vysoky upload

[jjuriss]

Dobry den chcel by som poziadt o kontrolu logu, mam velky vysoky upload asi 3x vyssi ako bezny dowload co sposobuje vysoky pinkg 2500ms a uplne spomaleny internet... dakujem za pomoc

[Rudy]

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[jjuriss]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-07-2017
Ran by Juraj (administrator) on JURAJ-PC (25-07-2017 19:50:19)
Running from C:\Users\Juraj\Downloads
Loaded Profiles: Juraj & UpdatusUser (Available Profiles: Juraj & UpdatusUser)
Platform: Windows 7 Ultimate (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ACD Systems) C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
(© 2015 Microsoft Corporation) C:\Users\Juraj\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Imtiger Software Inc.) C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-17] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2916584 2010-08-12] (ESET)
HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2014-11-22] ()
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1828136 2007-08-08] (Nero AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [pamfax] => C:\ProgramData\SquirrelMachineInstalls\pamfax.exe [88206848 2016-11-06] (PamConsult GmbH.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [Device Detector] => DevDetect.exe -autorun
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-03] (Nero AG)
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [BingSvc] => C:\Users\Juraj\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-11] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [cz.seznam.software.autoupdate] => "C:\Users\Juraj\AppData\Roaming\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [cz.seznam.software.szndesktop] => "C:\Users\Juraj\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [supertintin_skype] => C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe [999936 2011-01-10] (Imtiger Software Inc.)
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [DU Meter] => "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\MountPoints2: {7d3ccceb-7256-11e4-bca4-806e6f6e6963} - G:\InstAll.exe
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\MountPoints2: {f3c50061-897c-11e5-8047-ac72891e9a7d} - H:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-782316400-2823983723-2572573682-1001\...\MountPoints2: {7d3ccceb-7256-11e4-bca4-806e6f6e6963} - G:\InstAll.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-05-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [193128 2011-05-10] (NVIDIA Corporation)
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 update.ross-tech.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E5834865-BC5E-4F04-BB26-5A318D4A8408}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {0B73A7D8-3068-488C-B05E-819C5574CA86} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_27368
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {1F289AEE-C833-4A0E-ACCD-40E34D3AEE9C} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_27368
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {4B259FBA-5678-40B7-8908-620FA27017BE} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {520A0F05-2154-49EE-B204-144D32F488BC} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {5B8E9D41-3E63-472F-9740-D0CDD40C4AF4} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {98A407C3-C740-433C-A7B9-79A41D3B0720} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_27368
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {B0E549E1-CB0E-409F-B96D-5C321533A08C} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {B49950CC-F5C8-4CD1-900A-12B49940CEA4} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_27368
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {DF0FDA1F-B07D-40F0-8A63-838EDD002884} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_27368
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Pomocník pri prihlasovaní v konte Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2009-10-30] ()
Toolbar: HKLM-x32 - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30] ()
Toolbar: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2009-10-30] ()
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: (ESET Smart Security Extension) - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-11-22] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default [2017-07-25]
CHR Extension: (Prezentácie Google) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-06]
CHR Extension: (Dokumenty Google) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Disk Google) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-15]
CHR Extension: (Google Search) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tipli do prehliadača) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2017-07-19]
CHR Extension: (Tabuľky Google) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-06]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-07-19]
CHR Extension: (Google Keep – poznámky a zoznamy) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-07-18]
CHR Extension: (Rozšírenie Google Keep pre Chrome) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2016-12-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-12]
CHR Extension: (Gmail) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-15]
CHR HKU\S-1-5-21-782316400-2823983723-2572573682-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [42360 2010-08-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [810144 2010-08-12] (ESET)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [836904 2007-08-08] (Nero AG)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG)
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [168544 2010-07-29] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-07-29] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [171152 2010-07-29] (ESET)
R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [33632 2010-07-29] (ESET)
R2 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2010-07-29] (ESET)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-11-22] () [File not signed]
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()
U3 axnodvuy; C:\Windows\System32\Drivers\axnodvuy.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-25 19:50 - 2017-07-25 19:51 - 00020312 _____ C:\Users\Juraj\Downloads\FRST.txt
2017-07-25 19:50 - 2017-07-25 19:50 - 00000000 ____D C:\FRST
2017-07-25 19:49 - 2017-07-25 19:49 - 02382336 _____ (Farbar) C:\Users\Juraj\Downloads\FRST64.exe
2017-07-25 19:10 - 2017-07-25 19:10 - 00262144 _____ C:\Windows\Minidump\072517-19359-01.dmp
2017-07-25 19:01 - 2017-07-25 19:02 - 00262144 _____ C:\Windows\Minidump\072517-19500-01.dmp
2017-07-25 18:55 - 2017-07-25 19:09 - 00000000 ____D C:\AdwCleaner
2017-07-24 21:42 - 2017-07-24 21:42 - 00281454 _____ C:\Users\Juraj\Desktop\Košík _ GAFA AUTODIELY.pdf
2017-07-23 20:25 - 2017-07-23 20:25 - 00103359 _____ C:\Users\Juraj\Downloads\231934610.pdf
2017-07-15 20:05 - 2017-07-15 20:05 - 02458632 _____ (Megaify Software ) C:\Users\Juraj\Downloads\DriverToolkitInstaller.exe
2017-07-15 20:00 - 2017-07-15 20:00 - 00518058 _____ C:\Users\Juraj\Downloads\Nepotvrdené 872854.crdownload
2017-07-15 19:51 - 2017-07-15 19:51 - 00000000 ___HD C:\$Windows.~WS
2017-07-15 19:50 - 2017-07-15 19:50 - 18357776 _____ (Microsoft Corporation) C:\Users\Juraj\Downloads\MediaCreationTool.exe
2017-07-15 18:17 - 2017-07-15 18:46 - 00000432 __RSH C:\ProgramData\ntuser.pol
2017-07-15 14:39 - 2017-07-15 14:39 - 00000000 ____D C:\ProgramData\redistpart
2017-07-15 14:38 - 2017-07-15 14:38 - 00000000 ____D C:\ProgramData\formatpart
2017-07-15 14:34 - 2017-07-15 14:34 - 00000000 ____D C:\ProgramData\launcher
2017-07-15 14:34 - 2017-07-15 14:34 - 00000000 ____D C:\ProgramData\explauncher
2017-07-15 14:34 - 2017-07-15 14:34 - 00000000 ____D C:\ProgramData\deletepart
2017-07-15 14:31 - 2017-07-15 14:31 - 00000000 ____D C:\Program Files\Paragon Software

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-25 19:15 - 2009-07-14 07:13 - 00805410 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-25 19:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-07-25 19:10 - 2015-08-30 10:39 - 00000000 ____D C:\Windows\Minidump
2017-07-25 19:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-24 19:39 - 2014-11-22 21:27 - 00000000 ____D C:\Users\Juraj\AppData\Roaming\uTorrent
2017-07-24 19:37 - 2017-06-06 17:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter
2017-07-24 19:35 - 2017-06-07 22:32 - 00003348 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2017-07-23 09:28 - 2015-02-08 16:13 - 00000000 ____D C:\Users\Juraj\AppData\Local\Windows Live
2017-07-18 23:04 - 2014-11-22 23:07 - 00000000 ____D C:\Users\Juraj\AppData\Roaming\Skype
2017-07-18 19:03 - 2009-07-14 06:45 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-18 19:03 - 2009-07-14 06:45 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-17 21:42 - 2015-12-27 23:30 - 00042801 _____ C:\Users\Juraj\Desktop\Ohrievace.xlsx
2017-07-15 19:51 - 2014-11-22 16:47 - 00000000 ____D C:\Windows\Panther
2017-07-15 18:17 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-07-15 18:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-07-15 14:30 - 2014-11-22 18:46 - 00000000 ____D C:\Users\Juraj\AppData\Local\Downloaded Installations
2017-07-15 14:29 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-07-11 22:07 - 2014-12-30 18:50 - 00004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-07-11 22:07 - 2014-12-30 18:49 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-07-11 22:07 - 2014-12-30 18:49 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-11 22:06 - 2014-12-30 18:49 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-07-11 22:06 - 2014-12-30 18:49 - 00000000 ____D C:\Windows\system32\Macromed
2017-07-11 14:30 - 2016-04-27 16:03 - 00000000 ____D C:\Users\Juraj\AppData\Local\CrashDumps
2017-07-11 01:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2017-06-27 21:24 - 2014-11-22 19:24 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories =======

2014-11-22 19:00 - 2014-11-22 19:00 - 6000640 _____ () C:\Program Files (x86)\GUT61CF.tmp
2015-10-11 21:14 - 2015-10-11 21:14 - 0000209 _____ () C:\Users\Juraj\AppData\Roaming\JURAJ-PC.MTBF.txt
2015-10-11 21:15 - 2015-10-11 21:28 - 0000861 _____ () C:\Users\Juraj\AppData\Roaming\__AvidCloudManager.log
2015-10-11 21:15 - 2015-10-11 21:20 - 0000959 _____ () C:\Users\Juraj\AppData\Roaming\__AvidCloudManagerPrevious.log
2015-05-15 18:23 - 2016-10-29 20:11 - 0009216 _____ () C:\Users\Juraj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-25 18:20 - 2016-02-25 18:20 - 0000058 _____ () C:\Users\Juraj\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-10-24 23:06 - 2015-10-24 23:06 - 0000001 _____ () C:\Users\Juraj\AppData\Local\llftool.4.40.agreement
2015-08-28 23:59 - 2015-08-28 23:59 - 0007605 _____ () C:\Users\Juraj\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2009-07-14 01:38] - [2014-11-26 20:07] - 1008640 _____ (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2009-07-14 01:24] - [2014-11-26 20:07] - 0833024 _____ (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-12 18:06

==================== End of FRST.txt ============================

[Rudy]

Jak je na tom váš oper. systém s legalitou?

[jjuriss]

mam 64bit verzou WIn od kupi NB

[Rudy]

OK. Teď udělejte sken OTL:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<. Dejte oba logy.

[jjuriss]

OTL logfile created on: 25. 7. 2017 20:54:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Juraj\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,91 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 27,23% Memory free
7,82 Gb Paging File | 4,53 Gb Available in Paging File | 57,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 39,90 Gb Total Space | 1,55 Gb Free Space | 3,88% Space Free | Partition Type: NTFS
Drive D: | 30,00 Gb Total Space | 3,61 Gb Free Space | 12,05% Space Free | Partition Type: NTFS
Drive E: | 50,00 Gb Total Space | 0,51 Gb Free Space | 1,03% Space Free | Partition Type: NTFS
Drive F: | 476,17 Gb Total Space | 16,93 Gb Free Space | 3,56% Space Free | Partition Type: NTFS

Computer Name: JURAJ-PC | User Name: Juraj | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2017/07/25 20:53:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Juraj\Downloads\OTL.exe
PRC - [2015/11/11 22:57:01 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\Juraj\AppData\Local\Microsoft\BingSvc\BingSvc.exe
PRC - [2014/05/27 14:58:30 | 002,139,328 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
PRC - [2012/09/23 21:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/20 12:01:06 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011/05/10 20:47:00 | 002,009,704 | R--- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/03/30 15:42:34 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011/03/30 15:42:32 | 001,321,296 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011/03/30 15:42:30 | 000,923,984 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011/03/30 15:42:28 | 000,985,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2011/01/10 17:56:14 | 000,999,936 | ---- | M] (Imtiger Software Inc.) -- C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe
PRC - [2010/10/07 15:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/09/23 17:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010/08/17 15:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/08/12 15:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2010/07/09 23:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
PRC - [2009/12/15 11:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/10/30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009/06/19 11:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 11:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 18:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/01/30 11:35:16 | 000,451,920 | ---- | M] (ACD Systems) -- C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe
PRC - [2008/12/22 18:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/13 22:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007/08/03 13:51:18 | 001,422,632 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007/08/03 13:51:06 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2010/09/23 17:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2007/03/13 12:28:36 | 000,823,296 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nero\Lib\log4cxx.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/05/02 15:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/05/02 15:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/05/02 15:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/04/21 10:34:16 | 001,136,640 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011/04/21 09:42:50 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2011/03/03 17:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010/11/30 14:27:58 | 000,336,824 | ---- | M] (arvato digital services llc) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:64bit: - [2010/08/12 15:18:40 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010/08/12 15:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010/04/16 17:07:42 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2017/07/11 22:07:01 | 000,272,384 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/09/20 13:54:54 | 000,324,224 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/05/27 14:58:30 | 002,139,328 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2014/04/12 00:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/09/23 21:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/10 20:47:00 | 002,009,704 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/03/30 15:42:34 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011/03/30 15:42:32 | 001,321,296 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011/03/30 15:42:30 | 000,923,984 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2009/12/15 11:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/15 18:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/11/22 21:13:19 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/05/17 14:01:08 | 000,033,872 | ---- | M] (AnvSoft Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\anvsnddrv.sys -- (anvsnddrv)
DRV:64bit: - [2011/11/24 16:16:25 | 000,083,776 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2011/11/24 16:16:25 | 000,063,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011/06/02 11:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/06/02 11:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/05/10 20:47:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/05/01 15:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/04/21 10:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011/04/21 10:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011/04/12 23:18:08 | 000,142,632 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011/03/22 19:14:04 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011/03/08 15:44:08 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011/03/08 15:44:08 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011/01/27 02:57:12 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/01/13 13:58:30 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/10/14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/22 03:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/13 12:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/08/03 20:43:14 | 000,290,920 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010/07/29 14:31:26 | 000,171,152 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2010/07/29 14:31:26 | 000,168,544 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010/07/29 14:31:26 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010/07/29 14:31:26 | 000,050,624 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2010/07/29 14:31:26 | 000,033,632 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2010/04/16 17:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/07/20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBSER.sys -- (usbser)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011/05/25 20:06:20 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 18:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.msn.com/?pc=SK2M&ocid=S [Binary data over 200 bytes]
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sk
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BD 74 1A 8E 75 06 D0 01 [binary data]
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{0B73A7D8-3068-488C-B05E-819C5574CA86}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{1F289AEE-C833-4A0E-ACCD-40E34D3AEE9C}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{4B259FBA-5678-40B7-8908-620FA27017BE}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{520A0F05-2154-49EE-B204-144D32F488BC}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{5B8E9D41-3E63-472F-9740-D0CDD40C4AF4}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{98A407C3-C740-433C-A7B9-79A41D3B0720}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{B0E549E1-CB0E-409F-B96D-5C321533A08C}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{B49950CC-F5C8-4CD1-900A-12B49940CEA4}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{DF0FDA1F-B07D-40F0-8A63-838EDD002884}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014/11/22 22:29:05 | 000,000,000 | ---D | M]

[2017/04/04 20:47:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juraj\AppData\Roaming\mozilla\Extensions

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.13.3_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp\1.3.0_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.14.0_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki\3.1.17284.467_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi\3.1.16302.1110_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5917.424.0.7_0\

O1 HOSTS File: ([2016/01/27 20:41:56 | 000,000,862 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 update.ross-tech.com
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3:64bit: - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe ()
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [pamfax] C:\ProgramData\SquirrelMachineInstalls\pamfax.exe (PamConsult GmbH.)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe ()
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [BingSvc] C:\Users\Juraj\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation)
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [cz.seznam.software.autoupdate] "C:\Users\Juraj\AppData\Roaming\Seznam.cz\szninstall.exe" -c File not found
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [cz.seznam.software.szndesktop] "C:\Users\Juraj\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q File not found
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [Device Detector] DevDetect.exe -autorun File not found
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [DU Meter] "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart File not found
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [supertintin_skype] C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe (Imtiger Software Inc.)
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5834865-BC5E-4F04-BB26-5A318D4A8408}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/05/28 09:44:42 | 000,000,000 | ---D | M] - F:\AUTO 2 -- [ NTFS ]
O33 - MountPoints2\{7d3ccceb-7256-11e4-bca4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7d3ccceb-7256-11e4-bca4-806e6f6e6963}\Shell\AutoRun\command - "" = G:\InstAll.exe
O33 - MountPoints2\{f3c50061-897c-11e5-8047-ac72891e9a7d}\Shell - "" = AutoRun
O33 - MountPoints2\{f3c50061-897c-11e5-8047-ac72891e9a7d}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.ac3filter - ac3filter64.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.ACDV - File not found
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: VIDC.ACDV - ACDV.dll File not found
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.MP42 - C:\Windows\SysWow64\MPG4c32.dll (Microsoft Corporation)
Drivers32: vidc.MP43 - C:\Windows\SysWow64\MPG4c32.dll (Microsoft Corporation)
Drivers32: vidc.MPG4 - C:\Windows\SysWow64\MPG4c32.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2017/07/25 19:50:09 | 000,000,000 | ---D | C] -- C:\FRST
[2017/07/25 19:49:08 | 002,382,336 | ---- | C] (Farbar) -- C:\Users\Juraj\Desktop\FRST64.exe
[2017/07/25 18:55:21 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017/07/15 19:51:06 | 000,000,000 | -H-D | C] -- C:\$Windows.~WS
[2017/07/15 14:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\redistpart
[2017/07/15 14:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\formatpart
[2017/07/15 14:34:39 | 000,000,000 | ---D | C] -- C:\ProgramData\deletepart
[2017/07/15 14:34:27 | 000,000,000 | ---D | C] -- C:\ProgramData\explauncher
[2017/07/15 14:34:26 | 000,000,000 | ---D | C] -- C:\ProgramData\launcher
[2017/07/15 14:31:47 | 000,000,000 | ---D | C] -- C:\Program Files\Paragon Software
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2017/07/25 20:58:53 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2017/07/25 20:58:29 | 000,805,410 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017/07/25 20:58:29 | 000,669,418 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017/07/25 20:58:29 | 000,129,438 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017/07/25 20:58:00 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017/07/25 20:58:00 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017/07/25 19:49:58 | 002,382,336 | ---- | M] (Farbar) -- C:\Users\Juraj\Desktop\FRST64.exe
[2017/07/25 19:10:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017/07/25 19:10:24 | 3150,991,360 | -HS- | M] () -- C:\hiberfil.sys
[2017/07/24 21:42:26 | 000,281,454 | ---- | M] () -- C:\Users\Juraj\Desktop\Košík _ GAFA AUTODIELY.pdf
[2017/07/24 19:15:34 | 000,050,497 | ---- | M] () -- C:\Users\Juraj\Desktop\pink.jpg
[2017/07/15 18:46:42 | 000,000,432 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2017/07/11 22:07:00 | 000,803,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2017/07/11 22:07:00 | 000,144,896 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2017/07/25 20:58:53 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2017/07/24 21:42:26 | 000,281,454 | ---- | C] () -- C:\Users\Juraj\Desktop\Košík _ GAFA AUTODIELY.pdf
[2017/07/24 19:15:33 | 000,050,497 | ---- | C] () -- C:\Users\Juraj\Desktop\pink.jpg
[2017/07/15 18:17:57 | 000,000,432 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2016/12/24 03:14:31 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll
[2016/02/25 18:20:35 | 000,000,058 | ---- | C] () -- C:\Windows\SysWow64\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2016/02/25 18:20:35 | 000,000,058 | ---- | C] () -- C:\Users\Juraj\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2015/10/24 23:06:07 | 000,000,001 | ---- | C] () -- C:\Users\Juraj\AppData\Local\llftool.4.40.agreement
[2015/08/28 23:59:00 | 000,007,605 | ---- | C] () -- C:\Users\Juraj\AppData\Local\Resmon.ResmonCfg
[2015/06/02 21:57:43 | 000,476,280 | ---- | C] () -- C:\Users\Juraj\gym.jpg
[2015/05/15 18:23:44 | 000,009,216 | ---- | C] () -- C:\Users\Juraj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/11/22 19:56:09 | 041,421,415 | ---- | C] () -- C:\Users\Juraj\Strip Ustrica.mp4

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009/07/14 03:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/11/22 21:09:41 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\ACD Systems
[2016/02/25 18:27:38 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\AnvSoft
[2015/05/21 21:08:53 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\AVG
[2016/12/31 17:31:34 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\DAEMON Tools Lite
[2016/02/25 18:20:35 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\DonationCoder
[2015/05/21 21:05:16 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\DVDVideoSoft
[2014/11/22 22:29:34 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\ESET
[2015/10/26 18:30:02 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\HD Tune Pro
[2016/06/23 20:31:36 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\ICQ
[2016/02/16 23:40:47 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\IGC
[2014/12/08 18:30:34 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\IHlpr
[2014/12/08 18:32:16 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\ImgBurn
[2015/05/21 20:56:46 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\MAGIX
[2015/05/21 20:37:11 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Nico Mak Computing
[2014/12/08 18:29:59 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\OpenCandy
[2014/11/22 22:56:56 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Opera Software
[2016/11/06 00:45:50 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Pamela
[2016/11/06 00:42:38 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\PamFax
[2015/05/21 21:03:49 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\RPEng
[2017/04/12 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Seznam.cz
[2014/11/22 22:55:00 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\TuneUp Software
[2017/07/24 19:39:32 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\uTorrent
[2016/02/08 23:39:57 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\XnView

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,536 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2015/05/21 20:56:36 | 000,000,376 | ---- | C] () -- C:\Windows\Tasks\Power Suite.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\SysNative\drivers\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/11/22 21:09:41 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\ACD Systems
[2014/11/24 13:18:10 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Adobe
[2016/02/25 18:27:38 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\AnvSoft
[2015/05/21 21:08:53 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\AVG
[2014/11/23 18:34:24 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Corel
[2016/12/31 17:31:34 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\DAEMON Tools Lite
[2016/02/25 18:20:35 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\DonationCoder
[2015/05/21 21:05:16 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\DVDVideoSoft
[2014/11/22 22:29:34 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\ESET
[2014/11/22 22:59:23 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\GRETECH
[2015/10/26 18:30:02 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\HD Tune Pro
[2016/06/23 20:31:36 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\ICQ
[2014/11/22 18:26:02 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Identities
[2016/02/16 23:40:47 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\IGC
[2014/12/08 18:30:34 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\IHlpr
[2014/12/08 18:32:16 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\ImgBurn
[2014/11/22 18:56:34 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\InstallShield
[2014/11/22 18:53:28 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Intel
[2014/12/30 18:51:28 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Macromedia
[2015/05/21 20:56:46 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\MAGIX
[2009/07/14 09:54:31 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Media Center Programs
[2016/11/30 22:15:40 | 000,000,000 | --SD | M] -- C:\Users\Juraj\AppData\Roaming\Microsoft
[2017/04/04 20:47:59 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Mozilla
[2014/11/22 21:30:51 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Nero
[2015/05/21 20:37:11 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Nico Mak Computing
[2014/12/08 18:29:59 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\OpenCandy
[2014/11/22 22:56:56 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Opera Software
[2016/11/06 00:45:50 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Pamela
[2016/11/06 00:42:38 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\PamFax
[2015/05/21 21:03:49 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\RPEng
[2017/04/12 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Seznam.cz
[2017/07/18 23:04:44 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Skype
[2014/11/22 22:55:00 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\TuneUp Software
[2017/07/24 19:39:32 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\uTorrent
[2016/02/08 23:39:57 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\XnView

< %APPDATA%\*.exe /s >
[2014/10/02 07:31:16 | 001,922,152 | ---- | M] (Gretech Corporation) -- C:\Users\Juraj\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2016/06/15 21:51:38 | 031,057,032 | ---- | M] () -- C:\Users\Juraj\AppData\Roaming\ICQ\bin\icq.exe
[2016/06/15 21:51:23 | 049,178,248 | ---- | M] () -- C:\Users\Juraj\AppData\Roaming\ICQ\bin\icqsetup.exe
[2014/12/08 18:30:20 | 008,658,800 | ---- | M] (Aztec Media Inc) -- C:\Users\Juraj\AppData\Roaming\IHlpr\96ED02A2F3184D94885C9B9D1732FED1\SettingsManagerSetup.exe
[2014/12/08 18:31:02 | 028,369,720 | ---- | M] (TuneUp Software) -- C:\Users\Juraj\AppData\Roaming\IHlpr\9CD2F909D418455A84D48D8A0FFFAF79\TuneUpUtilities2014WORLDW15D_en-US.exe
[2014/11/22 22:43:41 | 000,786,492 | ---- | M] () -- C:\Users\Juraj\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
[2014/11/22 22:43:43 | 015,823,872 | ---- | M] () -- C:\Users\Juraj\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
[2014/11/22 22:43:41 | 000,107,008 | ---- | M] () -- C:\Users\Juraj\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
[2014/11/22 22:55:34 | 000,683,104 | ---- | M] (Opera Software) -- C:\Users\Juraj\AppData\Roaming\OpenCandy\6208B6FB20F24BE8B56ACEF852B3B4F9\Opera_NI_stable.exe
[2014/11/22 23:02:50 | 028,369,720 | ---- | M] (TuneUp Software) -- C:\Users\Juraj\AppData\Roaming\OpenCandy\72973B7378BD49B0B0F5EA45096622C4\TuneUpUtilities2014WORLDW1D_en-US.exe
[2014/11/22 22:54:32 | 028,369,720 | ---- | M] (TuneUp Software) -- C:\Users\Juraj\AppData\Roaming\OpenCandy\F9BF19443D5C42F5A632FADE617470F2\TuneUpUtilities2014WORLDW1D_en-US.exe
[2015/05/21 21:04:02 | 009,529,592 | ---- | M] (Lenovo Group Limited ) -- C:\Users\Juraj\AppData\Roaming\RPEng\889FE61DE2F34E80BB1C02CC60BD5EF0\LenovoSHAREit2.2.2-42715.exe
[2015/05/21 21:08:22 | 049,801,016 | ---- | M] (AVG Technologies) -- C:\Users\Juraj\AppData\Roaming\RPEng\F5809531706E4109A7EDD8B8956595C2\AVG-PC-TuneUp2015-2200620.exe
[2014/04/14 01:00:00 | 000,042,496 | ---- | M] () -- C:\Users\Juraj\AppData\Roaming\uTorrent\uninstall.exe
[2014/04/14 01:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Juraj\AppData\Roaming\uTorrent\utorrent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2015/05/21 20:57:43 | 000,000,376 | ---- | M] () -- C:\Windows\Tasks\Power Suite.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2014/10/30 16:45:50 | 006,501,656 | ---- | M] (Piriform Ltd)
"Device Detector" = DevDetect.exe -autorun
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2009/10/30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" -- [2007/08/03 13:51:06 | 000,202,024 | ---- | M] (Nero AG)
"BingSvc" = C:\Users\Juraj\AppData\Local\Microsoft\BingSvc\BingSvc.exe -- [2015/11/11 22:57:01 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation)
"cz.seznam.software.autoupdate" = "C:\Users\Juraj\AppData\Roaming\Seznam.cz\szninstall.exe" -c
"cz.seznam.software.szndesktop" = "C:\Users\Juraj\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
"supertintin_skype" = C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe /start_context sys_auto -- [2011/01/10 17:56:14 | 000,999,936 | ---- | M] (Imtiger Software Inc.)
"DU Meter" = "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009/07/14 03:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2017/06/23 05:21:09 | 001,197,912 | ---- | M] (Google Inc.) MD5=D387A06CD4BF5FCC1B50C3882F41A44E -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2017/07/25 20:58:53 | 000,000,512 | ---- | M] () MD5=BF28A5E9F6A7F50F56C458675680ECED -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010/07/08 11:23:11 | 002,889,544 | ---- | M] () -- \Users\Juraj\Documents\ICQ\441565366\ReceivedFiles\195159544 znac\RegCure 3.0.2 + Crack.rar
[2016/12/24 03:07:32 | 000,611,294 | ---- | M] () -- \Users\Juraj\Downloads\crack.zip

< *keygen* /s >
[2015/09/27 18:10:32 | 000,011,991 | ---- | M] () -- \Users\Juraj\AppData\Roaming\uTorrent\Sony-Vegas-10-HD-+-keygen-+-patch-+-CZ-návod.rar.torrent
[2010/11/23 01:32:34 | 035,350,650 | ---- | M] () -- \Users\Juraj\Documents\ICQ\441565366\ReceivedFiles\195159544 znac\Eagle 5.9.0 + keygen.rar
[2010/04/07 11:30:00 | 000,039,936 | ---- | M] () -- \Users\Juraj\Documents\ICQ\441565366\ReceivedFiles\195159544 znac\Eagle 5.9.0 + keygen\Eagle 5.9.0 + keygen\Keygen.exe

< *loader* /s >
[2006/10/26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader.dll
[2006/10/26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader.tlb
[2008/07/30 11:06:58 | 000,072,192 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2008/07/29 04:43:16 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2007/08/03 13:48:16 | 000,271,656 | ---- | M] () -- \Program Files (x86)\Common Files\Nero\Shared\NSCLoader.dll
[2014/05/27 16:15:42 | 000,597,278 | ---- | M] () -- \Program Files (x86)\Comodo\Dragon\extensions\media_downloader.crx
[2014/01/08 15:12:32 | 000,002,871 | ---- | M] () -- \Program Files (x86)\IGC\Free DWG Viewer\Igc.Loaders\loader-config.xml
[2015/02/18 17:27:02 | 000,031,516 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2005/06/07 13:25:46 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2007/08/03 12:48:14 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2007/08/03 12:48:14 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2014/12/28 14:12:49 | 000,019,765 | ---- | M] () -- \Users\Juraj\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\2.1.0.23_0\js\configLoader.js
[2014/12/28 14:12:49 | 000,002,597 | ---- | M] () -- \Users\Juraj\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\2.1.0.23_0\js\scriptLoader.js
[2017/07/12 10:37:38 | 000,003,208 | ---- | M] () -- \Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.13.3_0\skin\ajax-loader.gif
[2017/07/19 09:25:16 | 000,003,605 | ---- | M] () -- \Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.14.0_0\icons\loader.gif
[2017/07/19 09:25:16 | 000,003,208 | ---- | M] () -- \Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.14.0_0\skin\ajax-loader.gif
[2014/11/22 21:20:38 | 000,057,728 | ---- | M] () -- \Users\Juraj\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DTLite.gadget\img\dt_dadget_loader.png
[2014/01/08 15:12:32 | 000,002,871 | ---- | M] () -- \Users\Juraj\AppData\Roaming\IGC\Brava! FreeDWG Viewer\loader-config.xml
[2010/04/26 00:17:48 | 014,277,301 | ---- | M] () -- \Users\Juraj\Documents\ICQ\441565366\ReceivedFiles\264049369 Ptm\databaza_tel.cisel_by_Shadow_of_elite_uploaders_group.part1.rar
[2017/07/25 21:11:19 | 000,031,240 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-4B76CB3C.pf
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 09:44:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 09:44:39 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009/07/14 09:44:39 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009/07/14 09:44:39 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009/07/14 09:44:39 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2009/07/14 04:58:45 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2009/07/14 04:58:45 | 000,641,088 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.efi_75834aa0
[2009/07/14 04:58:45 | 000,604,192 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.exe_75835076
[2009/07/14 04:58:45 | 000,557,136 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.efi_85cd069f
[2009/07/14 04:58:45 | 000,518,352 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 09:43:41 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

[jjuriss]

OTL Extras logfile created on: 25. 7. 2017 20:54:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Juraj\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,91 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 27,23% Memory free
7,82 Gb Paging File | 4,53 Gb Available in Paging File | 57,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 39,90 Gb Total Space | 1,55 Gb Free Space | 3,88% Space Free | Partition Type: NTFS
Drive D: | 30,00 Gb Total Space | 3,61 Gb Free Space | 12,05% Space Free | Partition Type: NTFS
Drive E: | 50,00 Gb Total Space | 0,51 Gb Free Space | 1,03% Space Free | Partition Type: NTFS
Drive F: | 476,17 Gb Total Space | 16,93 Gb Free Space | 3,56% Space Free | Partition Type: NTFS

Computer Name: JURAJ-PC | User Name: Juraj | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-782316400-2823983723-2572573682-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 11.0.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 11.0.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03316973-FC82-45B1-A8B4-40D97DB34C83}" = lport=445 | protocol=6 | dir=in | app=system |
"{07FB20CC-B0CA-403F-9AD2-499B69E2C7F5}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{12A38A42-0C5B-432C-AAFB-35ECA30405BE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{13A377BE-25B5-4EA0-AFE9-DDB5DF317164}" = rport=139 | protocol=6 | dir=out | app=system |
"{15C303A2-CFBC-4DD4-86ED-6A638F8341B3}" = lport=137 | protocol=17 | dir=in | app=system |
"{339EF21A-6DED-4379-B3E3-B066C9C03B45}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{37F50EF2-21E5-4582-96E5-EEFFD7F0332C}" = rport=138 | protocol=17 | dir=out | app=system |
"{5BD25D9E-E568-451A-A59D-79F534BC274B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7EB1E714-8B0B-417A-BFB7-9C96F5704255}" = lport=138 | protocol=17 | dir=in | app=system |
"{9AAA1C38-E0FE-46C2-8382-43784F8AEB19}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A8AA43B3-B37C-442A-AAFF-80161566DE9D}" = rport=445 | protocol=6 | dir=out | app=system |
"{AAD5FB7F-6974-4FE9-917A-CB1269D95DB6}" = lport=139 | protocol=6 | dir=in | app=system |
"{C26E8999-1017-4DDD-A3ED-9663AB6E6DFF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CE36CC65-47AB-414B-9098-DF3F0E8F1EF2}" = rport=137 | protocol=17 | dir=out | app=system |
"{FEE755EB-DDA2-461D-B92B-E52E17C335ED}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01DAAB7B-85C3-4C37-9298-E2B1BE278BF6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0291CFFD-F26F-4943-9330-C201EC939C59}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{05D42926-F1B1-4252-8198-55420AF32BEC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{063BCDA6-4C3D-4704-9C83-37B86540C819}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0679793A-31AE-4EA8-ABF4-7D07E4DFCD8E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2882494E-7193-467D-A9EC-B1F6C861471F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3ABDB78E-6455-4FCF-B358-178BB1F878D8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6243CBEE-02FF-4AB0-9144-BCDAF13561B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D05E9A3A-E108-4E3A-9878-958C6280C802}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D838F07E-A2AA-427C-9A18-684833E7B74C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F1F2D484-CD20-40E0-88F1-B1686747FE49}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F6EF2144-B909-4BFA-84C2-2755EEEBB09B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FCD9C270-D6AF-4258-B99A-50FBD9F21AC2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{338B6889-5C98-4439-83D8-50BB21266602}C:\users\juraj\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\juraj\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{A4B24DCE-C7D0-4A99-88C4-342549B0D355}C:\users\juraj\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\juraj\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{8EA1D92D-C873-499F-B969-BFAD72BED83C}C:\users\juraj\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\juraj\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{A28BBE3A-CC79-495D-A36D-F4F32F98532D}C:\users\juraj\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\juraj\appdata\roaming\utorrent\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 (64-Bit)
"_{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}" = Corel Graphics - Windows Shell Extension
"{006B5C65-3938-4246-B182-994A7E415EDE}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{10762393-1B90-4AC2-AF1A-4C0C04AE303F}" = CorelDRAW Graphics Suite X6 - VBA (x64)
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1967EF95-E00B-4669-8B1C-A589BE8BF24F}" = CorelDRAW Graphics Suite X6 - Capture (x64)
"{1E3A578C-0A7D-4820-990F-B7545C0B2303}" = CorelDRAW Graphics Suite X6 - VSTA (x64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{27AE72A4-B217-4CDC-B82B-3311E9D7460E}" = CorelDRAW Graphics Suite X6 - Draw (x64)
"{2C72B5E4-AA34-4F1A-8C7E-468530F9F6A3}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64)
"{35869A6C-BA31-4F23-B52D-BC1B1E41EC1B}" = CorelDRAW Graphics Suite X6 - Common (x64)
"{3933C06C-8239-432B-87FC-F2BDC5B49A10}" = CorelDRAW Graphics Suite X6 - FontNav (x64)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software
"{6099F026-0A98-4D40-9B3D-ED2123A8CBD0}" = CorelDRAW Graphics Suite X6 - Redist (x64)
"{63264409-6933-48E9-B0AD-A70367E98BAF}" = ESET Smart Security
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7386B5FA-8715-481D-821F-7785110506DF}" = CorelDRAW Graphics Suite X6 - Custom Data (x64)
"{79899C6B-E315-4A3F-8904-02DEAB8D660D}" = Corel Graphics - Windows Shell Extension 32 Bit
"{7B79AE44-9B76-4815-84E5-ACAC3F0F0278}" = CorelDRAW Graphics Suite X6 - VideoBrowser (x64)
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
"{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AAAB95-AEBE-437A-B7CA-37C7BE13FFE9}" = CorelDRAW Graphics Suite X6 - Connect (x64)
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}" = Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 268.56
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 268.56
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6294D78-AFAA-48DF-8243-B41902D7F236}" = CorelDRAW Graphics Suite X6 - CZ (x64)
"{B6DF7031-2843-44FD-9CAB-DECAB4257456}" = CorelDRAW Graphics Suite X6 - IPM
"{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 - Setup Files (x64)
"{CCE7423E-1D84-4CD3-9E32-220EC9358D97}" = CorelDRAW Graphics Suite X6 (x64)
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D7C2687D-924E-4485-B367-C7D95CBF8DDD}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64)
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DDE82E3D-20C4-48E1-AE1D-B1F10E42CA44}" = CorelDRAW Graphics Suite X6 - Writing Tools (x64)
"{E699230D-4B5E-411E-9F45-FF50789B18DD}" = CorelDRAW Graphics Suite X6 - Filters (x64)
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}" = Corel Graphics - Windows Shell Extension
"B96C1D4A95ACD188E351BBECB7D9F4E663F44BC2" = Windows Driver Package - Ross-Tech USB Driver Package (06/16/2010 2.06.02)
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.30
"Elantech" = ETDWare PS/2-X64 8.0.5.3_WHQL
"ProInst" = Intel PROSet Wireless

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{0CD05078-D4F3-4006-8726-B01E10A89B28}" = Movie Maker
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15BFD731-A10E-43E9-9D18-0F682BC0480F}" = Photo Common
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2F3E0052-438D-4D42-873C-94223F25FF7A}" = Windows Live UX Platform Language Pack
"{300578F9-9EFF-4B93-9AB1-C0E5707EF463}" = ACDSee Photo Manager 2009
"{3D2CF65C-B544-4308-B996-700D3E5F6C4C}" = Movie Maker
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{47AC83D4-C2CE-4F1F-8494-FB08066B38E3}" = Windows Live Essentials
"{5B87607E-E781-49C5-9891-80990E45BCA1}" = Fotogaléria
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{616CD10B-1EC7-41D2-8C14-3ECE93E7AEE9}_is1" = Pinnale Systems Software Keys
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}" = Skype Click to Call
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1051}" = Nero 8
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{3C3813E1-C370-4F32-9639-8B43C7C780CD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROPLUS_{685D17E5-D868-4A77-B58E-255DEBA78262}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{F67648A4-713E-4298-BBAD-A83D8283B0F3}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{00C5525B-3CB3-467D-8100-2E6FB306CD86}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002A-041B-1000-0000000FF1CE}_PROPLUS_{FE295FA2-72FC-4859-85B3-0E6685DB13A4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROPLUS_{FE295FA2-72FC-4859-85B3-0E6685DB13A4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}" = Windows Live Essentials
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{BC66852F-0928-494F-B3C1-5FF5DB4F88BC}" = Free DWG Viewer 7.3
"{BFF23267-1D19-444E-93E2-E5059BE805EA}" = Dazzle Video Capture DVC100 X64 Driver 1.06
"{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}" = Metric Collection SDK 35
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D18F29F4-3609-4FBD-8A76-57B6AC3404F3}" = Photo Common
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{DE7A4697-02F4-4D1E-828C-FC9048C7A794}_is1" = VCDS-Release-11.11.3 version 11.11.3
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}" = Windows Live UX Platform Language Pack
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F37D360D-9308-4BB1-8515-DC6B637B9486}" = Fotogalerie
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.29
"AC3Filter_is1" = AC3Filter 2.6.0b
"ACDSee 2009 Photo Manager Build 85" = Čeština do ACDSee 2009 Photo Manager Build 85
"Adobe Flash Player ActiveX" = Adobe Flash Player 26 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 26 NPAPI
"Comodo Dragon" = Comodo Dragon
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.59.505
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"ImgBurn" = ImgBurn
"MProg 3.0a" = MProg 3.0a
"ProInst" = Intel PROSet Wireless
"PROPLUS" = Microsoft Office Professional Plus 2007
"Supertintin Skype Video Call Recorder_is1" = Supertintin 1.2.0.4
"TSR Watermark Image_is1" = TSR Watermark Image software version 3.5.7.1
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-782316400-2823983723-2572573682-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"icq.desktop" = ICQ (version 10.0.12091)
"SeznamInstall" = Seznam Software

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 25. 7. 2017 14:58:29 | Computer Name = Juraj-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

[ System Events ]
Error - 25. 7. 2017 13:07:46 | Computer Name = Juraj-PC | Source = Service Control Manager | ID = 7031
Description = Služba Rýchle načítanie sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.

Error - 25. 7. 2017 13:07:46 | Computer Name = Juraj-PC | Source = Service Control Manager | ID = 7031
Description = Služba Distributed Link Tracking Client sa neočakávane ukončila. Služba
sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná
akcia: Reštartovať službu.

Error - 25. 7. 2017 13:07:46 | Computer Name = Juraj-PC | Source = Service Control Manager | ID = 7031
Description = Služba Správca relácie Správcu okien na pracovnej ploche sa neočakávane
ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná
nasledujúca opravná akcia: Reštartovať službu.

Error - 25. 7. 2017 13:07:46 | Computer Name = Juraj-PC | Source = Service Control Manager | ID = 7034
Description = Služba Diagnostic System Host sa neočakávane ukončila. Služba sa týmto
spôsobom ukončila už 1-krát.

Error - 25. 7. 2017 13:07:46 | Computer Name = Juraj-PC | Source = Service Control Manager | ID = 7031
Description = Služba WLAN AutoConfig sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.

Error - 25. 7. 2017 13:07:46 | Computer Name = Juraj-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Driver Foundation - User-mode Driver Framework sa neočakávane
ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná
nasledujúca opravná akcia: Reštartovať službu.

Error - 25. 7. 2017 13:10:30 | Computer Name = Juraj-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 19:08:50 on ?25. ?7. ?2017 was unexpected.

Error - 25. 7. 2017 13:10:34 | Computer Name = JURAJ-PC | Source = BugCheck | ID = 1001
Description =

Error - 25. 7. 2017 13:11:41 | Computer Name = Juraj-PC | Source = Service Control Manager | ID = 7034
Description = Služba Bluetooth OBEX Service sa neočakávane ukončila. Služba sa týmto
spôsobom ukončila už 1-krát.

Error - 25. 7. 2017 14:13:00 | Computer Name = Juraj-PC | Source = DCOM | ID = 10001
Description =


< End of report >

[Rudy]

Spusťte znovu OTL jako správce.
Do spodniho okna vlozte nasledujici text:

:OTL
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [BingSvc] C:\Users\Juraj\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{7d3ccceb-7256-11e4-bca4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7d3ccceb-7256-11e4-bca4-806e6f6e6963}\Shell\AutoRun\command - "" = G:\InstAll.exe
O33 - MountPoints2\{f3c50061-897c-11e5-8047-ac72891e9a7d}\Shell - "" = AutoRun
O33 - MountPoints2\{f3c50061-897c-11e5-8047-ac72891e9a7d}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
Drivers32:64bit: VIDC.ACDV - File not found
Drivers32: VIDC.ACDV - ACDV.dll File not found

:files
C:\Users\Juraj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Juraj\AppData\Local\Microsoft\BingSvc
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[jjuriss]

All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-782316400-2823983723-2572573682-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-782316400-2823983723-2572573682-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc deleted successfully.
C:\Users\Juraj\AppData\Local\Microsoft\BingSvc\BingSvc.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-782316400-2823983723-2572573682-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d3ccceb-7256-11e4-bca4-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7d3ccceb-7256-11e4-bca4-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d3ccceb-7256-11e4-bca4-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7d3ccceb-7256-11e4-bca4-806e6f6e6963}\ not found.
File G:\InstAll.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3c50061-897c-11e5-8047-ac72891e9a7d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f3c50061-897c-11e5-8047-ac72891e9a7d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3c50061-897c-11e5-8047-ac72891e9a7d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f3c50061-897c-11e5-8047-ac72891e9a7d}\ not found.
File H:\setup_vmc_lite.exe /checkApplicationPresence not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\Drivers32 VIDC.ACDV not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.ACDV deleted successfully.
========== FILES ==========
C:\Users\Juraj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Users\Juraj\AppData\Local\Microsoft\BingSvc folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Juraj
->Temp folder emptied: 404540 bytes
->Temporary Internet Files folder emptied: 6250692 bytes
->Google Chrome cache emptied: 140120628 bytes
->Flash cache emptied: 506 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 156232 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 18899940 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 158,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Juraj
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 07252017_220711

Files\Folders moved on Reboot...
C:\Users\Juraj\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Rudy]

Smazáno. Nastala nějaká změna?

[jjuriss]

zial upload je stale vysoky... ked vypinem par krat po sebe wifi tak to klesne na normal ale po nejako case zas upload vystupi na vysoke hodnoty

[Rudy]

Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[jjuriss]

Malwarebytes
www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 26.07.17
Čas skenovania: 19:31
Súbor denníka: aaa.txt
Správca: Áno

-Údaje o softvéri-
Verzia: 3.1.2.1733
Verzia súčastí: 1.0.160
Aktualizovať verziu balíka: 1.0.2443
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 7
Procesor: x64
Systém súborov: NTFS
Používateľ: Juraj-PC\Juraj

-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Výsledok: Dokončené
Preskenované objekty: 365465
Zistené hrozby: 17
Hrozby umiestnené do karantény: 0
(Nezistili sa nijaké škodlivé položky)
Uplynulý čas: 8 min, 1 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Povolené
PUM: Povolené

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Hodnota databázy Registry: 1
CrackTool.Agent.Keygen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|AutoKMS, Bez zásahu používateľa, [351], [89405],1.0.2443

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 8
PUP.Optional.IHlpr, C:\USERS\JURAJ\APPDATA\ROAMING\IHlpr\96ED02A2F3184D94885C9B9D1732FED1, Bez zásahu používateľa, [12480], [177732],1.0.2443
PUP.Optional.IHlpr, C:\USERS\JURAJ\APPDATA\ROAMING\IHlpr\9CD2F909D418455A84D48D8A0FFFAF79, Bez zásahu používateľa, [12480], [177732],1.0.2443
PUP.Optional.OpenCandy, C:\Users\Juraj\AppData\Roaming\OpenCandy\6208B6FB20F24BE8B56ACEF852B3B4F9, Bez zásahu používateľa, [546], [173202],1.0.2443
PUP.Optional.OpenCandy, C:\Users\Juraj\AppData\Roaming\OpenCandy\72973B7378BD49B0B0F5EA45096622C4, Bez zásahu používateľa, [546], [173202],1.0.2443
PUP.Optional.OpenCandy, C:\Users\Juraj\AppData\Roaming\OpenCandy\96ED02A2F3184D94885C9B9D1732FED1, Bez zásahu používateľa, [546], [173202],1.0.2443
PUP.Optional.OpenCandy, C:\Users\Juraj\AppData\Roaming\OpenCandy\9CD2F909D418455A84D48D8A0FFFAF79, Bez zásahu používateľa, [546], [173202],1.0.2443
PUP.Optional.OpenCandy, C:\Users\Juraj\AppData\Roaming\OpenCandy\F9BF19443D5C42F5A632FADE617470F2, Bez zásahu používateľa, [546], [173202],1.0.2443
PUP.Optional.OpenCandy, C:\USERS\JURAJ\APPDATA\ROAMING\OpenCandy, Bez zásahu používateľa, [546], [173202],1.0.2443

Súbor: 8
PUP.Optional.IHlpr, C:\Users\Juraj\AppData\Roaming\IHlpr\96ED02A2F3184D94885C9B9D1732FED1\SettingsManagerSetup.exe, Bez zásahu používateľa, [12480], [177732],1.0.2443
PUP.Optional.IHlpr, C:\Users\Juraj\AppData\Roaming\IHlpr\9CD2F909D418455A84D48D8A0FFFAF79\TuneUpUtilities2014WORLDW15D_en-US.exe, Bez zásahu používateľa, [12480], [177732],1.0.2443
PUP.Optional.OpenCandy, C:\Users\Juraj\AppData\Roaming\OpenCandy\6208B6FB20F24BE8B56ACEF852B3B4F9\Opera_NI_stable.exe, Bez zásahu používateľa, [546], [173202],1.0.2443
PUP.Optional.OpenCandy, C:\Users\Juraj\AppData\Roaming\OpenCandy\72973B7378BD49B0B0F5EA45096622C4\TuneUpUtilities2014WORLDW1D_en-US.exe, Bez zásahu používateľa, [546], [173202],1.0.2443
PUP.Optional.OpenCandy, C:\Users\Juraj\AppData\Roaming\OpenCandy\F9BF19443D5C42F5A632FADE617470F2\TuneUpUtilities2014WORLDW1D_en-US.exe, Bez zásahu používateľa, [546], [173202],1.0.2443
CrackTool.Agent.Keygen, C:\WINDOWS\AUTOKMS.EXE, Bez zásahu používateľa, [351], [89405],1.0.2443
Trojan.Agent, C:\USERS\JURAJ\DESKTOP\VAGCOM11.11-FRENCH.ZIP, Bez zásahu používateľa, [24], [269851],1.0.2443
RiskWare.Tool.HCK, C:\USERS\JURAJ\DOWNLOADS\CRACK.ZIP, Bez zásahu používateľa, [2283], [65610],1.0.2443

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)


(end)

[Rudy]

Všechny nalezené položky smažte.