Dobrý den, při projíždění internetu mi vyskakuje stahovací okno s "otevíráte soubor: BBID-01-01519264616653105 což je:application/octet-stream (0 bajtů) z http://go.eu.bbelements.com" stává se to na všech stránkách na které najedu.
log je zde:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Mich-Much at 2017-01-01 20:56:20
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 4 GB (6%) free of 61 GB
Total RAM: 4094 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:56:27, on 1.1.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal
Running processes:
C:\Windows\vsnpstd3.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
D:\Programy\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
D:\WinFast WorkArea\ESETOnlineScanner_CSY.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Mich-Much.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Programy\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [StartCCC] "D:\Programy\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Mich-Much\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mich-Much\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Mich-Much\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mich-Much\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 2540 series.lnk = ?
O4 - Global Startup: CodecPackUpdateChecker.lnk = C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - D:\Programy\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: GeniusMouseService - Unknown owner - C:\Genius\ioCentre\GMouseService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - D:\Programy\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12447 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"D:\Programy\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\vsnpstd3.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Genius\ioCentre\GMouseService.exe
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 2540 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN3BG2BJ3405XK;CONNECTION=USB;MONITOR=1;
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"D:\Programy\PowerISO\PWRISOVM.EXE"
"C:\Genius\ioCentre\gTaskBar.exe"
"D:\Programy\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
WLIDSvcM.exe 3032
"D:\Programy\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Genius\ioCentre\gMouseTask
C:\Genius\ioCentre\gKbdTask
C:\Genius\ioCentre\gIoCentreFunMgm
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe"
"C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"D:\Programy\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-491b8075-a8d9-489c-b4af-a41177dd31c1 -SystemEventPortName:HostProcess-ce30cfc8-c109-47d8-8865-3781fda8af25 -IoCancelEventPortName:HostProcess-c90db01f-5e09-41fd-88ae-1f6ae307115c -NonStateChangingEventPortName:HostProcess-c7d6029c-4cd6-4b11-8386-f6f4f106dfae -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8a9d4242-485a-404f-babb-8a25b802f3d7 -DeviceGroupId:
"D:\WinFast WorkArea\ESETOnlineScanner_CSY.exe" EULA
"C:\Windows\system32\taskmgr.exe" /1
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe25_ Global\UsGthrCtrlFltPipeMssGthrPipe25 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"D:\WinFast WorkArea\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1823128570-3126352839-1645658126-1000Core.job - C:\Users\Mich-Much\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1823128570-3126352839-1645658126-1000UA.job - C:\Users\Mich-Much\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HP Photo Creations Communicator.job - C:\Users\Mich-Much\AppData\Roaming\HP Photo Creations\Communicator.exe --auto
=========Mozilla firefox=========
ProfilePath - C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles\l4ftsdsf.default-1456252396109
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.186 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=D:\Programy\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.186 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=D:\Programy\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=D:\Programy\VLC\npvlc.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13 81024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13 69760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-18 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16 4502400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-18 186944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-28 11101800]
"snpstd3"=C:\Windows\vsnpstd3.exe [2006-09-18 843776]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 2417032]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
""= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-02-12 8641240]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-17 221184]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Mich-Much\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"=C:\Windows\system32\cmd.exe [2010-11-20 345088]
"Uninstall C:\Users\Mich-Much\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"=C:\Windows\system32\cmd.exe [2010-11-20 345088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
D:\Hry\Electronic Arts\EADM\EADMUI.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Mich-Much\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp]
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2016-11-29 1407912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-17 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
D:\Programy\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyGarminAgent]
C:\Program Files (x86)\Garmin\MyGarminAgent\MyGarminAgent.exe [2010-03-16 337256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\Programy\QuickTime\QTTask.exe [2014-10-02 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2010-03-25 2924544]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"=D:\Programy\PowerISO\PWRISOVM.EXE [2010-04-12 180224]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2012-04-23 61440]
"Raptr"=C:\Program Files (x86)\Raptr\raptrstub.exe [2015-10-01 56080]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"StartCCC"=D:\Programy\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-07-28 767176]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]
"UnlockerAssistant"=C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
CodecPackUpdateChecker.lnk - C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
C:\Users\Mich-Much\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 2540 series.lnk - C:\Windows\system32\RunDll32.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-12-26 13:39:07 ----A---- C:\Windows\DIIUnin.dat
2016-12-26 13:39:06 ----A---- C:\Windows\DIIUnin.pif
2016-12-26 13:39:05 ----A---- C:\Windows\DIIUnin.exe
2016-12-15 17:15:11 ----A---- C:\Windows\system32\mshtml.dll
2016-12-15 17:15:09 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-12-15 17:15:07 ----A---- C:\Windows\system32\ieframe.dll
2016-12-15 17:15:05 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-12-15 17:15:04 ----A---- C:\Windows\system32\jscript9.dll
2016-12-15 17:15:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-12-15 17:15:03 ----A---- C:\Windows\system32\wininet.dll
2016-12-15 17:15:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-12-15 17:15:02 ----A---- C:\Windows\system32\win32k.sys
2016-12-15 17:15:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-12-15 17:15:01 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-12-15 17:15:01 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-12-15 17:15:01 ----A---- C:\Windows\system32\usp10.dll
2016-12-15 17:15:01 ----A---- C:\Windows\system32\user32.dll
2016-12-15 17:15:01 ----A---- C:\Windows\system32\msi.dll
2016-12-15 17:15:01 ----A---- C:\Windows\system32\iedkcs32.dll
2016-12-15 17:15:01 ----A---- C:\Windows\system32\drivers\cng.sys
2016-12-15 17:15:01 ----A---- C:\Windows\system32\clfs.sys
2016-12-15 17:15:01 ----A---- C:\Windows\system32\bcrypt.dll
2016-12-15 17:15:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-12-15 17:15:00 ----A---- C:\Windows\SYSWOW64\usp10.dll
2016-12-15 17:15:00 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-12-15 17:15:00 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-12-15 17:15:00 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-12-15 17:15:00 ----A---- C:\Windows\SYSWOW64\hlink.dll
2016-12-15 17:15:00 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-12-15 17:15:00 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-12-15 17:15:00 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2016-12-15 17:15:00 ----A---- C:\Windows\system32\vbscript.dll
2016-12-15 17:15:00 ----A---- C:\Windows\system32\urlmon.dll
2016-12-15 17:15:00 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-12-15 17:15:00 ----A---- C:\Windows\system32\msfeeds.dll
2016-12-15 17:15:00 ----A---- C:\Windows\system32\jscript.dll
2016-12-15 17:15:00 ----A---- C:\Windows\system32\iertutil.dll
2016-12-15 17:15:00 ----A---- C:\Windows\system32\hlink.dll
2016-12-15 17:15:00 ----A---- C:\Windows\system32\gdi32.dll
2016-12-15 17:15:00 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-12-15 17:15:00 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-12-15 17:15:00 ----A---- C:\Windows\system32\consent.exe
2016-12-15 17:15:00 ----A---- C:\Windows\system32\certcli.dll
2016-12-15 17:14:59 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-12-15 17:14:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-12-15 17:14:59 ----A---- C:\Windows\system32\rpcrt4.dll
2016-12-15 17:14:59 ----A---- C:\Windows\system32\msiexec.exe
2016-12-15 17:14:59 ----A---- C:\Windows\system32\ieapfltr.dll
2016-12-15 17:14:58 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-12-15 17:14:58 ----A---- C:\Windows\system32\ieui.dll
2016-12-15 17:14:58 ----A---- C:\Windows\system32\authui.dll
2016-12-15 17:14:57 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-12-15 17:14:57 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-12-15 17:14:57 ----A---- C:\Windows\system32\webcheck.dll
2016-12-15 17:14:57 ----A---- C:\Windows\system32\msihnd.dll
2016-12-15 17:14:57 ----A---- C:\Windows\system32\mshtmled.dll
2016-12-15 17:14:57 ----A---- C:\Windows\system32\lsasrv.dll
2016-12-15 17:14:57 ----A---- C:\Windows\system32\dxtrans.dll
2016-12-15 17:14:57 ----A---- C:\Windows\system32\dxtmsft.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-12-15 17:14:55 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-12-15 17:14:55 ----A---- C:\Windows\system32\wdigest.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\TSpkg.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\sspisrv.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\sspicli.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\schannel.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\secur32.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\rpchttp.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\occache.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\ncrypt.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\msv1_0.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-15 17:14:55 ----A---- C:\Windows\system32\msrating.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\lsass.exe
2016-12-15 17:14:55 ----A---- C:\Windows\system32\kerberos.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\jsproxy.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\jscript9diag.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\inseng.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\ieUnatt.exe
2016-12-15 17:14:55 ----A---- C:\Windows\system32\iesetup.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\iernonce.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-12-15 17:14:55 ----A---- C:\Windows\system32\ie4uinit.exe
2016-12-15 17:14:55 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-12-15 17:14:55 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-12-15 17:14:55 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-12-15 17:14:55 ----A---- C:\Windows\system32\cryptbase.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\credssp.dll
2016-12-15 17:14:55 ----A---- C:\Windows\system32\auditpol.exe
2016-12-15 17:14:55 ----A---- C:\Windows\system32\appinfo.dll
2016-12-15 17:14:54 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-12-15 17:14:54 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-12-15 17:14:54 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-12-15 17:14:54 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-12-15 17:14:54 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-12-15 17:14:54 ----A---- C:\Windows\system32\tzres.dll
2016-12-15 17:14:54 ----A---- C:\Windows\system32\msobjs.dll
2016-12-15 17:14:54 ----A---- C:\Windows\system32\msimsg.dll
2016-12-15 17:14:54 ----A---- C:\Windows\system32\msaudite.dll
2016-12-15 17:14:54 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-12-15 17:14:54 ----A---- C:\Windows\system32\adtschema.dll
2016-12-02 21:45:18 ----D---- C:\Users\Mich-Much\AppData\Roaming\MK10
======List of files/folders modified in the last 1 month======
2017-01-01 20:56:27 ----D---- C:\Windows\Temp
2017-01-01 20:56:27 ----D---- C:\Windows\Prefetch
2017-01-01 20:56:24 ----D---- C:\Program Files\trend micro
2017-01-01 19:14:59 ----SHD---- C:\Windows\Installer
2017-01-01 17:32:04 ----D---- C:\Windows\System32
2017-01-01 17:32:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-01-01 17:32:03 ----D---- C:\Windows\inf
2017-01-01 09:32:34 ----SHD---- C:\System Volume Information
2017-01-01 08:17:40 ----D---- C:\Windows\system32\config
2016-12-26 13:39:07 ----D---- C:\Windows
2016-12-23 09:37:24 ----D---- C:\Program Files (x86)\Opera
2016-12-23 09:37:23 ----D---- C:\Windows\system32\Tasks
2016-12-21 07:18:17 ----D---- C:\Windows\system32\catroot2
2016-12-17 13:13:30 ----RD---- C:\Program Files (x86)
2016-12-17 13:13:27 ----D---- C:\Windows\Tasks
2016-12-15 20:50:09 ----D---- C:\Windows\rescache
2016-12-15 20:20:05 ----D---- C:\Windows\Microsoft.NET
2016-12-15 20:18:10 ----RSD---- C:\Windows\assembly
2016-12-15 20:01:25 ----D---- C:\Windows\winsxs
2016-12-15 19:58:34 ----D---- C:\Windows\SYSWOW64\en-US
2016-12-15 19:58:34 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-12-15 19:58:34 ----D---- C:\Windows\SysWOW64
2016-12-15 19:58:34 ----D---- C:\Program Files\Internet Explorer
2016-12-15 19:58:34 ----D---- C:\Program Files (x86)\Internet Explorer
2016-12-15 19:58:33 ----D---- C:\Windows\system32\en-US
2016-12-15 19:58:33 ----D---- C:\Windows\system32\drivers
2016-12-15 19:58:33 ----D---- C:\Windows\system32\cs-CZ
2016-12-15 17:27:31 ----D---- C:\Windows\system32\MRT
2016-12-15 17:23:01 ----AC---- C:\Windows\system32\MRT.exe
2016-12-15 17:20:15 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-12-13 23:50:01 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-13 23:50:01 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-12-13 22:09:59 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-12-13 22:09:49 ----D---- C:\Windows\system32\Macromed
2016-12-13 22:09:44 ----D---- C:\Windows\SYSWOW64\Macromed
2016-12-11 18:43:14 ----D---- C:\Users\Mich-Much\AppData\Roaming\HP Photo Creations
2016-12-11 15:38:27 ----D---- C:\Program Files (x86)\MSECache
2016-12-02 07:39:44 ----D---- C:\ProgramData\Package Cache
2016-12-02 07:39:27 ----D---- C:\Program Files (x86)\Garmin
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-12-17 34472]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 91568]
R2 AODDriver4.3;AODDriver4.3; \??\D:\Programy\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-01-26 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-01-26 43680]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-07-29 21622784]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-07-29 665088]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-03-01 104976]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys [2011-10-26 25600]
R3 gMouUsb16;USB 16-bit Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb16.sys [2009-06-25 11776]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-28 2445672]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
R3 SNPSTD3;USB PC Camera (SNPSTD3); C:\Windows\system32\DRIVERS\snpstd3.sys [2007-04-03 10535040]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 36352]
R3 WFLR6654;WinFast DTV2000 H Plus (XC3028); C:\Windows\system32\drivers\wfeaglxt.sys [2009-10-21 474240]
R3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-10-27 36328]
S3 cpuz135;cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-09-19 102368]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 gMouPS2;PS2 Scroll Mouse Device; C:\Windows\system32\DRIVERS\gMouPS2.sys [2009-06-30 19968]
S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 Maplom;Maplom; C:\Windows\system32\drivers\Maplom.sys []
S3 MaplomL;MaplomL; C:\Windows\system32\drivers\MaplomL.sys []
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\Windows\system32\DRIVERS\PcaSp60.sys [2010-09-07 38912]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-05-24 253728]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-10-27 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-10-27 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-10-27 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-10-27 146920]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-09-19 203104]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 ULCDRHlp;ULCDRHlp; C:\Windows\System32\Drivers\ULCDRHlp.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-08-02 51712]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-07-29 246784]
R2 AMD FUEL Service;AMD FUEL Service; D:\Programy\ATI.ACE\Fuel\Fuel.Service.exe [2015-07-28 344064]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-09 55144]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GeniusMouseService;GeniusMouseService; C:\Genius\ioCentre\GMouseService.exe [2010-03-11 16384]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-03-11 75136]
R2 TomTomHOMEService;TomTomHOMEService; D:\Programy\TomTom HOME 2\TomTomHOMEService.exe [2015-07-13 93040]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-11-29 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-11-29 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13 270936]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-11-29 51384]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-05-27 654848]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
S3 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2016-11-29 1029648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-12 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-13 172488]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-14 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu, možný virus
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, možný virus
Zdravím!
Jak je na tom váš oper. systém s legalitou?
Jak je na tom váš oper. systém s legalitou?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, možný virus
No dle mého je legální, ale ruku do ohně bych za to nedal, pc mi skládal kamarád, aktualizace normálně instaluju a zatím jsem neměl problém
jo a ještě jsem si vzpoměl, že poslední věc co jsem dnes aktualizoval byl adobe shockwave player
jo a ještě jsem si vzpoměl, že poslední věc co jsem dnes aktualizoval byl adobe shockwave player
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, možný virus
OK. Udělejte tento sken:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
a klikněte na >Prohledat<. Dejte oba logy.CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, možný virus
OTL Extras logfile created on: 1.1.2017 23:26:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mich-Much\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18537)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 1,73 Gb Available Physical Memory | 43,35% Memory free
7,99 Gb Paging File | 5,73 Gb Available in Paging File | 71,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60,00 Gb Total Space | 3,76 Gb Free Space | 6,27% Space Free | Partition Type: NTFS
Drive D: | 871,41 Gb Total Space | 78,89 Gb Free Space | 9,05% Space Free | Partition Type: NTFS
Drive F: | 484,98 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 931,28 Gb Total Space | 758,60 Gb Free Space | 81,46% Space Free | Partition Type: FAT32
Computer Name: MICH-MUCH-PC | User Name: Mich-Much | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1823128570-3126352839-1645658126-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL" "%1"
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL" "%1"
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02B9F6DA-B060-4A7D-83BC-3E4CC63DAF48}" = rport=10243 | protocol=6 | dir=out | app=system |
"{10235847-FB44-4A2F-A49F-7C3D91BA4CBB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{1DEA847B-6762-418C-A7C3-C9914A7FEF09}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{209B14E6-F4DA-48A5-9DB4-505E5C09F8BF}" = rport=445 | protocol=6 | dir=out | app=system |
"{220D4210-F425-404F-B401-5C586954E658}" = lport=137 | protocol=17 | dir=in | app=system |
"{2761B76B-89B5-42EC-BAE1-73DF7E7DD521}" = rport=138 | protocol=17 | dir=out | app=system |
"{2A9FC3F4-2C41-44C2-BC82-C22ADEDEE568}" = lport=445 | protocol=6 | dir=in | app=system |
"{4ACD59A4-A9C2-4536-AE23-81680E635E96}" = lport=138 | protocol=17 | dir=in | app=system |
"{4ED92761-E3CE-4B63-B067-314BC9EFBA74}" = lport=7070 | protocol=6 | dir=in | name=screen task |
"{53C7655E-7211-4296-A01D-1E8FE45B8FF5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5707EA74-9814-4DDE-812B-72573C5BB622}" = rport=139 | protocol=6 | dir=out | app=system |
"{670FA5AA-9B94-456E-915E-DF96C736E37A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{69EC408A-3D20-4288-923B-3F0112B10171}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{72DAAF74-A1D8-4698-954A-8BB3697DF8DE}" = rport=137 | protocol=17 | dir=out | app=system |
"{738D2A75-39F0-4831-BA07-D0213E764F9A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8423A003-8A56-4135-9399-303AF8F2F1AC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{91175EFE-5EDF-4131-898C-ED9A6E9F015B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{A865EE30-2AAA-4A16-A9B7-60BAEAC856E5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A8905D9B-F733-4780-A1BA-A5322C0BF7E9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AD431DE8-2803-4FDD-8555-3FAF45AC6433}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B9EAC29E-F6DB-46C7-9DE4-10A301B057FC}" = lport=139 | protocol=6 | dir=in | app=system |
"{D42CBAC6-74CE-4912-B35B-54849B6402A3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D83453C9-B717-4E72-98B4-9BD3E356847D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DCE99948-25FD-4178-8918-1CE29E298B98}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{DDCF3758-7686-452E-93F2-C86D3A2B8A69}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E6857956-4F32-4D63-8917-90B0940CE537}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F3CAC88A-678E-46EB-8C55-C8D47104632C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FCDBBF49-4BDB-4695-9CE9-B4A5677EBC0F}" = lport=5357 | protocol=6 | dir=in | name=ws-eventing tcp port 5357 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A5D06A-5BBA-4D7C-953A-CE2338715849}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{01AC51E5-4B78-4F17-A1B5-67341BE5DFA9}" = protocol=6 | dir=in | app=c:\users\mich-much\appdata\local\temp\7zs3047\hpdiagnosticcoreui.exe |
"{09217383-9FFC-476B-B479-77086CCAF57F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0A7FED50-AC33-4473-A233-644480AED3E0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0BCC65E4-2683-40A5-A56A-FADF5191507C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{102FFFF7-68DC-4DF4-B9CE-46C5665BB2D9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{15290262-025B-4D6E-AEDC-132A2E133727}" = protocol=17 | dir=in | app=e:\routersetup\qiswizard.exe |
"{21ECB2C9-8785-4CA2-9321-FE918F93B069}" = protocol=6 | dir=in | app=d:\programy\utorrent\utorrent.exe |
"{235AEE6D-3368-410B-8F02-FB84E1C3E1D4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{28D72BD8-EB3D-4A0E-B0DD-722E1A33668A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2964F4BB-0E15-4CF9-B384-FF1720A62D91}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{2A6A3FC8-7747-4B79-BFB4-3B771D83D1D2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2EF380A4-85DF-4425-BCC3-902F71392299}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{2FCDFA1A-1075-4FE3-8B4A-3135608E7DD6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{30D9F773-58C5-41E3-9783-8B9A62FC449C}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{3238C52C-2EE2-46D8-8A51-2CFF097E4571}" = protocol=6 | dir=in | app=c:\users\mich-much\appdata\local\temp\7zs697b\hpdiagnosticcoreui.exe |
"{33B4F865-F96D-4227-BB4A-CBC3BD4A1EA3}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{3557D288-3A56-4DAC-B0A1-70AF7E7A287F}" = protocol=17 | dir=in | app=c:\users\mich-much\appdata\local\temp\7zs697b\hpdiagnosticcoreui.exe |
"{3B1AD697-E80F-4508-9977-BF9FC3E2B418}" = protocol=17 | dir=in | app=d:\winfast workarea\bulanci.exe |
"{3C77FE33-6CE4-4138-BD22-AFD2BFF352A0}" = protocol=17 | dir=in | app=c:\users\mich-much\appdata\local\temp\7zs69e4\hpdiagnosticcoreui.exe |
"{3CB9EE66-9FFC-492A-BECB-AA8BB333FAB6}" = protocol=17 | dir=in | app=c:\users\mich-much\appdata\local\temp\7zs3047\hpdiagnosticcoreui.exe |
"{3CF0043B-8A18-4A33-8B38-577225B92EB5}" = dir=in | app=c:\program files\hp\hp deskjet 2540 series\bin\hpnetworkcommunicatorcom.exe |
"{42123230-E2BC-44FF-91BA-E282FAF46815}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4533A7BB-8967-49E0-ACAD-03C290CABADA}" = protocol=6 | dir=in | app=e:\routersetup\qiswizard.exe |
"{47F75294-2AC0-46AC-863B-67036857D37A}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{48BE265E-1037-41C4-BA7A-3CC8A32F250B}" = protocol=17 | dir=in | app=d:\programy\utorrent\utorrent.exe |
"{4B650572-F5B9-48A8-9458-8B32405A38CA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4FA06290-0FB4-49DB-832D-A84E7177DDF5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{55641B4C-D098-4FD1-8FAA-8B9F1F78D644}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{563DE8FD-FDBD-48A1-B41D-6A3735439608}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5B8AC69B-1462-4E6D-88AB-CE1CB68E4159}" = protocol=17 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\rescue.exe |
"{5C5EAB3C-AFF0-468C-A5FE-0798EAEF10BE}" = protocol=6 | dir=in | app=d:\programy\utorrent\utorrent.exe |
"{5D15B3DD-3F8A-499A-9CBD-B86820A33615}" = protocol=6 | dir=out | app=system |
"{5DE2DF93-4264-463A-B7EA-CDB091C9EDEB}" = dir=in | app=c:\users\mich-much\appdata\local\microsoft\skydrive\skydrive.exe |
"{5F45E5D2-2860-4D83-A282-6F3540C7FBCB}" = protocol=17 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\qiswizard.exe |
"{6C62E858-CE98-4AF1-B84F-04F16758F7D0}" = protocol=6 | dir=in | app=d:\winfast workarea\bulanci.exe |
"{70FAD9B7-3C06-4DC2-8E60-A20E0CFDEC0E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{74BACFE4-EF9D-47C6-922F-36DA69267BA3}" = protocol=17 | dir=in | app=e:\routersetup\qiswizard.exe |
"{79331F4E-5C92-49C0-8B8B-831AEFCD42D0}" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{7C0ABBE2-8B1D-4830-841B-E02BB4027617}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{7E4152CD-1BE5-4FF7-876C-ABFE9194EC62}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{84C36651-D3F7-4642-8989-837822870D19}" = dir=in | app=c:\program files\hp\hp deskjet 2540 series\bin\devicesetup.exe |
"{8A5CD94E-35E9-409D-A83A-C28EB3BD313B}" = protocol=6 | dir=in | app=c:\users\mich-much\appdata\local\temp\7zs69e4\hpdiagnosticcoreui.exe |
"{8AE70809-33BC-4606-B86A-703CA61C0107}" = protocol=17 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\discovery.exe |
"{8E0E9F26-0478-4597-B8C0-D4344A5D5A50}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{94C68B15-9266-4D4F-955A-5675D9A4AC8B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{97E60516-9D97-4AF5-B450-F58924BA2A5C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9C0628EF-8A0F-4AED-8CC7-E4BAB86428AC}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{9C90FE02-F4F9-444C-B2E4-D997D70F9FC9}" = protocol=6 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\rescue.exe |
"{9CEC815C-8E52-4C35-9EF1-3BE30C3DDD4E}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{A3D7075B-97AF-4BEE-9140-E742D94FE1BA}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{A6B31639-086C-4D94-9C07-36CBDFC71CC6}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{A79BFB51-50D3-4B12-A111-A38EFD9B4CCB}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{AC38C4A3-7CCE-47A7-8BCD-D37ABC8D4CB9}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{AD76CB1E-48EB-42B4-A594-86DABD6E434A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AFCAA988-25E9-49C4-ADFD-27B304AEF731}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B82A466E-B2B9-4CA4-BB8D-AE9C2FC2A932}" = protocol=17 | dir=in | app=d:\programy\utorrent\utorrent.exe |
"{BB6EE07C-CA48-4554-92FB-487B6E6D257C}" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{C03292EB-A5C8-490F-80B1-9EC7BD5208F3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C581CC83-772E-4CAC-84A7-466FBDB0C282}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{CE2C0B6E-EE41-445E-B0B5-2EF4CE5B1CF8}" = protocol=6 | dir=in | app=c:\users\mich-much\appdata\local\temp\7zs34e6\hpdiagnosticcoreui.exe |
"{D3C54A28-8C6D-4D30-8D76-D236CFC1B667}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{DA33B29A-CD72-4F6E-B4AC-06FDBCCD80CC}" = protocol=17 | dir=in | app=c:\users\mich-much\appdata\local\temp\7zs34e6\hpdiagnosticcoreui.exe |
"{E12EEC4F-962E-4BDA-A092-121AF1C13D2C}" = dir=in | app=c:\users\mich-much\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{E1A48033-625D-4C61-8702-37CC68698748}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E4228EAE-9181-42E2-8554-822974C33ECD}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{E92ADBC3-A95E-4DBA-84B2-21064A536EBE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ED7763E3-A02C-4F78-A132-D63AB1288211}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{EEEFDEC0-58CC-493C-8F7C-072122061CD7}" = protocol=6 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\qiswizard.exe |
"{F400D410-3907-4408-B4A1-D3093C3E742F}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{F678162A-0F16-4870-8FC0-2B073EFE3D6F}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{F85341C6-7384-42CC-B8D2-B48B92D522C0}" = protocol=6 | dir=in | app=e:\routersetup\qiswizard.exe |
"{FB49477B-80C0-4728-8B6F-CABF047896F4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FF84BD1F-3619-4093-8A81-FD37DE1B0201}" = protocol=6 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\discovery.exe |
"TCP Query User{0DE03B0D-D5D6-4C68-B613-7218B7A44CF1}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"TCP Query User{37F69130-3B22-41E2-BB40-63B01AF3B125}D:\hry\heroes vi - complete edition\might & magic heroes vi.exe" = protocol=6 | dir=in | app=d:\hry\heroes vi - complete edition\might & magic heroes vi.exe |
"TCP Query User{49387B69-6ECF-4754-8316-155184B7EF6C}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{55B0AECF-D1A0-4FB2-AE31-999EE2D41814}F:\vls\vlsserver.exe" = protocol=6 | dir=in | app=f:\vls\vlsserver.exe |
"TCP Query User{5B3526B5-A40D-49CD-8F0F-DFC43EEA3E1F}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe |
"TCP Query User{6519E397-D9F2-4272-A1CE-7FEAA1C4D819}C:\users\mich-much\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\mich-much\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{6C3D07B4-8685-457C-9F32-815C47962010}D:\programy\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=d:\programy\atube catcher 2.0\yct.exe |
"TCP Query User{7AD04B89-7BCF-46AF-9CBC-C2CE05EFEAC3}D:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe" = protocol=6 | dir=in | app=d:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe |
"TCP Query User{7D66AC03-1285-4B25-9D41-2F7310E33AAA}D:\programy\asus\rt-n53 wireless router utilities\discovery.exe" = protocol=6 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\discovery.exe |
"TCP Query User{8A874AE1-A4D0-487A-A119-FFFC524EC47F}C:\program files\winfast\wfdtv\dvbtap.exe" = protocol=6 | dir=in | app=c:\program files\winfast\wfdtv\dvbtap.exe |
"TCP Query User{8BA3483C-B51F-4300-AD45-9FEDA8020A9C}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{96CF5E50-9BBA-470F-8B6C-2E3EC271BD84}D:\hry\aliens - colonial marines\binaries\win32\acm.exe" = protocol=6 | dir=in | app=d:\hry\aliens - colonial marines\binaries\win32\acm.exe |
"TCP Query User{9B4E671C-84A5-4F0A-B0A2-0CED421F3370}C:\program files (x86)\databox\server\nxserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\databox\server\nxserver.exe |
"TCP Query User{AE78B330-1963-460F-BEAB-1C4DFC187A5C}C:\users\mich-much\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\mich-much\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{B12FF775-A539-4F2F-963A-3D41CA851D45}D:\programy\bsplayer\bsplayer.exe" = protocol=6 | dir=in | app=d:\programy\bsplayer\bsplayer.exe |
"TCP Query User{B444E27B-2B79-41F4-BD80-1B879898B38F}C:\program files\winfast\wfdtv\liveupdate\liveupdate.exe" = protocol=6 | dir=in | app=c:\program files\winfast\wfdtv\liveupdate\liveupdate.exe |
"TCP Query User{B7205EFB-EFE6-48FF-8B1C-248A13649A64}D:\hry\doom\doomx64.exe" = protocol=6 | dir=in | app=d:\hry\doom\doomx64.exe |
"TCP Query User{C5CCC2F1-C35A-423C-9DD2-8AAFC4329EE2}C:\program files\java\jdk1.8.0\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.8.0\bin\java.exe |
"TCP Query User{D53FCB2C-F7FD-4CB6-A7D7-63F8C6A5497B}D:\programy\winamp\winamp.exe" = protocol=6 | dir=in | app=d:\programy\winamp\winamp.exe |
"TCP Query User{E692918F-0FA7-4F89-91A6-613F2917FEB8}D:\programy\asus\rt-n53 wireless router utilities\qiswizard.exe" = protocol=6 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\qiswizard.exe |
"TCP Query User{F438D2DA-E9C1-4627-809F-52F5E423C80B}D:\winfast workarea\bulanci.exe" = protocol=6 | dir=in | app=d:\winfast workarea\bulanci.exe |
"TCP Query User{F5083F5F-0479-42AD-93ED-89722A851F06}D:\hry\heroes of might and magic 2 gold\dosbox\dosbox.exe" = protocol=6 | dir=in | app=d:\hry\heroes of might and magic 2 gold\dosbox\dosbox.exe |
"UDP Query User{0732CE55-026F-4C5F-9946-825FD0DE14E4}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe |
"UDP Query User{0989F410-8367-4780-A658-687FCF43CEA4}D:\hry\aliens - colonial marines\binaries\win32\acm.exe" = protocol=17 | dir=in | app=d:\hry\aliens - colonial marines\binaries\win32\acm.exe |
"UDP Query User{32893F6B-91A6-41B0-9198-787E614EF911}D:\programy\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=d:\programy\atube catcher 2.0\yct.exe |
"UDP Query User{328A6DAB-E8AC-478D-9586-0F8694A7DD1A}C:\program files (x86)\databox\server\nxserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\databox\server\nxserver.exe |
"UDP Query User{3F49DC5A-622A-436B-A796-2D1877AC76D1}C:\program files\winfast\wfdtv\liveupdate\liveupdate.exe" = protocol=17 | dir=in | app=c:\program files\winfast\wfdtv\liveupdate\liveupdate.exe |
"UDP Query User{427121BF-0F04-41CB-8346-8ED6441A0A18}C:\program files\winfast\wfdtv\dvbtap.exe" = protocol=17 | dir=in | app=c:\program files\winfast\wfdtv\dvbtap.exe |
"UDP Query User{44FBC597-4797-4888-B48B-8C69C2B37F09}D:\hry\doom\doomx64.exe" = protocol=17 | dir=in | app=d:\hry\doom\doomx64.exe |
"UDP Query User{49AB8EB9-8652-4C4E-BB6F-55760281EA81}C:\program files\java\jdk1.8.0\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.8.0\bin\java.exe |
"UDP Query User{5078E70C-F0AD-443F-9760-F700E1491AF9}D:\hry\heroes of might and magic 2 gold\dosbox\dosbox.exe" = protocol=17 | dir=in | app=d:\hry\heroes of might and magic 2 gold\dosbox\dosbox.exe |
"UDP Query User{5E39C385-4D08-4E3B-A2F9-BE6D2365350B}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"UDP Query User{66B53797-99B8-425F-B017-C0379D1D8186}D:\programy\asus\rt-n53 wireless router utilities\discovery.exe" = protocol=17 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\discovery.exe |
"UDP Query User{736438DF-4567-4DD3-840F-DC080E21598E}D:\programy\asus\rt-n53 wireless router utilities\qiswizard.exe" = protocol=17 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\qiswizard.exe |
"UDP Query User{7F219D9A-A990-4910-9106-308337B5881E}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{83A5A4BC-8001-4992-8CC3-0BCD4AD082F3}C:\users\mich-much\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\mich-much\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{A1CCE051-74CF-40B8-958C-83944C39086F}D:\hry\heroes vi - complete edition\might & magic heroes vi.exe" = protocol=17 | dir=in | app=d:\hry\heroes vi - complete edition\might & magic heroes vi.exe |
"UDP Query User{A3CA320D-3C8B-4ED7-A636-172C353E52E8}F:\vls\vlsserver.exe" = protocol=17 | dir=in | app=f:\vls\vlsserver.exe |
"UDP Query User{A7661C46-1BD4-4AE1-B2A9-D8C408DEA139}D:\programy\winamp\winamp.exe" = protocol=17 | dir=in | app=d:\programy\winamp\winamp.exe |
"UDP Query User{B299E237-4C97-41DE-AFBD-18C70903BE34}D:\winfast workarea\bulanci.exe" = protocol=17 | dir=in | app=d:\winfast workarea\bulanci.exe |
"UDP Query User{B44E9DAA-DEA1-4BA4-B0ED-76F2AC6204F7}D:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe" = protocol=17 | dir=in | app=d:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe |
"UDP Query User{D5C32C63-C45A-43F2-95B3-6A2C62935968}D:\programy\bsplayer\bsplayer.exe" = protocol=17 | dir=in | app=d:\programy\bsplayer\bsplayer.exe |
"UDP Query User{F0D8D679-4D90-4757-9731-D273BF43B597}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{FD787AC6-974B-4301-A340-D229FBBDEA39}C:\users\mich-much\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\mich-much\appdata\roaming\utorrent\utorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A2E1907-D0DE-0D01-CA64-CB0AB0BFE539}" = AMD Wireless Display v3.0
"{11F6087F-2114-45B5-9EB3-F80E1368CBE9}" = ANT Drivers Installer x64
"{12D113E5-F491-4D29-A00D-E4AA61D76B94}" = Základní software zařízení HP Deskjet 2540 series
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2AA3C13E-0531-41B8-AE48-AE28C940A809}" = Microsoft Security Client
"{306B5793-9EE4-142B-B41A-A98DC9A126EA}" = ccc-utility64
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3C38CA01-7933-31E7-A1F6-EAA1DF9BEDF3}" = Microsoft .NET Framework 4.6.1 (CSY)
"{426582A8-202F-D13C-8BD5-F00551BAFC93}" = AMD Wireless Display v3.0
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{64A3A4F4-B792-11D6-A78A-00B0D0180000}" = Java SE Development Kit 8 (64-bit)
"{678F0819-823E-D737-3FD1-13EF6D9AE2EC}" = AMD Wireless Display v3.0
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F2415FA-72F2-F029-0450-4EB2FAE484C5}" = AMD Accelerated Video Transcoding
"{90AB246D-A0A0-29EA-199A-4B07841E0737}" = ATI AVIVO64 Codecs
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.6.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{A9C6CA47-D937-D61D-4BD3-7CFAB7A5BA56}" = ATI Problem Report Wizard
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B69A7CBA-9139-7ACB-7564-4CD5D8C36E26}" = AMD Drag and Drop Transcoding
"{B775540C-E635-B6CF-379F-87222AEC77C6}" = AMD Media Foundation Decoders
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}" = Microsoft .NET Framework 4.6.1
"{C0E67E9E-C2E3-90B8-018D-7F2131413255}" = AMD Fuel
"{C16CD4C0-48EE-0F40-C9FD-0778EAF73FBD}" = AMD Wireless Display v3.0
"{C270821D-2479-D0F4-1BD1-7BBAF6762A98}" = AMD Wireless Display v3.0
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D48FDC68-0C9D-4777-8A1A-DA043F32142F}" = Studie vylepšování produktu HP Deskjet 2540 series
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}" = AMD Steady Video Plug-In
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F37078EA-4B6A-1D6F-6FED-3EDF2117B42C}" = AMD Catalyst Install Manager
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"CCleaner" = CCleaner
"D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2" = Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
"F9D2A789F9CFF8CEC36B544F53877C80F1F73C46" = Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft Security Client" = Microsoft Security Essentials
"VLC media player" = VLC media player 2.1.1
"vsfilter64_is1" = DirectVobSub 2.41.6419 (64-bit)
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00bf033c-5ade-400f-a174-be74932eebc6}" = Garmin Express
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{01B3689E-1900-44F1-9B14-63F2121E51CB}" = Garmin Express Tray
"{02E43EC2-6B1C-45B5-9E48-941C3E1B204A}_is1" = System.Data.SQLite v1.0.74.0
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0539BDDF-F755-D9E5-01DD-C849A8FEAFBA}" = CCC Help Polish
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0EB34B70-2E9D-B532-7D6E-B0551F205A1E}" = Catalyst Control Center Localization All
"{11087D24-567D-7D88-69C6-D7A08B5F4C47}" = Catalyst Control Center - Branding
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15BFD731-A10E-43E9-9D18-0F682BC0480F}" = Photo Common
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{1ED30E90-D490-7F0C-1CEF-95385934E514}" = Catalyst Control Center InstallProxy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBA672C-E6EB-470F-8E81-A18AE1224CC5}" = Garmin City Navigator Europe NT 2016.20
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{26A24AE4-039D-4CA4-87B4-2F32180111F0}" = Java 8 Update 111
"{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}" = WinFast Codec-TS SDK
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2BC21CD2-8053-406A-80F6-9AB61717B49D}" = ODF Add-in for Microsoft Office
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{317F1B3D-6D11-845F-78A4-A7043709BE98}" = CCC Help Chinese Standard
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7
"{3D2CF65C-B544-4308-B996-700D3E5F6C4C}" = Movie Maker
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{5059FE9E-985A-5042-4E40-0599893F1BD4}" = CCC Help French
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{55B3618A-C140-9255-4A2E-DFDA4FA73079}" = CCC Help English
"{561F34EC-58FD-012E-97E9-FD602FE05793}" = CCC Help Danish
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{597AB871-BC7D-29EC-2DB5-F29C32FBD6A3}" = CCC Help Greek
"{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}" = TomTom HOME
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{637C66DF-2C30-92D5-FF70-4C6BF78A70B8}" = CCC Help Chinese Traditional
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7103ABDA-EB81-4F1D-BBCC-B76526BF4B5B}" = HP Deskjet 2540 series Nápověda
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73E80655-FB3C-46F4-BE00-62D248BC490A}" = Visual C++ 2008 Runtime (x64)
"{7646ABF9-134D-E4D4-6CAB-BDCC6C1B757E}" = CCC Help Korean
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7998A135-B567-5CBB-0C0A-D7095D9AD198}" = CCC Help Thai
"{7CD296DF-92C6-0AFA-2266-52D2E9E6F94A}" = CCC Help Czech
"{7CD40554-C923-6261-534B-B81F37519864}" = CCC Help Finnish
"{7D524964-6AB4-2712-5B65-80770A1C080F}" = CCC Help Hungarian
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80D7F879-2B6B-A962-7CDB-9D44EBF94179}" = CCC Help Japanese
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{868A261B-F138-F634-809D-FB055FBD64D7}" = CCC Help Dutch
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{88ED4B4B-737C-436A-1986-5C11DAE3AF58}" = CCC Help Portuguese
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DA5268F-0878-6946-18C5-AC119E909E45}" = CCC Help Norwegian
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F0BB165-C36E-4BC9-B810-3659F0C7A772}" = System Requirements Lab Detection
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Ultra Edition
"{92A70E71-4F0E-4C05-A777-16424E89F162}" = Garmin Communicator Plugin with myGarmin Agent
"{9334EE39-4008-DADF-312A-959732D2BA89}" = CCC Help Swedish
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{972315D0-3943-6BAB-CCC8-4B6E9F844390}" = CCC Help Turkish
"{985C8263-1741-404F-A884-DD9F52FE1ECD}" = ASUS RT-N53 Wireless Router Utilities
"{9A0E0340-C3D7-42D1-96D4-64179FD456AE}" = WinFast De-interlace SDK
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}" = Windows Live Essentials
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F405B46-9A78-F808-F993-A7F9F97B31A4}" = CCC Help Russian
"{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}" = Google Earth
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2B4621B-CEB9-4E44-95FD-3500D4DB3727}" = ioCentre
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A7DBE782-B905-4118-9553-C2A9499E6BF6}" = DJIA2540FWUpdateAlert
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-0804-1033-1959-001824205020}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF9848E2-5F19-4E49-9E6E-044FBDC28404}" = WinFast TT-SB SDK
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B5B56A67-A778-EC49-933C-A16ACDDB36AA}" = CCC Help German
"{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}" = HPDiagnosticAlert
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB05590A-6602-43F3-A400-77EA0976BC0A}" = TomTom HOME
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C3949029-D1B6-7C46-8924-D923632D25C6}" = CCC Help Italian
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{CA49099B-D84C-433C-9D94-B60A991BE323}" = Garmin Express
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CB875A37-DCFE-D05D-0D46-56FF566687F3}" = CCC Help Spanish
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E0516645-06DF-8FFD-5091-1EEAA4AD21D4}" = AMD Catalyst Control Center
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}" = Windows Live UX Platform Language Pack
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4612F14-2D8D-4A1A-B8F9-B4DEDA68473F}" = Elevated Installer
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7D65674-B75B-3E29-6857-C3F2CF44A9DC}" = Catalyst Control Center Graphics Previews Common
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = MSI Star Cam 370i
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F37D360D-9308-4BB1-8515-DC6B637B9486}" = Fotogalerie
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F6E1E870-A96B-4583-A467-4358E5A40BB4}_is1" = Deadpool version 1.0
"{F89CDED6-B1F1-489F-BA44-698BF6A737C2}" = System Requirements Lab
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 24 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 24 NPAPI
"Adobe Flash Player PPAPI" = Adobe Flash Player 24 PPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.2
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"AviSynth" = AviSynth
"Diablo II" = Diablo II
"E.M.Total Video Converter 3.20 3.20" = E.M.Total Video Converter 3.20 3.20
"Google Chrome" = Google Chrome
"Indeo® software" = Indeo® software
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.2.0 (Full)
"Mihov Picture Downloader" = Mihov Picture Downloader 1.4 (remove only)
"Mozilla Firefox 50.1.0 (x86 cs)" = Mozilla Firefox 50.1.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"Opera 42.0.2393.94" = Opera Stable 42.0.2393.94
"PowerISO" = PowerISO
"ProfiCAD_is1" = ProfiCAD 7.3.1
"Raptr" = Raptr
"Room Arranger" = Room Arranger
"Sim Aquarium 3_is1" = Sim Aquarium 3
"Total Video Converter 3.70_is1" = Total Video Converter 3.70 100621
"Unlocker" = Unlocker 1.9.1
"Uplay" = Uplay
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player
"Windows 7 - Codec Pack" = Windows 7 Codec Pack 4.0.9
"WinLiveSuite" = Windows Live Essentials
"ZonerCallisto5_CZ_is1" = Zoner Callisto 5 FREE
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1823128570-3126352839-1645658126-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"HP Photo Creations" = HP Photo Creations
"OneDriveSetup.exe" = Microsoft OneDrive
"Seznam Browser" = Prohlížeč Seznam.cz
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
"YourFileDownloader" = YourFileDownloader
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 18.11.2016 19:44:33 | Computer Name = Mich-Much-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro D:\WinFast WorkArea\esetsmartinstaller_csy.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error - 23.11.2016 17:03:16 | Computer Name = Mich-Much-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro D:\WinFast WorkArea\esetsmartinstaller_csy.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error - 2.12.2016 5:09:23 | Computer Name = Mich-Much-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Sim Aquarium 3.exe, verze: 1.0.0.1, časové
razítko: 0x549d7e31 Název chybujícího modulu: Sim Aquarium 3.exe, verze: 1.0.0.1,
časové razítko: 0x549d7e31 Kód výjimky: 0xc0000005 Posun chyby: 0x00070ffc ID chybujícího
procesu: 0x1600 Čas spuštění chybující aplikace: 0x01d24c7bc4f90043 Cesta k chybující
aplikaci: D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe Cesta k chybujícímu modulu:
D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe ID zprávy: 03eba7a8-b86f-11e6-bdec-1c6f65822d3f
Error - 2.12.2016 5:09:27 | Computer Name = Mich-Much-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Sim Aquarium 3.exe, verze: 1.0.0.1, časové
razítko: 0x549d7e31 Název chybujícího modulu: Sim Aquarium 3.exe, verze: 1.0.0.1,
časové razítko: 0x549d7e31 Kód výjimky: 0xc0000005 Posun chyby: 0x00070ffc ID chybujícího
procesu: 0x1b48 Čas spuštění chybující aplikace: 0x01d24c7bc8414603 Cesta k chybující
aplikaci: D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe Cesta k chybujícímu modulu:
D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe ID zprávy: 061d6c68-b86f-11e6-bdec-1c6f65822d3f
Error - 2.12.2016 14:37:36 | Computer Name = Mich-Much-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Sim Aquarium 3.exe, verze: 1.0.0.1, časové
razítko: 0x549d7e31 Název chybujícího modulu: Sim Aquarium 3.exe, verze: 1.0.0.1,
časové razítko: 0x549d7e31 Kód výjimky: 0xc0000005 Posun chyby: 0x00070ffc ID chybujícího
procesu: 0xba0 Čas spuštění chybující aplikace: 0x01d24ccb26930f00 Cesta k chybující
aplikaci: D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe Cesta k chybujícímu modulu:
D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe ID zprávy: 64dc12e3-b8be-11e6-bdec-1c6f65822d3f
Error - 2.12.2016 14:37:52 | Computer Name = Mich-Much-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Sim Aquarium 3.exe, verze: 1.0.0.1, časové
razítko: 0x549d7e31 Název chybujícího modulu: Sim Aquarium 3.exe, verze: 1.0.0.1,
časové razítko: 0x549d7e31 Kód výjimky: 0xc0000005 Posun chyby: 0x00070ffc ID chybujícího
procesu: 0x1994 Čas spuštění chybující aplikace: 0x01d24ccb302c797b Cesta k chybující
aplikaci: D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe Cesta k chybujícímu modulu:
D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe ID zprávy: 6e049178-b8be-11e6-bdec-1c6f65822d3f
Error - 2.12.2016 14:38:14 | Computer Name = Mich-Much-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Sim Aquarium 3.exe, verze: 1.0.0.1, časové
razítko: 0x549d7e31 Název chybujícího modulu: Sim Aquarium 3.exe, verze: 1.0.0.1,
časové razítko: 0x549d7e31 Kód výjimky: 0xc0000005 Posun chyby: 0x00070ffc ID chybujícího
procesu: 0x1b7c Čas spuštění chybující aplikace: 0x01d24ccb38555ea2 Cesta k chybující
aplikaci: D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe Cesta k chybujícímu modulu:
D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe ID zprávy: 7b93fd1c-b8be-11e6-bdec-1c6f65822d3f
Error - 2.12.2016 14:38:17 | Computer Name = Mich-Much-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Sim Aquarium 3.exe, verze: 1.0.0.1, časové
razítko: 0x549d7e31 Název chybujícího modulu: Sim Aquarium 3.exe, verze: 1.0.0.1,
časové razítko: 0x549d7e31 Kód výjimky: 0xc0000005 Posun chyby: 0x00070ffc ID chybujícího
procesu: 0x708 Čas spuštění chybující aplikace: 0x01d24ccb3f8d2980 Cesta k chybující
aplikaci: D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe Cesta k chybujícímu modulu:
D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe ID zprávy: 7d6b3502-b8be-11e6-bdec-1c6f65822d3f
Error - 23.12.2016 11:54:57 | Computer Name = Mich-Much-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro D:\WinFast WorkArea\esetsmartinstaller_csy.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error - 23.12.2016 15:18:01 | Computer Name = Mich-Much-PC | Source = Application Hang | ID = 1002
Description = Program chrome.exe verze 55.0.2883.87 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
10a8 Čas spuštění: 01d25d50558a298c Čas ukončení: 4 Cesta k aplikaci: C:\Program Files
(x86)\Google\Chrome\Application\chrome.exe ID hlášení: 80f40d36-c944-11e6-92f6-1c6f65822d3f
[ System Events ]
Error - 1.1.2017 15:51:17 | Computer Name = Mich-Much-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Users\MICH-M~1\AppData\Local\Temp\ehdrv.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 1.1.2017 15:51:17 | Computer Name = Mich-Much-PC | Source = Service Control Manager | ID = 7000
Description = Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
%%1275
Error - 1.1.2017 15:51:18 | Computer Name = Mich-Much-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Users\MICH-M~1\AppData\Local\Temp\ehdrv.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 1.1.2017 15:51:18 | Computer Name = Mich-Much-PC | Source = Service Control Manager | ID = 7000
Description = Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
%%1275
Error - 1.1.2017 15:51:18 | Computer Name = Mich-Much-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Users\MICH-M~1\AppData\Local\Temp\ehdrv.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 1.1.2017 15:51:18 | Computer Name = Mich-Much-PC | Source = Service Control Manager | ID = 7000
Description = Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
%%1275
Error - 1.1.2017 15:51:18 | Computer Name = Mich-Much-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Users\MICH-M~1\AppData\Local\Temp\ehdrv.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 1.1.2017 15:51:18 | Computer Name = Mich-Much-PC | Source = Service Control Manager | ID = 7000
Description = Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
%%1275
Error - 1.1.2017 15:51:19 | Computer Name = Mich-Much-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Users\MICH-M~1\AppData\Local\Temp\ehdrv.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 1.1.2017 15:51:19 | Computer Name = Mich-Much-PC | Source = Service Control Manager | ID = 7000
Description = Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
%%1275
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mich-Much\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18537)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 1,73 Gb Available Physical Memory | 43,35% Memory free
7,99 Gb Paging File | 5,73 Gb Available in Paging File | 71,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 60,00 Gb Total Space | 3,76 Gb Free Space | 6,27% Space Free | Partition Type: NTFS
Drive D: | 871,41 Gb Total Space | 78,89 Gb Free Space | 9,05% Space Free | Partition Type: NTFS
Drive F: | 484,98 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 931,28 Gb Total Space | 758,60 Gb Free Space | 81,46% Space Free | Partition Type: FAT32
Computer Name: MICH-MUCH-PC | User Name: Mich-Much | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1823128570-3126352839-1645658126-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL" "%1"
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL" "%1"
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02B9F6DA-B060-4A7D-83BC-3E4CC63DAF48}" = rport=10243 | protocol=6 | dir=out | app=system |
"{10235847-FB44-4A2F-A49F-7C3D91BA4CBB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{1DEA847B-6762-418C-A7C3-C9914A7FEF09}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{209B14E6-F4DA-48A5-9DB4-505E5C09F8BF}" = rport=445 | protocol=6 | dir=out | app=system |
"{220D4210-F425-404F-B401-5C586954E658}" = lport=137 | protocol=17 | dir=in | app=system |
"{2761B76B-89B5-42EC-BAE1-73DF7E7DD521}" = rport=138 | protocol=17 | dir=out | app=system |
"{2A9FC3F4-2C41-44C2-BC82-C22ADEDEE568}" = lport=445 | protocol=6 | dir=in | app=system |
"{4ACD59A4-A9C2-4536-AE23-81680E635E96}" = lport=138 | protocol=17 | dir=in | app=system |
"{4ED92761-E3CE-4B63-B067-314BC9EFBA74}" = lport=7070 | protocol=6 | dir=in | name=screen task |
"{53C7655E-7211-4296-A01D-1E8FE45B8FF5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5707EA74-9814-4DDE-812B-72573C5BB622}" = rport=139 | protocol=6 | dir=out | app=system |
"{670FA5AA-9B94-456E-915E-DF96C736E37A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{69EC408A-3D20-4288-923B-3F0112B10171}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{72DAAF74-A1D8-4698-954A-8BB3697DF8DE}" = rport=137 | protocol=17 | dir=out | app=system |
"{738D2A75-39F0-4831-BA07-D0213E764F9A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8423A003-8A56-4135-9399-303AF8F2F1AC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{91175EFE-5EDF-4131-898C-ED9A6E9F015B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{A865EE30-2AAA-4A16-A9B7-60BAEAC856E5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A8905D9B-F733-4780-A1BA-A5322C0BF7E9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AD431DE8-2803-4FDD-8555-3FAF45AC6433}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B9EAC29E-F6DB-46C7-9DE4-10A301B057FC}" = lport=139 | protocol=6 | dir=in | app=system |
"{D42CBAC6-74CE-4912-B35B-54849B6402A3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D83453C9-B717-4E72-98B4-9BD3E356847D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DCE99948-25FD-4178-8918-1CE29E298B98}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{DDCF3758-7686-452E-93F2-C86D3A2B8A69}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E6857956-4F32-4D63-8917-90B0940CE537}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F3CAC88A-678E-46EB-8C55-C8D47104632C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FCDBBF49-4BDB-4695-9CE9-B4A5677EBC0F}" = lport=5357 | protocol=6 | dir=in | name=ws-eventing tcp port 5357 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A5D06A-5BBA-4D7C-953A-CE2338715849}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{01AC51E5-4B78-4F17-A1B5-67341BE5DFA9}" = protocol=6 | dir=in | app=c:\users\mich-much\appdata\local\temp\7zs3047\hpdiagnosticcoreui.exe |
"{09217383-9FFC-476B-B479-77086CCAF57F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0A7FED50-AC33-4473-A233-644480AED3E0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0BCC65E4-2683-40A5-A56A-FADF5191507C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{102FFFF7-68DC-4DF4-B9CE-46C5665BB2D9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{15290262-025B-4D6E-AEDC-132A2E133727}" = protocol=17 | dir=in | app=e:\routersetup\qiswizard.exe |
"{21ECB2C9-8785-4CA2-9321-FE918F93B069}" = protocol=6 | dir=in | app=d:\programy\utorrent\utorrent.exe |
"{235AEE6D-3368-410B-8F02-FB84E1C3E1D4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{28D72BD8-EB3D-4A0E-B0DD-722E1A33668A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2964F4BB-0E15-4CF9-B384-FF1720A62D91}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{2A6A3FC8-7747-4B79-BFB4-3B771D83D1D2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2EF380A4-85DF-4425-BCC3-902F71392299}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{2FCDFA1A-1075-4FE3-8B4A-3135608E7DD6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{30D9F773-58C5-41E3-9783-8B9A62FC449C}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{3238C52C-2EE2-46D8-8A51-2CFF097E4571}" = protocol=6 | dir=in | app=c:\users\mich-much\appdata\local\temp\7zs697b\hpdiagnosticcoreui.exe |
"{33B4F865-F96D-4227-BB4A-CBC3BD4A1EA3}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{3557D288-3A56-4DAC-B0A1-70AF7E7A287F}" = protocol=17 | dir=in | app=c:\users\mich-much\appdata\local\temp\7zs697b\hpdiagnosticcoreui.exe |
"{3B1AD697-E80F-4508-9977-BF9FC3E2B418}" = protocol=17 | dir=in | app=d:\winfast workarea\bulanci.exe |
"{3C77FE33-6CE4-4138-BD22-AFD2BFF352A0}" = protocol=17 | dir=in | app=c:\users\mich-much\appdata\local\temp\7zs69e4\hpdiagnosticcoreui.exe |
"{3CB9EE66-9FFC-492A-BECB-AA8BB333FAB6}" = protocol=17 | dir=in | app=c:\users\mich-much\appdata\local\temp\7zs3047\hpdiagnosticcoreui.exe |
"{3CF0043B-8A18-4A33-8B38-577225B92EB5}" = dir=in | app=c:\program files\hp\hp deskjet 2540 series\bin\hpnetworkcommunicatorcom.exe |
"{42123230-E2BC-44FF-91BA-E282FAF46815}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4533A7BB-8967-49E0-ACAD-03C290CABADA}" = protocol=6 | dir=in | app=e:\routersetup\qiswizard.exe |
"{47F75294-2AC0-46AC-863B-67036857D37A}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{48BE265E-1037-41C4-BA7A-3CC8A32F250B}" = protocol=17 | dir=in | app=d:\programy\utorrent\utorrent.exe |
"{4B650572-F5B9-48A8-9458-8B32405A38CA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4FA06290-0FB4-49DB-832D-A84E7177DDF5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{55641B4C-D098-4FD1-8FAA-8B9F1F78D644}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{563DE8FD-FDBD-48A1-B41D-6A3735439608}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5B8AC69B-1462-4E6D-88AB-CE1CB68E4159}" = protocol=17 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\rescue.exe |
"{5C5EAB3C-AFF0-468C-A5FE-0798EAEF10BE}" = protocol=6 | dir=in | app=d:\programy\utorrent\utorrent.exe |
"{5D15B3DD-3F8A-499A-9CBD-B86820A33615}" = protocol=6 | dir=out | app=system |
"{5DE2DF93-4264-463A-B7EA-CDB091C9EDEB}" = dir=in | app=c:\users\mich-much\appdata\local\microsoft\skydrive\skydrive.exe |
"{5F45E5D2-2860-4D83-A282-6F3540C7FBCB}" = protocol=17 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\qiswizard.exe |
"{6C62E858-CE98-4AF1-B84F-04F16758F7D0}" = protocol=6 | dir=in | app=d:\winfast workarea\bulanci.exe |
"{70FAD9B7-3C06-4DC2-8E60-A20E0CFDEC0E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{74BACFE4-EF9D-47C6-922F-36DA69267BA3}" = protocol=17 | dir=in | app=e:\routersetup\qiswizard.exe |
"{79331F4E-5C92-49C0-8B8B-831AEFCD42D0}" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{7C0ABBE2-8B1D-4830-841B-E02BB4027617}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{7E4152CD-1BE5-4FF7-876C-ABFE9194EC62}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{84C36651-D3F7-4642-8989-837822870D19}" = dir=in | app=c:\program files\hp\hp deskjet 2540 series\bin\devicesetup.exe |
"{8A5CD94E-35E9-409D-A83A-C28EB3BD313B}" = protocol=6 | dir=in | app=c:\users\mich-much\appdata\local\temp\7zs69e4\hpdiagnosticcoreui.exe |
"{8AE70809-33BC-4606-B86A-703CA61C0107}" = protocol=17 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\discovery.exe |
"{8E0E9F26-0478-4597-B8C0-D4344A5D5A50}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{94C68B15-9266-4D4F-955A-5675D9A4AC8B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{97E60516-9D97-4AF5-B450-F58924BA2A5C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9C0628EF-8A0F-4AED-8CC7-E4BAB86428AC}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{9C90FE02-F4F9-444C-B2E4-D997D70F9FC9}" = protocol=6 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\rescue.exe |
"{9CEC815C-8E52-4C35-9EF1-3BE30C3DDD4E}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{A3D7075B-97AF-4BEE-9140-E742D94FE1BA}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{A6B31639-086C-4D94-9C07-36CBDFC71CC6}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{A79BFB51-50D3-4B12-A111-A38EFD9B4CCB}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{AC38C4A3-7CCE-47A7-8BCD-D37ABC8D4CB9}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{AD76CB1E-48EB-42B4-A594-86DABD6E434A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AFCAA988-25E9-49C4-ADFD-27B304AEF731}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B82A466E-B2B9-4CA4-BB8D-AE9C2FC2A932}" = protocol=17 | dir=in | app=d:\programy\utorrent\utorrent.exe |
"{BB6EE07C-CA48-4554-92FB-487B6E6D257C}" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"{C03292EB-A5C8-490F-80B1-9EC7BD5208F3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C581CC83-772E-4CAC-84A7-466FBDB0C282}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{CE2C0B6E-EE41-445E-B0B5-2EF4CE5B1CF8}" = protocol=6 | dir=in | app=c:\users\mich-much\appdata\local\temp\7zs34e6\hpdiagnosticcoreui.exe |
"{D3C54A28-8C6D-4D30-8D76-D236CFC1B667}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{DA33B29A-CD72-4F6E-B4AC-06FDBCCD80CC}" = protocol=17 | dir=in | app=c:\users\mich-much\appdata\local\temp\7zs34e6\hpdiagnosticcoreui.exe |
"{E12EEC4F-962E-4BDA-A092-121AF1C13D2C}" = dir=in | app=c:\users\mich-much\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{E1A48033-625D-4C61-8702-37CC68698748}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E4228EAE-9181-42E2-8554-822974C33ECD}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{E92ADBC3-A95E-4DBA-84B2-21064A536EBE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ED7763E3-A02C-4F78-A132-D63AB1288211}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{EEEFDEC0-58CC-493C-8F7C-072122061CD7}" = protocol=6 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\qiswizard.exe |
"{F400D410-3907-4408-B4A1-D3093C3E742F}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{F678162A-0F16-4870-8FC0-2B073EFE3D6F}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{F85341C6-7384-42CC-B8D2-B48B92D522C0}" = protocol=6 | dir=in | app=e:\routersetup\qiswizard.exe |
"{FB49477B-80C0-4728-8B6F-CABF047896F4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FF84BD1F-3619-4093-8A81-FD37DE1B0201}" = protocol=6 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\discovery.exe |
"TCP Query User{0DE03B0D-D5D6-4C68-B613-7218B7A44CF1}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"TCP Query User{37F69130-3B22-41E2-BB40-63B01AF3B125}D:\hry\heroes vi - complete edition\might & magic heroes vi.exe" = protocol=6 | dir=in | app=d:\hry\heroes vi - complete edition\might & magic heroes vi.exe |
"TCP Query User{49387B69-6ECF-4754-8316-155184B7EF6C}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{55B0AECF-D1A0-4FB2-AE31-999EE2D41814}F:\vls\vlsserver.exe" = protocol=6 | dir=in | app=f:\vls\vlsserver.exe |
"TCP Query User{5B3526B5-A40D-49CD-8F0F-DFC43EEA3E1F}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe |
"TCP Query User{6519E397-D9F2-4272-A1CE-7FEAA1C4D819}C:\users\mich-much\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\mich-much\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{6C3D07B4-8685-457C-9F32-815C47962010}D:\programy\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=d:\programy\atube catcher 2.0\yct.exe |
"TCP Query User{7AD04B89-7BCF-46AF-9CBC-C2CE05EFEAC3}D:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe" = protocol=6 | dir=in | app=d:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe |
"TCP Query User{7D66AC03-1285-4B25-9D41-2F7310E33AAA}D:\programy\asus\rt-n53 wireless router utilities\discovery.exe" = protocol=6 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\discovery.exe |
"TCP Query User{8A874AE1-A4D0-487A-A119-FFFC524EC47F}C:\program files\winfast\wfdtv\dvbtap.exe" = protocol=6 | dir=in | app=c:\program files\winfast\wfdtv\dvbtap.exe |
"TCP Query User{8BA3483C-B51F-4300-AD45-9FEDA8020A9C}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{96CF5E50-9BBA-470F-8B6C-2E3EC271BD84}D:\hry\aliens - colonial marines\binaries\win32\acm.exe" = protocol=6 | dir=in | app=d:\hry\aliens - colonial marines\binaries\win32\acm.exe |
"TCP Query User{9B4E671C-84A5-4F0A-B0A2-0CED421F3370}C:\program files (x86)\databox\server\nxserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\databox\server\nxserver.exe |
"TCP Query User{AE78B330-1963-460F-BEAB-1C4DFC187A5C}C:\users\mich-much\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\mich-much\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{B12FF775-A539-4F2F-963A-3D41CA851D45}D:\programy\bsplayer\bsplayer.exe" = protocol=6 | dir=in | app=d:\programy\bsplayer\bsplayer.exe |
"TCP Query User{B444E27B-2B79-41F4-BD80-1B879898B38F}C:\program files\winfast\wfdtv\liveupdate\liveupdate.exe" = protocol=6 | dir=in | app=c:\program files\winfast\wfdtv\liveupdate\liveupdate.exe |
"TCP Query User{B7205EFB-EFE6-48FF-8B1C-248A13649A64}D:\hry\doom\doomx64.exe" = protocol=6 | dir=in | app=d:\hry\doom\doomx64.exe |
"TCP Query User{C5CCC2F1-C35A-423C-9DD2-8AAFC4329EE2}C:\program files\java\jdk1.8.0\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.8.0\bin\java.exe |
"TCP Query User{D53FCB2C-F7FD-4CB6-A7D7-63F8C6A5497B}D:\programy\winamp\winamp.exe" = protocol=6 | dir=in | app=d:\programy\winamp\winamp.exe |
"TCP Query User{E692918F-0FA7-4F89-91A6-613F2917FEB8}D:\programy\asus\rt-n53 wireless router utilities\qiswizard.exe" = protocol=6 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\qiswizard.exe |
"TCP Query User{F438D2DA-E9C1-4627-809F-52F5E423C80B}D:\winfast workarea\bulanci.exe" = protocol=6 | dir=in | app=d:\winfast workarea\bulanci.exe |
"TCP Query User{F5083F5F-0479-42AD-93ED-89722A851F06}D:\hry\heroes of might and magic 2 gold\dosbox\dosbox.exe" = protocol=6 | dir=in | app=d:\hry\heroes of might and magic 2 gold\dosbox\dosbox.exe |
"UDP Query User{0732CE55-026F-4C5F-9946-825FD0DE14E4}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe |
"UDP Query User{0989F410-8367-4780-A658-687FCF43CEA4}D:\hry\aliens - colonial marines\binaries\win32\acm.exe" = protocol=17 | dir=in | app=d:\hry\aliens - colonial marines\binaries\win32\acm.exe |
"UDP Query User{32893F6B-91A6-41B0-9198-787E614EF911}D:\programy\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=d:\programy\atube catcher 2.0\yct.exe |
"UDP Query User{328A6DAB-E8AC-478D-9586-0F8694A7DD1A}C:\program files (x86)\databox\server\nxserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\databox\server\nxserver.exe |
"UDP Query User{3F49DC5A-622A-436B-A796-2D1877AC76D1}C:\program files\winfast\wfdtv\liveupdate\liveupdate.exe" = protocol=17 | dir=in | app=c:\program files\winfast\wfdtv\liveupdate\liveupdate.exe |
"UDP Query User{427121BF-0F04-41CB-8346-8ED6441A0A18}C:\program files\winfast\wfdtv\dvbtap.exe" = protocol=17 | dir=in | app=c:\program files\winfast\wfdtv\dvbtap.exe |
"UDP Query User{44FBC597-4797-4888-B48B-8C69C2B37F09}D:\hry\doom\doomx64.exe" = protocol=17 | dir=in | app=d:\hry\doom\doomx64.exe |
"UDP Query User{49AB8EB9-8652-4C4E-BB6F-55760281EA81}C:\program files\java\jdk1.8.0\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.8.0\bin\java.exe |
"UDP Query User{5078E70C-F0AD-443F-9760-F700E1491AF9}D:\hry\heroes of might and magic 2 gold\dosbox\dosbox.exe" = protocol=17 | dir=in | app=d:\hry\heroes of might and magic 2 gold\dosbox\dosbox.exe |
"UDP Query User{5E39C385-4D08-4E3B-A2F9-BE6D2365350B}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"UDP Query User{66B53797-99B8-425F-B017-C0379D1D8186}D:\programy\asus\rt-n53 wireless router utilities\discovery.exe" = protocol=17 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\discovery.exe |
"UDP Query User{736438DF-4567-4DD3-840F-DC080E21598E}D:\programy\asus\rt-n53 wireless router utilities\qiswizard.exe" = protocol=17 | dir=in | app=d:\programy\asus\rt-n53 wireless router utilities\qiswizard.exe |
"UDP Query User{7F219D9A-A990-4910-9106-308337B5881E}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{83A5A4BC-8001-4992-8CC3-0BCD4AD082F3}C:\users\mich-much\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\mich-much\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{A1CCE051-74CF-40B8-958C-83944C39086F}D:\hry\heroes vi - complete edition\might & magic heroes vi.exe" = protocol=17 | dir=in | app=d:\hry\heroes vi - complete edition\might & magic heroes vi.exe |
"UDP Query User{A3CA320D-3C8B-4ED7-A636-172C353E52E8}F:\vls\vlsserver.exe" = protocol=17 | dir=in | app=f:\vls\vlsserver.exe |
"UDP Query User{A7661C46-1BD4-4AE1-B2A9-D8C408DEA139}D:\programy\winamp\winamp.exe" = protocol=17 | dir=in | app=d:\programy\winamp\winamp.exe |
"UDP Query User{B299E237-4C97-41DE-AFBD-18C70903BE34}D:\winfast workarea\bulanci.exe" = protocol=17 | dir=in | app=d:\winfast workarea\bulanci.exe |
"UDP Query User{B44E9DAA-DEA1-4BA4-B0ED-76F2AC6204F7}D:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe" = protocol=17 | dir=in | app=d:\hry\mortal kombat komplete edition\disccontentpc\mkke.exe |
"UDP Query User{D5C32C63-C45A-43F2-95B3-6A2C62935968}D:\programy\bsplayer\bsplayer.exe" = protocol=17 | dir=in | app=d:\programy\bsplayer\bsplayer.exe |
"UDP Query User{F0D8D679-4D90-4757-9731-D273BF43B597}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{FD787AC6-974B-4301-A340-D229FBBDEA39}C:\users\mich-much\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\mich-much\appdata\roaming\utorrent\utorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A2E1907-D0DE-0D01-CA64-CB0AB0BFE539}" = AMD Wireless Display v3.0
"{11F6087F-2114-45B5-9EB3-F80E1368CBE9}" = ANT Drivers Installer x64
"{12D113E5-F491-4D29-A00D-E4AA61D76B94}" = Základní software zařízení HP Deskjet 2540 series
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2AA3C13E-0531-41B8-AE48-AE28C940A809}" = Microsoft Security Client
"{306B5793-9EE4-142B-B41A-A98DC9A126EA}" = ccc-utility64
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3C38CA01-7933-31E7-A1F6-EAA1DF9BEDF3}" = Microsoft .NET Framework 4.6.1 (CSY)
"{426582A8-202F-D13C-8BD5-F00551BAFC93}" = AMD Wireless Display v3.0
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{64A3A4F4-B792-11D6-A78A-00B0D0180000}" = Java SE Development Kit 8 (64-bit)
"{678F0819-823E-D737-3FD1-13EF6D9AE2EC}" = AMD Wireless Display v3.0
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F2415FA-72F2-F029-0450-4EB2FAE484C5}" = AMD Accelerated Video Transcoding
"{90AB246D-A0A0-29EA-199A-4B07841E0737}" = ATI AVIVO64 Codecs
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.6.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{A9C6CA47-D937-D61D-4BD3-7CFAB7A5BA56}" = ATI Problem Report Wizard
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B69A7CBA-9139-7ACB-7564-4CD5D8C36E26}" = AMD Drag and Drop Transcoding
"{B775540C-E635-B6CF-379F-87222AEC77C6}" = AMD Media Foundation Decoders
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}" = Microsoft .NET Framework 4.6.1
"{C0E67E9E-C2E3-90B8-018D-7F2131413255}" = AMD Fuel
"{C16CD4C0-48EE-0F40-C9FD-0778EAF73FBD}" = AMD Wireless Display v3.0
"{C270821D-2479-D0F4-1BD1-7BBAF6762A98}" = AMD Wireless Display v3.0
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D48FDC68-0C9D-4777-8A1A-DA043F32142F}" = Studie vylepšování produktu HP Deskjet 2540 series
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA2737A4-B639-96F4-1CC2-30D2919EE1FB}" = AMD Steady Video Plug-In
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F37078EA-4B6A-1D6F-6FED-3EDF2117B42C}" = AMD Catalyst Install Manager
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"CCleaner" = CCleaner
"D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2" = Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
"F9D2A789F9CFF8CEC36B544F53877C80F1F73C46" = Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft Security Client" = Microsoft Security Essentials
"VLC media player" = VLC media player 2.1.1
"vsfilter64_is1" = DirectVobSub 2.41.6419 (64-bit)
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00bf033c-5ade-400f-a174-be74932eebc6}" = Garmin Express
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{01B3689E-1900-44F1-9B14-63F2121E51CB}" = Garmin Express Tray
"{02E43EC2-6B1C-45B5-9E48-941C3E1B204A}_is1" = System.Data.SQLite v1.0.74.0
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0539BDDF-F755-D9E5-01DD-C849A8FEAFBA}" = CCC Help Polish
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{07D77970-B205-460C-84E4-263F30455597}" = Nokia Ovi Suite
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0EB34B70-2E9D-B532-7D6E-B0551F205A1E}" = Catalyst Control Center Localization All
"{11087D24-567D-7D88-69C6-D7A08B5F4C47}" = Catalyst Control Center - Branding
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15BFD731-A10E-43E9-9D18-0F682BC0480F}" = Photo Common
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{1ED30E90-D490-7F0C-1CEF-95385934E514}" = Catalyst Control Center InstallProxy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBA672C-E6EB-470F-8E81-A18AE1224CC5}" = Garmin City Navigator Europe NT 2016.20
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{26A24AE4-039D-4CA4-87B4-2F32180111F0}" = Java 8 Update 111
"{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}" = WinFast Codec-TS SDK
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2BC21CD2-8053-406A-80F6-9AB61717B49D}" = ODF Add-in for Microsoft Office
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{317F1B3D-6D11-845F-78A4-A7043709BE98}" = CCC Help Chinese Standard
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7
"{3D2CF65C-B544-4308-B996-700D3E5F6C4C}" = Movie Maker
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{5059FE9E-985A-5042-4E40-0599893F1BD4}" = CCC Help French
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{55B3618A-C140-9255-4A2E-DFDA4FA73079}" = CCC Help English
"{561F34EC-58FD-012E-97E9-FD602FE05793}" = CCC Help Danish
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{597AB871-BC7D-29EC-2DB5-F29C32FBD6A3}" = CCC Help Greek
"{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}" = TomTom HOME
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{637C66DF-2C30-92D5-FF70-4C6BF78A70B8}" = CCC Help Chinese Traditional
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7103ABDA-EB81-4F1D-BBCC-B76526BF4B5B}" = HP Deskjet 2540 series Nápověda
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73E80655-FB3C-46F4-BE00-62D248BC490A}" = Visual C++ 2008 Runtime (x64)
"{7646ABF9-134D-E4D4-6CAB-BDCC6C1B757E}" = CCC Help Korean
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7998A135-B567-5CBB-0C0A-D7095D9AD198}" = CCC Help Thai
"{7CD296DF-92C6-0AFA-2266-52D2E9E6F94A}" = CCC Help Czech
"{7CD40554-C923-6261-534B-B81F37519864}" = CCC Help Finnish
"{7D524964-6AB4-2712-5B65-80770A1C080F}" = CCC Help Hungarian
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80D7F879-2B6B-A962-7CDB-9D44EBF94179}" = CCC Help Japanese
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{868A261B-F138-F634-809D-FB055FBD64D7}" = CCC Help Dutch
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{88ED4B4B-737C-436A-1986-5C11DAE3AF58}" = CCC Help Portuguese
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DA5268F-0878-6946-18C5-AC119E909E45}" = CCC Help Norwegian
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F0BB165-C36E-4BC9-B810-3659F0C7A772}" = System Requirements Lab Detection
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Ultra Edition
"{92A70E71-4F0E-4C05-A777-16424E89F162}" = Garmin Communicator Plugin with myGarmin Agent
"{9334EE39-4008-DADF-312A-959732D2BA89}" = CCC Help Swedish
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{972315D0-3943-6BAB-CCC8-4B6E9F844390}" = CCC Help Turkish
"{985C8263-1741-404F-A884-DD9F52FE1ECD}" = ASUS RT-N53 Wireless Router Utilities
"{9A0E0340-C3D7-42D1-96D4-64179FD456AE}" = WinFast De-interlace SDK
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}" = Windows Live Essentials
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F405B46-9A78-F808-F993-A7F9F97B31A4}" = CCC Help Russian
"{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}" = Google Earth
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2B4621B-CEB9-4E44-95FD-3500D4DB3727}" = ioCentre
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A7DBE782-B905-4118-9553-C2A9499E6BF6}" = DJIA2540FWUpdateAlert
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-0804-1033-1959-001824205020}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF9848E2-5F19-4E49-9E6E-044FBDC28404}" = WinFast TT-SB SDK
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B5B56A67-A778-EC49-933C-A16ACDDB36AA}" = CCC Help German
"{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}" = HPDiagnosticAlert
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB05590A-6602-43F3-A400-77EA0976BC0A}" = TomTom HOME
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C3949029-D1B6-7C46-8924-D923632D25C6}" = CCC Help Italian
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{CA49099B-D84C-433C-9D94-B60A991BE323}" = Garmin Express
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CB875A37-DCFE-D05D-0D46-56FF566687F3}" = CCC Help Spanish
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E0516645-06DF-8FFD-5091-1EEAA4AD21D4}" = AMD Catalyst Control Center
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}" = Windows Live UX Platform Language Pack
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4612F14-2D8D-4A1A-B8F9-B4DEDA68473F}" = Elevated Installer
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7D65674-B75B-3E29-6857-C3F2CF44A9DC}" = Catalyst Control Center Graphics Previews Common
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = MSI Star Cam 370i
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F37D360D-9308-4BB1-8515-DC6B637B9486}" = Fotogalerie
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F6E1E870-A96B-4583-A467-4358E5A40BB4}_is1" = Deadpool version 1.0
"{F89CDED6-B1F1-489F-BA44-698BF6A737C2}" = System Requirements Lab
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 24 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 24 NPAPI
"Adobe Flash Player PPAPI" = Adobe Flash Player 24 PPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.2
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"AviSynth" = AviSynth
"Diablo II" = Diablo II
"E.M.Total Video Converter 3.20 3.20" = E.M.Total Video Converter 3.20 3.20
"Google Chrome" = Google Chrome
"Indeo® software" = Indeo® software
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.2.0 (Full)
"Mihov Picture Downloader" = Mihov Picture Downloader 1.4 (remove only)
"Mozilla Firefox 50.1.0 (x86 cs)" = Mozilla Firefox 50.1.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"Opera 42.0.2393.94" = Opera Stable 42.0.2393.94
"PowerISO" = PowerISO
"ProfiCAD_is1" = ProfiCAD 7.3.1
"Raptr" = Raptr
"Room Arranger" = Room Arranger
"Sim Aquarium 3_is1" = Sim Aquarium 3
"Total Video Converter 3.70_is1" = Total Video Converter 3.70 100621
"Unlocker" = Unlocker 1.9.1
"Uplay" = Uplay
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player
"Windows 7 - Codec Pack" = Windows 7 Codec Pack 4.0.9
"WinLiveSuite" = Windows Live Essentials
"ZonerCallisto5_CZ_is1" = Zoner Callisto 5 FREE
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1823128570-3126352839-1645658126-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"HP Photo Creations" = HP Photo Creations
"OneDriveSetup.exe" = Microsoft OneDrive
"Seznam Browser" = Prohlížeč Seznam.cz
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
"YourFileDownloader" = YourFileDownloader
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 18.11.2016 19:44:33 | Computer Name = Mich-Much-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro D:\WinFast WorkArea\esetsmartinstaller_csy.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error - 23.11.2016 17:03:16 | Computer Name = Mich-Much-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro D:\WinFast WorkArea\esetsmartinstaller_csy.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error - 2.12.2016 5:09:23 | Computer Name = Mich-Much-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Sim Aquarium 3.exe, verze: 1.0.0.1, časové
razítko: 0x549d7e31 Název chybujícího modulu: Sim Aquarium 3.exe, verze: 1.0.0.1,
časové razítko: 0x549d7e31 Kód výjimky: 0xc0000005 Posun chyby: 0x00070ffc ID chybujícího
procesu: 0x1600 Čas spuštění chybující aplikace: 0x01d24c7bc4f90043 Cesta k chybující
aplikaci: D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe Cesta k chybujícímu modulu:
D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe ID zprávy: 03eba7a8-b86f-11e6-bdec-1c6f65822d3f
Error - 2.12.2016 5:09:27 | Computer Name = Mich-Much-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Sim Aquarium 3.exe, verze: 1.0.0.1, časové
razítko: 0x549d7e31 Název chybujícího modulu: Sim Aquarium 3.exe, verze: 1.0.0.1,
časové razítko: 0x549d7e31 Kód výjimky: 0xc0000005 Posun chyby: 0x00070ffc ID chybujícího
procesu: 0x1b48 Čas spuštění chybující aplikace: 0x01d24c7bc8414603 Cesta k chybující
aplikaci: D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe Cesta k chybujícímu modulu:
D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe ID zprávy: 061d6c68-b86f-11e6-bdec-1c6f65822d3f
Error - 2.12.2016 14:37:36 | Computer Name = Mich-Much-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Sim Aquarium 3.exe, verze: 1.0.0.1, časové
razítko: 0x549d7e31 Název chybujícího modulu: Sim Aquarium 3.exe, verze: 1.0.0.1,
časové razítko: 0x549d7e31 Kód výjimky: 0xc0000005 Posun chyby: 0x00070ffc ID chybujícího
procesu: 0xba0 Čas spuštění chybující aplikace: 0x01d24ccb26930f00 Cesta k chybující
aplikaci: D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe Cesta k chybujícímu modulu:
D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe ID zprávy: 64dc12e3-b8be-11e6-bdec-1c6f65822d3f
Error - 2.12.2016 14:37:52 | Computer Name = Mich-Much-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Sim Aquarium 3.exe, verze: 1.0.0.1, časové
razítko: 0x549d7e31 Název chybujícího modulu: Sim Aquarium 3.exe, verze: 1.0.0.1,
časové razítko: 0x549d7e31 Kód výjimky: 0xc0000005 Posun chyby: 0x00070ffc ID chybujícího
procesu: 0x1994 Čas spuštění chybující aplikace: 0x01d24ccb302c797b Cesta k chybující
aplikaci: D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe Cesta k chybujícímu modulu:
D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe ID zprávy: 6e049178-b8be-11e6-bdec-1c6f65822d3f
Error - 2.12.2016 14:38:14 | Computer Name = Mich-Much-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Sim Aquarium 3.exe, verze: 1.0.0.1, časové
razítko: 0x549d7e31 Název chybujícího modulu: Sim Aquarium 3.exe, verze: 1.0.0.1,
časové razítko: 0x549d7e31 Kód výjimky: 0xc0000005 Posun chyby: 0x00070ffc ID chybujícího
procesu: 0x1b7c Čas spuštění chybující aplikace: 0x01d24ccb38555ea2 Cesta k chybující
aplikaci: D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe Cesta k chybujícímu modulu:
D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe ID zprávy: 7b93fd1c-b8be-11e6-bdec-1c6f65822d3f
Error - 2.12.2016 14:38:17 | Computer Name = Mich-Much-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Sim Aquarium 3.exe, verze: 1.0.0.1, časové
razítko: 0x549d7e31 Název chybujícího modulu: Sim Aquarium 3.exe, verze: 1.0.0.1,
časové razítko: 0x549d7e31 Kód výjimky: 0xc0000005 Posun chyby: 0x00070ffc ID chybujícího
procesu: 0x708 Čas spuštění chybující aplikace: 0x01d24ccb3f8d2980 Cesta k chybující
aplikaci: D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe Cesta k chybujícímu modulu:
D:\Programy\Sim Aquarium 3\Sim Aquarium 3.exe ID zprávy: 7d6b3502-b8be-11e6-bdec-1c6f65822d3f
Error - 23.12.2016 11:54:57 | Computer Name = Mich-Much-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro D:\WinFast WorkArea\esetsmartinstaller_csy.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error - 23.12.2016 15:18:01 | Computer Name = Mich-Much-PC | Source = Application Hang | ID = 1002
Description = Program chrome.exe verze 55.0.2883.87 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
10a8 Čas spuštění: 01d25d50558a298c Čas ukončení: 4 Cesta k aplikaci: C:\Program Files
(x86)\Google\Chrome\Application\chrome.exe ID hlášení: 80f40d36-c944-11e6-92f6-1c6f65822d3f
[ System Events ]
Error - 1.1.2017 15:51:17 | Computer Name = Mich-Much-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Users\MICH-M~1\AppData\Local\Temp\ehdrv.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 1.1.2017 15:51:17 | Computer Name = Mich-Much-PC | Source = Service Control Manager | ID = 7000
Description = Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
%%1275
Error - 1.1.2017 15:51:18 | Computer Name = Mich-Much-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Users\MICH-M~1\AppData\Local\Temp\ehdrv.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 1.1.2017 15:51:18 | Computer Name = Mich-Much-PC | Source = Service Control Manager | ID = 7000
Description = Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
%%1275
Error - 1.1.2017 15:51:18 | Computer Name = Mich-Much-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Users\MICH-M~1\AppData\Local\Temp\ehdrv.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 1.1.2017 15:51:18 | Computer Name = Mich-Much-PC | Source = Service Control Manager | ID = 7000
Description = Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
%%1275
Error - 1.1.2017 15:51:18 | Computer Name = Mich-Much-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Users\MICH-M~1\AppData\Local\Temp\ehdrv.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 1.1.2017 15:51:18 | Computer Name = Mich-Much-PC | Source = Service Control Manager | ID = 7000
Description = Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
%%1275
Error - 1.1.2017 15:51:19 | Computer Name = Mich-Much-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Users\MICH-M~1\AppData\Local\Temp\ehdrv.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.
Error - 1.1.2017 15:51:19 | Computer Name = Mich-Much-PC | Source = Service Control Manager | ID = 7000
Description = Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
%%1275
< End of report >
Re: Prosím o kontrolu, možný virus
soubor otl.txt je moc velký a nvm v jaké příponě přílohy ho můžu nahrát. předem děkuji
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, možný virus
Zararujte s vložte zararovaném txt formátu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, možný virus
Tady vkládám jako přílohu ten OTL.txt
- Přílohy
-
- OTL.rar
- (26.03 KiB) Staženo 76 x
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, možný virus
Ty logy by měly být 2. Toto je pouze OTL.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, možný virus
extras je vložen výše jako příspěvek, ale můžu ho přibalit, jestli je potřeba
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, možný virus
OK, přehlédl jsem.
Spusťte znovu OTL jako správce.
Do spodniho okna vlozte nasledujici text:
Po restartu se objevi novy log, ten sem dejte.
Spusťte znovu OTL jako správce.
Do spodniho okna vlozte nasledujici text:
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {1645A33F-0A96-4315-904E-29E188E7720E}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{1645A33F-0A96-4315-904E-29E188E7720E}: "URL" = http://startsear.ch/?q={searchTerms}
IE - HKLM\..\SearchScopes\{4F39BF89-AFF1-40CF-B0A6-688D552D9E0B}: "URL" = http://startsear.ch/?aff=1&q={searchTerms}
IE - HKU\S-1-5-21-1823128570-3126352839-1645658126-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-1823128570-3126352839-1645658126-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1823128570-3126352839-1645658126-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-1823128570-3126352839-1645658126-1000\..\SearchScopes\{4F39BF89-AFF1-40CF-B0A6-688D552D9E0B}: "URL" = http://startsear.ch/?aff=1&q={searchTerms}
[2013.10.18 13:37:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mich-Much\AppData\Roaming\Mozilla\Extensions
[2013.10.18 13:37:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mich-Much\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2016.09.20 17:43:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles\l4ftsdsf.default-1456252396109\extensions
[2014.09.20 17:19:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles3ycl7cgh.default-1373441632969\extensions
[2014.09.20 17:19:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles3ycl7cgh.default-1373441632969\extensions\staged
[2016.03.13 10:22:46 | 000,051,610 | ---- | M] () (No name found) -- C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles\l4ftsdsf.default-1456252396109\extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi
[2016.11.16 20:16:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1823128570-3126352839-1645658126-1000..\RunOnce: [Uninstall C:\Users\Mich-Much\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mich-Much\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" File not found
O4 - HKU\S-1-5-21-1823128570-3126352839-1645658126-1000..\RunOnce: [Uninstall C:\Users\Mich-Much\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mich-Much\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64" File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - AutoRun File - [2001.04.18 14:23:00 | 000,000,041 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2010.10.14 12:56:42 | 000,000,049 | -H-- | M] () - K:\autorun.inf -- [ FAT32 ]
:files
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1823128570-3126352839-1645658126-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1823128570-3126352839-1645658126-1000UA.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]
Po restartu se objevi novy log, ten sem dejte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, možný virus
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1645A33F-0A96-4315-904E-29E188E7720E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1645A33F-0A96-4315-904E-29E188E7720E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4F39BF89-AFF1-40CF-B0A6-688D552D9E0B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F39BF89-AFF1-40CF-B0A6-688D552D9E0B}\ not found.
HKU\S-1-5-21-1823128570-3126352839-1645658126-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1823128570-3126352839-1645658126-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1823128570-3126352839-1645658126-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1823128570-3126352839-1645658126-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4F39BF89-AFF1-40CF-B0A6-688D552D9E0B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F39BF89-AFF1-40CF-B0A6-688D552D9E0B}\ not found.
C:\Users\Mich-Much\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com folder moved successfully.
C:\Users\Mich-Much\AppData\Roaming\Mozilla\Extensions folder moved successfully.
Folder C:\Users\Mich-Much\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com\ not found.
C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles\l4ftsdsf.default-1456252396109\extensions folder moved successfully.
C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles3ycl7cgh.default-1373441632969\extensions\staged\{cc6cc772-f121-49e0-b1f0-c26583cb0c5e} folder moved successfully.
C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles3ycl7cgh.default-1373441632969\extensions\staged folder moved successfully.
C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles3ycl7cgh.default-1373441632969\extensions folder moved successfully.
Folder C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles3ycl7cgh.default-1373441632969\extensions\staged\ not found.
File C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles\l4ftsdsf.default-1456252396109\extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi not found.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1823128570-3126352839-1645658126-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\Mich-Much\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1823128570-3126352839-1645658126-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\Mich-Much\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64 deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
File F:\AUTORUN.INF not found.
K:\autorun.inf moved successfully.
========== FILES ==========
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1823128570-3126352839-1645658126-1000Core.job moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1823128570-3126352839-1645658126-1000UA.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Mich-Much
->Temp folder emptied: 337383400 bytes
->Temporary Internet Files folder emptied: 588968442 bytes
->Java cache emptied: 2262617 bytes
->FireFox cache emptied: 381113033 bytes
->Google Chrome cache emptied: 255202938 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 15907 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1619120 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 286068939 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 95684 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 767,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Mich-Much
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 01022017_192602
Files\Folders moved on Reboot...
C:\Users\Mich-Much\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Mich-Much\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1645A33F-0A96-4315-904E-29E188E7720E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1645A33F-0A96-4315-904E-29E188E7720E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4F39BF89-AFF1-40CF-B0A6-688D552D9E0B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F39BF89-AFF1-40CF-B0A6-688D552D9E0B}\ not found.
HKU\S-1-5-21-1823128570-3126352839-1645658126-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1823128570-3126352839-1645658126-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1823128570-3126352839-1645658126-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1823128570-3126352839-1645658126-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4F39BF89-AFF1-40CF-B0A6-688D552D9E0B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F39BF89-AFF1-40CF-B0A6-688D552D9E0B}\ not found.
C:\Users\Mich-Much\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com folder moved successfully.
C:\Users\Mich-Much\AppData\Roaming\Mozilla\Extensions folder moved successfully.
Folder C:\Users\Mich-Much\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com\ not found.
C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles\l4ftsdsf.default-1456252396109\extensions folder moved successfully.
C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles3ycl7cgh.default-1373441632969\extensions\staged\{cc6cc772-f121-49e0-b1f0-c26583cb0c5e} folder moved successfully.
C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles3ycl7cgh.default-1373441632969\extensions\staged folder moved successfully.
C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles3ycl7cgh.default-1373441632969\extensions folder moved successfully.
Folder C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles3ycl7cgh.default-1373441632969\extensions\staged\ not found.
File C:\Users\Mich-Much\AppData\Roaming\Mozilla\Firefox\Profiles\l4ftsdsf.default-1456252396109\extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi not found.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1823128570-3126352839-1645658126-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\Mich-Much\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1823128570-3126352839-1645658126-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\Mich-Much\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64 deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
File F:\AUTORUN.INF not found.
K:\autorun.inf moved successfully.
========== FILES ==========
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1823128570-3126352839-1645658126-1000Core.job moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1823128570-3126352839-1645658126-1000UA.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Mich-Much
->Temp folder emptied: 337383400 bytes
->Temporary Internet Files folder emptied: 588968442 bytes
->Java cache emptied: 2262617 bytes
->FireFox cache emptied: 381113033 bytes
->Google Chrome cache emptied: 255202938 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 15907 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1619120 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 286068939 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 95684 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1 767,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Mich-Much
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 01022017_192602
Files\Folders moved on Reboot...
C:\Users\Mich-Much\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Mich-Much\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, možný virus
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, možný virus
Vyskakující okno zmizelo, zkoušel jsem různé prohlížeče a vše vpoho
Moc moc děkuji!!!
a jestli se můžu zeptat na co si dát pro příště pozor? zda to šlo vypozorovat z logu
Moc moc děkuji!!!
a jestli se můžu zeptat na co si dát pro příště pozor? zda to šlo vypozorovat z logu
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, možný virus
Nechodit na internetu do jeho "temných zákoutí". Byl to tzv únos prohlížeče.sovt píše:Vyskakující okno zmizelo, zkoušel jsem různé prohlížeče a vše vpoho
Moc moc děkuji!!!
a jestli se můžu zeptat na co si dát pro příště pozor? zda to šlo vypozorovat z logu
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?