Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

avg search

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
luk4sp
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 04 led 2013 17:47

avg search

#1 Příspěvek od luk4sp »

Dobrý den,
mám problém, když kliknu v mozille na "otevře nový panel" načte se místo prázdné stránky AVG secure search. nevím jak se to tam nainstalovalo, nikde jsem nic nepovolil při instalaci programů atd. a teď se toho nemůžu zbavit. Když otevřu "odinstalovat nebo změnit program" tak tam nic takového od AVG nevidím, zkoušel jsem i obnovit hodnoty v about:config ale bez úspěchu. prosím o radu co s tím. díky
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: avg search

#2 Příspěvek od vyosek »

Zdravim :)

:arrow: Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
luk4sp
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 04 led 2013 17:47

Re: avg search

#3 Příspěvek od luk4sp »

mám 32 bit a W 7 Ultimate

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-06-2014
Ran by xxx (administrator) on LUKAS on 23-06-2014 19:59:44
Running from C:\Users\xxx\Desktop
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Pandora.TV) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Windows\System32\C2MP\TrayMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(PandoraTV) C:\Program Files\PANDORA.TV\PanService\PanProcess.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcfgex.exe
(forum.viry.cz) C:\Users\xxx\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2013\avgui.exe [4411952 2014-01-21] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2000-01-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap.dll [982232 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [SafeQ Client] => C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe [249856 2010-03-31] ()
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-2983826374-2796642713-3069972579-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2983826374-2796642713-3069972579-1001\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [847536 2014-05-14] (Adobe Systems Incorporated)
HKU\S-1-5-21-2983826374-2796642713-3069972579-1001\...\MountPoints2: {b1b98efa-81bf-11e2-b1f5-00261889f256} - E:\cdstart.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\System32\C2MP\TrayMenu.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\System32\C2MP\UpdateChecker.exe ()
ShellIconOverlayIdentifiers: Správa překryvné ikony digitálních podpisů AutoCADu -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {376CC50E-C7B3-43B4-B9D3-B6C2E6E1797E} URL = https://search.yahoo.com/search?fr=chr- ... earchTerms}
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36

FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\l1frcy73.default-1403010640209
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Adblock Plus - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\l1frcy73.default-1403010640209\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-18]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-04-15]

========================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
S3 DfSdkS; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [406016 2009-08-24] (mst software GmbH, Germany) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2013-03-01] (Macrovision Europe Ltd.) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14658848 2013-12-10] (NVIDIA Corporation)
R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [250072 2000-01-01] (Realtek Semiconductor)

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2014-04-15] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42272 2014-04-27] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-04-07] (DT Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-05] (NVIDIA Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-23 19:59 - 2014-06-23 20:00 - 00010332 _____ () C:\Users\xxx\Desktop\FRST.txt
2014-06-23 19:59 - 2014-06-23 19:59 - 00000000 ____D () C:\FRST
2014-06-23 19:58 - 2014-06-23 19:58 - 00112640 _____ (forum.viry.cz) C:\Users\xxx\Desktop\FRSTLauncher.exe
2014-06-23 19:53 - 2014-06-23 19:54 - 01073152 _____ (Farbar) C:\Users\xxx\Desktop\FRST.exe
2014-06-23 19:18 - 2014-06-23 19:18 - 00153782 _____ () C:\Users\xxx\Desktop\bookmarks.html
2014-06-23 19:18 - 2014-06-23 19:18 - 00066342 _____ () C:\Users\xxx\Desktop\bookmarks-2014-06-23.json
2014-06-23 17:29 - 2014-06-23 17:29 - 00000168 _____ () C:\Windows\setupact.log
2014-06-23 17:29 - 2014-06-23 17:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-21 18:07 - 2014-06-21 18:25 - 497612074 _____ () C:\Users\xxx\Downloads\Hercule-Poirot_02_08_Únos-ministerského-předsedy.avi
2014-06-21 17:28 - 2014-06-21 17:28 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-21 17:27 - 2014-06-21 17:50 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-06-21 17:27 - 2014-06-21 17:27 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-06-19 17:54 - 2014-06-19 18:57 - 603698018 _____ () C:\Users\xxx\Downloads\Hercule-Poirot_02_07_Tajemství-levného-bytu.AVI
2014-06-19 17:22 - 2014-06-19 17:53 - 546783048 _____ () C:\Users\xxx\Downloads\Hercule-Poirot_02_06_Dvojnásobný-zločin.avi
2014-06-19 15:36 - 2014-06-19 16:14 - 691718644 _____ () C:\Users\xxx\Downloads\Hercule-Poirot_02_05_Tajemné-zmizení-pana-Davenheima.AVI
2014-06-19 15:03 - 2014-06-19 15:03 - 00000000 ____D () C:\Users\xxx\Desktop\Nová složka
2014-06-19 03:32 - 2014-06-19 03:33 - 00000000 ____D () C:\Users\xxx\Desktop\Best House Songs 50K Pack - By Oli Tryon
2014-06-18 14:37 - 2014-03-05 23:37 - 00000670 _____ () C:\Users\xxx\Documents\AVG-internet-security-2013-licensed-key.txt
2014-06-18 13:07 - 2014-06-18 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-17 15:09 - 2014-06-17 15:09 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-15 23:52 - 2014-06-15 23:52 - 00003408 ____N () C:\bootsqm.dat
2014-06-14 15:52 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-06-14 15:51 - 2014-06-22 16:03 - 00000000 ____D () C:\AdwCleaner
2014-06-14 15:50 - 2014-06-14 15:50 - 01333465 _____ () C:\Users\xxx\Downloads\adwcleaner_3.212.exe
2014-06-14 11:49 - 2014-06-19 03:36 - 00009006 _____ () C:\Users\xxx\Desktop\tip.xlsx
2014-06-14 10:22 - 2014-06-23 20:00 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-14 10:21 - 2014-06-14 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-14 10:21 - 2014-06-14 10:21 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-14 10:21 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-14 10:21 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-12 16:35 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 16:35 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 16:35 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 16:35 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 16:35 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 16:35 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 16:35 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 16:35 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 16:35 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 16:35 - 2014-05-30 10:28 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 16:35 - 2014-05-30 10:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 16:35 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 16:35 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 16:35 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 16:35 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 16:35 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 16:35 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 16:35 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 16:35 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 16:35 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 16:35 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 16:35 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 16:35 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 16:35 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 16:34 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 16:34 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 16:34 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 16:34 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 16:34 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 16:34 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 16:34 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 16:34 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 16:34 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 16:34 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 16:34 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 16:34 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 16:34 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 15:49 - 2014-05-08 11:06 - 02742784 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 15:49 - 2014-05-08 11:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 19:14 - 2014-06-11 19:14 - 00000000 ____D () C:\Users\xxx\Downloads\Tiesto_A_Town_Called_Paradise

==================== One Month Modified Files and Folders =======

2014-06-23 20:00 - 2014-06-23 19:59 - 00010332 _____ () C:\Users\xxx\Desktop\FRST.txt
2014-06-23 20:00 - 2014-06-14 10:22 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-23 19:59 - 2014-06-23 19:59 - 00000000 ____D () C:\FRST
2014-06-23 19:58 - 2014-06-23 19:58 - 00112640 _____ (forum.viry.cz) C:\Users\xxx\Desktop\FRSTLauncher.exe
2014-06-23 19:58 - 2009-07-14 06:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-23 19:58 - 2009-07-14 06:34 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-23 19:55 - 2013-03-22 10:01 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-23 19:54 - 2014-06-23 19:53 - 01073152 _____ (Farbar) C:\Users\xxx\Desktop\FRST.exe
2014-06-23 19:18 - 2014-06-23 19:18 - 00153782 _____ () C:\Users\xxx\Desktop\bookmarks.html
2014-06-23 19:18 - 2014-06-23 19:18 - 00066342 _____ () C:\Users\xxx\Desktop\bookmarks-2014-06-23.json
2014-06-23 18:47 - 2013-02-23 18:11 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-23 18:28 - 2013-02-23 16:51 - 01262150 _____ () C:\Windows\WindowsUpdate.log
2014-06-23 17:34 - 2013-02-23 17:07 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-23 17:29 - 2014-06-23 17:29 - 00000168 _____ () C:\Windows\setupact.log
2014-06-23 17:29 - 2014-06-23 17:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-23 17:29 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-22 16:03 - 2014-06-14 15:51 - 00000000 ____D () C:\AdwCleaner
2014-06-22 07:41 - 2013-05-16 01:14 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Mp3tag
2014-06-21 18:25 - 2014-06-21 18:07 - 497612074 _____ () C:\Users\xxx\Downloads\Hercule-Poirot_02_08_Únos-ministerského-předsedy.avi
2014-06-21 17:50 - 2014-06-21 17:27 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-06-21 17:28 - 2014-06-21 17:28 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-21 17:27 - 2014-06-21 17:27 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-06-21 17:23 - 2013-03-28 23:15 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-06-19 18:57 - 2014-06-19 17:54 - 603698018 _____ () C:\Users\xxx\Downloads\Hercule-Poirot_02_07_Tajemství-levného-bytu.AVI
2014-06-19 17:53 - 2014-06-19 17:22 - 546783048 _____ () C:\Users\xxx\Downloads\Hercule-Poirot_02_06_Dvojnásobný-zločin.avi
2014-06-19 16:14 - 2014-06-19 15:36 - 691718644 _____ () C:\Users\xxx\Downloads\Hercule-Poirot_02_05_Tajemné-zmizení-pana-Davenheima.AVI
2014-06-19 15:28 - 2014-02-26 18:35 - 00004429 _____ () C:\Users\xxx\Desktop\Nový textový dokument (2).txt
2014-06-19 15:27 - 2014-05-10 04:28 - 00000000 ____D () C:\Users\xxx\Desktop\plocha
2014-06-19 15:27 - 2014-03-24 03:20 - 00000000 ____D () C:\Users\xxx\Desktop\Deep House
2014-06-19 15:03 - 2014-06-19 15:03 - 00000000 ____D () C:\Users\xxx\Desktop\Nová složka
2014-06-19 03:36 - 2014-06-14 11:49 - 00009006 _____ () C:\Users\xxx\Desktop\tip.xlsx
2014-06-19 03:33 - 2014-06-19 03:32 - 00000000 ____D () C:\Users\xxx\Desktop\Best House Songs 50K Pack - By Oli Tryon
2014-06-18 13:07 - 2014-06-18 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-18 13:07 - 2013-02-23 18:15 - 00000947 _____ () C:\Users\Public\Desktop\AVG 2013.lnk
2014-06-17 15:34 - 2013-02-23 17:46 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-17 15:09 - 2014-06-17 15:09 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-17 15:09 - 2014-05-09 23:55 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2014-06-16 03:00 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-06-15 23:52 - 2014-06-15 23:52 - 00003408 ____N () C:\bootsqm.dat
2014-06-15 02:18 - 2013-03-25 15:32 - 00000340 _____ () C:\Windows\Tasks\Driver Robot.job
2014-06-14 15:54 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat
2014-06-14 15:50 - 2014-06-14 15:50 - 01333465 _____ () C:\Users\xxx\Downloads\adwcleaner_3.212.exe
2014-06-14 10:21 - 2014-06-14 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-14 10:21 - 2014-06-14 10:21 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-14 10:21 - 2013-02-27 23:55 - 00001080 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-14 10:21 - 2013-02-25 19:55 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Malwarebytes
2014-06-14 10:21 - 2013-02-25 19:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-14 10:21 - 2013-02-25 19:55 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-06-13 12:56 - 2014-03-24 03:42 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-06-12 19:13 - 2014-05-06 14:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 16:17 - 2013-02-23 18:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 16:16 - 2013-07-12 15:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 16:14 - 2013-02-23 19:59 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 19:14 - 2014-06-11 19:14 - 00000000 ____D () C:\Users\xxx\Downloads\Tiesto_A_Town_Called_Paradise
2014-06-08 10:48 - 2014-06-12 16:34 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-06-12 16:34 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-30 16:40 - 2014-04-04 04:06 - 00000000 ____D () C:\Users\xxx\Desktop\8.SEMESTR
2014-05-30 11:18 - 2014-06-12 16:34 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 11:02 - 2014-06-12 16:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 11:02 - 2014-06-12 16:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 10:44 - 2014-06-12 16:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 10:43 - 2014-06-12 16:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 10:42 - 2014-06-12 16:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-12 16:35 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 10:34 - 2014-06-12 16:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 10:33 - 2014-06-12 16:35 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 10:30 - 2014-06-12 16:35 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 10:28 - 2014-06-12 16:35 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 10:28 - 2014-06-12 16:35 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 10:27 - 2014-06-12 16:34 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 10:21 - 2014-06-12 16:35 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 10:16 - 2014-06-12 16:35 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 10:10 - 2014-06-12 16:35 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-12 16:35 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:04 - 2014-06-12 16:35 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:02 - 2014-06-12 16:35 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 09:57 - 2014-06-12 16:35 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 09:56 - 2014-06-12 16:34 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 09:54 - 2014-06-12 16:35 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 09:50 - 2014-06-12 16:35 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-12 16:35 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 09:40 - 2014-06-12 16:35 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:21 - 2014-06-12 16:35 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:15 - 2014-06-12 16:35 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:13 - 2014-06-12 16:35 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-25 23:02 - 2013-03-18 17:49 - 00020940 _____ () C:\Users\xxx\Documents\vista_dochazka.xlsx

Some content of TEMP:
====================
C:\Users\xxx\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Driver Robot.job => ?

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: AVG Internet Security 2013 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2013 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\xxx\Desktop" je 10008 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Přílohy
Addition.rar
(4.59 KiB) Staženo 85 x
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: avg search

#4 Příspěvek od vyosek »

:arrow: Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze :?:

:arrow: Nebo jsou cracknute\cinknute stejne jako ten antivir :?:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
luk4sp
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 04 led 2013 17:47

Re: avg search

#5 Příspěvek od luk4sp »

Windows je legalní, už při minulém dotazu tady mi byl myslím položen tenhle dotaz :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: avg search

#6 Příspěvek od vyosek »

:arrow: Ale na ten AVG mate stahnuty klic, ze :?:

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
luk4sp
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 04 led 2013 17:47

Re: avg search

#7 Příspěvek od luk4sp »

scan probíhá, projiždí to a pak se tam dole objeví "Manual file scan - getting folder structure" a po chvilce Out of memory
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: avg search

#8 Příspěvek od vyosek »

Spustte OTL s timto skriptem jen

Kód: Vybrat vše

%systemroot%\Tasks\*.job
*loader* /s
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
luk4sp
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 04 led 2013 17:47

Re: avg search

#9 Příspěvek od luk4sp »

OTL logfile created on: 24.6.2014 10:31:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\xxx\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,50 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 58,30% Memory free
7,00 Gb Paging File | 5,22 Gb Available in Paging File | 74,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 357,25 Gb Free Space | 76,72% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 70,09 Mb Free Space | 70,09% Space Free | Partition Type: NTFS

Computer Name: LUKAS | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.06.23 21:22:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
PRC - [2014.06.17 15:09:08 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014.05.22 00:36:08 | 001,117,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2014.05.14 10:55:07 | 001,863,856 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
PRC - [2014.05.12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014.05.12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014.05.12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014.03.04 14:34:44 | 001,821,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2014.03.04 14:34:44 | 000,943,048 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2014.01.21 01:43:02 | 004,411,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.12.10 04:15:27 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013.12.10 04:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013.12.10 04:14:51 | 014,658,848 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
PRC - [2013.11.20 02:54:20 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2013.10.23 02:05:52 | 000,799,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2013.08.02 02:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013.07.10 01:33:22 | 000,452,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2013.07.04 15:53:28 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2013.07.04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2013.02.25 16:50:10 | 000,704,520 | ---- | M] () -- C:\Windows\System32\C2MP\TrayMenu.exe
PRC - [2013.01.09 17:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\ConversionService.exe
PRC - [2013.01.09 17:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\HelperService.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.09.28 10:25:56 | 000,586,904 | ---- | M] (PandoraTV) -- C:\Program Files\PANDORA.TV\PanService\PanProcess.exe
PRC - [2012.09.28 10:25:54 | 000,625,304 | ---- | M] (Pandora.TV) -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.03.31 11:55:34 | 000,249,856 | ---- | M] () -- C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe
PRC - [2000.01.01 02:00:00 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2000.01.01 02:00:00 | 001,003,224 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
PRC - [2000.01.01 02:00:00 | 000,250,072 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE.EXE


========== Modules (No Company Name) ==========

MOD - [2014.06.17 15:09:07 | 003,852,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014.05.14 10:55:07 | 016,361,136 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_13_0_0_214.dll
MOD - [2014.02.13 16:48:45 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014.02.13 16:48:36 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014.02.13 16:46:41 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014.02.13 16:46:28 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013.02.25 16:50:10 | 000,704,520 | ---- | M] () -- C:\Windows\System32\C2MP\TrayMenu.exe
MOD - [2010.03.31 11:55:36 | 000,005,120 | ---- | M] () -- C:\Program Files\Y Soft\SafeQ Client\Client\cs-CZ\SafeQ Client.resources.dll
MOD - [2010.03.31 11:55:34 | 000,249,856 | ---- | M] () -- C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe
MOD - [2010.02.12 10:37:50 | 000,633,696 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\ContextHandler.dll


========== Services (SafeList) ==========

SRV - [2014.06.17 15:09:07 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.05.30 10:28:30 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014.05.14 10:55:08 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.05.12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014.05.12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.10 04:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013.12.10 04:14:51 | 014,658,848 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2013.11.20 02:54:20 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013.07.04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.03.01 12:45:36 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013.01.09 17:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2013.01.09 17:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012.09.28 10:25:54 | 000,625,304 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe -- (DfSdkS)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2000.01.01 02:00:00 | 000,250,072 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE.EXE -- (RtkAudioService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2014.06.24 10:23:50 | 000,110,296 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014.05.12 07:26:08 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2014.05.12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2014.04.27 17:42:17 | 000,042,272 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2014.04.15 13:35:26 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2014.03.04 16:29:02 | 010,523,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013.12.05 10:42:30 | 000,034,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2013.11.25 02:48:36 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013.10.23 02:05:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013.10.23 02:05:10 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013.07.20 01:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013.07.20 01:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013.07.20 01:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013.07.01 01:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013.04.07 22:06:00 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.08.23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011.06.27 02:37:12 | 002,191,872 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.06.17 01:18:24 | 000,193,640 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2007.07.31 03:39:00 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2000.01.01 02:00:00 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2000.01.01 02:00:00 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2983826374-2796642713-3069972579-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2983826374-2796642713-3069972579-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2983826374-2796642713-3069972579-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-2983826374-2796642713-3069972579-1001\..\SearchScopes\{376CC50E-C7B3-43B4-B9D3-B6C2E6E1797E}: "URL" = https://search.yahoo.com/search?fr=chr- ... earchTerms}
IE - HKU\S-1-5-21-2983826374-2796642713-3069972579-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2013.04.15 13:35:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013.02.23 17:46:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions
[2014.06.18 14:41:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\l1frcy73.default-1403010640209\extensions
[2013.10.02 14:10:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profileswc1atra1.default\extensions
[2013.10.02 14:10:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profileswc1atra1.default\extensions\staged
[2014.06.18 14:41:13 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\l1frcy73.default-1403010640209\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.06.17 15:09:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.06.17 15:09:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SafeQ Client] C:\Program Files\Y Soft\SafeQ Client\Client\SafeQ Client.exe ()
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-21-2983826374-2796642713-3069972579-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2983826374-2796642713-3069972579-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.37 213.46.172.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E852E6F4-5AC6-43B4-88FB-287927123CA3}: DhcpNameServer = 213.46.172.37 213.46.172.36
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.03.01 12:32:46 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{b1b98efa-81bf-11e2-b1f5-00261889f256}\Shell - "" = AutoRun
O33 - MountPoints2\{b1b98efa-81bf-11e2-b1f5-00261889f256}\Shell\AutoRun\command - "" = E:\cdstart.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 7 Days ==========

[2014.06.23 21:22:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2014.06.23 19:59:22 | 000,000,000 | ---D | C] -- C:\FRST
[2014.06.23 19:53:54 | 001,073,152 | ---- | C] (Farbar) -- C:\Users\xxx\Desktop\FRST.exe
[2014.06.21 17:28:23 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014.06.21 17:27:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2014.06.19 15:03:18 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\Nová složka
[2014.06.19 03:32:18 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\Best House Songs 50K Pack - By Oli Tryon
[2014.06.18 13:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2014.06.17 15:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2014.06.24 10:28:03 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.06.24 10:28:03 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.06.24 10:27:07 | 000,669,116 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.06.24 10:27:07 | 000,654,464 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.06.24 10:27:07 | 000,141,744 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.06.24 10:27:07 | 000,122,336 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.06.24 10:23:50 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014.06.24 10:22:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.06.24 10:21:57 | 2817,994,752 | -HS- | M] () -- C:\hiberfil.sys
[2014.06.24 01:55:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.06.24 00:24:25 | 012,667,132 | ---- | M] () -- C:\Users\xxx\Desktop\Alvaro & Carnage - The Underground (Original Mix).mp3
[2014.06.23 21:59:58 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.06.23 21:22:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2014.06.23 20:03:05 | 000,004,701 | ---- | M] () -- C:\Users\xxx\Desktop\Addition.rar
[2014.06.23 19:54:01 | 001,073,152 | ---- | M] (Farbar) -- C:\Users\xxx\Desktop\FRST.exe
[2014.06.23 19:18:41 | 000,153,782 | ---- | M] () -- C:\Users\xxx\Desktop\bookmarks.html
[2014.06.23 19:18:02 | 000,066,342 | ---- | M] () -- C:\Users\xxx\Desktop\bookmarks-2014-06-23.json
[2014.06.22 07:41:26 | 011,409,678 | ---- | M] () -- C:\Users\xxx\Desktop\Steve Angello vs. AN21 & Sebjak - GODS (Original Mix).mp3
[2014.06.18 13:07:37 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.06.24 00:24:03 | 012,667,132 | ---- | C] () -- C:\Users\xxx\Desktop\Alvaro & Carnage - The Underground (Original Mix).mp3
[2014.06.23 21:29:32 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.06.23 20:03:05 | 000,004,701 | ---- | C] () -- C:\Users\xxx\Desktop\Addition.rar
[2014.06.23 19:18:40 | 000,153,782 | ---- | C] () -- C:\Users\xxx\Desktop\bookmarks.html
[2014.06.23 19:18:02 | 000,066,342 | ---- | C] () -- C:\Users\xxx\Desktop\bookmarks-2014-06-23.json
[2014.06.22 07:40:46 | 011,409,678 | ---- | C] () -- C:\Users\xxx\Desktop\Steve Angello vs. AN21 & Sebjak - GODS (Original Mix).mp3
[2014.05.20 15:02:10 | 000,045,384 | ---- | C] () -- C:\Windows\System32\DiscHandler.exe
[2014.05.13 17:02:30 | 003,916,288 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll
[2014.05.13 17:01:48 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2014.05.13 17:01:12 | 000,271,360 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2014.05.13 17:00:58 | 000,157,184 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2014.05.13 17:00:58 | 000,099,840 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2014.05.13 17:00:56 | 001,525,760 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2014.05.13 17:00:56 | 000,211,968 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2014.05.13 17:00:56 | 000,147,456 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2014.05.13 17:00:54 | 000,114,688 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2014.05.13 17:00:52 | 000,136,704 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2014.04.08 22:50:26 | 000,235,520 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2014.04.08 22:50:16 | 000,632,320 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2014.04.08 17:29:48 | 000,238,736 | ---- | C] () -- C:\Windows\System32\libbluray.dll
[2014.01.21 01:09:50 | 002,355,200 | ---- | C] () -- C:\Windows\System32\SAFEQVS.DLL
[2014.01.21 01:09:50 | 000,421,888 | ---- | C] () -- C:\Windows\System32\SafeQCairoLib.DLL
[2014.01.21 01:09:50 | 000,131,072 | ---- | C] () -- C:\Windows\System32\SAFEQUI.DLL
[2014.01.07 06:43:04 | 000,681,905 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013.12.17 04:19:30 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\Lagarith.dll
[2013.12.17 04:15:32 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OptimFROG.dll
[2013.12.17 04:15:32 | 000,000,236 | ---- | C] () -- C:\Windows\System32\Formats.ini
[2013.12.17 04:15:30 | 000,047,104 | ---- | C] () -- C:\Windows\System32\bass_tak.dll
[2013.12.17 03:28:18 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll
[2013.12.17 03:28:18 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll
[2013.12.17 03:28:18 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll
[2013.12.17 03:27:52 | 000,113,152 | ---- | C] () -- C:\Windows\System32\dsmux.exe
[2013.12.17 03:27:50 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2013.12.17 03:27:40 | 000,358,400 | ---- | C] () -- C:\Windows\System32\gdsmux.exe
[2013.12.17 03:27:16 | 000,137,728 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe
[2013.12.17 03:27:16 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2013.12.17 03:27:14 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2013.12.17 03:27:14 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2013.12.17 03:27:10 | 000,142,336 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2013.12.17 03:26:52 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2013.12.17 03:26:40 | 000,154,624 | ---- | C] () -- C:\Windows\System32\ts.dll
[2013.08.26 06:36:24 | 000,003,730 | ---- | C] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2013.07.26 15:24:22 | 000,235,184 | ---- | C] () -- C:\Windows\System32\avfilter-lav-3.dll
[2013.03.13 02:28:26 | 000,007,605 | ---- | C] () -- C:\Users\xxx\AppData\Local\Resmon.ResmonCfg
[2013.02.27 16:09:22 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2013.02.27 16:07:51 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2013.02.23 17:53:10 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2013.02.10 16:15:02 | 007,833,552 | ---- | C] () -- C:\Windows\System32\avcodec-lav-54.dll
[2013.02.10 16:15:02 | 001,256,952 | ---- | C] () -- C:\Windows\System32\avformat-lav-54.dll
[2012.07.02 22:11:02 | 000,016,384 | ---- | C] () -- C:\Windows\System32\theowl.dll

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.03.27 19:22:54 | 000,000,000 | ---D | M] -- C:\Users\lp\AppData\Roaming\AVG2013
[2013.03.13 16:52:05 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Autodesk
[2013.02.23 18:16:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\AVG2013
[2014.01.07 10:11:22 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DAEMON Tools Lite
[2014.03.24 03:41:53 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\FlowStone
[2014.03.24 03:42:15 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Image-Line
[2014.06.24 00:24:27 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Mp3tag
[2013.03.24 21:15:55 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\MyPhoneExplorer
[2013.02.26 20:28:40 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Opera
[2013.04.15 13:36:16 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PDF Architect
[2013.03.21 03:49:53 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Softland
[2013.03.21 03:50:46 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\StatSoft
[2014.03.10 18:29:53 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\The Creative Assembly
[2013.12.21 16:29:59 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Ubisoft

========== Purity Check ==========



========== Custom Scans ==========

< %systemroot%\Tasks\*.job >
[2014.06.24 01:55:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014.06.15 02:18:01 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job

< *loader* /s >
Error getting files...

< End of report >
Nahoru
luk4sp
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 04 led 2013 17:47

Re: avg search

#10 Příspěvek od luk4sp »

OTL Extras logfile created on: 24.6.2014 10:31:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\xxx\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,50 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 58,30% Memory free
7,00 Gb Paging File | 5,22 Gb Available in Paging File | 74,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 357,25 Gb Free Space | 76,72% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 70,09 Mb Free Space | 70,09% Space Free | Partition Type: NTFS

Computer Name: LUKAS | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-2983826374-2796642713-3069972579-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03FC2398-CB74-443F-A2E5-146C25DDC43F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{0E9E4E64-4EC4-4BA3-9222-E79393A71105}" = rport=139 | protocol=6 | dir=out | app=system |
"{1758CB6A-EF94-4B78-80F7-54CA1948DC07}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{20BB3377-FC34-4826-A94B-3DC7B497AB35}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{39F9C8A9-F119-438B-950D-D101FDDAC208}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B825E4D-687F-4645-9DDA-10EC622FDBB1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3BA3E75D-1716-4C54-9978-BD609C5BD10F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3BE3AD3E-17BB-4FB7-8BF6-07AAC8B19565}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3D047D11-D4A8-4E25-B3FE-D77123A1B009}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{4370E9B3-10F0-4CCA-9895-9A07E19D8D3F}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{4F68B948-8970-4159-A56F-C41232D0C624}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6A8C037E-4A4D-4C3E-B176-A41DA29FD839}" = rport=137 | protocol=17 | dir=out | app=system |
"{78BAA2AB-86A0-4B20-9343-6A6364A3B72B}" = lport=137 | protocol=17 | dir=in | app=system |
"{7A90C3C3-7217-41D6-918E-A641904A36F8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{86291298-FBD2-43C8-B8D8-B7BA75D1544B}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{9003ED1F-7F7C-4F46-A651-0CF2CE4D98D5}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{9821DE42-4E8F-435B-888E-B51E2CB966EE}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{AB8A0277-31EE-404A-9B64-38418C4D0295}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B1AA4F78-BF92-4239-A1B3-625A0085BECD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B1FB11A0-B27B-4669-9BAD-3FBF2499374F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B2855569-C072-4783-AB4D-DFECE93010D2}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B60895E6-C3C6-495C-A275-179370731508}" = lport=138 | protocol=17 | dir=in | app=system |
"{BDD2A11C-F3B6-4335-8411-1E7F78D915EA}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{C390EECE-A5E0-4DAA-91FE-07916BE053B7}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C6C4A463-08B0-4B87-ABBF-A00ED7E962AF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C8C8D478-0B35-42AB-908F-B49B14058513}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D57B9E9A-2C2A-4612-B5E9-ABDB659E52E7}" = rport=138 | protocol=17 | dir=out | app=system |
"{D7CADAD9-F94D-4E44-81B9-3E28338BDCAE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E17E55CA-0DCA-4329-A1C3-4E145D9CCC35}" = rport=445 | protocol=6 | dir=out | app=system |
"{E20ACDD4-5D91-407D-8913-59928612E780}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{E4193C0B-F64B-4FE7-A2C6-59EF2DEDDC29}" = lport=445 | protocol=6 | dir=in | app=system |
"{F65A04C9-F10A-4DF2-8F5D-A4337A2ABA9B}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F155D22-16CE-4188-9BCB-A83D1CE84DB8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{15ACF3A8-5E62-4105-BEC4-48A47C06B8B3}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{1A285814-CC94-4415-A2AF-C73FAD61ECC2}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{1AC7CB68-0B14-4963-BBC1-9B62DF2E4D81}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1D75A525-D0C4-4284-BC40-3FDD83499EAE}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{286AA3FB-54E9-4432-9627-4FB95D5F98E5}" = protocol=6 | dir=out | app=system |
"{2B6C5FF4-7EF6-4C49-A0EC-B4835C306030}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{304560BE-3541-4BF6-B221-5DA3BAF09129}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\panprocess.exe |
"{31071FA7-1BF1-45E7-AF04-91A244D3182C}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{39112743-71C6-4235-8C6A-C5F90E78096A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgwdsvc.exe |
"{3FCC12D7-D704-4833-BCFF-E0DC7BB5C7A1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{557AC3C2-CABD-46C7-9121-B0CB2D8FBE37}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5999F2F9-355F-48BF-AFDA-F1782092E0A8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{65D9053E-D459-4B4E-BCA7-074B7FAFDE91}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{6A170695-9041-4730-A8BC-F7075625B3EA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{79D53433-68F5-4449-A487-3E9EB21A0022}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgwdsvc.exe |
"{7B51549C-BC18-4337-B2BE-A4CB6C807075}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7E713247-2799-45F7-A504-6955E7764F2D}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{8131E0BC-0E03-4F8E-BFCB-B4F24830EB52}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{81E94906-D7D3-46B3-89AB-6E0D13ED3B34}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\panprocess.exe |
"{84AB6FB1-D62E-403A-AE8D-FBED71A4A08E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8659A33B-A158-4BF2-9661-EC27F8F13818}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8DA88C3B-37CA-4729-AA23-647E0DF2EA00}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{8E2AA8E1-0B5A-4BE1-B148-3D8462BCB4E7}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{96C46D21-25AD-43B5-9D1F-0CF7CF7D10F8}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\panprocess.exe |
"{A1A6BC45-4985-4C14-8984-4F594A7938E7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A9A506D2-BF42-42D0-A59C-1D7476701D8A}" = protocol=17 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{AAB049DF-C0D6-4084-B6DA-B8BEE9A3750A}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\panprocess.exe |
"{AE13FC8A-D251-47ED-B6D5-8F7194F1606E}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{BFF44BDD-D779-46F2-AF73-CE75988CCDA9}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{C9B5825B-29B5-43AE-838D-942255505789}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CC38DFCD-1A29-42DF-A84D-3ABF1B193ED0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CF309B81-DA58-4B42-9EB3-4836C1B3F53C}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{CF5822E1-02AB-4A4C-9458-FAED15E5E31A}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{D7DD3D36-13E9-4375-ADEA-F3F84392EB7D}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{DD28493C-3FC4-4D49-971A-FC0B268CBCA9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DFBEECFA-621E-461D-87AB-CEAE39512C2A}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{DFF86534-FDEB-42EF-9E48-F21DEAD9D765}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E1B32416-82A4-459B-84CC-B6CF979B60AD}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{E9BCF302-4DDB-4570-81CC-A1BC859CEAF0}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{EC5D1956-BAD3-4300-8F55-2D7586B770CC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EFC150A6-9BE9-482E-BBD3-601D5D042533}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F1F38457-A3DC-411C-9A9A-6A1B1016B216}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F91F30E6-D355-4663-B190-90058E231594}" = protocol=6 | dir=in | app=c:\program files\pandora.tv\panservice\pandoraservice.exe |
"{F9883AAD-304E-4466-8D2A-51B1E3EB762A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FA972F9C-B86D-48DB-B762-BB0263D906A9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}" = Microsoft .NET Framework 4.5.1 (CSY)
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 55
"{2711C4F6-0B26-4C38-A615-664331CAD807}" = SearchMe Toolbar v9.3
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5783F2D7-8001-0405-0002-0060B0CE6BBA}" = AutoCAD 2010 - česky
"{5783F2D7-8001-0405-1002-0060B0CE6BBA}" = Jazykový balíček aplikace AutoCAD 2010 - čeština
"{588777AE-DE44-4A92-82BD-C1A09FC70B20}" = AVG 2013
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{80A07844-CA64-4DE4-AB61-D37DDBE8074F}" = PDF Architect
"{83210FBF-5553-439F-AC94-AF5E55E068C1}" = AVG 2013
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5457401-D56A-43F2-9524-78E54A7FC07A}" = SlimDrivers
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Czech
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{B82FA3D7-4EFB-4E9F-888F-D7DB1C513D48}" = STATISTICA CZ 10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.60
"AutoCAD 2010 - česky" = AutoCAD 2010 - česky
"AVG" = AVG 2013
"CCleaner" = CCleaner
"Cities of Earth 3D Screensaver_is1" = Cities of Earth 3D Screensaver v. 2.1
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FlowStone" = FlowStone FL 3.0
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.2.1012
"Mozilla Firefox 30.0 (x86 cs)" = Mozilla Firefox 30.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.55a
"MPE" = MyPhoneExplorer
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 12.16.1860" = Opera 12.16
"STATNOVAPDF_is1" = STATNOVAPDF (novaPDF 7.1 printer)
"The KMPlayer" = The KMPlayer (remove only)
"Windows 7 - Codec Pack" = Windows 7 Codec Pack 4.0.9
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2.2.2014 11:56:32 | Computer Name = lukas | Source = NvStreamSvc | ID = 131073
Description =

Error - 2.2.2014 11:56:32 | Computer Name = lukas | Source = NvStreamSvc | ID = 131073
Description =

Error - 2.2.2014 14:38:54 | Computer Name = lukas | Source = NvStreamSvc | ID = 131073
Description =

Error - 2.2.2014 14:38:54 | Computer Name = lukas | Source = NvStreamSvc | ID = 131073
Description =

Error - 2.2.2014 19:05:22 | Computer Name = lukas | Source = NvStreamSvc | ID = 131073
Description =

Error - 2.2.2014 19:05:22 | Computer Name = lukas | Source = NvStreamSvc | ID = 131073
Description =

Error - 3.2.2014 2:47:04 | Computer Name = lukas | Source = NvStreamSvc | ID = 131073
Description =

Error - 3.2.2014 2:47:04 | Computer Name = lukas | Source = NvStreamSvc | ID = 131073
Description =

Error - 3.2.2014 16:32:16 | Computer Name = lukas | Source = NvStreamSvc | ID = 131073
Description =

Error - 3.2.2014 16:32:16 | Computer Name = lukas | Source = NvStreamSvc | ID = 131073
Description =

[ OSession Events ]
Error - 24.3.2013 16:13:47 | Computer Name = lukas | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2754
seconds with 660 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 20.6.2014 4:44:07 | Computer Name = lukas | Source = Service Control Manager | ID = 7024
Description = Služba AVGIDSAgent ukončena s chybou %%-536753636, specifickou pro
službu.

Error - 20.6.2014 11:49:17 | Computer Name = lukas | Source = Service Control Manager | ID = 7024
Description = Služba AVGIDSAgent ukončena s chybou %%-536753636, specifickou pro
službu.

Error - 21.6.2014 9:16:21 | Computer Name = lukas | Source = Service Control Manager | ID = 7024
Description = Služba AVGIDSAgent ukončena s chybou %%-536753636, specifickou pro
službu.

Error - 21.6.2014 12:00:36 | Computer Name = lukas | Source = Service Control Manager | ID = 7024
Description = Služba AVGIDSAgent ukončena s chybou %%-536753636, specifickou pro
službu.

Error - 22.6.2014 1:27:52 | Computer Name = lukas | Source = Service Control Manager | ID = 7024
Description = Služba AVGIDSAgent ukončena s chybou %%-536753636, specifickou pro
službu.

Error - 22.6.2014 1:53:16 | Computer Name = lukas | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 22.6.2014 10:03:32 | Computer Name = lukas | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 22.6.2014 10:04:04 | Computer Name = lukas | Source = Service Control Manager | ID = 7043
Description = Služba AVGIDSAgent se po přijetí pokynu pro vypnutí neukončila správně.

Error - 22.6.2014 13:19:29 | Computer Name = lukas | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 23.6.2014 20:27:09 | Computer Name = lukas | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5


< End of report >
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: avg search

#11 Příspěvek od vyosek »

:arrow: Stahnete SytemLook http://jpshortstuff.247fixes.com/SystemLook.exe a ulozte jej na plochu
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    :filefind
*loader*.*
  • Kliknete na Look
  • Tlacitko Look se zmeni na Scanning a zsedne
  • Pockejte pokud se tlacitko Scanning opet nezmeni na Look - tak poznate ze SystemLook dokoncil svou praci
  • Vyskoci na Vas log s nazvem SystemLook (pripadne bude ulozen na plose), jeho obsah mi sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
luk4sp
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 04 led 2013 17:47

Re: avg search

#12 Příspěvek od luk4sp »

vyhodilo to "Runtime error" :(
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: avg search

#13 Příspěvek od vyosek »

:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
luk4sp
Návštěvník
Návštěvník
Příspěvky: 93
Registrován: 04 led 2013 17:47

Re: avg search

#14 Příspěvek od luk4sp »

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Ultimate x86
Ran by xxx on Łt 24.06.2014 at 14:33:29,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\driver robot.job"



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 24.06.2014 at 14:38:24,96
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a log z adw cleaneru

# AdwCleaner v3.213 - Report created 24/06/2014 at 14:43:33
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : xxx - LUKAS
# Running from : C:\Users\xxx\Desktop\adwcleaner_3.213.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Users\lp\AppData\Roaming\Mozilla\Firefox\Profiles\zipido39.default\prefs.js ]


[ File : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\l1frcy73.default-1403010640209\prefs.js ]


-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [7482 octets] - [14/06/2014 15:51:54]
AdwCleaner[R1].txt - [1135 octets] - [21/06/2014 17:57:23]
AdwCleaner[R2].txt - [1136 octets] - [22/06/2014 16:02:00]
AdwCleaner[R3].txt - [1254 octets] - [24/06/2014 14:40:56]
AdwCleaner[S0].txt - [7721 octets] - [14/06/2014 15:52:43]
AdwCleaner[S1].txt - [1199 octets] - [21/06/2014 17:58:22]
AdwCleaner[S2].txt - [1198 octets] - [22/06/2014 16:03:04]
AdwCleaner[S3].txt - [1176 octets] - [24/06/2014 14:43:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1236 octets] ##########
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: avg search

#15 Příspěvek od vyosek »

Jak se chova PC??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“