[2014.03.20 16:44:58 | 000,000,000 | ---D | C] -- C:\Users\Roman Pícha\AppData\Roaming\Malwarebytes
[2014.03.20 16:44:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014.03.20 16:44:51 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014.03.20 16:44:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014.03.20 16:44:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.03.17 17:03:38 | 000,000,000 | ---D | C] -- C:\Users\Roman Pícha\AppData\Roaming\dvdcss
[2014.03.12 18:35:08 | 005,777,288 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
========== Files - Modified Within 30 Days ==========
[2014.03.28 19:44:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Roman Pícha\Desktop\OTL.exe
[2014.03.28 19:42:34 | 000,707,006 | ---- | M] () -- C:\Users\Roman Pícha\Desktop\delfix.exe
[2014.03.28 19:35:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.03.28 19:14:38 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.03.28 19:14:38 | 000,021,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.03.28 19:11:57 | 001,590,786 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.03.28 19:11:57 | 000,671,392 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.03.28 19:11:57 | 000,656,430 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.03.28 19:11:57 | 000,141,988 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.03.28 19:11:57 | 000,122,242 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.03.28 19:06:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.03.28 19:06:08 | 3220,525,056 | -HS- | M] () -- C:\hiberfil.sys
[2014.03.25 13:45:54 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.03.22 20:15:53 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014.03.22 20:15:26 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2014.03.22 16:20:01 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2014.03.20 16:44:52 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.03.12 18:35:21 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.03.12 18:35:21 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.03.12 18:35:08 | 005,777,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2014.03.04 15:35:23 | 031,474,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.03.04 15:35:23 | 025,255,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.03.04 15:35:23 | 023,716,640 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.03.04 15:35:23 | 018,302,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014.03.04 15:35:23 | 017,755,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.03.04 15:35:23 | 017,561,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.03.04 15:35:23 | 015,783,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.03.04 15:35:23 | 014,709,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014.03.04 15:35:23 | 011,636,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.03.04 15:35:23 | 011,589,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.03.04 15:35:23 | 009,728,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.03.04 15:35:23 | 009,690,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.03.04 15:35:23 | 003,143,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.03.04 15:35:23 | 003,093,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014.03.04 15:35:23 | 002,958,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.03.04 15:35:23 | 002,783,008 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.03.04 15:35:23 | 002,715,264 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014.03.04 15:35:23 | 002,411,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.03.04 15:35:23 | 001,885,472 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433523.dll
[2014.03.04 15:35:23 | 001,516,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433523.dll
[2014.03.04 15:35:23 | 000,947,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2014.03.04 15:35:23 | 000,892,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.03.04 15:35:23 | 000,877,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.03.04 15:35:23 | 000,863,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.03.04 15:35:23 | 000,846,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.03.04 15:35:23 | 000,832,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014.03.04 15:35:23 | 000,353,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014.03.04 15:35:23 | 000,305,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014.03.04 15:35:23 | 000,174,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014.03.04 15:35:23 | 000,148,016 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014.03.04 15:35:23 | 000,062,408 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014.03.04 15:35:23 | 000,054,216 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014.03.04 15:35:23 | 000,024,544 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2014.03.04 14:06:00 | 006,714,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014.03.04 14:06:00 | 003,497,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014.03.04 14:05:58 | 002,558,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2014.03.04 14:05:58 | 000,064,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014.03.04 14:05:57 | 000,386,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014.03.04 14:05:53 | 003,649,185 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2014.03.04 12:32:59 | 000,599,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
========== Files Created - No Company Name ==========
[2014.03.28 19:42:48 | 000,707,006 | ---- | C] () -- C:\Users\Roman Pícha\Desktop\delfix.exe
[2014.03.22 20:15:53 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014.03.22 16:20:01 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2014.03.20 16:44:52 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.10.18 14:43:08 | 000,007,970 | ---- | C] () -- C:\Users\Roman Pícha\AppData\Roaming\TheHunterSettings_live.bin
[2013.04.27 10:28:40 | 000,007,601 | ---- | C] () -- C:\Users\Roman Pícha\AppData\Local\Resmon.ResmonCfg
[2013.02.25 17:39:42 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.02.25 17:39:41 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.02.19 15:44:02 | 001,607,294 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.02.19 14:45:01 | 000,000,040 | ---- | C] () -- C:\Users\Roman Pícha\AppData\Roaming\TheHunterSettings_live.cfg
[2012.06.21 09:37:14 | 003,166,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.11.21 04:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.21 04:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014.03.22 20:18:46 | 000,000,000 | ---D | M] -- C:\Users\Roman Pícha\AppData\Roaming\AVG
[2014.02.14 17:43:43 | 000,000,000 | ---D | M] -- C:\Users\Roman Pícha\AppData\Roaming\avidemux
[2013.04.05 15:52:25 | 000,000,000 | ---D | M] -- C:\Users\Roman Pícha\AppData\Roaming\BitComet
[2014.03.23 16:27:38 | 000,000,000 | ---D | M] -- C:\Users\Roman Pícha\AppData\Roaming\DAEMON Tools Lite
[2013.02.19 13:55:33 | 000,000,000 | ---D | M] -- C:\Users\Roman Pícha\AppData\Roaming\ESET
[2014.01.19 16:22:58 | 000,000,000 | ---D | M] -- C:\Users\Roman Pícha\AppData\Roaming\Mp3tag
[2013.09.20 17:40:41 | 000,000,000 | ---D | M] -- C:\Users\Roman Pícha\AppData\Roaming\Sublime Text 2
[2013.02.25 17:34:22 | 000,000,000 | ---D | M] -- C:\Users\Roman Pícha\AppData\Roaming\Ubisoft
[2014.03.20 11:39:23 | 000,000,000 | ---D | M] -- C:\Users\Roman Pícha\AppData\Roaming\uTorrent
[2013.02.19 13:28:13 | 000,000,000 | ---D | M] -- C:\Users\Roman Pícha\AppData\Roaming\Wargaming.net
[2013.12.07 20:27:36 | 000,000,000 | ---D | M] -- C:\Users\Roman Pícha\AppData\Roaming\Zoner
========== Purity Check ==========
< End of report >
Prosím o kontrolu logu
Re: Prosím o kontrolu logu
OTL Extras logfile created on: 28.3.2014 19:45:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Roman Pícha\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 71,46% Memory free
8,00 Gb Paging File | 6,86 Gb Available in Paging File | 85,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 64,79 Gb Free Space | 54,38% Space Free | Partition Type: NTFS
Drive F: | 298,08 Gb Total Space | 74,54 Gb Free Space | 25,01% Space Free | Partition Type: NTFS
Computer Name: DOMA | User Name: Roman Pícha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08685DB1-1047-41DC-AE7A-3A3F66C58792}" = lport=20951 | protocol=6 | dir=in | name=bitcomet 20951 tcp |
"{08E1D5CB-23A4-4D98-9D6A-2E0E56AA2B09}" = rport=445 | protocol=6 | dir=out | app=system |
"{10B120E8-3C1A-414C-AEAF-681BC82A118A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{19428B9C-49FE-4D27-8307-F02637C96197}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{2F840675-401C-4DD3-88EE-8D8B5A9D29D5}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{34F173D4-C076-4C18-96DD-2AB685710AC5}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{3E0466F9-C3A6-4452-A75C-8940B4B47894}" = rport=139 | protocol=6 | dir=out | app=system |
"{42036295-3360-477C-BDDD-507CEA0F829E}" = lport=445 | protocol=6 | dir=in | app=system |
"{433AB12F-F695-479B-9997-2ECCF11C27F1}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{5C5A3E85-765E-4F0A-92D5-4FCD2AC32647}" = lport=2869 | protocol=6 | dir=in | app=system |
"{612AAAAE-6DED-4628-A5E0-1FF07E63106D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{64DC8420-6F56-4D21-8FEF-87990F92EE12}" = lport=137 | protocol=17 | dir=in | app=system |
"{6795170C-3BA3-45AE-9BDD-FB98373EE961}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{76D746A0-73C7-400A-AF13-8F28AE808376}" = lport=20951 | protocol=17 | dir=in | name=bitcomet 20951 udp |
"{87FE6478-DE0D-4933-BDB6-3EE488C4F1B7}" = lport=139 | protocol=6 | dir=in | app=system |
"{8A1FD9C7-315B-4135-9441-55510751C355}" = lport=138 | protocol=17 | dir=in | app=system |
"{97726515-A3EC-4AD9-A8C4-D4E0B83482CB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9AF2BE25-71FB-4216-980A-2C8F09BAEBEE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A29B55BF-2397-40A9-9644-89C70BC694A2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B4FD6EEB-5308-4CFF-A162-5A26F50786DE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B7B65398-0EB3-447E-90E8-5AE1F5088633}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C91D6664-D469-49BB-B0A9-8F0BDB716678}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{D5D8F3C5-1DC8-4AE6-BB7D-606F6DB457E6}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{DF4CD829-6A27-4505-9A1B-9BADB2675836}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E361EA8B-1583-48DE-9F41-FDFF82C00456}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E47E1F6F-6DDF-4FD3-BE05-8B5BCD2D679A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{EA639210-5A7D-4018-8D80-8E133896F334}" = rport=137 | protocol=17 | dir=out | app=system |
"{EDC1836C-C17B-4733-87C9-0540C3DAC9E9}" = rport=138 | protocol=17 | dir=out | app=system |
"{F5459A03-E5B5-40C6-8A01-F1E6852ACBBF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FEF88A0F-ACB4-4F9B-AE12-A3EA80DC292E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02B35882-05F9-4D23-891A-5E4BBEA9E9D7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F89015B-16EC-4003-A7BB-2A0380AF355C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{13A016BC-0840-413D-BB89-FC0FAF77EFF0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2C64760D-24DD-4872-8545-19856436FA8D}" = protocol=6 | dir=in | app=c:\users\roman pícha\appdata\roaming\utorrent\utorrent.exe |
"{31A500A9-F713-44D9-90E9-8648BA25AAED}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{34F7369C-5EAF-405C-891B-C666A5E4E2FA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4E328282-20A1-4496-AF4B-8969093E3D63}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2011\pes2011.exe |
"{6A35E425-DB8E-4BBD-BD0D-8B7B2D138331}" = protocol=6 | dir=out | app=system |
"{70CAA5D3-77E3-49F6-9566-0C60D2E3199F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{7136B01F-57BA-4772-BB1B-A6C4B8D42981}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{771ADF77-B09D-405D-B9CE-6609BF1941E8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8124C17D-6957-4157-9566-71FC69678511}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{83B93DA7-9248-46EF-B2A8-BB6BD900C12C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9257AC49-BDB8-4A29-AB3B-28FD5B734A06}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{933336F4-D879-4C86-B403-AFE2F488690E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9540C397-330B-4ED6-A221-B6FE53CC8200}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{98C543BD-93CC-46E7-B4B5-178B60E638A8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9DF0BE27-7153-4401-9DD9-AE3615501F9D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A0DE95A2-1FAD-48E8-B4E9-FD1C5BE5F2E1}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2011\pes2011.exe |
"{A189566C-5224-448F-8F6B-F08E2FA4537F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AEAD69CE-B338-48CB-BC4B-B40940FD3AA9}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{B11C2460-E323-4177-8B11-8BD274282193}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BEAE762A-E31C-445C-AD17-EC863418591A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C17B69E2-A883-4468-B769-CEEAA819B3BD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CAA846CB-861C-4B9A-951E-B7C8AED7D0EB}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D1C752E1-5796-40E3-98FF-E09002540259}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D333D267-F4CD-4295-A118-01D367C6CE49}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D9F8F1FD-5715-461B-B3C7-46529D0F684C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{DADD49D4-9B70-4815-8B63-A352F2D52C1C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{E1BAAFB5-8C07-4B99-9A98-1F931B3A23AA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E866BCDA-90E7-42CE-B271-2933A0EDC5A9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{F10B4B7F-2443-4535-9E1B-31081A2AD294}" = protocol=17 | dir=in | app=c:\users\roman pícha\appdata\roaming\utorrent\utorrent.exe |
"{F4FE8BBE-FB57-4410-B502-868A3ADF1BB1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F7DE0D57-5021-4F30-B083-95509C85A648}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{206BB86E-09C6-459C-8636-5AFA409B16FF}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{B7B4E18B-2F7D-403A-9FF3-04897D479EF0}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{EF3D186A-0319-4557-9921-384ABC5463C9}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{620EE305-FA24-43BD-947A-D3140D27ACB2}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{AB3D918C-B6A6-4634-A52F-10BBC1484878}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{DFBE21A4-9FE5-423D-9D81-C68C2D2F9143}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{92FC71A8-BB0E-49D7-9921-EF2B4C2820E1}" = ESET Smart Security
"{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 335.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"CCleaner" = CCleaner
"Sublime Text 2_is1" = Sublime Text 2.0.2
"ZonerPhotoStudio15_CZ_is1" = Zoner Photo Studio 15
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E172AD3-4F32-431E-AF8C-61DB517D505B}" = Ragnarockov ModPack
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.7.1
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9773450C-E2F3-46C3-9464-1D7EDE5EFB63}" = Pro Evolution Soccer 2011
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.165
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.22beta
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Avidemux 2.6" = Avidemux 2.6 (32-bit)
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"Fraps" = Fraps
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Mozilla Firefox 27.0.1 (x86 cs)" = Mozilla Firefox 27.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.57
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PunkBusterSvc" = PunkBuster Services
"Revo Uninstaller" = Revo Uninstaller 1.94
"theHunter" = theHunter (remove only)
"Update Engine" = Sony Ericsson Update Engine
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.5
"Winamp" = Winamp
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 25.3.2014 8:45:18 | Computer Name = Doma | Source = Application Error | ID = 1000
Description = Název chybující aplikace: PEV.exe, verze: 0.0.0.0, časové razítko:
0x4e06cfe8 Název chybujícího modulu: PEV.exe, verze: 0.0.0.0, časové razítko: 0x4e06cfe8
Kód
výjimky: 0x40000015 Posun chyby: 0x0008d1c0 ID chybujícího procesu: 0xd9c Čas spuštění
chybující aplikace: 0x01cf48281351d2d1 Cesta k chybující aplikaci: C:\ComboFix\PEV.exe
Cesta
k chybujícímu modulu: C:\ComboFix\PEV.exe ID zprávy: 51697b9d-b41b-11e3-a7bf-001e8c5cf206
Error - 25.3.2014 11:34:52 | Computer Name = Doma | Source = Application Hang | ID = 1002
Description = Program winamp.exe verze 5.6.3.3235 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
bdc Čas spuštění: 01cf4837a9a9b4a6 Čas ukončení: 60000 Cesta k aplikaci: C:\Program
Files (x86)\Winamp\winamp.exe ID hlášení: d825a470-b432-11e3-a7bf-001e8c5cf206
Error - 25.3.2014 11:46:40 | Computer Name = Doma | Source = WinMgmt | ID = 10
Description =
Error - 25.3.2014 11:54:24 | Computer Name = Doma | Source = WinMgmt | ID = 10
Description =
Error - 25.3.2014 11:57:38 | Computer Name = Doma | Source = WinMgmt | ID = 10
Description =
Error - 27.3.2014 13:46:29 | Computer Name = Doma | Source = WinMgmt | ID = 10
Description =
Error - 27.3.2014 16:09:03 | Computer Name = Doma | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\thehunter\launcher\launcher.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 28.3.2014 13:54:07 | Computer Name = Doma | Source = WinMgmt | ID = 10
Description =
Error - 28.3.2014 14:01:10 | Computer Name = Doma | Source = WinMgmt | ID = 10
Description =
Error - 28.3.2014 14:08:00 | Computer Name = Doma | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 24.3.2014 14:23:06 | Computer Name = Doma | Source = MCUpdate | ID = 0
Description = 19:23:06 - Chyba při připojování k Internetu 19:23:06 - Nelze kontaktovat
server..
Error - 24.3.2014 14:23:14 | Computer Name = Doma | Source = MCUpdate | ID = 0
Description = 19:23:12 - Chyba při připojování k Internetu 19:23:12 - Nelze kontaktovat
server..
Error - 25.3.2014 8:42:15 | Computer Name = Doma | Source = MCUpdate | ID = 0
Description = 13:42:14 - Chyba při připojování k Internetu 13:42:14 - Nelze kontaktovat
server..
Error - 25.3.2014 8:42:22 | Computer Name = Doma | Source = MCUpdate | ID = 0
Description = 13:42:20 - Chyba při připojování k Internetu 13:42:20 - Nelze kontaktovat
server..
[ System Events ]
Error - 27.3.2014 13:44:32 | Computer Name = Doma | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error - 27.3.2014 13:46:05 | Computer Name = Doma | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd
Error - 27.3.2014 13:56:52 | Computer Name = Doma | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 27.3.2014 13:59:00 | Computer Name = Doma | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 28.3.2014 13:52:09 | Computer Name = Doma | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error - 28.3.2014 13:53:42 | Computer Name = Doma | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd
Error - 28.3.2014 13:59:12 | Computer Name = Doma | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error - 28.3.2014 14:00:45 | Computer Name = Doma | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd
Error - 28.3.2014 14:06:02 | Computer Name = Doma | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error - 28.3.2014 14:07:35 | Computer Name = Doma | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Roman Pícha\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 71,46% Memory free
8,00 Gb Paging File | 6,86 Gb Available in Paging File | 85,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 64,79 Gb Free Space | 54,38% Space Free | Partition Type: NTFS
Drive F: | 298,08 Gb Total Space | 74,54 Gb Free Space | 25,01% Space Free | Partition Type: NTFS
Computer Name: DOMA | User Name: Roman Pícha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08685DB1-1047-41DC-AE7A-3A3F66C58792}" = lport=20951 | protocol=6 | dir=in | name=bitcomet 20951 tcp |
"{08E1D5CB-23A4-4D98-9D6A-2E0E56AA2B09}" = rport=445 | protocol=6 | dir=out | app=system |
"{10B120E8-3C1A-414C-AEAF-681BC82A118A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{19428B9C-49FE-4D27-8307-F02637C96197}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{2F840675-401C-4DD3-88EE-8D8B5A9D29D5}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{34F173D4-C076-4C18-96DD-2AB685710AC5}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{3E0466F9-C3A6-4452-A75C-8940B4B47894}" = rport=139 | protocol=6 | dir=out | app=system |
"{42036295-3360-477C-BDDD-507CEA0F829E}" = lport=445 | protocol=6 | dir=in | app=system |
"{433AB12F-F695-479B-9997-2ECCF11C27F1}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{5C5A3E85-765E-4F0A-92D5-4FCD2AC32647}" = lport=2869 | protocol=6 | dir=in | app=system |
"{612AAAAE-6DED-4628-A5E0-1FF07E63106D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{64DC8420-6F56-4D21-8FEF-87990F92EE12}" = lport=137 | protocol=17 | dir=in | app=system |
"{6795170C-3BA3-45AE-9BDD-FB98373EE961}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{76D746A0-73C7-400A-AF13-8F28AE808376}" = lport=20951 | protocol=17 | dir=in | name=bitcomet 20951 udp |
"{87FE6478-DE0D-4933-BDB6-3EE488C4F1B7}" = lport=139 | protocol=6 | dir=in | app=system |
"{8A1FD9C7-315B-4135-9441-55510751C355}" = lport=138 | protocol=17 | dir=in | app=system |
"{97726515-A3EC-4AD9-A8C4-D4E0B83482CB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9AF2BE25-71FB-4216-980A-2C8F09BAEBEE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A29B55BF-2397-40A9-9644-89C70BC694A2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B4FD6EEB-5308-4CFF-A162-5A26F50786DE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B7B65398-0EB3-447E-90E8-5AE1F5088633}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C91D6664-D469-49BB-B0A9-8F0BDB716678}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{D5D8F3C5-1DC8-4AE6-BB7D-606F6DB457E6}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{DF4CD829-6A27-4505-9A1B-9BADB2675836}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E361EA8B-1583-48DE-9F41-FDFF82C00456}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E47E1F6F-6DDF-4FD3-BE05-8B5BCD2D679A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{EA639210-5A7D-4018-8D80-8E133896F334}" = rport=137 | protocol=17 | dir=out | app=system |
"{EDC1836C-C17B-4733-87C9-0540C3DAC9E9}" = rport=138 | protocol=17 | dir=out | app=system |
"{F5459A03-E5B5-40C6-8A01-F1E6852ACBBF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FEF88A0F-ACB4-4F9B-AE12-A3EA80DC292E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02B35882-05F9-4D23-891A-5E4BBEA9E9D7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F89015B-16EC-4003-A7BB-2A0380AF355C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{13A016BC-0840-413D-BB89-FC0FAF77EFF0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2C64760D-24DD-4872-8545-19856436FA8D}" = protocol=6 | dir=in | app=c:\users\roman pícha\appdata\roaming\utorrent\utorrent.exe |
"{31A500A9-F713-44D9-90E9-8648BA25AAED}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{34F7369C-5EAF-405C-891B-C666A5E4E2FA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4E328282-20A1-4496-AF4B-8969093E3D63}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2011\pes2011.exe |
"{6A35E425-DB8E-4BBD-BD0D-8B7B2D138331}" = protocol=6 | dir=out | app=system |
"{70CAA5D3-77E3-49F6-9566-0C60D2E3199F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{7136B01F-57BA-4772-BB1B-A6C4B8D42981}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{771ADF77-B09D-405D-B9CE-6609BF1941E8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8124C17D-6957-4157-9566-71FC69678511}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{83B93DA7-9248-46EF-B2A8-BB6BD900C12C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9257AC49-BDB8-4A29-AB3B-28FD5B734A06}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{933336F4-D879-4C86-B403-AFE2F488690E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9540C397-330B-4ED6-A221-B6FE53CC8200}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{98C543BD-93CC-46E7-B4B5-178B60E638A8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9DF0BE27-7153-4401-9DD9-AE3615501F9D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A0DE95A2-1FAD-48E8-B4E9-FD1C5BE5F2E1}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2011\pes2011.exe |
"{A189566C-5224-448F-8F6B-F08E2FA4537F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AEAD69CE-B338-48CB-BC4B-B40940FD3AA9}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{B11C2460-E323-4177-8B11-8BD274282193}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BEAE762A-E31C-445C-AD17-EC863418591A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C17B69E2-A883-4468-B769-CEEAA819B3BD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CAA846CB-861C-4B9A-951E-B7C8AED7D0EB}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D1C752E1-5796-40E3-98FF-E09002540259}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D333D267-F4CD-4295-A118-01D367C6CE49}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D9F8F1FD-5715-461B-B3C7-46529D0F684C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{DADD49D4-9B70-4815-8B63-A352F2D52C1C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{E1BAAFB5-8C07-4B99-9A98-1F931B3A23AA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E866BCDA-90E7-42CE-B271-2933A0EDC5A9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{F10B4B7F-2443-4535-9E1B-31081A2AD294}" = protocol=17 | dir=in | app=c:\users\roman pícha\appdata\roaming\utorrent\utorrent.exe |
"{F4FE8BBE-FB57-4410-B502-868A3ADF1BB1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F7DE0D57-5021-4F30-B083-95509C85A648}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{206BB86E-09C6-459C-8636-5AFA409B16FF}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{B7B4E18B-2F7D-403A-9FF3-04897D479EF0}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{EF3D186A-0319-4557-9921-384ABC5463C9}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{620EE305-FA24-43BD-947A-D3140D27ACB2}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{AB3D918C-B6A6-4634-A52F-10BBC1484878}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{DFBE21A4-9FE5-423D-9D81-C68C2D2F9143}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{92FC71A8-BB0E-49D7-9921-EF2B4C2820E1}" = ESET Smart Security
"{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 335.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"CCleaner" = CCleaner
"Sublime Text 2_is1" = Sublime Text 2.0.2
"ZonerPhotoStudio15_CZ_is1" = Zoner Photo Studio 15
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E172AD3-4F32-431E-AF8C-61DB517D505B}" = Ragnarockov ModPack
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.7.1
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9773450C-E2F3-46C3-9464-1D7EDE5EFB63}" = Pro Evolution Soccer 2011
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.165
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.22beta
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Avidemux 2.6" = Avidemux 2.6 (32-bit)
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"Fraps" = Fraps
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Mozilla Firefox 27.0.1 (x86 cs)" = Mozilla Firefox 27.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.57
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PunkBusterSvc" = PunkBuster Services
"Revo Uninstaller" = Revo Uninstaller 1.94
"theHunter" = theHunter (remove only)
"Update Engine" = Sony Ericsson Update Engine
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.5
"Winamp" = Winamp
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 25.3.2014 8:45:18 | Computer Name = Doma | Source = Application Error | ID = 1000
Description = Název chybující aplikace: PEV.exe, verze: 0.0.0.0, časové razítko:
0x4e06cfe8 Název chybujícího modulu: PEV.exe, verze: 0.0.0.0, časové razítko: 0x4e06cfe8
Kód
výjimky: 0x40000015 Posun chyby: 0x0008d1c0 ID chybujícího procesu: 0xd9c Čas spuštění
chybující aplikace: 0x01cf48281351d2d1 Cesta k chybující aplikaci: C:\ComboFix\PEV.exe
Cesta
k chybujícímu modulu: C:\ComboFix\PEV.exe ID zprávy: 51697b9d-b41b-11e3-a7bf-001e8c5cf206
Error - 25.3.2014 11:34:52 | Computer Name = Doma | Source = Application Hang | ID = 1002
Description = Program winamp.exe verze 5.6.3.3235 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
bdc Čas spuštění: 01cf4837a9a9b4a6 Čas ukončení: 60000 Cesta k aplikaci: C:\Program
Files (x86)\Winamp\winamp.exe ID hlášení: d825a470-b432-11e3-a7bf-001e8c5cf206
Error - 25.3.2014 11:46:40 | Computer Name = Doma | Source = WinMgmt | ID = 10
Description =
Error - 25.3.2014 11:54:24 | Computer Name = Doma | Source = WinMgmt | ID = 10
Description =
Error - 25.3.2014 11:57:38 | Computer Name = Doma | Source = WinMgmt | ID = 10
Description =
Error - 27.3.2014 13:46:29 | Computer Name = Doma | Source = WinMgmt | ID = 10
Description =
Error - 27.3.2014 16:09:03 | Computer Name = Doma | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\thehunter\launcher\launcher.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 28.3.2014 13:54:07 | Computer Name = Doma | Source = WinMgmt | ID = 10
Description =
Error - 28.3.2014 14:01:10 | Computer Name = Doma | Source = WinMgmt | ID = 10
Description =
Error - 28.3.2014 14:08:00 | Computer Name = Doma | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 24.3.2014 14:23:06 | Computer Name = Doma | Source = MCUpdate | ID = 0
Description = 19:23:06 - Chyba při připojování k Internetu 19:23:06 - Nelze kontaktovat
server..
Error - 24.3.2014 14:23:14 | Computer Name = Doma | Source = MCUpdate | ID = 0
Description = 19:23:12 - Chyba při připojování k Internetu 19:23:12 - Nelze kontaktovat
server..
Error - 25.3.2014 8:42:15 | Computer Name = Doma | Source = MCUpdate | ID = 0
Description = 13:42:14 - Chyba při připojování k Internetu 13:42:14 - Nelze kontaktovat
server..
Error - 25.3.2014 8:42:22 | Computer Name = Doma | Source = MCUpdate | ID = 0
Description = 13:42:20 - Chyba při připojování k Internetu 13:42:20 - Nelze kontaktovat
server..
[ System Events ]
Error - 27.3.2014 13:44:32 | Computer Name = Doma | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error - 27.3.2014 13:46:05 | Computer Name = Doma | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd
Error - 27.3.2014 13:56:52 | Computer Name = Doma | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 27.3.2014 13:59:00 | Computer Name = Doma | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.
Error - 28.3.2014 13:52:09 | Computer Name = Doma | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error - 28.3.2014 13:53:42 | Computer Name = Doma | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd
Error - 28.3.2014 13:59:12 | Computer Name = Doma | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error - 28.3.2014 14:00:45 | Computer Name = Doma | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd
Error - 28.3.2014 14:06:02 | Computer Name = Doma | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error - 28.3.2014 14:07:35 | Computer Name = Doma | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd
< End of report >
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
FF - prefs.js..extensions.enabledAddons: %7B11483926-db67-4190-91b1-ef20fcec5f33%7D:0.4.7.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
[2013.02.19 11:59:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Extensions
[2014.03.21 17:40:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions
[2013.07.23 15:59:51 | 000,078,359 | ---- | M] () (No name found) -- C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi
[2014.02.27 16:56:10 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.02.15 08:35:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.02.15 08:35:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\Mozilla Firefox\extensions
File not found (No name found) -- C:\USERS\ROMAN PĂCHA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2G36VQ3S.DEFAULT\EXTENSIONS\{11483926-DB67-4190-91B1-EF20FCEC5F33}.XPI
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Program Files (x86)\*.tmp
C:\Users\Roman Pícha\AppData\Roaming\AVG
C:\ProgramData\AVG
C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: %7B11483926-db67-4190-91b1-ef20fcec5f33%7D:0.4.7.1 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1 removed from extensions.enabledAddons
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions\cs@dictionaries.addons.mozilla.org\dictionaries folder moved successfully.
C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions\cs@dictionaries.addons.mozilla.org folder moved successfully.
C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions folder moved successfully.
File C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi not found.
File C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\Mozilla Firefox\extensions folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
File rity] not found.
File ptytemp] not found.
File art explorer] not found.
File boot] not found.
OTL by OldTimer - Version 3.2.69.0 log created on 03292014_111206
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: %7B11483926-db67-4190-91b1-ef20fcec5f33%7D:0.4.7.1 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1 removed from extensions.enabledAddons
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions\cs@dictionaries.addons.mozilla.org\dictionaries folder moved successfully.
C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions\cs@dictionaries.addons.mozilla.org folder moved successfully.
C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions folder moved successfully.
File C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi not found.
File C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\Mozilla Firefox\extensions folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
File rity] not found.
File ptytemp] not found.
File art explorer] not found.
File boot] not found.
OTL by OldTimer - Version 3.2.69.0 log created on 03292014_111206
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: Prosím o kontrolu logu
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Roman Pícha (administrator) on DOMA on 29-03-2014 11:16:18
Running from C:\Users\Roman Pícha\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [6326448 2012-12-21] (ESET)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKU\S-1-5-21-3787924664-1021992385-2885581842-1001\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [774168 2013-02-18] (ZONER software)
HKU\S-1-5-21-3787924664-1021992385-2885581842-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 100.64.0.2 100.64.0.3
FireFox:
========
FF ProfilePath: C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-02-19]
==================== Services (Whitelisted) =================
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1333424 2012-12-21] (ESET)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-02-25] ()
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-22] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-01-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [190232 2013-01-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2013-01-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [57904 2013-01-10] (ESET)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-10-31] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [867064 2013-02-19] (Duplex Secure Ltd.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-29 11:16 - 2014-03-29 11:16 - 00008880 _____ () C:\Users\Roman Pícha\Desktop\FRST.txt
2014-03-29 11:16 - 2014-03-29 11:16 - 00000000 ____D () C:\FRST
2014-03-29 11:16 - 2014-03-29 11:15 - 02157056 _____ (Farbar) C:\Users\Roman Pícha\Desktop\FRST64.exe
2014-03-29 11:14 - 2014-03-29 11:14 - 00000350 _____ () C:\Windows\AutoKMS.log
2014-03-29 11:13 - 2014-03-29 11:13 - 00000168 _____ () C:\Windows\setupact.log
2014-03-29 11:13 - 2014-03-29 11:13 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-29 11:12 - 2014-03-29 11:12 - 00000000 ____D () C:\_OTL
2014-03-29 09:52 - 2014-03-29 09:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 19:49 - 2014-03-28 19:49 - 00059210 _____ () C:\Users\Roman Pícha\Desktop\Extras.Txt
2014-03-28 19:48 - 2014-03-28 19:48 - 00109244 _____ () C:\Users\Roman Pícha\Desktop\OTL.Txt
2014-03-28 19:44 - 2014-03-28 19:44 - 00602112 _____ (OldTimer Tools) C:\Users\Roman Pícha\Desktop\OTL.exe
2014-03-28 19:43 - 2014-03-28 19:43 - 00001354 _____ () C:\DelFix.txt
2014-03-28 19:42 - 2014-03-28 19:42 - 00707006 _____ () C:\Users\Roman Pícha\Desktop\delfix.exe
2014-03-28 19:41 - 2014-03-28 19:41 - 00000000 ____D () C:\Users\Roman Pícha\Desktop\backups
2014-03-25 16:49 - 2009-06-04 18:54 - 00408600 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2014-03-25 16:48 - 2014-03-25 16:48 - 00000000 ____D () C:\Users\Roman Pícha\Downloads\IMSM_V8901023
2014-03-25 16:48 - 2014-03-25 16:48 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\InstallShield
2014-03-25 13:40 - 2014-03-25 13:46 - 00000000 ____D () C:\Windows\erdnt
2014-03-23 16:09 - 2014-03-23 16:09 - 00000000 ____D () C:\Windows\ERUNT
2014-03-23 10:19 - 2014-03-28 18:57 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Local\CrashDumps
2014-03-22 20:18 - 2014-03-22 20:18 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-22 20:18 - 2014-03-22 20:18 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\AVG
2014-03-22 20:18 - 2014-03-22 20:18 - 00000000 ____D () C:\ProgramData\AVG
2014-03-22 20:15 - 2014-03-22 20:15 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-03-22 20:15 - 2014-03-22 20:15 - 00001954 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-03-22 20:15 - 2014-03-22 20:15 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-03-22 19:48 - 2014-03-22 19:48 - 00000000 ____D () C:\Program Files (x86)\Marvell
2014-03-22 16:20 - 2014-03-25 16:49 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-22 16:20 - 2014-03-22 16:20 - 00001769 _____ () C:\Windows\Language_trs.ini
2014-03-22 16:20 - 2014-03-22 16:20 - 00000000 ____D () C:\Intel
2014-03-22 16:20 - 2009-08-18 13:44 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-03-21 22:09 - 2014-03-21 22:09 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Local\NVIDIA
2014-03-21 22:09 - 2014-03-21 22:09 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-21 22:09 - 2014-03-04 12:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-21 22:09 - 2014-02-05 10:31 - 01048152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-03-21 22:09 - 2014-02-05 10:30 - 01179576 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-21 22:06 - 2014-03-04 15:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-21 22:06 - 2013-12-27 19:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-03-21 22:06 - 2013-12-27 19:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-03-21 22:06 - 2013-12-27 19:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-03-21 22:06 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-03-21 22:06 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-03-21 22:03 - 2014-03-21 22:03 - 00000000 ____D () C:\NVIDIA
2014-03-20 18:24 - 2014-03-20 18:24 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Local\Kosata6
2014-03-20 16:44 - 2014-03-20 16:44 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-20 16:44 - 2014-03-20 16:44 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\Malwarebytes
2014-03-20 16:44 - 2014-03-20 16:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-20 16:44 - 2014-03-20 16:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-20 16:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-20 14:43 - 2014-03-29 11:12 - 02026832 _____ () C:\Windows\WindowsUpdate.log
2014-03-17 17:03 - 2014-03-17 17:04 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\dvdcss
2014-03-12 18:35 - 2014-03-12 18:35 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
==================== One Month Modified Files and Folders =======
2014-03-29 11:16 - 2014-03-29 11:16 - 00008880 _____ () C:\Users\Roman Pícha\Desktop\FRST.txt
2014-03-29 11:16 - 2014-03-29 11:16 - 00000000 ____D () C:\FRST
2014-03-29 11:15 - 2014-03-29 11:16 - 02157056 _____ (Farbar) C:\Users\Roman Pícha\Desktop\FRST64.exe
2014-03-29 11:14 - 2014-03-29 11:14 - 00000350 _____ () C:\Windows\AutoKMS.log
2014-03-29 11:14 - 2013-02-19 11:59 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\Mozilla
2014-03-29 11:13 - 2014-03-29 11:13 - 00000168 _____ () C:\Windows\setupact.log
2014-03-29 11:13 - 2014-03-29 11:13 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-29 11:13 - 2013-02-19 11:55 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-29 11:13 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-29 11:12 - 2014-03-29 11:12 - 00000000 ____D () C:\_OTL
2014-03-29 11:12 - 2014-03-20 14:43 - 02026832 _____ () C:\Windows\WindowsUpdate.log
2014-03-29 11:12 - 2013-02-19 11:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 11:10 - 2013-02-19 12:53 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\Winamp
2014-03-29 10:35 - 2013-02-19 12:00 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-29 09:53 - 2014-03-29 09:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 09:07 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-29 09:07 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-29 09:03 - 2010-11-21 10:27 - 00671392 _____ () C:\Windows\system32\perfh005.dat
2014-03-29 09:03 - 2010-11-21 10:27 - 00141988 _____ () C:\Windows\system32\perfc005.dat
2014-03-29 09:03 - 2009-07-14 06:13 - 01590786 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-28 19:49 - 2014-03-28 19:49 - 00059210 _____ () C:\Users\Roman Pícha\Desktop\Extras.Txt
2014-03-28 19:48 - 2014-03-28 19:48 - 00109244 _____ () C:\Users\Roman Pícha\Desktop\OTL.Txt
2014-03-28 19:44 - 2014-03-28 19:44 - 00602112 _____ (OldTimer Tools) C:\Users\Roman Pícha\Desktop\OTL.exe
2014-03-28 19:43 - 2014-03-28 19:43 - 00001354 _____ () C:\DelFix.txt
2014-03-28 19:42 - 2014-03-28 19:42 - 00707006 _____ () C:\Users\Roman Pícha\Desktop\delfix.exe
2014-03-28 19:41 - 2014-03-28 19:41 - 00000000 ____D () C:\Users\Roman Pícha\Desktop\backups
2014-03-28 19:08 - 2013-02-19 11:49 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Local\VirtualStore
2014-03-28 18:57 - 2014-03-23 10:19 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Local\CrashDumps
2014-03-27 18:59 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-27 18:44 - 2009-07-14 06:08 - 00032558 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-25 16:49 - 2014-03-22 16:20 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-25 16:48 - 2014-03-25 16:48 - 00000000 ____D () C:\Users\Roman Pícha\Downloads\IMSM_V8901023
2014-03-25 16:48 - 2014-03-25 16:48 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\InstallShield
2014-03-25 16:48 - 2013-02-25 17:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-25 14:42 - 2013-02-25 10:38 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\vlc
2014-03-25 13:47 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-03-25 13:46 - 2014-03-25 13:40 - 00000000 ____D () C:\Windows\erdnt
2014-03-24 19:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-23 16:27 - 2013-02-19 16:50 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\DAEMON Tools Lite
2014-03-23 16:09 - 2014-03-23 16:09 - 00000000 ____D () C:\Windows\ERUNT
2014-03-23 10:16 - 2013-02-19 13:54 - 00000000 ____D () C:\Program Files\ESET
2014-03-22 20:18 - 2014-03-22 20:18 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-22 20:18 - 2014-03-22 20:18 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\AVG
2014-03-22 20:18 - 2014-03-22 20:18 - 00000000 ____D () C:\ProgramData\AVG
2014-03-22 20:15 - 2014-03-22 20:15 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-03-22 20:15 - 2014-03-22 20:15 - 00001954 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-03-22 20:15 - 2014-03-22 20:15 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-03-22 20:14 - 2013-02-19 16:49 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-03-22 19:48 - 2014-03-22 19:48 - 00000000 ____D () C:\Program Files (x86)\Marvell
2014-03-22 16:20 - 2014-03-22 16:20 - 00001769 _____ () C:\Windows\Language_trs.ini
2014-03-22 16:20 - 2014-03-22 16:20 - 00000000 ____D () C:\Intel
2014-03-21 22:10 - 2013-02-19 11:55 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-21 22:09 - 2014-03-21 22:09 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Local\NVIDIA
2014-03-21 22:09 - 2014-03-21 22:09 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-21 22:09 - 2013-02-19 11:55 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-21 22:09 - 2013-02-19 11:54 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-21 22:03 - 2014-03-21 22:03 - 00000000 ____D () C:\NVIDIA
2014-03-20 18:24 - 2014-03-20 18:24 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Local\Kosata6
2014-03-20 16:44 - 2014-03-20 16:44 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-20 16:44 - 2014-03-20 16:44 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\Malwarebytes
2014-03-20 16:44 - 2014-03-20 16:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-20 16:44 - 2014-03-20 16:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-20 11:39 - 2014-02-09 08:50 - 00000000 ____D () C:\Windows\Minidump
2014-03-20 11:39 - 2013-04-05 15:20 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\uTorrent
2014-03-17 17:04 - 2014-03-17 17:03 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\dvdcss
2014-03-12 18:35 - 2014-03-12 18:35 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-12 18:35 - 2013-02-19 12:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 18:35 - 2013-02-19 12:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 18:35 - 2013-02-19 12:00 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-04 15:35 - 2014-03-21 22:06 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 15:35 - 2014-03-21 22:06 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-04 15:35 - 2013-02-19 11:55 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 15:35 - 2013-02-19 11:55 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 15:35 - 2013-02-19 11:55 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 15:35 - 2013-02-19 11:55 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-04 15:35 - 2013-02-19 11:55 - 00062408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-04 15:35 - 2013-02-19 11:55 - 00054216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-04 15:35 - 2013-02-19 11:55 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 14:06 - 2013-02-19 11:55 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 14:06 - 2013-02-19 11:55 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 14:05 - 2013-02-19 11:55 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-04 14:05 - 2013-02-19 11:55 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-04 14:05 - 2013-02-19 11:55 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 14:05 - 2013-02-19 11:55 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 14:05 - 2013-02-19 11:55 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-04 12:32 - 2014-03-21 22:09 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-22 15:31
==================== End Of Log ============================
Ran by Roman Pícha (administrator) on DOMA on 29-03-2014 11:16:18
Running from C:\Users\Roman Pícha\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [6326448 2012-12-21] (ESET)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKU\S-1-5-21-3787924664-1021992385-2885581842-1001\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [774168 2013-02-18] (ZONER software)
HKU\S-1-5-21-3787924664-1021992385-2885581842-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 100.64.0.2 100.64.0.3
FireFox:
========
FF ProfilePath: C:\Users\Roman Pícha\AppData\Roaming\Mozilla\Firefox\Profiles\2g36vq3s.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-02-19]
==================== Services (Whitelisted) =================
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1333424 2012-12-21] (ESET)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-02-25] ()
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-22] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-01-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [190232 2013-01-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2013-01-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [57904 2013-01-10] (ESET)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-10-31] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [867064 2013-02-19] (Duplex Secure Ltd.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-29 11:16 - 2014-03-29 11:16 - 00008880 _____ () C:\Users\Roman Pícha\Desktop\FRST.txt
2014-03-29 11:16 - 2014-03-29 11:16 - 00000000 ____D () C:\FRST
2014-03-29 11:16 - 2014-03-29 11:15 - 02157056 _____ (Farbar) C:\Users\Roman Pícha\Desktop\FRST64.exe
2014-03-29 11:14 - 2014-03-29 11:14 - 00000350 _____ () C:\Windows\AutoKMS.log
2014-03-29 11:13 - 2014-03-29 11:13 - 00000168 _____ () C:\Windows\setupact.log
2014-03-29 11:13 - 2014-03-29 11:13 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-29 11:12 - 2014-03-29 11:12 - 00000000 ____D () C:\_OTL
2014-03-29 09:52 - 2014-03-29 09:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 19:49 - 2014-03-28 19:49 - 00059210 _____ () C:\Users\Roman Pícha\Desktop\Extras.Txt
2014-03-28 19:48 - 2014-03-28 19:48 - 00109244 _____ () C:\Users\Roman Pícha\Desktop\OTL.Txt
2014-03-28 19:44 - 2014-03-28 19:44 - 00602112 _____ (OldTimer Tools) C:\Users\Roman Pícha\Desktop\OTL.exe
2014-03-28 19:43 - 2014-03-28 19:43 - 00001354 _____ () C:\DelFix.txt
2014-03-28 19:42 - 2014-03-28 19:42 - 00707006 _____ () C:\Users\Roman Pícha\Desktop\delfix.exe
2014-03-28 19:41 - 2014-03-28 19:41 - 00000000 ____D () C:\Users\Roman Pícha\Desktop\backups
2014-03-25 16:49 - 2009-06-04 18:54 - 00408600 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2014-03-25 16:48 - 2014-03-25 16:48 - 00000000 ____D () C:\Users\Roman Pícha\Downloads\IMSM_V8901023
2014-03-25 16:48 - 2014-03-25 16:48 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\InstallShield
2014-03-25 13:40 - 2014-03-25 13:46 - 00000000 ____D () C:\Windows\erdnt
2014-03-23 16:09 - 2014-03-23 16:09 - 00000000 ____D () C:\Windows\ERUNT
2014-03-23 10:19 - 2014-03-28 18:57 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Local\CrashDumps
2014-03-22 20:18 - 2014-03-22 20:18 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-22 20:18 - 2014-03-22 20:18 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\AVG
2014-03-22 20:18 - 2014-03-22 20:18 - 00000000 ____D () C:\ProgramData\AVG
2014-03-22 20:15 - 2014-03-22 20:15 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-03-22 20:15 - 2014-03-22 20:15 - 00001954 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-03-22 20:15 - 2014-03-22 20:15 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-03-22 19:48 - 2014-03-22 19:48 - 00000000 ____D () C:\Program Files (x86)\Marvell
2014-03-22 16:20 - 2014-03-25 16:49 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-22 16:20 - 2014-03-22 16:20 - 00001769 _____ () C:\Windows\Language_trs.ini
2014-03-22 16:20 - 2014-03-22 16:20 - 00000000 ____D () C:\Intel
2014-03-22 16:20 - 2009-08-18 13:44 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-03-21 22:09 - 2014-03-21 22:09 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Local\NVIDIA
2014-03-21 22:09 - 2014-03-21 22:09 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-21 22:09 - 2014-03-04 12:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-21 22:09 - 2014-02-05 10:31 - 01048152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-03-21 22:09 - 2014-02-05 10:30 - 01179576 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-21 22:06 - 2014-03-04 15:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-21 22:06 - 2014-03-04 15:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-21 22:06 - 2013-12-27 19:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-03-21 22:06 - 2013-12-27 19:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-03-21 22:06 - 2013-12-27 19:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-03-21 22:06 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-03-21 22:06 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-03-21 22:03 - 2014-03-21 22:03 - 00000000 ____D () C:\NVIDIA
2014-03-20 18:24 - 2014-03-20 18:24 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Local\Kosata6
2014-03-20 16:44 - 2014-03-20 16:44 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-20 16:44 - 2014-03-20 16:44 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\Malwarebytes
2014-03-20 16:44 - 2014-03-20 16:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-20 16:44 - 2014-03-20 16:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-20 16:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-20 14:43 - 2014-03-29 11:12 - 02026832 _____ () C:\Windows\WindowsUpdate.log
2014-03-17 17:03 - 2014-03-17 17:04 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\dvdcss
2014-03-12 18:35 - 2014-03-12 18:35 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
==================== One Month Modified Files and Folders =======
2014-03-29 11:16 - 2014-03-29 11:16 - 00008880 _____ () C:\Users\Roman Pícha\Desktop\FRST.txt
2014-03-29 11:16 - 2014-03-29 11:16 - 00000000 ____D () C:\FRST
2014-03-29 11:15 - 2014-03-29 11:16 - 02157056 _____ (Farbar) C:\Users\Roman Pícha\Desktop\FRST64.exe
2014-03-29 11:14 - 2014-03-29 11:14 - 00000350 _____ () C:\Windows\AutoKMS.log
2014-03-29 11:14 - 2013-02-19 11:59 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\Mozilla
2014-03-29 11:13 - 2014-03-29 11:13 - 00000168 _____ () C:\Windows\setupact.log
2014-03-29 11:13 - 2014-03-29 11:13 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-29 11:13 - 2013-02-19 11:55 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-29 11:13 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-29 11:12 - 2014-03-29 11:12 - 00000000 ____D () C:\_OTL
2014-03-29 11:12 - 2014-03-20 14:43 - 02026832 _____ () C:\Windows\WindowsUpdate.log
2014-03-29 11:12 - 2013-02-19 11:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 11:10 - 2013-02-19 12:53 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\Winamp
2014-03-29 10:35 - 2013-02-19 12:00 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-29 09:53 - 2014-03-29 09:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 09:07 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-29 09:07 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-29 09:03 - 2010-11-21 10:27 - 00671392 _____ () C:\Windows\system32\perfh005.dat
2014-03-29 09:03 - 2010-11-21 10:27 - 00141988 _____ () C:\Windows\system32\perfc005.dat
2014-03-29 09:03 - 2009-07-14 06:13 - 01590786 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-28 19:49 - 2014-03-28 19:49 - 00059210 _____ () C:\Users\Roman Pícha\Desktop\Extras.Txt
2014-03-28 19:48 - 2014-03-28 19:48 - 00109244 _____ () C:\Users\Roman Pícha\Desktop\OTL.Txt
2014-03-28 19:44 - 2014-03-28 19:44 - 00602112 _____ (OldTimer Tools) C:\Users\Roman Pícha\Desktop\OTL.exe
2014-03-28 19:43 - 2014-03-28 19:43 - 00001354 _____ () C:\DelFix.txt
2014-03-28 19:42 - 2014-03-28 19:42 - 00707006 _____ () C:\Users\Roman Pícha\Desktop\delfix.exe
2014-03-28 19:41 - 2014-03-28 19:41 - 00000000 ____D () C:\Users\Roman Pícha\Desktop\backups
2014-03-28 19:08 - 2013-02-19 11:49 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Local\VirtualStore
2014-03-28 18:57 - 2014-03-23 10:19 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Local\CrashDumps
2014-03-27 18:59 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-27 18:44 - 2009-07-14 06:08 - 00032558 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-25 16:49 - 2014-03-22 16:20 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-25 16:48 - 2014-03-25 16:48 - 00000000 ____D () C:\Users\Roman Pícha\Downloads\IMSM_V8901023
2014-03-25 16:48 - 2014-03-25 16:48 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\InstallShield
2014-03-25 16:48 - 2013-02-25 17:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-25 14:42 - 2013-02-25 10:38 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\vlc
2014-03-25 13:47 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-03-25 13:46 - 2014-03-25 13:40 - 00000000 ____D () C:\Windows\erdnt
2014-03-24 19:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-23 16:27 - 2013-02-19 16:50 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\DAEMON Tools Lite
2014-03-23 16:09 - 2014-03-23 16:09 - 00000000 ____D () C:\Windows\ERUNT
2014-03-23 10:16 - 2013-02-19 13:54 - 00000000 ____D () C:\Program Files\ESET
2014-03-22 20:18 - 2014-03-22 20:18 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-22 20:18 - 2014-03-22 20:18 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\AVG
2014-03-22 20:18 - 2014-03-22 20:18 - 00000000 ____D () C:\ProgramData\AVG
2014-03-22 20:15 - 2014-03-22 20:15 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-03-22 20:15 - 2014-03-22 20:15 - 00001954 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-03-22 20:15 - 2014-03-22 20:15 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-03-22 20:14 - 2013-02-19 16:49 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-03-22 19:48 - 2014-03-22 19:48 - 00000000 ____D () C:\Program Files (x86)\Marvell
2014-03-22 16:20 - 2014-03-22 16:20 - 00001769 _____ () C:\Windows\Language_trs.ini
2014-03-22 16:20 - 2014-03-22 16:20 - 00000000 ____D () C:\Intel
2014-03-21 22:10 - 2013-02-19 11:55 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-03-21 22:09 - 2014-03-21 22:09 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Local\NVIDIA
2014-03-21 22:09 - 2014-03-21 22:09 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-21 22:09 - 2013-02-19 11:55 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-21 22:09 - 2013-02-19 11:54 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-21 22:03 - 2014-03-21 22:03 - 00000000 ____D () C:\NVIDIA
2014-03-20 18:24 - 2014-03-20 18:24 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Local\Kosata6
2014-03-20 16:44 - 2014-03-20 16:44 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-20 16:44 - 2014-03-20 16:44 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\Malwarebytes
2014-03-20 16:44 - 2014-03-20 16:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-20 16:44 - 2014-03-20 16:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-20 11:39 - 2014-02-09 08:50 - 00000000 ____D () C:\Windows\Minidump
2014-03-20 11:39 - 2013-04-05 15:20 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\uTorrent
2014-03-17 17:04 - 2014-03-17 17:03 - 00000000 ____D () C:\Users\Roman Pícha\AppData\Roaming\dvdcss
2014-03-12 18:35 - 2014-03-12 18:35 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-03-12 18:35 - 2013-02-19 12:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 18:35 - 2013-02-19 12:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 18:35 - 2013-02-19 12:00 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-04 15:35 - 2014-03-21 22:06 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 15:35 - 2014-03-21 22:06 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-04 15:35 - 2014-03-21 22:06 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-04 15:35 - 2013-02-19 11:55 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 15:35 - 2013-02-19 11:55 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 15:35 - 2013-02-19 11:55 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 15:35 - 2013-02-19 11:55 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-04 15:35 - 2013-02-19 11:55 - 00062408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-04 15:35 - 2013-02-19 11:55 - 00054216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-04 15:35 - 2013-02-19 11:55 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 14:06 - 2013-02-19 11:55 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 14:06 - 2013-02-19 11:55 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 14:05 - 2013-02-19 11:55 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-04 14:05 - 2013-02-19 11:55 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-04 14:05 - 2013-02-19 11:55 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 14:05 - 2013-02-19 11:55 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 14:05 - 2013-02-19 11:55 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-04 12:32 - 2014-03-21 22:09 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-22 15:31
==================== End Of Log ============================
Re: Prosím o kontrolu logu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Roman Pícha at 2014-03-29 11:16:35
Running from C:\Users\Roman Pícha\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: ESET Smart Security 6.0 (Disabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 6.0 (Disabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Disabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
==================== Installed Programs ======================
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29420 - BitTorrent Inc.)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Aktualizace NVIDIA 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.7.8981 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
ESET Smart Security (HKLM\...\{92FC71A8-BB0E-49D7-9921-EF2B4C2820E1}) (Version: 6.0.308.4 - ESET, spol s r. o.)
Fraps (HKLM-x32\...\Fraps) (Version: - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Malwarebytes Anti-Malware verze 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.10.5.3 - Marvell)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 cs)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mp3tag v2.57 (HKLM-x32\...\Mp3tag) (Version: v2.57 - Florian Heidenreich)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Ovladač 3D Vision 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Ovládací panel NVIDIA 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
Pro Evolution Soccer 2011 (HKLM-x32\...\{9773450C-E2F3-46C3-9464-1D7EDE5EFB63}) (Version: 1.01.0000 - KONAMI)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Ragnarockov ModPack (HKLM-x32\...\{0E172AD3-4F32-431E-AF8C-61DB517D505B}) (Version: 8.11.5 - Ragnarocek (c) 2014)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.7.201306141231 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.165 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.165 - Sony)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - )
theHunter (remove only) (HKLM-x32\...\theHunter) (Version: - Expansive Worlds)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
YTD Video Downloader 4.7.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.5 - ZONER software)
==================== Restore Points =========================
28-03-2014 18:43:25 End of disinfection
==================== Hosts content: ==========================
2009-07-14 03:34 - 2014-03-25 13:45 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {3D8844CF-0090-43EF-A5FA-533A26C869BC} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2013-03-07] (Microsoft)
Task: {C33B2AD6-43F2-4111-92FE-5FC09D4F02CF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {D378712F-129C-416A-895E-28D838F8695A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-02-19 11:55 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-02-25 17:39 - 2013-02-25 17:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/29/2014 11:14:50 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/29/2014 11:11:14 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.
Error: (03/29/2014 09:52:58 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.
Error: (03/29/2014 09:00:41 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 09:12:33 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/28/2014 07:08:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 07:01:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 06:54:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2014 09:09:03 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/27/2014 06:46:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (03/29/2014 11:14:25 AM) (Source: Service Control Manager) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd
Error: (03/29/2014 11:12:52 AM) (Source: sptd) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error: (03/29/2014 11:12:07 AM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/29/2014 09:00:17 AM) (Source: Service Control Manager) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd
Error: (03/29/2014 08:58:43 AM) (Source: sptd) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error: (03/28/2014 07:07:35 PM) (Source: Service Control Manager) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd
Error: (03/28/2014 07:06:02 PM) (Source: sptd) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error: (03/28/2014 07:00:45 PM) (Source: Service Control Manager) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd
Error: (03/28/2014 06:59:12 PM) (Source: sptd) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error: (03/28/2014 06:53:42 PM) (Source: Service Control Manager) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd
Microsoft Office Sessions:
=========================
Error: (03/29/2014 11:14:50 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/29/2014 11:11:14 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/m ... otstl.cabPři ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
Error: (03/29/2014 09:52:58 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/m ... otstl.cabPři ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
Error: (03/29/2014 09:00:41 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 09:12:33 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\thehunter\launcher\launcher.exe
Error: (03/28/2014 07:08:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 07:01:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 06:54:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2014 09:09:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\thehunter\launcher\launcher.exe
Error: (03/27/2014 06:46:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-03-25 13:45:36.550
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-25 13:45:36.550
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 27%
Total physical RAM: 4095.11 MB
Available physical RAM: 2952.95 MB
Total Pagefile: 8188.43 MB
Available Pagefile: 7034.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:64.31 GB) NTFS
Drive f: () (Fixed) (Total:298.08 GB) (Free:79.35 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: D145D145)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or
(Size: 119 GB) (Disk ID: 3BC8F56F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Ran by Roman Pícha at 2014-03-29 11:16:35
Running from C:\Users\Roman Pícha\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: ESET Smart Security 6.0 (Disabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 6.0 (Disabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Disabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
==================== Installed Programs ======================
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29420 - BitTorrent Inc.)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Aktualizace NVIDIA 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.7.8981 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
ESET Smart Security (HKLM\...\{92FC71A8-BB0E-49D7-9921-EF2B4C2820E1}) (Version: 6.0.308.4 - ESET, spol s r. o.)
Fraps (HKLM-x32\...\Fraps) (Version: - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Malwarebytes Anti-Malware verze 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.10.5.3 - Marvell)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (x32 Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 cs)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mp3tag v2.57 (HKLM-x32\...\Mp3tag) (Version: v2.57 - Florian Heidenreich)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Ovladač 3D Vision 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Ovládací panel NVIDIA 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
Pro Evolution Soccer 2011 (HKLM-x32\...\{9773450C-E2F3-46C3-9464-1D7EDE5EFB63}) (Version: 1.01.0000 - KONAMI)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Ragnarockov ModPack (HKLM-x32\...\{0E172AD3-4F32-431E-AF8C-61DB517D505B}) (Version: 8.11.5 - Ragnarocek (c) 2014)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.7.201306141231 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.165 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.165 - Sony)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - )
theHunter (remove only) (HKLM-x32\...\theHunter) (Version: - Expansive Worlds)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
YTD Video Downloader 4.7.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.5 - ZONER software)
==================== Restore Points =========================
28-03-2014 18:43:25 End of disinfection
==================== Hosts content: ==========================
2009-07-14 03:34 - 2014-03-25 13:45 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {3D8844CF-0090-43EF-A5FA-533A26C869BC} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2013-03-07] (Microsoft)
Task: {C33B2AD6-43F2-4111-92FE-5FC09D4F02CF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {D378712F-129C-416A-895E-28D838F8695A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-02-19 11:55 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-02-25 17:39 - 2013-02-25 17:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/29/2014 11:14:50 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/29/2014 11:11:14 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.
Error: (03/29/2014 09:52:58 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.
Error: (03/29/2014 09:00:41 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 09:12:33 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/28/2014 07:08:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 07:01:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 06:54:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2014 09:09:03 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/27/2014 06:46:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (03/29/2014 11:14:25 AM) (Source: Service Control Manager) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd
Error: (03/29/2014 11:12:52 AM) (Source: sptd) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error: (03/29/2014 11:12:07 AM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/29/2014 09:00:17 AM) (Source: Service Control Manager) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd
Error: (03/29/2014 08:58:43 AM) (Source: sptd) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error: (03/28/2014 07:07:35 PM) (Source: Service Control Manager) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd
Error: (03/28/2014 07:06:02 PM) (Source: sptd) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error: (03/28/2014 07:00:45 PM) (Source: Service Control Manager) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd
Error: (03/28/2014 06:59:12 PM) (Source: sptd) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error: (03/28/2014 06:53:42 PM) (Source: Service Control Manager) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sptd
Microsoft Office Sessions:
=========================
Error: (03/29/2014 11:14:50 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/29/2014 11:11:14 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/m ... otstl.cabPři ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
Error: (03/29/2014 09:52:58 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/m ... otstl.cabPři ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
Error: (03/29/2014 09:00:41 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 09:12:33 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\thehunter\launcher\launcher.exe
Error: (03/28/2014 07:08:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 07:01:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/28/2014 06:54:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/27/2014 09:09:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\thehunter\launcher\launcher.exe
Error: (03/27/2014 06:46:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-03-25 13:45:36.550
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-25 13:45:36.550
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 27%
Total physical RAM: 4095.11 MB
Available physical RAM: 2952.95 MB
Total Pagefile: 8188.43 MB
Available Pagefile: 7034.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:64.31 GB) NTFS
Drive f: () (Fixed) (Total:298.08 GB) (Free:79.35 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: D145D145)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or
(Size: 119 GB) (Disk ID: 3BC8F56F)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)
==================== End Of Log ============================
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
C:\Windows\AutoKMS.log
C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
C:\Users\Roman Pícha\AppData\Roaming\AVG
C:\ProgramData\AVG(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Roman Pícha at 2014-03-30 10:02:24 Run:1
Running from C:\Users\Roman Pícha\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Windows\AutoKMS.log
C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
C:\Users\Roman Pícha\AppData\Roaming\AVG
C:\ProgramData\AVG
*****************
C:\Windows\AutoKMS.log => Moved successfully.
C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} => Moved successfully.
C:\Users\Roman Pícha\AppData\Roaming\AVG => Moved successfully.
C:\ProgramData\AVG => Moved successfully.
==== End of Fixlog ====
Ran by Roman Pícha at 2014-03-30 10:02:24 Run:1
Running from C:\Users\Roman Pícha\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Windows\AutoKMS.log
C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
C:\Users\Roman Pícha\AppData\Roaming\AVG
C:\ProgramData\AVG
*****************
C:\Windows\AutoKMS.log => Moved successfully.
C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} => Moved successfully.
C:\Users\Roman Pícha\AppData\Roaming\AVG => Moved successfully.
C:\ProgramData\AVG => Moved successfully.
==== End of Fixlog ====
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Spusť OTL a klikni na Vyčisti.
Co problémy?
Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
Problém s připojením pořád trvá, jednou to zae fungovalo normálně ale po restartu za sestejné
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Stáhni Kaspersky VRT
na svojí plochu.
Spusť program Kaspersky VRT, .Program se nainstaluje.
Potvrď licenci a klikni na „Start“ . Pokud program nabídne aktualizaci , klikni dole na na „Download Now“.
- Klikni na ozubené kolečko v pravém horním rohu. V okně vyber kromě již zatržených , svojí jednotku disku , pokud jich máš víc , můžeš zatrhnout všechny.
- zvol „Automatic Scan“ nahoře vlevo. a stiskni tlačítko „Start Scanning“
- Program začne skenovat zatržené jednotky
Zaškrtnuté :
Hidden startup objects
System Memory
Disk boot sectors
Nezašrkrtnuté:
Dokumenty
My email
Počítač
Místní disk C
Místní disk D
Jednotka DVD-Rom (E)
Jednotka BD-ROM (G)
Disketová jednotka
A jiné , např. Flash disky , které máš připojeny.
- povol programu Virus Removal Tool odstranit všechny nalezené infekce
- jakmile sken skončí ,zvol záložku „Report“ , vpravo nahoře (vedle ozubeného kolečka)
- klikni na „Detected Threads“ a klikni na obrázek diskety („Save“)
- ulož do počítače zprávu a vložit ji sem do příspěvku
na svojí plochu.
Spusť program Kaspersky VRT, .Program se nainstaluje.
Potvrď licenci a klikni na „Start“ . Pokud program nabídne aktualizaci , klikni dole na na „Download Now“.
- Klikni na ozubené kolečko v pravém horním rohu. V okně vyber kromě již zatržených , svojí jednotku disku , pokud jich máš víc , můžeš zatrhnout všechny.
- zvol „Automatic Scan“ nahoře vlevo. a stiskni tlačítko „Start Scanning“
- Program začne skenovat zatržené jednotky
Zaškrtnuté :
Hidden startup objects
System Memory
Disk boot sectors
Nezašrkrtnuté:
Dokumenty
My email
Počítač
Místní disk C
Místní disk D
Jednotka DVD-Rom (E)
Jednotka BD-ROM (G)
Disketová jednotka
A jiné , např. Flash disky , které máš připojeny.
- povol programu Virus Removal Tool odstranit všechny nalezené infekce
- jakmile sken skončí ,zvol záložku „Report“ , vpravo nahoře (vedle ozubeného kolečka)
- klikni na „Detected Threads“ a klikni na obrázek diskety („Save“)
- ulož do počítače zprávu a vložit ji sem do příspěvku
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
Program nenašel nic, při pokusu vytvořit log se to zaseklo
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 109 hostů