Logfile of random's system information tool 1.10 (written by random/random)
Run by profesor Orfanik at 2018-07-06 09:34:19
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 1 GB (4%) free of 40 GB
Total RAM: 3990 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:34:25, on 6.7.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.17457)
Boot mode: Normal
Running processes:
D:\Steam\Steam.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXE
C:\Program Files (x86)\Microsoft Office\Office\EXCEL.EXE
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
D:\Programy\RSIT.exe
C:\Program Files (x86)\trend micro\profesor Orfanik.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Steam] "D:\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [EEDSpeedLauncher] rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Save the YouTube video as MP3 - C:\Users\profesor Orfanik\AppData\Roaming\Free YouTube to MP3 Converter Studio\Free YouTube to MP3 Converter Studio.htm
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{10F9E687-DC2B-4ECB-A07C-CADE31043B17}: NameServer = 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{10F9E687-DC2B-4ECB-A07C-CADE31043B17}: NameServer = 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{10F9E687-DC2B-4ECB-A07C-CADE31043B17}: NameServer = 8.8.8.8
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11767 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
"web2pdfextension@web2pdf.adobedotcom"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.113 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.171.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.171.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
npwachk.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-18 480200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-05-17 820672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2018-06-05 167480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-18 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03 339872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"NBAgent"=C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2012-01-03 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2012-01-03 815512]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28 588704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2018-03-30 8887216]
"Steam"=D:\Steam\Steam.exe [2018-06-09 3201312]
"EEDSpeedLauncher"=C:\Windows\system32\eed_ec.dll,SpeedLauncher []
"WDICT32"= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-04-24 17074688]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.avis"=ff_acm.acm
"VIDC.ACDV"=ACDV.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-07-06 09:34:20 ----D---- C:\Program Files (x86)\trend micro
2018-07-06 09:18:45 ----D---- C:\Program Files (x86)\Monkey's Audio
2018-07-06 09:18:45 ----A---- C:\Windows\SysWOW64\MACDll.dll
2018-06-30 21:18:15 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2018-06-20 08:34:57 ----ASH---- C:\pagefile.sys
======List of files/folders modified in the last 1 month======
2018-07-06 09:34:25 ----D---- C:\Windows\Prefetch
2018-07-06 09:34:20 ----RD---- C:\Program Files (x86)
2018-07-06 09:34:14 ----D---- C:\Windows\Temp
2018-07-06 09:18:45 ----D---- C:\Windows\SysWOW64
2018-07-06 09:11:15 ----SHD---- C:\Windows\Installer
2018-07-06 09:03:28 ----D---- C:\Users\profesor Orfanik\AppData\Roaming\Azureus
2018-07-06 08:43:26 ----D---- C:\Windows\System32
2018-07-06 08:43:26 ----D---- C:\Windows\inf
2018-07-06 07:12:44 ----A---- C:\Windows\SysWOW64\log.txt
2018-07-05 21:15:40 ----A---- C:\LOGFILE.TXT
2018-07-05 17:15:25 ----SHD---- C:\System Volume Information
2018-07-03 15:13:40 ----A---- C:\Windows\winamp.ini
2018-07-01 08:58:20 ----D---- C:\Windows\SysWOW64\Macromed
2018-06-30 15:59:46 ----RD---- C:\Program Files
2018-06-30 07:57:11 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-29 09:05:09 ----D---- C:\Program Files (x86)\Mozilla Firefox
2018-06-24 08:21:23 ----HD---- C:\ProgramData
2018-06-24 08:21:19 ----D---- C:\Windows
2018-06-22 08:10:06 ----D---- C:\Program Files (x86)\McAfee
2018-06-19 10:43:15 ----D---- C:\Users\profesor Orfanik\AppData\Roaming\vlc
2018-06-09 21:38:20 ----D---- C:\Users\profesor Orfanik\AppData\Roaming\Mp3tag
2018-06-07 15:46:22 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-06-07 14:38:53 ----A---- C:\Windows\NeroDigital.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys []
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys []
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys []
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys []
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys []
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys []
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys []
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys []
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys []
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys []
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys []
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys []
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys []
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys []
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys []
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2017-02-14 111608]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2012-11-13 10368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2017-02-09 173472]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-05-17 317280]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-12-16 277784]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-09 6541008]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2018-06-05 604824]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-05-17 7620096]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-04 164984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-07 335872]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-04 164984]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-01-13 274200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-06-29 194512]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2008-12-22 104944]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Zdravím!
Jak je na tom váš oper. systém s legalitou?
Jak je na tom váš oper. systém s legalitou?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
hotentot87
- Návštěvník
- Příspěvky: 24
- Registrován: 28 kvě 2009 20:55
Re: Prosim o kontrolu logu
Sám ani nevím. Dostal jsem ho jako celek.
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
To je chyba, to máte věeět. Udělejte tento sken:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
a klikněte na >Prohledat<. Dejte oba logy.CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
hotentot87
- Návštěvník
- Příspěvky: 24
- Registrován: 28 kvě 2009 20:55
Re: Prosim o kontrolu logu
OTL Extras logfile created on: 12.7.2018 12:35:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Programy
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17457)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,90 Gb Total Physical Memory | 3,03 Gb Available Physical Memory | 77,73% Memory free
7,79 Gb Paging File | 6,32 Gb Available in Paging File | 81,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 39,06 Gb Total Space | 1,38 Gb Free Space | 3,52% Space Free | Partition Type: NTFS
Drive D: | 892,35 Gb Total Space | 9,99 Gb Free Space | 1,12% Space Free | Partition Type: NTFS
Drive F: | 7,45 Gb Total Space | 7,45 Gb Free Space | 99,92% Space Free | Partition Type: FAT32
Computer Name: PROFESORORFANIK | User Name: profesor Orfanik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-4136603709-616968637-3338858671-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0986A057-271E-40C6-89EE-99191A67A6FE}" = rport=139 | protocol=6 | dir=out | app=system |
"{0A869A3E-C23E-4224-B579-82A9D696B4BC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{125789D9-E809-4BA7-A80C-DD95B87ACAD8}" = rport=138 | protocol=17 | dir=out | app=system |
"{17968A7E-820C-48FE-ADC0-AC7155886C9C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{20A818CA-1A44-4FC0-90D4-1802E499AE3C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{60E0E1A3-BA30-42F2-B4AA-9A77D244DE27}" = lport=138 | protocol=17 | dir=in | app=system |
"{671B48FB-0A52-4399-B13C-0895A904F51E}" = rport=445 | protocol=6 | dir=out | app=system |
"{68A6EEA7-1D9C-4181-AF3E-5E620715B9DC}" = lport=445 | protocol=6 | dir=in | app=system |
"{69C9A7C8-BC9A-4BE8-9AC6-097AEAD3C962}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{870670F4-6E56-4A08-97D8-2B6518734288}" = lport=137 | protocol=17 | dir=in | app=system |
"{B2E989E0-E568-4B40-B62B-F0627962DC48}" = lport=139 | protocol=6 | dir=in | app=system |
"{C1156EBD-5262-45EA-94CA-BB166A3692DD}" = rport=137 | protocol=17 | dir=out | app=system |
"{C473E1E0-BC41-476C-A019-41930178E954}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FE3258CD-2590-46AF-BCCC-4F6960229AD1}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\avast software\browser\application\avastbrowser.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{170BCF46-D81A-405B-9151-EDAB40F05DB6}" = protocol=6 | dir=in | app=c:\program files\common files\common desktop agent\cdasrv.exe |
"{1D235DAB-26D8-4AAA-B4DF-9436F9E3243C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\empire total war\empire.exe |
"{20E0AABE-A641-464E-A857-E6E33A570878}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3AAF8281-EAEE-4AF1-AF91-FA6849CBCF5E}" = protocol=17 | dir=in | app=c:\program files\common files\common desktop agent\cdasrv.exe |
"{3BA34D45-09F2-463F-885A-81F78E4F8C48}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3CD4F1E9-9383-4625-A591-178B88BC38D9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4F71E4C3-0573-446D-A53E-D3E16697ABED}" = protocol=6 | dir=in | app=d:\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{598C9936-9D88-48BE-BA18-23355FC23C23}" = dir=in | app=c:\program files (x86)\samsung\easy printer manager\uninstall.exe |
"{5F2581BB-ECD7-4B91-9287-CC5593DA64E5}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{60A6411E-549F-40B2-B55F-2976156D7EDC}" = protocol=6 | dir=in | app=d:\steam\bin\steamwebhelper.exe |
"{7B3EBC59-406D-4A0A-B64D-C53F80702D5B}" = dir=in | app=c:\program files (x86)\samsung\easy printer manager\ids.application.exe |
"{7B90C533-BE84-4640-B54D-2C5AC0E699CC}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{7D0905DF-1C17-4192-9D7A-754FB21538A4}" = dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\cdas2pc.exe |
"{82052335-41E8-42A5-93DA-74404170DF5C}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{84FF6267-083C-48FF-8887-09A6C8F15647}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{88D9FC7A-5C53-43C4-9276-D61395CA7CA4}" = dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\scanprocess.exe |
"{8AA4D044-9F74-48DB-AF09-DD656C9655E9}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{8ACC742D-C90A-4B3C-942A-CA1ADA6D24A7}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{91359552-8935-4031-A1D4-4A2CBA702B2C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{99207720-DE32-4C51-A12A-ADF8A32C821A}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{A618ACE4-A193-46D0-8B3E-A54EE38A0315}" = dir=in | app=c:\program files (x86)\samsung\easy printer manager\idsalert.exe |
"{ABEA580B-0C1F-4A3D-805B-5AC2DE2D3492}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\empire total war\empire.exe |
"{AEEB08F0-AFD2-4A5D-A33C-B54C1C59F282}" = dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\scan2pcnotify.exe |
"{BEC1482A-7829-4468-9CE7-E88A2A273FE1}" = dir=in | app=c:\program files (x86)\samsung\easy printer manager\ordersupplies.exe |
"{D287536F-80AA-4DA4-80A1-A8122E734667}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{E3747F45-4DFE-43ED-908E-02AADF174955}" = protocol=17 | dir=in | app=d:\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{E972E14C-8718-4248-B768-1FC7D113E0B5}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{F1AADBEB-0D21-4DE7-AD64-7A6A85104E8B}" = protocol=17 | dir=in | app=d:\steam\bin\steamwebhelper.exe |
"TCP Query User{3470D834-0DE7-491D-BE64-6FE0B32A4E90}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{589A7E2E-BBD7-47D9-BD3E-0B122EA1EE22}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{70105403-59FD-4257-8919-5B10EFDBF008}D:\steam\steam.exe" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"TCP Query User{B3E549A4-E6F2-4E4B-AEAB-87622A423F6D}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{1B4FDD46-AB0D-4953-AEBB-D09BBBEECA56}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{9ACD9658-92B5-4052-A8C5-6AD02DAE0686}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{CCE41505-F429-498F-9B25-5868238BEBA6}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{F6402E44-A9B8-4210-AC2E-1175C902BE59}D:\steam\steam.exe" = protocol=17 | dir=in | app=d:\steam\steam.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{031A0E14-0413-4C97-9772-2639B782F46F}" = Common Desktop Agent
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{26A24AE4-039D-4CA4-87B4-2F64180171F0}" = Java 8 Update 171 (64-bit)
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes verze 3.5.1.2522
"{3677A6FF-9C6F-48B7-B0DC-E958C2FE4FFF}" = Document Express DjVu Plug-in
"{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client
"{64A3A4F4-B792-11D6-A78A-00B0D0170090}" = Java SE Development Kit 7 Update 9 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{C94E4233-8F6D-4B45-B369-AE7BB44D6A7B}" = DjVu Shell Extension Pack
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"7-Zip" = 7-Zip 18.01 (x64)
"CCleaner" = CCleaner
"Mozilla Firefox 61.0.1 (x64 cs)" = Mozilla Firefox 61.0.1 (x64 cs)
"Recuva" = Recuva
"WinDjView" = WinDjView 2.0.2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.6.4.6052
"{26A24AE4-039D-4CA4-87B4-2F32180171F0}" = Java 8 Update 171
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee WebAdvisor
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{739126B3-1C80-4F1F-8D59-312A19633E1A}_is1" = Epub reader
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824272646}" = Adobe Refresh Manager
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.18) - Czech
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player NPAPI" = Adobe Flash Player 30 NPAPI
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"ASIOProxy" = ASIO Proxy for foobar2000
"Avast Antivirus" = Avast Free Antivirus
"Avast Secure Browser" = Avast Secure Browser
"BSPlayer1" = BSPlayer
"DAEMON Tools Lite" = DAEMON Tools Lite
"DjVuLibre+DjView" = DjVuLibre+DjView
"Easy CD-DA Extractor 15" = Easy CD-DA Extractor 15
"Exact Audio Copy" = Exact Audio Copy 0.95b4
"FBReader for Windows" = FBReader for Windows
"ffdshow_is1" = ffdshow v1.2.4486 [2012-08-25]
"Free YouTube to MP3 Converter Studio_is1" = Free YouTube to MP3 Converter Studio 8.4
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = CorelDRAW Graphics Suite 11
"Monkey's Audio_is1" = Monkey's Audio
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.53
"Pc Translator 2012 1.20" = Pc Translator 2012 1.20
"Samsung Easy Printer Manager" = Samsung Easy Printer Manager
"Samsung M262x 282x Series" = Samsung M262x 282x Series
"Samsung Printer Diagnostics" = Samsung Printer Diagnostics
"Samsung Printer Live Update" = Samsung Printer Live Update
"Steam App 10500" = Empire: Total War
"Totalcmd" = Total Commander (Remove or Repair)
"View User Guide" = Zobrazit uživatelskou příručku
"VLC media player" = VLC media player
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4136603709-616968637-3338858671-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.7.2018 16:11:14 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 11.7.2018 23:09:18 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 11.7.2018 23:11:13 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 12.7.2018 0:11:14 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 12.7.2018 1:11:16 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 12.7.2018 2:11:13 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 12.7.2018 3:11:15 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 12.7.2018 4:11:17 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 12.7.2018 5:11:15 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 12.7.2018 6:11:17 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
[ System Events ]
Error - 10.7.2018 11:12:01 | Computer Name = profesorOrfanik | Source = DCOM | ID = 10010
Description =
Error - 10.7.2018 14:42:10 | Computer Name = profesorOrfanik | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 10.7.2018 23:58:44 | Computer Name = profesorOrfanik | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.
Error - 10.7.2018 23:58:45 | Computer Name = profesorOrfanik | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.
Error - 11.7.2018 | Computer Name = profesorOrfanik | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby McAfee SiteAdvisor Service bylo dosaženo
časového limitu (30000 ms).
Error - 11.7.2018 | Computer Name = profesorOrfanik | Source = Service Control Manager | ID = 7000
Description = Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 11.7.2018 14:52:12 | Computer Name = profesorOrfanik | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.
Error - 11.7.2018 14:52:13 | Computer Name = profesorOrfanik | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.
Error - 11.7.2018 22:58:03 | Computer Name = profesorOrfanik | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.
Error - 11.7.2018 22:58:05 | Computer Name = profesorOrfanik | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.
< End of report >
OTL logfile created on: 12.7.2018 12:35:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Programy
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17457)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,90 Gb Total Physical Memory | 3,03 Gb Available Physical Memory | 77,73% Memory free
7,79 Gb Paging File | 6,32 Gb Available in Paging File | 81,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 39,06 Gb Total Space | 1,38 Gb Free Space | 3,52% Space Free | Partition Type: NTFS
Drive D: | 892,35 Gb Total Space | 9,99 Gb Free Space | 1,12% Space Free | Partition Type: NTFS
Drive F: | 7,45 Gb Total Space | 7,45 Gb Free Space | 99,92% Space Free | Partition Type: FAT32
Computer Name: PROFESORORFANIK | User Name: profesor Orfanik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2018.07.12 12:32:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Programy\OTL.exe
PRC - [2018.06.24 08:24:31 | 003,784,400 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
PRC - [2018.06.08 20:30:42 | 012,006,104 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2018.06.05 17:10:22 | 002,527,512 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
PRC - [2018.05.17 12:29:06 | 000,317,280 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2018.04.04 23:05:57 | 000,335,896 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
PRC - [2018.03.21 02:21:48 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2016.10.01 13:10:44 | 001,544,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
PRC - [2012.01.03 15:10:50 | 000,815,512 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2011.12.16 13:30:40 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.12.16 13:30:38 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.12.16 12:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2011.05.20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.05.20 11:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.03.26 11:52:24 | 001,234,216 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
PRC - [2009.09.24 08:50:10 | 003,520,256 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\TOTALCMD.EXE
========== Modules (No Company Name) ==========
MOD - [2018.05.17 12:29:24 | 000,482,520 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\streamback.dll
MOD - [2018.05.17 12:28:42 | 000,293,592 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
MOD - [2018.03.10 17:44:53 | 067,126,928 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016.10.01 13:10:44 | 014,588,632 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll
MOD - [2015.12.22 17:29:14 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\1210150fb43acc20c472c3f79a31a4d2\IAStorUtil.ni.dll
MOD - [2015.12.22 17:29:14 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\8f4487611323af343bbe31ccace1d0ee\IAStorCommon.ni.dll
MOD - [2015.12.22 16:06:40 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2015.12.22 16:06:10 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2015.12.22 16:05:50 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2015.12.22 16:05:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2015.12.22 16:05:36 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2015.12.22 16:05:33 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2015.12.22 16:05:32 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2015.12.22 16:05:03 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2014.09.08 14:32:54 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrvPS.dll
MOD - [2012.09.23 21:43:36 | 000,313,992 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
MOD - [2009.07.26 20:39:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009.07.26 20:39:18 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2004.12.27 13:46:04 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\WinRAR\rarlng.dll
MOD - [2004.12.26 21:34:38 | 000,121,344 | ---- | M] () -- C:\Program Files (x86)\WinRAR\RarExt.dll
========== Services (SafeList) ==========
SRV:64bit: - [2018.05.17 12:29:06 | 000,317,280 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2018.05.17 12:28:49 | 007,620,096 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent)
SRV:64bit: - [2018.05.09 12:48:14 | 006,541,008 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:64bit: - [2017.02.09 06:53:35 | 000,173,472 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011.12.08 17:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2018.07.10 12:46:36 | 000,335,872 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2018.07.06 20:23:40 | 000,194,512 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2018.06.05 17:09:30 | 000,604,824 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2018.04.04 23:05:57 | 000,164,984 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe -- (avastm)
SRV - [2018.04.04 23:05:57 | 000,164,984 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe -- (avast)
SRV - [2018.03.21 02:21:48 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.01.13 00:24:26 | 000,274,200 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011.12.16 13:30:40 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.12.16 13:30:38 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.12.16 12:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011.05.20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.12.22 12:52:16 | 000,104,944 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2018.07.12 04:59:09 | 000,253,664 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2018.06.30 21:18:19 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2018.05.17 12:29:43 | 000,460,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2018.05.17 12:29:43 | 000,381,552 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2018.05.17 12:29:43 | 000,205,976 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2018.05.17 12:29:43 | 000,159,120 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2018.05.17 12:29:43 | 000,085,968 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2018.05.17 12:29:43 | 000,046,968 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2018.05.17 12:29:42 | 000,196,640 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswArPot.sys -- (aswArPot)
DRV:64bit: - [2018.05.17 12:29:42 | 000,111,360 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2018.05.17 12:28:56 | 001,027,720 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2018.05.17 12:28:43 | 000,234,560 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswHdsKe.sys -- (aswHdsKe)
DRV:64bit: - [2018.03.10 17:44:33 | 000,343,752 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbloga.sys -- (aswblog)
DRV:64bit: - [2018.03.10 17:44:33 | 000,227,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver)
DRV:64bit: - [2018.03.10 17:44:33 | 000,199,440 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsha.sys -- (aswbidsh)
DRV:64bit: - [2018.03.10 17:44:33 | 000,057,680 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniva.sys -- (aswbuniv)
DRV:64bit: - [2014.05.07 09:22:40 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2012.01.06 05:36:55 | 014,652,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.11.10 02:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011.05.20 10:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.23 04:20:58 | 000,077,936 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011.01.10 19:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.11.20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 06:32:48 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 06:32:48 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 04:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 04:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2017.02.14 16:39:38 | 000,111,608 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys -- (mfesapsn)
DRV - [2012.11.13 21:55:06 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\SearchScopes\{B8BA8F78-A31E-47BE-B2B5-50EFF44F99E9}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.search.widget.inNavBar: true
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@cuminas.jp/DjVuPlugin: C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll (Cuminas Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.171.2: C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.171.2: C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll ()
FF - HKLM\Software\MozillaPlugins\@cuminas.jp/DjVuPlugin: C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll (Cuminas Corporation)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.171.2: C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.171.2: C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\E10SSAFFPLG.XPI [2018.05.15 13:40:28 | 000,390,657 | ---- | M] ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 61.0.1\extensions\\Components: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 61.0.1\extensions\\Plugins: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS [2016.11.18 11:35:51 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension\\: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\SITEADVISOR.MCAFEE.FIREFOX.EXTENSION.JSON [2017.07.20 17:04:24 | 000,000,220 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013.02.09 10:53:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018.05.15 13:40:28 | 000,390,657 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension\\: C:\Program Files (x86)\McAfee\SiteAdvisor\siteadvisor.mcafee.firefox.extension.json [2017.07.20 17:04:24 | 000,000,220 | ---- | M] ()
[2015.07.11 11:10:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Extensions
[2017.11.18 09:03:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\SystemExtensionsDev
[2018.06.13 19:35:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\browser-extension-data
[2018.07.12 12:31:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\browser-extension-data\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}
[2017.09.29 13:56:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\browser-extension-data\screenshots@mozilla.org
[2018.07.12 12:33:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\browser-extension-data\wrc@avast.com
[2018.06.20 20:14:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\extensions
[2016.04.28 18:06:48 | 000,151,382 | ---- | M] () (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\extensions\adblockpopups@jessehakanen.net.xpi
[2018.06.20 20:14:22 | 002,457,020 | ---- | M] () (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\extensions\sp@avast.com.xpi
[2018.05.29 21:13:34 | 000,789,048 | ---- | M] () (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\extensions\wrc@avast.com.xpi
[2018.05.15 13:40:28 | 000,390,657 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\E10SSAFFPLG.XPI
[2012.06.28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
========== Chrome ==========
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_1\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_1\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_1\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.199_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\12.0.214_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\
O1 HOSTS File: ([2015.12.26 19:40:12 | 000,000,932 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.langsoft.cz
O1 - Hosts: 127.0.0.1 iws.intranet.cz
O1 - Hosts: 127.0.0.1 www.pctranslator.cz
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (McAfee WebAdvisor) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee WebAdvisor) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4:64bit: - HKLM..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [EEDSpeedLauncher] rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher File not found
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [Steam] D:\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [WDICT32] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &Save the YouTube video as MP3 - C:\Users\profesor Orfanik\AppData\Roaming\Free YouTube to MP3 Converter Studio\Free YouTube to MP3 Converter Studio.htm ()
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: &Save the YouTube video as MP3 - C:\Users\profesor Orfanik\AppData\Roaming\Free YouTube to MP3 Converter Studio\Free YouTube to MP3 Converter Studio.htm ()
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O9:64bit: - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O9 - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O9 - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.111.128.254 10.77.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10F9E687-DC2B-4ECB-A07C-CADE31043B17}: DhcpNameServer = 10.111.128.254 10.77.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10F9E687-DC2B-4ECB-A07C-CADE31043B17}: NameServer = 8.8.8.8
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{f5df9ccb-24fb-11e2-bccd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f5df9ccb-24fb-11e2-bccd-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Run.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2018.07.06 09:34:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2018.07.06 09:18:45 | 000,441,856 | ---- | C] (Matthew T. Ashland) -- C:\Windows\SysWow64\MACDll.dll
[2018.07.06 09:18:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monkey's Audio
[2018.07.06 09:18:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Monkey's Audio
[2018.07.01 08:48:21 | 000,253,664 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2018.06.30 21:19:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2018.06.30 21:18:19 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2018.06.30 21:18:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2018.06.24 08:21:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2018.06.24 08:21:15 | 000,152,184 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbae64.sys
========== Files - Modified Within 30 Days ==========
[2018.07.12 12:35:43 | 000,000,192 | ---- | M] () -- C:\Windows\winamp.ini
[2018.07.12 08:40:49 | 001,583,670 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2018.07.12 08:40:49 | 000,668,138 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2018.07.12 08:40:49 | 000,653,526 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2018.07.12 08:40:49 | 000,140,798 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2018.07.12 08:40:49 | 000,121,398 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2018.07.12 05:06:12 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2018.07.12 05:06:12 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2018.07.12 04:59:09 | 000,253,664 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2018.07.12 04:58:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2018.07.12 04:58:02 | 3137,654,784 | -HS- | M] () -- C:\hiberfil.sys
[2018.07.10 12:46:22 | 000,842,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2018.07.10 12:46:22 | 000,175,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2018.07.09 20:55:36 | 000,000,049 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2018.06.30 21:19:58 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2018.06.30 21:18:19 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2018.06.25 23:35:34 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2018.06.24 08:24:31 | 000,152,184 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbae64.sys
[2018.06.24 08:21:18 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
========== Files Created - No Company Name ==========
[2018.06.30 21:19:58 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2018.06.24 08:21:18 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2018.05.23 13:59:46 | 001,558,616 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.09.07 22:34:26 | 000,221,184 | ---- | C] () -- C:\Program Files\mpTrim.exe
[2014.02.27 21:27:22 | 000,000,070 | ---- | C] () -- C:\Users\profesor Orfanik\AppData\Roaming\50EA574.html
[2014.02.27 21:24:21 | 000,000,070 | ---- | C] () -- C:\Users\profesor Orfanik\AppData\Roaming\06DF98F.html
[2013.04.21 20:51:19 | 000,145,920 | ---- | C] () -- C:\Users\profesor Orfanik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.03 18:55:33 | 000,331,443 | ---- | C] () -- C:\Program Files (x86)\razorlame115a.zip
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.11.20 06:27:26 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.20 05:21:20 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 05:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.11.13 21:55:35 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\ACD Systems
[2015.08.16 21:46:45 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\AVAST Software
[2014.09.18 18:31:49 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\AVG
[2018.07.06 09:03:28 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Azureus
[2012.11.03 22:44:15 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\BSplayer
[2012.11.03 18:06:43 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\BSplayer Pro
[2017.12.15 22:43:27 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\DAEMON Tools Lite
[2015.07.19 08:10:37 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Free YouTube to MP3 Converter Studio
[2016.02.13 16:30:45 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\GHISLER
[2015.12.26 19:40:08 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\LangSoft
[2012.12.01 10:10:00 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Mobipocket
[2018.06.09 21:38:20 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Mp3tag
[2012.11.09 10:12:41 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Raptr
[2016.12.02 18:47:06 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Samsung
[2017.05.30 22:53:15 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Seznam.cz
[2013.12.20 13:49:21 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\The Creative Assembly
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:373E1720
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Programy
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17457)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,90 Gb Total Physical Memory | 3,03 Gb Available Physical Memory | 77,73% Memory free
7,79 Gb Paging File | 6,32 Gb Available in Paging File | 81,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 39,06 Gb Total Space | 1,38 Gb Free Space | 3,52% Space Free | Partition Type: NTFS
Drive D: | 892,35 Gb Total Space | 9,99 Gb Free Space | 1,12% Space Free | Partition Type: NTFS
Drive F: | 7,45 Gb Total Space | 7,45 Gb Free Space | 99,92% Space Free | Partition Type: FAT32
Computer Name: PROFESORORFANIK | User Name: profesor Orfanik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-4136603709-616968637-3338858671-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0986A057-271E-40C6-89EE-99191A67A6FE}" = rport=139 | protocol=6 | dir=out | app=system |
"{0A869A3E-C23E-4224-B579-82A9D696B4BC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{125789D9-E809-4BA7-A80C-DD95B87ACAD8}" = rport=138 | protocol=17 | dir=out | app=system |
"{17968A7E-820C-48FE-ADC0-AC7155886C9C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{20A818CA-1A44-4FC0-90D4-1802E499AE3C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{60E0E1A3-BA30-42F2-B4AA-9A77D244DE27}" = lport=138 | protocol=17 | dir=in | app=system |
"{671B48FB-0A52-4399-B13C-0895A904F51E}" = rport=445 | protocol=6 | dir=out | app=system |
"{68A6EEA7-1D9C-4181-AF3E-5E620715B9DC}" = lport=445 | protocol=6 | dir=in | app=system |
"{69C9A7C8-BC9A-4BE8-9AC6-097AEAD3C962}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{870670F4-6E56-4A08-97D8-2B6518734288}" = lport=137 | protocol=17 | dir=in | app=system |
"{B2E989E0-E568-4B40-B62B-F0627962DC48}" = lport=139 | protocol=6 | dir=in | app=system |
"{C1156EBD-5262-45EA-94CA-BB166A3692DD}" = rport=137 | protocol=17 | dir=out | app=system |
"{C473E1E0-BC41-476C-A019-41930178E954}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FE3258CD-2590-46AF-BCCC-4F6960229AD1}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\avast software\browser\application\avastbrowser.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{170BCF46-D81A-405B-9151-EDAB40F05DB6}" = protocol=6 | dir=in | app=c:\program files\common files\common desktop agent\cdasrv.exe |
"{1D235DAB-26D8-4AAA-B4DF-9436F9E3243C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\empire total war\empire.exe |
"{20E0AABE-A641-464E-A857-E6E33A570878}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3AAF8281-EAEE-4AF1-AF91-FA6849CBCF5E}" = protocol=17 | dir=in | app=c:\program files\common files\common desktop agent\cdasrv.exe |
"{3BA34D45-09F2-463F-885A-81F78E4F8C48}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3CD4F1E9-9383-4625-A591-178B88BC38D9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4F71E4C3-0573-446D-A53E-D3E16697ABED}" = protocol=6 | dir=in | app=d:\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{598C9936-9D88-48BE-BA18-23355FC23C23}" = dir=in | app=c:\program files (x86)\samsung\easy printer manager\uninstall.exe |
"{5F2581BB-ECD7-4B91-9287-CC5593DA64E5}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{60A6411E-549F-40B2-B55F-2976156D7EDC}" = protocol=6 | dir=in | app=d:\steam\bin\steamwebhelper.exe |
"{7B3EBC59-406D-4A0A-B64D-C53F80702D5B}" = dir=in | app=c:\program files (x86)\samsung\easy printer manager\ids.application.exe |
"{7B90C533-BE84-4640-B54D-2C5AC0E699CC}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{7D0905DF-1C17-4192-9D7A-754FB21538A4}" = dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\cdas2pc.exe |
"{82052335-41E8-42A5-93DA-74404170DF5C}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{84FF6267-083C-48FF-8887-09A6C8F15647}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{88D9FC7A-5C53-43C4-9276-D61395CA7CA4}" = dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\scanprocess.exe |
"{8AA4D044-9F74-48DB-AF09-DD656C9655E9}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{8ACC742D-C90A-4B3C-942A-CA1ADA6D24A7}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{91359552-8935-4031-A1D4-4A2CBA702B2C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{99207720-DE32-4C51-A12A-ADF8A32C821A}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{A618ACE4-A193-46D0-8B3E-A54EE38A0315}" = dir=in | app=c:\program files (x86)\samsung\easy printer manager\idsalert.exe |
"{ABEA580B-0C1F-4A3D-805B-5AC2DE2D3492}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\empire total war\empire.exe |
"{AEEB08F0-AFD2-4A5D-A33C-B54C1C59F282}" = dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\scan2pcnotify.exe |
"{BEC1482A-7829-4468-9CE7-E88A2A273FE1}" = dir=in | app=c:\program files (x86)\samsung\easy printer manager\ordersupplies.exe |
"{D287536F-80AA-4DA4-80A1-A8122E734667}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{E3747F45-4DFE-43ED-908E-02AADF174955}" = protocol=17 | dir=in | app=d:\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{E972E14C-8718-4248-B768-1FC7D113E0B5}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{F1AADBEB-0D21-4DE7-AD64-7A6A85104E8B}" = protocol=17 | dir=in | app=d:\steam\bin\steamwebhelper.exe |
"TCP Query User{3470D834-0DE7-491D-BE64-6FE0B32A4E90}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{589A7E2E-BBD7-47D9-BD3E-0B122EA1EE22}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{70105403-59FD-4257-8919-5B10EFDBF008}D:\steam\steam.exe" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"TCP Query User{B3E549A4-E6F2-4E4B-AEAB-87622A423F6D}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{1B4FDD46-AB0D-4953-AEBB-D09BBBEECA56}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{9ACD9658-92B5-4052-A8C5-6AD02DAE0686}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{CCE41505-F429-498F-9B25-5868238BEBA6}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{F6402E44-A9B8-4210-AC2E-1175C902BE59}D:\steam\steam.exe" = protocol=17 | dir=in | app=d:\steam\steam.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{031A0E14-0413-4C97-9772-2639B782F46F}" = Common Desktop Agent
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{26A24AE4-039D-4CA4-87B4-2F64180171F0}" = Java 8 Update 171 (64-bit)
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes verze 3.5.1.2522
"{3677A6FF-9C6F-48B7-B0DC-E958C2FE4FFF}" = Document Express DjVu Plug-in
"{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client
"{64A3A4F4-B792-11D6-A78A-00B0D0170090}" = Java SE Development Kit 7 Update 9 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{C94E4233-8F6D-4B45-B369-AE7BB44D6A7B}" = DjVu Shell Extension Pack
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"7-Zip" = 7-Zip 18.01 (x64)
"CCleaner" = CCleaner
"Mozilla Firefox 61.0.1 (x64 cs)" = Mozilla Firefox 61.0.1 (x64 cs)
"Recuva" = Recuva
"WinDjView" = WinDjView 2.0.2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.6.4.6052
"{26A24AE4-039D-4CA4-87B4-2F32180171F0}" = Java 8 Update 171
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee WebAdvisor
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{739126B3-1C80-4F1F-8D59-312A19633E1A}_is1" = Epub reader
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824272646}" = Adobe Refresh Manager
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.18) - Czech
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player NPAPI" = Adobe Flash Player 30 NPAPI
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"ASIOProxy" = ASIO Proxy for foobar2000
"Avast Antivirus" = Avast Free Antivirus
"Avast Secure Browser" = Avast Secure Browser
"BSPlayer1" = BSPlayer
"DAEMON Tools Lite" = DAEMON Tools Lite
"DjVuLibre+DjView" = DjVuLibre+DjView
"Easy CD-DA Extractor 15" = Easy CD-DA Extractor 15
"Exact Audio Copy" = Exact Audio Copy 0.95b4
"FBReader for Windows" = FBReader for Windows
"ffdshow_is1" = ffdshow v1.2.4486 [2012-08-25]
"Free YouTube to MP3 Converter Studio_is1" = Free YouTube to MP3 Converter Studio 8.4
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = CorelDRAW Graphics Suite 11
"Monkey's Audio_is1" = Monkey's Audio
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.53
"Pc Translator 2012 1.20" = Pc Translator 2012 1.20
"Samsung Easy Printer Manager" = Samsung Easy Printer Manager
"Samsung M262x 282x Series" = Samsung M262x 282x Series
"Samsung Printer Diagnostics" = Samsung Printer Diagnostics
"Samsung Printer Live Update" = Samsung Printer Live Update
"Steam App 10500" = Empire: Total War
"Totalcmd" = Total Commander (Remove or Repair)
"View User Guide" = Zobrazit uživatelskou příručku
"VLC media player" = VLC media player
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4136603709-616968637-3338858671-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.7.2018 16:11:14 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 11.7.2018 23:09:18 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 11.7.2018 23:11:13 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 12.7.2018 0:11:14 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 12.7.2018 1:11:16 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 12.7.2018 2:11:13 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 12.7.2018 3:11:15 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 12.7.2018 4:11:17 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 12.7.2018 5:11:15 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
Error - 12.7.2018 6:11:17 | Computer Name = profesorOrfanik | Source = MsiInstaller | ID = 11316
Description =
[ System Events ]
Error - 10.7.2018 11:12:01 | Computer Name = profesorOrfanik | Source = DCOM | ID = 10010
Description =
Error - 10.7.2018 14:42:10 | Computer Name = profesorOrfanik | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error - 10.7.2018 23:58:44 | Computer Name = profesorOrfanik | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.
Error - 10.7.2018 23:58:45 | Computer Name = profesorOrfanik | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.
Error - 11.7.2018 | Computer Name = profesorOrfanik | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby McAfee SiteAdvisor Service bylo dosaženo
časového limitu (30000 ms).
Error - 11.7.2018 | Computer Name = profesorOrfanik | Source = Service Control Manager | ID = 7000
Description = Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 11.7.2018 14:52:12 | Computer Name = profesorOrfanik | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.
Error - 11.7.2018 14:52:13 | Computer Name = profesorOrfanik | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.
Error - 11.7.2018 22:58:03 | Computer Name = profesorOrfanik | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.
Error - 11.7.2018 22:58:05 | Computer Name = profesorOrfanik | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\pfc.sys bylo zablokováno kvůli
nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi
ovladače.
< End of report >
OTL logfile created on: 12.7.2018 12:35:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Programy
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17457)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,90 Gb Total Physical Memory | 3,03 Gb Available Physical Memory | 77,73% Memory free
7,79 Gb Paging File | 6,32 Gb Available in Paging File | 81,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 39,06 Gb Total Space | 1,38 Gb Free Space | 3,52% Space Free | Partition Type: NTFS
Drive D: | 892,35 Gb Total Space | 9,99 Gb Free Space | 1,12% Space Free | Partition Type: NTFS
Drive F: | 7,45 Gb Total Space | 7,45 Gb Free Space | 99,92% Space Free | Partition Type: FAT32
Computer Name: PROFESORORFANIK | User Name: profesor Orfanik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2018.07.12 12:32:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Programy\OTL.exe
PRC - [2018.06.24 08:24:31 | 003,784,400 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
PRC - [2018.06.08 20:30:42 | 012,006,104 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2018.06.05 17:10:22 | 002,527,512 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
PRC - [2018.05.17 12:29:06 | 000,317,280 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2018.04.04 23:05:57 | 000,335,896 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
PRC - [2018.03.21 02:21:48 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2016.10.01 13:10:44 | 001,544,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
PRC - [2012.01.03 15:10:50 | 000,815,512 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2011.12.16 13:30:40 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.12.16 13:30:38 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.12.16 12:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2011.05.20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.05.20 11:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.03.26 11:52:24 | 001,234,216 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
PRC - [2009.09.24 08:50:10 | 003,520,256 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\TOTALCMD.EXE
========== Modules (No Company Name) ==========
MOD - [2018.05.17 12:29:24 | 000,482,520 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\streamback.dll
MOD - [2018.05.17 12:28:42 | 000,293,592 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
MOD - [2018.03.10 17:44:53 | 067,126,928 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016.10.01 13:10:44 | 014,588,632 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll
MOD - [2015.12.22 17:29:14 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\1210150fb43acc20c472c3f79a31a4d2\IAStorUtil.ni.dll
MOD - [2015.12.22 17:29:14 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\8f4487611323af343bbe31ccace1d0ee\IAStorCommon.ni.dll
MOD - [2015.12.22 16:06:40 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2015.12.22 16:06:10 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2015.12.22 16:05:50 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2015.12.22 16:05:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2015.12.22 16:05:36 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2015.12.22 16:05:33 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2015.12.22 16:05:32 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2015.12.22 16:05:03 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2014.09.08 14:32:54 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrvPS.dll
MOD - [2012.09.23 21:43:36 | 000,313,992 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
MOD - [2009.07.26 20:39:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009.07.26 20:39:18 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2004.12.27 13:46:04 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\WinRAR\rarlng.dll
MOD - [2004.12.26 21:34:38 | 000,121,344 | ---- | M] () -- C:\Program Files (x86)\WinRAR\RarExt.dll
========== Services (SafeList) ==========
SRV:64bit: - [2018.05.17 12:29:06 | 000,317,280 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2018.05.17 12:28:49 | 007,620,096 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent)
SRV:64bit: - [2018.05.09 12:48:14 | 006,541,008 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:64bit: - [2017.02.09 06:53:35 | 000,173,472 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011.12.08 17:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2018.07.10 12:46:36 | 000,335,872 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2018.07.06 20:23:40 | 000,194,512 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2018.06.05 17:09:30 | 000,604,824 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2018.04.04 23:05:57 | 000,164,984 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe -- (avastm)
SRV - [2018.04.04 23:05:57 | 000,164,984 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe -- (avast)
SRV - [2018.03.21 02:21:48 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.01.13 00:24:26 | 000,274,200 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011.12.16 13:30:40 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.12.16 13:30:38 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.12.16 12:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011.05.20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.12.22 12:52:16 | 000,104,944 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2018.07.12 04:59:09 | 000,253,664 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2018.06.30 21:18:19 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2018.05.17 12:29:43 | 000,460,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2018.05.17 12:29:43 | 000,381,552 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2018.05.17 12:29:43 | 000,205,976 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2018.05.17 12:29:43 | 000,159,120 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2018.05.17 12:29:43 | 000,085,968 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2018.05.17 12:29:43 | 000,046,968 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2018.05.17 12:29:42 | 000,196,640 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswArPot.sys -- (aswArPot)
DRV:64bit: - [2018.05.17 12:29:42 | 000,111,360 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2018.05.17 12:28:56 | 001,027,720 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2018.05.17 12:28:43 | 000,234,560 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswHdsKe.sys -- (aswHdsKe)
DRV:64bit: - [2018.03.10 17:44:33 | 000,343,752 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbloga.sys -- (aswblog)
DRV:64bit: - [2018.03.10 17:44:33 | 000,227,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver)
DRV:64bit: - [2018.03.10 17:44:33 | 000,199,440 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsha.sys -- (aswbidsh)
DRV:64bit: - [2018.03.10 17:44:33 | 000,057,680 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniva.sys -- (aswbuniv)
DRV:64bit: - [2014.05.07 09:22:40 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2012.01.06 05:36:55 | 014,652,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.11.10 02:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011.05.20 10:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.23 04:20:58 | 000,077,936 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011.01.10 19:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.11.20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 06:32:48 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 06:32:48 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 04:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 04:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2017.02.14 16:39:38 | 000,111,608 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys -- (mfesapsn)
DRV - [2012.11.13 21:55:06 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\SearchScopes\{B8BA8F78-A31E-47BE-B2B5-50EFF44F99E9}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.search.widget.inNavBar: true
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@cuminas.jp/DjVuPlugin: C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll (Cuminas Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.171.2: C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.171.2: C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll ()
FF - HKLM\Software\MozillaPlugins\@cuminas.jp/DjVuPlugin: C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll (Cuminas Corporation)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.171.2: C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.171.2: C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\E10SSAFFPLG.XPI [2018.05.15 13:40:28 | 000,390,657 | ---- | M] ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 61.0.1\extensions\\Components: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 61.0.1\extensions\\Plugins: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS [2016.11.18 11:35:51 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension\\: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\SITEADVISOR.MCAFEE.FIREFOX.EXTENSION.JSON [2017.07.20 17:04:24 | 000,000,220 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013.02.09 10:53:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018.05.15 13:40:28 | 000,390,657 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension\\: C:\Program Files (x86)\McAfee\SiteAdvisor\siteadvisor.mcafee.firefox.extension.json [2017.07.20 17:04:24 | 000,000,220 | ---- | M] ()
[2015.07.11 11:10:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Extensions
[2017.11.18 09:03:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\SystemExtensionsDev
[2018.06.13 19:35:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\browser-extension-data
[2018.07.12 12:31:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\browser-extension-data\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}
[2017.09.29 13:56:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\browser-extension-data\screenshots@mozilla.org
[2018.07.12 12:33:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\browser-extension-data\wrc@avast.com
[2018.06.20 20:14:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\extensions
[2016.04.28 18:06:48 | 000,151,382 | ---- | M] () (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\extensions\adblockpopups@jessehakanen.net.xpi
[2018.06.20 20:14:22 | 002,457,020 | ---- | M] () (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\extensions\sp@avast.com.xpi
[2018.05.29 21:13:34 | 000,789,048 | ---- | M] () (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\extensions\wrc@avast.com.xpi
[2018.05.15 13:40:28 | 000,390,657 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\E10SSAFFPLG.XPI
[2012.06.28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
========== Chrome ==========
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_1\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_1\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_1\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.199_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\12.0.214_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\
O1 HOSTS File: ([2015.12.26 19:40:12 | 000,000,932 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.langsoft.cz
O1 - Hosts: 127.0.0.1 iws.intranet.cz
O1 - Hosts: 127.0.0.1 www.pctranslator.cz
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (McAfee WebAdvisor) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee WebAdvisor) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4:64bit: - HKLM..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [EEDSpeedLauncher] rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher File not found
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [Steam] D:\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [WDICT32] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &Save the YouTube video as MP3 - C:\Users\profesor Orfanik\AppData\Roaming\Free YouTube to MP3 Converter Studio\Free YouTube to MP3 Converter Studio.htm ()
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: &Save the YouTube video as MP3 - C:\Users\profesor Orfanik\AppData\Roaming\Free YouTube to MP3 Converter Studio\Free YouTube to MP3 Converter Studio.htm ()
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O9:64bit: - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O9 - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O9 - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.111.128.254 10.77.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10F9E687-DC2B-4ECB-A07C-CADE31043B17}: DhcpNameServer = 10.111.128.254 10.77.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10F9E687-DC2B-4ECB-A07C-CADE31043B17}: NameServer = 8.8.8.8
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{f5df9ccb-24fb-11e2-bccd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f5df9ccb-24fb-11e2-bccd-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Run.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2018.07.06 09:34:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2018.07.06 09:18:45 | 000,441,856 | ---- | C] (Matthew T. Ashland) -- C:\Windows\SysWow64\MACDll.dll
[2018.07.06 09:18:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monkey's Audio
[2018.07.06 09:18:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Monkey's Audio
[2018.07.01 08:48:21 | 000,253,664 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2018.06.30 21:19:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2018.06.30 21:18:19 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2018.06.30 21:18:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2018.06.24 08:21:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2018.06.24 08:21:15 | 000,152,184 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbae64.sys
========== Files - Modified Within 30 Days ==========
[2018.07.12 12:35:43 | 000,000,192 | ---- | M] () -- C:\Windows\winamp.ini
[2018.07.12 08:40:49 | 001,583,670 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2018.07.12 08:40:49 | 000,668,138 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2018.07.12 08:40:49 | 000,653,526 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2018.07.12 08:40:49 | 000,140,798 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2018.07.12 08:40:49 | 000,121,398 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2018.07.12 05:06:12 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2018.07.12 05:06:12 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2018.07.12 04:59:09 | 000,253,664 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2018.07.12 04:58:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2018.07.12 04:58:02 | 3137,654,784 | -HS- | M] () -- C:\hiberfil.sys
[2018.07.10 12:46:22 | 000,842,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2018.07.10 12:46:22 | 000,175,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2018.07.09 20:55:36 | 000,000,049 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2018.06.30 21:19:58 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2018.06.30 21:18:19 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2018.06.25 23:35:34 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2018.06.24 08:24:31 | 000,152,184 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbae64.sys
[2018.06.24 08:21:18 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
========== Files Created - No Company Name ==========
[2018.06.30 21:19:58 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2018.06.24 08:21:18 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2018.05.23 13:59:46 | 001,558,616 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.09.07 22:34:26 | 000,221,184 | ---- | C] () -- C:\Program Files\mpTrim.exe
[2014.02.27 21:27:22 | 000,000,070 | ---- | C] () -- C:\Users\profesor Orfanik\AppData\Roaming\50EA574.html
[2014.02.27 21:24:21 | 000,000,070 | ---- | C] () -- C:\Users\profesor Orfanik\AppData\Roaming\06DF98F.html
[2013.04.21 20:51:19 | 000,145,920 | ---- | C] () -- C:\Users\profesor Orfanik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.03 18:55:33 | 000,331,443 | ---- | C] () -- C:\Program Files (x86)\razorlame115a.zip
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.11.20 06:27:26 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.20 05:21:20 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 05:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.11.13 21:55:35 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\ACD Systems
[2015.08.16 21:46:45 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\AVAST Software
[2014.09.18 18:31:49 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\AVG
[2018.07.06 09:03:28 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Azureus
[2012.11.03 22:44:15 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\BSplayer
[2012.11.03 18:06:43 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\BSplayer Pro
[2017.12.15 22:43:27 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\DAEMON Tools Lite
[2015.07.19 08:10:37 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Free YouTube to MP3 Converter Studio
[2016.02.13 16:30:45 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\GHISLER
[2015.12.26 19:40:08 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\LangSoft
[2012.12.01 10:10:00 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Mobipocket
[2018.06.09 21:38:20 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Mp3tag
[2012.11.09 10:12:41 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Raptr
[2016.12.02 18:47:06 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Samsung
[2017.05.30 22:53:15 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Seznam.cz
[2013.12.20 13:49:21 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\The Creative Assembly
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:373E1720
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
OK, toto je Extras. Ještě by měl být log OTL.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
hotentot87
- Návštěvník
- Příspěvky: 24
- Registrován: 28 kvě 2009 20:55
Re: Prosim o kontrolu logu
Dávám opět log z OTL.txt. Minule jsem dal oba logy.:
OTL logfile created on: 16.7.2018 8:03:42 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Programy
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17457)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,90 Gb Total Physical Memory | 2,70 Gb Available Physical Memory | 69,40% Memory free
7,79 Gb Paging File | 6,25 Gb Available in Paging File | 80,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 39,06 Gb Total Space | 1,38 Gb Free Space | 3,55% Space Free | Partition Type: NTFS
Drive D: | 892,35 Gb Total Space | 9,96 Gb Free Space | 1,12% Space Free | Partition Type: NTFS
Computer Name: PROFESORORFANIK | User Name: profesor Orfanik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2018.07.15 22:53:09 | 003,783,376 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
PRC - [2018.07.12 12:32:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Programy\OTL.exe
PRC - [2018.06.09 01:38:58 | 003,828,512 | ---- | M] (Valve Corporation) -- D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
PRC - [2018.06.09 01:38:54 | 003,201,312 | ---- | M] (Valve Corporation) -- D:\Steam\Steam.exe
PRC - [2018.06.08 20:30:42 | 012,006,104 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2018.06.05 17:10:22 | 002,527,512 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
PRC - [2018.05.17 12:29:06 | 000,317,280 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2018.04.04 23:05:57 | 000,335,896 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
PRC - [2018.03.21 02:21:48 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2016.10.01 13:10:44 | 001,544,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
PRC - [2012.01.03 15:10:50 | 000,815,512 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2011.12.16 13:30:40 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.12.16 13:30:38 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.12.16 12:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2011.05.20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.05.20 11:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.03.26 11:52:24 | 001,234,216 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
PRC - [2009.09.24 08:50:10 | 003,520,256 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\TOTALCMD.EXE
========== Modules (No Company Name) ==========
MOD - [2018.06.09 01:39:22 | 002,632,992 | ---- | M] () -- D:\Steam\video.dll
MOD - [2018.06.09 01:38:58 | 000,979,744 | ---- | M] () -- D:\Steam\bin\chromehtml.dll
MOD - [2018.06.08 23:42:02 | 004,969,248 | ---- | M] () -- D:\Steam\v8.dll
MOD - [2018.06.08 23:42:02 | 000,119,208 | ---- | M] () -- D:\Steam\winh264.dll
MOD - [2018.06.08 23:40:34 | 000,266,560 | ---- | M] () -- D:\Steam\openvr_api.dll
MOD - [2018.06.08 23:40:28 | 005,137,696 | ---- | M] () -- D:\Steam\libavcodec-57.dll
MOD - [2018.06.08 23:40:28 | 001,563,936 | ---- | M] () -- D:\Steam\icui18n.dll
MOD - [2018.06.08 23:40:28 | 001,195,296 | ---- | M] () -- D:\Steam\icuuc.dll
MOD - [2018.06.08 23:40:28 | 000,847,136 | ---- | M] () -- D:\Steam\libavutil-55.dll
MOD - [2018.06.08 23:40:28 | 000,783,648 | ---- | M] () -- D:\Steam\libswscale-4.dll
MOD - [2018.06.08 23:40:28 | 000,695,584 | ---- | M] () -- D:\Steam\libavformat-57.dll
MOD - [2018.06.08 23:40:28 | 000,351,520 | ---- | M] () -- D:\Steam\libavresample-3.dll
MOD - [2018.06.08 23:39:46 | 002,253,600 | ---- | M] () -- D:\Steam\bin\cef\cef.win7\swiftshader\libGLESv2.dll
MOD - [2018.06.08 23:39:46 | 000,109,856 | ---- | M] () -- D:\Steam\bin\cef\cef.win7\swiftshader\libEGL.dll
MOD - [2018.06.08 23:39:34 | 083,524,384 | ---- | M] () -- D:\Steam\bin\cef\cef.win7\libcef.dll
MOD - [2018.06.08 23:39:30 | 000,788,256 | ---- | M] () -- D:\Steam\bin\cef\cef.win7\SDL2.dll
MOD - [2018.06.08 23:38:52 | 000,788,256 | ---- | M] () -- D:\Steam\SDL2.dll
MOD - [2018.05.17 12:29:24 | 000,482,520 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\streamback.dll
MOD - [2018.05.17 12:28:42 | 000,293,592 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
MOD - [2018.03.10 17:44:53 | 067,126,928 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016.10.01 13:10:44 | 014,588,632 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll
MOD - [2015.12.22 17:29:14 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\1210150fb43acc20c472c3f79a31a4d2\IAStorUtil.ni.dll
MOD - [2015.12.22 17:29:14 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\8f4487611323af343bbe31ccace1d0ee\IAStorCommon.ni.dll
MOD - [2015.12.22 16:06:40 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2015.12.22 16:06:10 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2015.12.22 16:05:50 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2015.12.22 16:05:48 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\da5da08245467818759aa44c4eb948e1\System.Web.ni.dll
MOD - [2015.12.22 16:05:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2015.12.22 16:05:36 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2015.12.22 16:05:33 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2015.12.22 16:05:32 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2015.12.22 16:05:03 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2014.09.08 14:32:54 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrvPS.dll
MOD - [2012.09.23 21:43:36 | 000,313,992 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
MOD - [2009.09.24 08:50:10 | 000,177,664 | ---- | M] () -- C:\Program Files\totalcmd\UNRAR.DLL
MOD - [2009.09.24 08:50:10 | 000,123,536 | ---- | M] () -- C:\Program Files\totalcmd\WCMZIP32.DLL
MOD - [2009.07.26 20:39:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009.07.26 20:39:18 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
========== Services (SafeList) ==========
SRV:64bit: - [2018.05.17 12:29:06 | 000,317,280 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2018.05.17 12:28:49 | 007,620,096 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent)
SRV:64bit: - [2018.05.09 12:48:14 | 006,541,008 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:64bit: - [2017.02.09 06:53:35 | 000,173,472 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011.12.08 17:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2018.07.10 12:46:36 | 000,335,872 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2018.07.06 20:23:40 | 000,194,512 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2018.06.05 17:09:30 | 000,604,824 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2018.04.04 23:05:57 | 000,164,984 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe -- (avastm)
SRV - [2018.04.04 23:05:57 | 000,164,984 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe -- (avast)
SRV - [2018.03.21 02:21:48 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.01.13 00:24:26 | 000,274,200 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011.12.16 13:30:40 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.12.16 13:30:38 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.12.16 12:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011.05.20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.12.22 12:52:16 | 000,104,944 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2018.07.16 07:15:59 | 000,253,664 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2018.06.30 21:18:19 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2018.05.17 12:29:43 | 000,460,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2018.05.17 12:29:43 | 000,381,552 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2018.05.17 12:29:43 | 000,205,976 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2018.05.17 12:29:43 | 000,159,120 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2018.05.17 12:29:43 | 000,085,968 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2018.05.17 12:29:43 | 000,046,968 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2018.05.17 12:29:42 | 000,196,640 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswArPot.sys -- (aswArPot)
DRV:64bit: - [2018.05.17 12:29:42 | 000,111,360 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2018.05.17 12:28:56 | 001,027,720 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2018.05.17 12:28:43 | 000,234,560 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswHdsKe.sys -- (aswHdsKe)
DRV:64bit: - [2018.03.10 17:44:33 | 000,343,752 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbloga.sys -- (aswblog)
DRV:64bit: - [2018.03.10 17:44:33 | 000,227,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver)
DRV:64bit: - [2018.03.10 17:44:33 | 000,199,440 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsha.sys -- (aswbidsh)
DRV:64bit: - [2018.03.10 17:44:33 | 000,057,680 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniva.sys -- (aswbuniv)
DRV:64bit: - [2014.05.07 09:22:40 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2012.01.06 05:36:55 | 014,652,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.11.10 02:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011.05.20 10:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.23 04:20:58 | 000,077,936 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011.01.10 19:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.11.20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 06:32:48 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 06:32:48 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 04:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 04:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2017.02.14 16:39:38 | 000,111,608 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys -- (mfesapsn)
DRV - [2012.11.13 21:55:06 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\SearchScopes\{B8BA8F78-A31E-47BE-B2B5-50EFF44F99E9}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.search.widget.inNavBar: true
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@cuminas.jp/DjVuPlugin: C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll (Cuminas Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.171.2: C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.171.2: C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll ()
FF - HKLM\Software\MozillaPlugins\@cuminas.jp/DjVuPlugin: C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll (Cuminas Corporation)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.171.2: C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.171.2: C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\E10SSAFFPLG.XPI [2018.05.15 13:40:28 | 000,390,657 | ---- | M] ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 61.0.1\extensions\\Components: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 61.0.1\extensions\\Plugins: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS [2016.11.18 11:35:51 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension\\: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\SITEADVISOR.MCAFEE.FIREFOX.EXTENSION.JSON [2017.07.20 17:04:24 | 000,000,220 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013.02.09 10:53:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018.05.15 13:40:28 | 000,390,657 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension\\: C:\Program Files (x86)\McAfee\SiteAdvisor\siteadvisor.mcafee.firefox.extension.json [2017.07.20 17:04:24 | 000,000,220 | ---- | M] ()
[2015.07.11 11:10:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Extensions
[2017.11.18 09:03:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\SystemExtensionsDev
[2018.06.13 19:35:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\browser-extension-data
[2018.07.16 07:44:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\browser-extension-data\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}
[2017.09.29 13:56:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\browser-extension-data\screenshots@mozilla.org
[2018.07.16 08:03:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\browser-extension-data\wrc@avast.com
[2018.06.20 20:14:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\extensions
[2016.04.28 18:06:48 | 000,151,382 | ---- | M] () (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\extensions\adblockpopups@jessehakanen.net.xpi
[2018.06.20 20:14:22 | 002,457,020 | ---- | M] () (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\extensions\sp@avast.com.xpi
[2018.05.29 21:13:34 | 000,789,048 | ---- | M] () (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\extensions\wrc@avast.com.xpi
[2018.05.15 13:40:28 | 000,390,657 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\E10SSAFFPLG.XPI
[2012.06.28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
========== Chrome ==========
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_1\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_1\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_1\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.199_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\12.0.214_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\
O1 HOSTS File: ([2015.12.26 19:40:12 | 000,000,932 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.langsoft.cz
O1 - Hosts: 127.0.0.1 iws.intranet.cz
O1 - Hosts: 127.0.0.1 www.pctranslator.cz
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (McAfee WebAdvisor) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee WebAdvisor) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4:64bit: - HKLM..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [EEDSpeedLauncher] rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher File not found
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [Steam] D:\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [WDICT32] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &Save the YouTube video as MP3 - C:\Users\profesor Orfanik\AppData\Roaming\Free YouTube to MP3 Converter Studio\Free YouTube to MP3 Converter Studio.htm ()
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: &Save the YouTube video as MP3 - C:\Users\profesor Orfanik\AppData\Roaming\Free YouTube to MP3 Converter Studio\Free YouTube to MP3 Converter Studio.htm ()
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O9:64bit: - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O9 - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O9 - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.111.128.254 10.77.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10F9E687-DC2B-4ECB-A07C-CADE31043B17}: DhcpNameServer = 10.111.128.254 10.77.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10F9E687-DC2B-4ECB-A07C-CADE31043B17}: NameServer = 8.8.8.8
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{f5df9ccb-24fb-11e2-bccd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f5df9ccb-24fb-11e2-bccd-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Run.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2018.07.15 22:53:34 | 000,253,664 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2018.07.06 09:34:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2018.07.06 09:18:45 | 000,441,856 | ---- | C] (Matthew T. Ashland) -- C:\Windows\SysWow64\MACDll.dll
[2018.07.06 09:18:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monkey's Audio
[2018.07.06 09:18:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Monkey's Audio
[2018.06.30 21:19:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2018.06.30 21:18:19 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2018.06.30 21:18:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2018.06.24 08:21:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2018.06.24 08:21:15 | 000,152,688 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbae64.sys
========== Files - Modified Within 30 Days ==========
[2018.07.16 07:23:15 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2018.07.16 07:23:15 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2018.07.16 07:22:25 | 001,583,670 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2018.07.16 07:22:25 | 000,668,138 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2018.07.16 07:22:25 | 000,653,526 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2018.07.16 07:22:25 | 000,140,798 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2018.07.16 07:22:25 | 000,121,398 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2018.07.16 07:15:59 | 000,253,664 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2018.07.16 07:15:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2018.07.16 07:14:54 | 3137,654,784 | -HS- | M] () -- C:\hiberfil.sys
[2018.07.15 22:53:09 | 000,152,688 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbae64.sys
[2018.07.12 12:35:43 | 000,000,192 | ---- | M] () -- C:\Windows\winamp.ini
[2018.07.10 12:46:22 | 000,842,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2018.07.10 12:46:22 | 000,175,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2018.07.09 20:55:36 | 000,000,049 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2018.06.30 21:19:58 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2018.06.30 21:18:19 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2018.06.25 23:35:34 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2018.06.24 08:21:18 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
========== Files Created - No Company Name ==========
[2018.06.30 21:19:58 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2018.06.24 08:21:18 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2018.05.23 13:59:46 | 001,558,616 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.09.07 22:34:26 | 000,221,184 | ---- | C] () -- C:\Program Files\mpTrim.exe
[2014.02.27 21:27:22 | 000,000,070 | ---- | C] () -- C:\Users\profesor Orfanik\AppData\Roaming\50EA574.html
[2014.02.27 21:24:21 | 000,000,070 | ---- | C] () -- C:\Users\profesor Orfanik\AppData\Roaming\06DF98F.html
[2013.04.21 20:51:19 | 000,145,920 | ---- | C] () -- C:\Users\profesor Orfanik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.03 18:55:33 | 000,331,443 | ---- | C] () -- C:\Program Files (x86)\razorlame115a.zip
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.11.20 06:27:26 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.20 05:21:20 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 05:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.11.13 21:55:35 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\ACD Systems
[2015.08.16 21:46:45 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\AVAST Software
[2014.09.18 18:31:49 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\AVG
[2018.07.06 09:03:28 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Azureus
[2012.11.03 22:44:15 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\BSplayer
[2012.11.03 18:06:43 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\BSplayer Pro
[2017.12.15 22:43:27 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\DAEMON Tools Lite
[2015.07.19 08:10:37 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Free YouTube to MP3 Converter Studio
[2016.02.13 16:30:45 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\GHISLER
[2015.12.26 19:40:08 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\LangSoft
[2012.12.01 10:10:00 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Mobipocket
[2018.06.09 21:38:20 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Mp3tag
[2012.11.09 10:12:41 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Raptr
[2016.12.02 18:47:06 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Samsung
[2017.05.30 22:53:15 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Seznam.cz
[2013.12.20 13:49:21 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\The Creative Assembly
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:373E1720
< End of report >
OTL logfile created on: 16.7.2018 8:03:42 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Programy
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17457)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,90 Gb Total Physical Memory | 2,70 Gb Available Physical Memory | 69,40% Memory free
7,79 Gb Paging File | 6,25 Gb Available in Paging File | 80,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 39,06 Gb Total Space | 1,38 Gb Free Space | 3,55% Space Free | Partition Type: NTFS
Drive D: | 892,35 Gb Total Space | 9,96 Gb Free Space | 1,12% Space Free | Partition Type: NTFS
Computer Name: PROFESORORFANIK | User Name: profesor Orfanik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2018.07.15 22:53:09 | 003,783,376 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
PRC - [2018.07.12 12:32:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Programy\OTL.exe
PRC - [2018.06.09 01:38:58 | 003,828,512 | ---- | M] (Valve Corporation) -- D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
PRC - [2018.06.09 01:38:54 | 003,201,312 | ---- | M] (Valve Corporation) -- D:\Steam\Steam.exe
PRC - [2018.06.08 20:30:42 | 012,006,104 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2018.06.05 17:10:22 | 002,527,512 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
PRC - [2018.05.17 12:29:06 | 000,317,280 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2018.04.04 23:05:57 | 000,335,896 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
PRC - [2018.03.21 02:21:48 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2016.10.01 13:10:44 | 001,544,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
PRC - [2012.01.03 15:10:50 | 000,815,512 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2011.12.16 13:30:40 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.12.16 13:30:38 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.12.16 12:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2011.05.20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.05.20 11:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.03.26 11:52:24 | 001,234,216 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
PRC - [2009.09.24 08:50:10 | 003,520,256 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\TOTALCMD.EXE
========== Modules (No Company Name) ==========
MOD - [2018.06.09 01:39:22 | 002,632,992 | ---- | M] () -- D:\Steam\video.dll
MOD - [2018.06.09 01:38:58 | 000,979,744 | ---- | M] () -- D:\Steam\bin\chromehtml.dll
MOD - [2018.06.08 23:42:02 | 004,969,248 | ---- | M] () -- D:\Steam\v8.dll
MOD - [2018.06.08 23:42:02 | 000,119,208 | ---- | M] () -- D:\Steam\winh264.dll
MOD - [2018.06.08 23:40:34 | 000,266,560 | ---- | M] () -- D:\Steam\openvr_api.dll
MOD - [2018.06.08 23:40:28 | 005,137,696 | ---- | M] () -- D:\Steam\libavcodec-57.dll
MOD - [2018.06.08 23:40:28 | 001,563,936 | ---- | M] () -- D:\Steam\icui18n.dll
MOD - [2018.06.08 23:40:28 | 001,195,296 | ---- | M] () -- D:\Steam\icuuc.dll
MOD - [2018.06.08 23:40:28 | 000,847,136 | ---- | M] () -- D:\Steam\libavutil-55.dll
MOD - [2018.06.08 23:40:28 | 000,783,648 | ---- | M] () -- D:\Steam\libswscale-4.dll
MOD - [2018.06.08 23:40:28 | 000,695,584 | ---- | M] () -- D:\Steam\libavformat-57.dll
MOD - [2018.06.08 23:40:28 | 000,351,520 | ---- | M] () -- D:\Steam\libavresample-3.dll
MOD - [2018.06.08 23:39:46 | 002,253,600 | ---- | M] () -- D:\Steam\bin\cef\cef.win7\swiftshader\libGLESv2.dll
MOD - [2018.06.08 23:39:46 | 000,109,856 | ---- | M] () -- D:\Steam\bin\cef\cef.win7\swiftshader\libEGL.dll
MOD - [2018.06.08 23:39:34 | 083,524,384 | ---- | M] () -- D:\Steam\bin\cef\cef.win7\libcef.dll
MOD - [2018.06.08 23:39:30 | 000,788,256 | ---- | M] () -- D:\Steam\bin\cef\cef.win7\SDL2.dll
MOD - [2018.06.08 23:38:52 | 000,788,256 | ---- | M] () -- D:\Steam\SDL2.dll
MOD - [2018.05.17 12:29:24 | 000,482,520 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\streamback.dll
MOD - [2018.05.17 12:28:42 | 000,293,592 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
MOD - [2018.03.10 17:44:53 | 067,126,928 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016.10.01 13:10:44 | 014,588,632 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll
MOD - [2015.12.22 17:29:14 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\1210150fb43acc20c472c3f79a31a4d2\IAStorUtil.ni.dll
MOD - [2015.12.22 17:29:14 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\8f4487611323af343bbe31ccace1d0ee\IAStorCommon.ni.dll
MOD - [2015.12.22 16:06:40 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2015.12.22 16:06:10 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2015.12.22 16:05:50 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2015.12.22 16:05:48 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\da5da08245467818759aa44c4eb948e1\System.Web.ni.dll
MOD - [2015.12.22 16:05:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2015.12.22 16:05:36 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2015.12.22 16:05:33 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2015.12.22 16:05:32 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2015.12.22 16:05:03 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2014.09.08 14:32:54 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrvPS.dll
MOD - [2012.09.23 21:43:36 | 000,313,992 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
MOD - [2009.09.24 08:50:10 | 000,177,664 | ---- | M] () -- C:\Program Files\totalcmd\UNRAR.DLL
MOD - [2009.09.24 08:50:10 | 000,123,536 | ---- | M] () -- C:\Program Files\totalcmd\WCMZIP32.DLL
MOD - [2009.07.26 20:39:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009.07.26 20:39:18 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
========== Services (SafeList) ==========
SRV:64bit: - [2018.05.17 12:29:06 | 000,317,280 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2018.05.17 12:28:49 | 007,620,096 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent)
SRV:64bit: - [2018.05.09 12:48:14 | 006,541,008 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:64bit: - [2017.02.09 06:53:35 | 000,173,472 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011.12.08 17:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2018.07.10 12:46:36 | 000,335,872 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2018.07.06 20:23:40 | 000,194,512 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2018.06.05 17:09:30 | 000,604,824 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2018.04.04 23:05:57 | 000,164,984 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe -- (avastm)
SRV - [2018.04.04 23:05:57 | 000,164,984 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe -- (avast)
SRV - [2018.03.21 02:21:48 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.01.13 00:24:26 | 000,274,200 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011.12.16 13:30:40 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.12.16 13:30:38 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.12.16 12:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011.05.20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.12.22 12:52:16 | 000,104,944 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2018.07.16 07:15:59 | 000,253,664 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2018.06.30 21:18:19 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2018.05.17 12:29:43 | 000,460,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2018.05.17 12:29:43 | 000,381,552 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2018.05.17 12:29:43 | 000,205,976 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2018.05.17 12:29:43 | 000,159,120 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2018.05.17 12:29:43 | 000,085,968 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2018.05.17 12:29:43 | 000,046,968 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2018.05.17 12:29:42 | 000,196,640 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswArPot.sys -- (aswArPot)
DRV:64bit: - [2018.05.17 12:29:42 | 000,111,360 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2018.05.17 12:28:56 | 001,027,720 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2018.05.17 12:28:43 | 000,234,560 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswHdsKe.sys -- (aswHdsKe)
DRV:64bit: - [2018.03.10 17:44:33 | 000,343,752 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbloga.sys -- (aswblog)
DRV:64bit: - [2018.03.10 17:44:33 | 000,227,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver)
DRV:64bit: - [2018.03.10 17:44:33 | 000,199,440 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsha.sys -- (aswbidsh)
DRV:64bit: - [2018.03.10 17:44:33 | 000,057,680 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniva.sys -- (aswbuniv)
DRV:64bit: - [2014.05.07 09:22:40 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2012.01.06 05:36:55 | 014,652,768 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.11.10 02:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011.05.20 10:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.23 04:20:58 | 000,077,936 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011.01.10 19:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.11.20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 06:32:48 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 06:32:48 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 04:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 04:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2017.02.14 16:39:38 | 000,111,608 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys -- (mfesapsn)
DRV - [2012.11.13 21:55:06 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\SearchScopes\{B8BA8F78-A31E-47BE-B2B5-50EFF44F99E9}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
IE - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.search.widget.inNavBar: true
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@cuminas.jp/DjVuPlugin: C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll (Cuminas Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.171.2: C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.171.2: C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll ()
FF - HKLM\Software\MozillaPlugins\@cuminas.jp/DjVuPlugin: C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll (Cuminas Corporation)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.171.2: C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.171.2: C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\E10SSAFFPLG.XPI [2018.05.15 13:40:28 | 000,390,657 | ---- | M] ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 61.0.1\extensions\\Components: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 61.0.1\extensions\\Plugins: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS [2016.11.18 11:35:51 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension\\: C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\SITEADVISOR.MCAFEE.FIREFOX.EXTENSION.JSON [2017.07.20 17:04:24 | 000,000,220 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013.02.09 10:53:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018.05.15 13:40:28 | 000,390,657 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension\\: C:\Program Files (x86)\McAfee\SiteAdvisor\siteadvisor.mcafee.firefox.extension.json [2017.07.20 17:04:24 | 000,000,220 | ---- | M] ()
[2015.07.11 11:10:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Extensions
[2017.11.18 09:03:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\SystemExtensionsDev
[2018.06.13 19:35:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\browser-extension-data
[2018.07.16 07:44:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\browser-extension-data\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}
[2017.09.29 13:56:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\browser-extension-data\screenshots@mozilla.org
[2018.07.16 08:03:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\browser-extension-data\wrc@avast.com
[2018.06.20 20:14:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\extensions
[2016.04.28 18:06:48 | 000,151,382 | ---- | M] () (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\extensions\adblockpopups@jessehakanen.net.xpi
[2018.06.20 20:14:22 | 002,457,020 | ---- | M] () (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\extensions\sp@avast.com.xpi
[2018.05.29 21:13:34 | 000,789,048 | ---- | M] () (No name found) -- C:\Users\profesor Orfanik\AppData\Roaming\Mozilla\Firefox\Profiles\8ms5nm7w.default\extensions\wrc@avast.com.xpi
[2018.05.15 13:40:28 | 000,390,657 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR\E10SSAFFPLG.XPI
[2012.06.28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
========== Chrome ==========
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_1\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_1\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_1\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.199_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\12.0.214_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
CHR - Extension: No name found = C:\Users\profesor Orfanik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\
O1 HOSTS File: ([2015.12.26 19:40:12 | 000,000,932 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.langsoft.cz
O1 - Hosts: 127.0.0.1 iws.intranet.cz
O1 - Hosts: 127.0.0.1 www.pctranslator.cz
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (McAfee WebAdvisor) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee WebAdvisor) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4:64bit: - HKLM..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [EEDSpeedLauncher] rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher File not found
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [Steam] D:\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O4 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000..\Run: [WDICT32] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &Save the YouTube video as MP3 - C:\Users\profesor Orfanik\AppData\Roaming\Free YouTube to MP3 Converter Studio\Free YouTube to MP3 Converter Studio.htm ()
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: &Save the YouTube video as MP3 - C:\Users\profesor Orfanik\AppData\Roaming\Free YouTube to MP3 Converter Studio\Free YouTube to MP3 Converter Studio.htm ()
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O9:64bit: - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O9 - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O9 - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4136603709-616968637-3338858671-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.111.128.254 10.77.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10F9E687-DC2B-4ECB-A07C-CADE31043B17}: DhcpNameServer = 10.111.128.254 10.77.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10F9E687-DC2B-4ECB-A07C-CADE31043B17}: NameServer = 8.8.8.8
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{f5df9ccb-24fb-11e2-bccd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f5df9ccb-24fb-11e2-bccd-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Run.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2018.07.15 22:53:34 | 000,253,664 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2018.07.06 09:34:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2018.07.06 09:18:45 | 000,441,856 | ---- | C] (Matthew T. Ashland) -- C:\Windows\SysWow64\MACDll.dll
[2018.07.06 09:18:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monkey's Audio
[2018.07.06 09:18:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Monkey's Audio
[2018.06.30 21:19:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2018.06.30 21:18:19 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2018.06.30 21:18:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2018.06.24 08:21:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2018.06.24 08:21:15 | 000,152,688 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbae64.sys
========== Files - Modified Within 30 Days ==========
[2018.07.16 07:23:15 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2018.07.16 07:23:15 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2018.07.16 07:22:25 | 001,583,670 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2018.07.16 07:22:25 | 000,668,138 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2018.07.16 07:22:25 | 000,653,526 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2018.07.16 07:22:25 | 000,140,798 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2018.07.16 07:22:25 | 000,121,398 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2018.07.16 07:15:59 | 000,253,664 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2018.07.16 07:15:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2018.07.16 07:14:54 | 3137,654,784 | -HS- | M] () -- C:\hiberfil.sys
[2018.07.15 22:53:09 | 000,152,688 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbae64.sys
[2018.07.12 12:35:43 | 000,000,192 | ---- | M] () -- C:\Windows\winamp.ini
[2018.07.10 12:46:22 | 000,842,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2018.07.10 12:46:22 | 000,175,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2018.07.09 20:55:36 | 000,000,049 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2018.06.30 21:19:58 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2018.06.30 21:18:19 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2018.06.25 23:35:34 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2018.06.24 08:21:18 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
========== Files Created - No Company Name ==========
[2018.06.30 21:19:58 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2018.06.24 08:21:18 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2018.05.23 13:59:46 | 001,558,616 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.09.07 22:34:26 | 000,221,184 | ---- | C] () -- C:\Program Files\mpTrim.exe
[2014.02.27 21:27:22 | 000,000,070 | ---- | C] () -- C:\Users\profesor Orfanik\AppData\Roaming\50EA574.html
[2014.02.27 21:24:21 | 000,000,070 | ---- | C] () -- C:\Users\profesor Orfanik\AppData\Roaming\06DF98F.html
[2013.04.21 20:51:19 | 000,145,920 | ---- | C] () -- C:\Users\profesor Orfanik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.03 18:55:33 | 000,331,443 | ---- | C] () -- C:\Program Files (x86)\razorlame115a.zip
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.11.20 06:27:26 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.20 05:21:20 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 05:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.11.13 21:55:35 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\ACD Systems
[2015.08.16 21:46:45 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\AVAST Software
[2014.09.18 18:31:49 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\AVG
[2018.07.06 09:03:28 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Azureus
[2012.11.03 22:44:15 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\BSplayer
[2012.11.03 18:06:43 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\BSplayer Pro
[2017.12.15 22:43:27 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\DAEMON Tools Lite
[2015.07.19 08:10:37 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Free YouTube to MP3 Converter Studio
[2016.02.13 16:30:45 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\GHISLER
[2015.12.26 19:40:08 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\LangSoft
[2012.12.01 10:10:00 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Mobipocket
[2018.06.09 21:38:20 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Mp3tag
[2012.11.09 10:12:41 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Raptr
[2016.12.02 18:47:06 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Samsung
[2017.05.30 22:53:15 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\Seznam.cz
[2013.12.20 13:49:21 | 000,000,000 | ---D | M] -- C:\Users\profesor Orfanik\AppData\Roaming\The Creative Assembly
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:373E1720
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Oba logy jste prve nedal a ani teď tam není všechno. V logu chybí tato část: https://forum.viry.cz/viewtopic.php?f=1 ... s#p1489326 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?