Zdravím Vás,
prosím o kontrolu kamarádového pc, říkal mi, že je hodně pomalý, než býval a že má problémy při prohlížení webů.
Zde je log z RSIT:
Logfile of random's system information tool 1.14 (written by random/random)
Run by Vladan at 2017-02-05 15:33:06
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 11 GB (24%) free of 46 GB
Total RAM: 3071 MB (62% free)
X86
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:33:49, on 5.2.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Stažené soubory\RSIT.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\trend micro\Vladan_RSIT.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... ding%3F%7D
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Xvid] C:\Program Files\CheckUpdate.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Vladan\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\Veškeré hry!\PokerStarsUpdate.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 7668 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DCMMM.job - C:\Users\Vladan\AppData\Roaming\DCMMM.exe /infocmdline=aAxkcOn8m0u0YfThwPM3ZnvIBXV6uhIh4y0S4BblEHE/qu8ba42ZfiCSDUMRupi9w9A3fcmn8UzZpawFLj4dqJ/oyfhp1EZbGtwiaUHREpFp+EePg++6JxsqjC4vubI57NB8mA8zPROo2ketdW1Jmmu74BK0hDmtvJTw9fIyeOYl3NWJ/15Ti8mwcC0CGnSMnlJqed4lPjSSQ/dSVN3yYB8zrQSfjcetz2Q5QP7XYME833ukWb0LeqKYCPFl7PhOnELxVSl3ugGROT+4PO5dPWQN8iL+bMPMliRk2856obVqWDx/zBI6n6+1X+tIW9JKndxOnbKBgY9ADUmaOJ91cI1T21T3Qn3MB0p+y+vmZzf9VoX8RD/DjI4+g7C+tA3LsKm+Yvpuj2phlklrO+MbIfnxKpm6OxQsN6I4axwEP885ySc5B7rIJlvz4dcCP+/y1skzJSqLpXE3WARZU1dkQo/d6FDJuhPRAi3ti1HZZ40sezE/+ugWtNx8grAKaPaF
C:\Windows\tasks\YJGXUZ.job - C:\Users\Vladan\AppData\Roaming\YJGXUZ.exe /infocmdline=k0HE5idWqR3Y3z0Zk/RImNYzKr8Ps3s22I+sfzH5bEur1aa+zBOZ3S0qkgUQaFD7Nj37aPFuz9X8CFZxlHrXrLWyXt5vS/AJTyCG6EKHi54gUosSgQWZLa0Q0UB2/L8ocExD5cRlE7RkXfyFI4us5o9sk4eZsvm2HML3H0wJGx2DrTmAkANQNXnoKl1juRY1Vh2zHQTltVGxCylyT6YvXxNasuPsp2LyvceLG3qIEg3tfwkNQhUS+Qa2/0DgE3sOun37bslhC3hwf9XU+BgOEeYUlJoU/XD2a8F87HPI5Y1lWzMTytaTmLBZxyuw9VoXGIzxXWM0iPckp9sihI+LaWauiFYkMERcU9IuBa0LNwYXY6LLLJZoCxsRUF5q7SCec6HyNRLBShq/XylpsdWhzudf3KLL18dj0bDSPjH7m/PfornuD+wjak+1Ke3czQBS8VTvrNOz4E7PaRxXs3Qvmyh/xfk4oSiakazLHoJ6kgPJ3ZC/iYJrq2OmkhKyC/gE
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\Windows\system32\tasks\DCMMM - C:\Users\Vladan\AppData\Roaming\DCMMM.exe /infocmdline=aAxkcOn8m0u0YfThwPM3ZnvIBXV6uhIh4y0S4BblEHE/qu8ba42ZfiCSDUMRupi9w9A3fcmn8UzZpawFLj4dqJ/oyfhp1EZbGtwiaUHREpFp+EePg++6JxsqjC4vubI57NB8mA8zPROo2ketdW1Jmmu74BK0hDmtvJTw9fIyeOYl3NWJ/15Ti8mwcC0CGnSMnlJqed4lPjSSQ/dSVN3yYB8zrQSfjcetz2Q5QP7XYME833ukWb0LeqKYCPFl7PhOnELxVSl3ugGROT+4PO5dPWQN8iL+bMPMliRk2856obVqWDx/zBI6n6+1X+tIW9JKndxOnbKBgY9ADUmaOJ91cI1T21T3Qn3MB0p+y+vmZzf9VoX8RD/DjI4+g7C+tA3LsKm+Yvpuj2phlklrO+MbIfnxKpm6OxQsN6I4axwEP885ySc5B7rIJlvz4dcCP+/y1skzJSqLpXE3WARZU1dkQo/d6FDJuhPRAi3ti1HZZ40sezE/+ugWtNx8grAKaPaF
C:\Windows\system32\tasks\DoctorPC_Popup - C:\Program Files\Doctor PC\Splash.exe true
C:\Windows\system32\tasks\DoctorPC_Start - C:\Program Files\Doctor PC\DoctorPC.exe true
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\LaunchSignup - C:\Program Files\MyPC Backup\Signup Wizard.exe frompopup
C:\Windows\system32\tasks\LuckyTab - C:\Program Files\LuckyTab\LuckyTab.exe
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1477324309 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\tasks\User_Feed_Synchronization-{8CCC25FF-8F62-4B50-A596-A5807B49808B} - C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\tasks\YJGXUZ - C:\Users\Vladan\AppData\Roaming\YJGXUZ.exe /infocmdline=k0HE5idWqR3Y3z0Zk/RImNYzKr8Ps3s22I+sfzH5bEur1aa+zBOZ3S0qkgUQaFD7Nj37aPFuz9X8CFZxlHrXrLWyXt5vS/AJTyCG6EKHi54gUosSgQWZLa0Q0UB2/L8ocExD5cRlE7RkXfyFI4us5o9sk4eZsvm2HML3H0wJGx2DrTmAkANQNXnoKl1juRY1Vh2zHQTltVGxCylyT6YvXxNasuPsp2LyvceLG3qIEg3tfwkNQhUS+Qa2/0DgE3sOun37bslhC3hwf9XU+BgOEeYUlJoU/XD2a8F87HPI5Y1lWzMTytaTmLBZxyuw9VoXGIzxXWM0iPckp9sihI+LaWauiFYkMERcU9IuBa0LNwYXY6LLLJZoCxsRUF5q7SCec6HyNRLBShq/XylpsdWhzudf3KLL18dj0bDSPjH7m/PfornuD+wjak+1Ke3czQBS8VTvrNOz4E7PaRxXs3Qvmyh/xfk4oSiakazLHoJ6kgPJ3ZC/iYJrq2OmkhKyC/gE
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-756457375-3611543804-2474886263-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" /autoupdate /silent /autoclose /background
C:\Windows\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization - "C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe" /immunize /silent /autoclose
C:\Windows\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system - "C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe" /scan /cleanclose
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
=========Mozilla firefox=========
ProfilePath - C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.194 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.121.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=D:\moje instalace\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=D:\moje instalace\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=D:\moje instalace\VLC\npvlc.dll
C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\addons.json
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b}
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\extensions.json
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b} - C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Diagnostics - extension - diagnostics@mozilla.org - C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\features\{5424dbbe-3c37-4b8d-9250-b04d3ea061e2}\diagnostics@mozilla.org.xpi
Send HSTS Priming Requests - extension - hsts-priming@mozilla.org - C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\features\{5424dbbe-3c37-4b8d-9250-b04d3ea061e2}\hsts-priming@mozilla.org.xpi
C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\pluginreg.dat
Plugin - VLC Web Plugin - 2.2.4.0 - D:\moje instalace\VLC\npvlc.dll
Plugin - Google Update - 1.3.32.7 - C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll
Plugin - NVIDIA 3D VISION - 7.17.13.3489 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
Plugin - NVIDIA 3D Vision - 7.17.13.3489 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
Plugin - Silverlight Plug-In - 5.1.50901.0 - c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Plugin - Windows Activation Technologies - 7.1.7600.16395 - C:\Windows\system32\Wat\npWatWeb.dll
Plugin - Java(TM) Platform SE 8 U121 - 11.121.2.13 - C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 8.0.1210.13 - 11.121.2.13 - C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npdeployJava1.dll
Plugin - Shockwave Flash - 24.0.0.194 - C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll
Plugin - Unity Player - 5.3.7.18311 - C:\Users\Vladan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
=========Google Chrome=========
C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blmojkbhnkkphngknkmgccmlenfaelkd 1 Seznam Lištička - Slovník 1.4.3
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.30
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.155
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gomekmidlodglbbmalcneegieacbdmki 0 Avast Online Security 12.0.124
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage:
default_search_provider.search_url:
C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: http://www.seznam.cz/?clid=12454
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-19 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-19 186944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-12-15 8120864]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-15 9080768]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-12-12 587288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"Xvid"=C:\Program Files\CheckUpdate.exe [2011-01-17 8192]
"cz.seznam.software.autoupdate"=C:\Users\Vladan\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Vladan\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-02-05 2234144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap.dll [2014-02-05 1048152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2013-10-31 449760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Vladan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TornTvDownloader.lnk]
C:\Users\Vladan\AppData\Roaming\TornTV.com\TornTV Downloader.exe []
C:\Users\Vladan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-02-05 15:33:06 ----D---- C:\rsit
2017-02-05 15:33:06 ----D---- C:\Program Files\trend micro
2017-02-03 18:04:13 ----D---- C:\Users\Vladan\AppData\Roaming\Unity
2017-01-19 18:42:10 ----D---- C:\Program Files\Common Files\Java
2017-01-12 04:52:46 ----A---- C:\Windows\system32\lsasrv.dll
2017-01-12 04:52:46 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-01-12 04:52:45 ----A---- C:\Windows\system32\schannel.dll
2017-01-12 04:52:45 ----A---- C:\Windows\system32\rpcrt4.dll
2017-01-12 04:52:45 ----A---- C:\Windows\system32\msv1_0.dll
2017-01-12 04:52:45 ----A---- C:\Windows\system32\kerberos.dll
2017-01-12 04:52:45 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-01-12 04:52:45 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-01-12 04:52:45 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-01-12 04:52:44 ----A---- C:\Windows\system32\wdigest.dll
2017-01-12 04:52:43 ----A---- C:\Windows\system32\TSpkg.dll
2017-01-12 04:52:43 ----A---- C:\Windows\system32\sspicli.dll
2017-01-12 04:52:43 ----A---- C:\Windows\system32\rpchttp.dll
2017-01-12 04:52:43 ----A---- C:\Windows\system32\ncrypt.dll
2017-01-12 04:52:43 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-01-12 04:52:42 ----A---- C:\Windows\system32\sspisrv.dll
2017-01-12 04:52:42 ----A---- C:\Windows\system32\secur32.dll
2017-01-12 04:52:42 ----A---- C:\Windows\system32\lsass.exe
2017-01-12 04:52:42 ----A---- C:\Windows\system32\cryptbase.dll
2017-01-12 04:52:42 ----A---- C:\Windows\system32\credssp.dll
2017-01-12 04:52:42 ----A---- C:\Windows\system32\bcrypt.dll
2017-01-12 04:52:42 ----A---- C:\Windows\system32\auditpol.exe
2017-01-12 04:52:41 ----A---- C:\Windows\system32\msaudite.dll
2017-01-12 04:52:41 ----A---- C:\Windows\system32\adtschema.dll
2017-01-12 04:52:40 ----A---- C:\Windows\system32\msobjs.dll
======List of files/folders modified in the last 1 month======
2017-02-05 15:33:17 ----D---- C:\Windows\Prefetch
2017-02-05 15:33:06 ----RD---- C:\Program Files
2017-02-05 15:33:02 ----D---- C:\Users\Vladan\AppData\Roaming\AIMP3
2017-02-05 15:32:16 ----D---- C:\Windows\Temp
2017-02-05 15:27:49 ----D---- C:\Users\Vladan\AppData\Roaming\Seznam.cz
2017-02-05 15:23:52 ----D---- C:\Windows\system32\config
2017-02-05 15:22:49 ----D---- C:\Windows\inf
2017-02-04 11:53:06 ----SHD---- C:\System Volume Information
2017-01-31 16:39:54 ----HD---- C:\ProgramData
2017-01-30 20:38:21 ----D---- C:\Windows\System32
2017-01-30 20:38:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-01-28 17:16:49 ----D---- C:\Windows
2017-01-28 09:09:58 ----D---- C:\Windows\Logs
2017-01-28 09:09:58 ----D---- C:\Windows\debug
2017-01-28 08:42:40 ----D---- C:\Program Files\Mozilla Firefox
2017-01-28 08:40:27 ----SHD---- C:\Windows\Installer
2017-01-28 08:40:26 ----D---- C:\Program Files\Common Files\Adobe AIR
2017-01-28 08:40:26 ----D---- C:\Program Files\Adobe
2017-01-19 19:13:21 ----D---- C:\ProgramData\Oracle
2017-01-19 18:42:50 ----D---- C:\Program Files\Java
2017-01-19 18:42:10 ----D---- C:\Program Files\Common Files
2017-01-19 18:41:03 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2017-01-17 16:09:46 ----D---- C:\Windows\rescache
2017-01-12 14:31:46 ----D---- C:\Windows\winsxs
2017-01-12 14:29:25 ----D---- C:\Windows\system32\cs-CZ
2017-01-12 14:29:24 ----D---- C:\Windows\system32\drivers
2017-01-12 05:21:54 ----D---- C:\Windows\system32\MRT
2017-01-12 05:21:44 ----AC---- C:\Windows\system32\MRT.exe
2017-01-12 04:51:19 ----D---- C:\Windows\system32\catroot2
2017-01-10 13:06:51 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2017-01-10 13:06:49 ----D---- C:\Windows\system32\Macromed
2017-01-10 13:06:48 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-10-24 60424]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-24 224752]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2014-02-15 76768]
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2009-05-01 210464]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2014-03-12 170528]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-12-09 691696]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2014-03-12 752128]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2014-03-12 600928]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-10-24 35096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-10-24 91232]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-10-24 735488]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-10-24 433768]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2013-03-04 30616]
R2 ACEDRV07;ACEDRV07; \??\C:\Windows\system32\drivers\ACEDRV07.sys [2015-03-06 101376]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-10-24 92256]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-10-24 118664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-12-15 2978016]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-13 6504]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2013-12-27 34080]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-07-24 29696]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2014-03-12 167968]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 apa10lrw;apa10lrw; C:\Windows\system32\drivers\apa10lrw.sys []
S3 aswHdsKe;aswHdsKe; \??\C:\Windows\system32\drivers\aswHdsKe.sys [2016-12-30 65344]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-10-24 34008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2014-03-14 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2014-03-14 25200]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-10-24 197128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2015-10-17 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2015-10-17 107832]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-23 144200]
S3 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2011-10-13 804448]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10 270936]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-23 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-12 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-12-14 172488]
S3 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-02-05 1593632]
S3 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-02-05 15904544]
S3 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-02-08 664864]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-02-08 411936]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-17 1343400]
S4 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2014-03-12 3246040]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 CscService;Offline soubory; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalý chod a vypadávání zásuvných modulů
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý chod a vypadávání zásuvných modulů
Zdravím!
Jak je na tom váš oper. systém s legalitou.
Jak je na tom váš oper. systém s legalitou.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý chod a vypadávání zásuvných modulů
Teď mi kámoš říkal, že by měl mít oficiální systém, že pc koupil s tímhle systémem od známého.
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý chod a vypadávání zásuvných modulů
OK. Udělejte následující sken:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
a klikněte na >Prohledat<. Dejte oba logy.CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý chod a vypadávání zásuvných modulů
První LOG:
OTL logfile created on: 7.2.2017 15:22:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Stažené soubory
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18537)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 58,26% Memory free
6,00 Gb Paging File | 4,50 Gb Available in Paging File | 74,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 45,14 Gb Total Space | 11,49 Gb Free Space | 25,46% Space Free | Partition Type: NTFS
Drive D: | 420,52 Gb Total Space | 9,22 Gb Free Space | 2,19% Space Free | Partition Type: NTFS
Computer Name: VLADAN-PC | User Name: Vladan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2017.02.07 15:17:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Stažené soubory\OTL.exe
PRC - [2017.01.28 08:42:19 | 000,517,576 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2016.11.15 14:41:01 | 009,080,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2016.10.24 14:40:27 | 000,197,128 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016.10.20 17:47:28 | 003,339,552 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
PRC - [2016.10.18 19:21:02 | 003,078,432 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe
PRC - [2016.10.14 10:37:14 | 000,462,624 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
PRC - [2016.09.23 16:02:44 | 002,274,080 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2015.05.26 12:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
PRC - [2014.06.27 10:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014.06.24 09:42:12 | 004,101,576 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014.06.24 09:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014.04.25 13:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2014.02.17 19:38:51 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2016.10.24 14:40:28 | 048,936,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016.10.24 14:40:27 | 000,169,064 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016.10.19 17:52:42 | 000,078,624 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare\GetProcessDLL.dll
MOD - [2016.09.26 13:59:22 | 000,631,072 | ---- | M] () -- C:\Program Files\IObit\IObit Uninstaller\ProductStatistics.dll
MOD - [2016.09.26 13:59:22 | 000,631,072 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare\ProductStatistics.dll
MOD - [2016.08.18 18:43:40 | 000,442,144 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare\madexcept_.bpl
MOD - [2016.08.18 18:43:36 | 000,059,680 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare\maddisAsm_.bpl
MOD - [2016.08.18 18:43:34 | 000,210,720 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare\madbasic_.bpl
MOD - [2016.06.21 19:30:02 | 000,442,144 | ---- | M] () -- C:\Program Files\IObit\IObit Uninstaller\madexcept_.bpl
MOD - [2016.06.21 19:29:58 | 000,059,680 | ---- | M] () -- C:\Program Files\IObit\IObit Uninstaller\maddisAsm_.bpl
MOD - [2016.06.21 19:29:56 | 000,210,720 | ---- | M] () -- C:\Program Files\IObit\IObit Uninstaller\madbasic_.bpl
MOD - [2015.12.28 13:50:58 | 000,899,872 | ---- | M] () -- C:\Program Files\IObit\IObit Uninstaller\webres.dll
MOD - [2015.12.28 13:50:58 | 000,899,872 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare\webres.dll
MOD - [2015.05.26 12:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
MOD - [2015.05.26 12:38:34 | 000,862,888 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
MOD - [2015.05.26 12:37:42 | 000,078,504 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\32524libfoxloader.dll
MOD - [2014.05.13 11:04:48 | 000,167,768 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014.05.13 11:04:46 | 000,109,400 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014.05.13 11:04:42 | 000,416,600 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
========== Services (SafeList) ==========
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2016.12.14 15:34:25 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016.11.12 19:15:03 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2016.10.24 14:40:27 | 000,197,128 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2016.10.14 10:37:14 | 000,462,624 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare\ASCService.exe -- (AdvancedSystemCareService10)
SRV - [2016.09.28 13:54:46 | 000,359,200 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObit\IObit Uninstaller\IUService.exe -- (IObitUnSvr)
SRV - [2016.08.21 14:05:24 | 000,935,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2014.03.12 17:30:15 | 003,246,040 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2014.02.17 17:42:28 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2014.02.08 17:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.02.05 10:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.02.05 10:32:31 | 015,904,544 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.02.04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.10.13 07:01:16 | 000,804,448 | ---- | M] (Acronis) [On_Demand | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (abby33rc)
DRV - [2016.12.30 07:29:51 | 000,065,344 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswHdsKe.sys -- (aswHdsKe)
DRV - [2016.10.24 16:51:19 | 000,035,096 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2016.10.24 14:41:20 | 000,224,752 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswvmm.sys -- (aswVmm)
DRV - [2016.10.24 14:41:19 | 000,433,768 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2016.10.24 14:41:17 | 000,735,488 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2016.10.24 14:40:29 | 000,118,664 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2016.10.24 14:40:29 | 000,092,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2016.10.24 14:40:29 | 000,091,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2016.10.24 14:40:29 | 000,060,424 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2016.10.24 14:40:29 | 000,034,008 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2015.12.09 16:09:59 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2015.03.06 18:52:39 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2014.03.14 14:12:26 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2014.03.14 14:12:26 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2014.03.12 17:30:16 | 000,167,968 | ---- | M] (Acronis) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV - [2014.03.12 17:30:13 | 000,752,128 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tdrpm273.sys -- (tdrpman273)
DRV - [2014.03.12 17:30:11 | 000,600,928 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV - [2014.03.12 17:29:56 | 000,170,528 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV - [2014.02.15 22:23:41 | 000,076,768 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\fltsrv.sys -- (fltsrv)
DRV - [2014.02.08 19:27:20 | 010,180,896 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013.12.27 19:42:24 | 000,034,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2013.10.02 01:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012.08.23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.08.12 12:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.05.13 19:11:34 | 000,006,504 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009.05.01 03:08:30 | 000,210,464 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007.12.17 17:14:06 | 000,012,400 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\Stažené soubory
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 30 0C 19 5C 0A 9E D1 01 [binary data]
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes,DefaultScope = {FDE9DF76-E760-4E35-9AFF-B40F9D8E35E9}
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{0100AF53-D945-42A7-85CF-7A16D9083CB0}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{119855C9-7EDD-4D73-B75E-E55E2A3AF7C0}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{171BA470-94EC-4D56-86A5-D1E6A6A85D65}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{31A34051-E774-4C37-9744-2A430F53433C}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{D3F358DD-2F02-48D7-BEC2-08FEA6F90A79}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{DA6F7AE2-2F09-4B0E-B790-4D45EB1FD79B}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{E5D4378F-FA6E-4EA2-8B3C-DC57C9B747A5}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{EE5AD64C-7342-4D92-A4DB-0161F86C626C}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{FDE9DF76-E760-4E35-9AFF-B40F9D8E35E9}: "URL" = http://www.bing.com/search?q={searchTer ... 02&pc=UE08
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{FF67341C-D00D-4941-A1D1-EEE224F17524}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.hiddenOneOffs: "DuckDuckGo,Heuréka,Mapy.cz,Slunečnice,Wikipedie (cs)"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:51.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.121.2: C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2: C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: D:\moje instalace\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: D:\moje instalace\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: D:\moje instalace\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Vladan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016.10.24 14:40:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016.10.24 14:40:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 51.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 51.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2015.04.17 14:19:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Extensions
[2017.02.02 17:19:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\extensions
[2017.02.02 17:19:26 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2016.11.24 14:24:46 | 001,055,311 | ---- | M] () (No name found) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2017.02.02 17:18:45 | 000,005,527 | ---- | M] () (No name found) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\features\{5424dbbe-3c37-4b8d-9250-b04d3ea061e2}\diagnostics@mozilla.org.xpi
[2017.02.02 17:18:46 | 000,005,336 | ---- | M] () (No name found) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\features\{5424dbbe-3c37-4b8d-9250-b04d3ea061e2}\hsts-priming@mozilla.org.xpi
[2017.01.28 08:42:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
========== Chrome ==========
CHR - homepage: http://www.seznam.cz/?clid=12454
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.4.3_0\
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2015.11.20 08:45:42 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll (IObit)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswwebrepie.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files\Seznam.cz\distribution\szninstall.exe ()
O4 - HKU\S-1-5-21-756457375-3611543804-2474886263-1000..\Run: [Advanced SystemCare 10] C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-756457375-3611543804-2474886263-1000..\Run: [cz.seznam.software.szndesktop] C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-21-756457375-3611543804-2474886263-1000..\Run: [Xvid] C:\Program Files\CheckUpdate.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\Veškeré hry!\PokerStarsUpdate.exe (Rational Intellectual Holdings Ltd.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C618E29A-4747-453F-A9AF-9815A5E3B1DC}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6b89a043-021c-11e6-b480-e0cb4eea0f8b}\Shell - "" = AutoRun
O33 - MountPoints2\{6b89a043-021c-11e6-b480-e0cb4eea0f8b}\Shell\AutoRun\command - "" = G:\Lenovo_Suite.exe
O33 - MountPoints2\{9f7c025f-7296-11e6-896d-e0cb4eea0f8b}\Shell - "" = AutoRun
O33 - MountPoints2\{9f7c025f-7296-11e6-896d-e0cb4eea0f8b}\Shell\AutoRun\command - "" = G:\Lenovo_Suite.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2017.02.06 16:32:15 | 000,802,904 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2017.02.06 16:32:15 | 000,144,472 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2017.02.06 16:14:58 | 000,000,000 | ---D | C] -- C:\Users\Vladan\AppData\Roaming\ProductData
[2017.02.06 16:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2017.02.06 16:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2017.02.06 16:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
[2017.02.06 16:13:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\IObit
[2017.02.06 16:13:40 | 000,000,000 | ---D | C] -- C:\Windows\tasks\ImCleanDisabled
[2017.02.06 16:13:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
[2017.02.06 16:13:20 | 000,000,000 | ---D | C] -- C:\Users\Vladan\AppData\Roaming\IObit
[2017.02.06 16:12:59 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2017.02.06 16:12:59 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2017.02.05 15:33:06 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2017.02.05 15:33:06 | 000,000,000 | ---D | C] -- C:\rsit
[2017.02.03 18:04:13 | 000,000,000 | ---D | C] -- C:\Users\Vladan\AppData\Roaming\Unity
[2017.01.19 18:42:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2017.01.12 04:52:43 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2017.01.12 04:52:43 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2017.01.12 04:52:42 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2017.01.12 04:52:42 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2017.01.12 04:52:42 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2017.01.12 04:52:41 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2017.01.12 04:52:41 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2017.01.12 04:52:40 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015.03.22 11:38:17 | 003,509,694 | ---- | C] (Xvid Team) -- C:\Program Files\uninstall.exe
[2015.03.22 11:38:13 | 006,150,331 | ---- | C] (Xvid Team) -- C:\Program Files\autoupdate-windows.exe
[2015.03.22 11:38:12 | 000,166,912 | ---- | C] (Xvid Solutions) -- C:\Program Files\MiniConvert.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2017.02.07 15:25:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2017.02.07 15:22:54 | 000,020,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017.02.07 15:22:54 | 000,020,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017.02.07 15:14:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017.02.06 16:32:15 | 000,802,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2017.02.06 16:32:15 | 000,144,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2017.02.06 16:18:22 | 000,002,217 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 10.lnk
[2017.02.06 16:13:54 | 000,002,103 | ---- | M] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2017.02.02 04:51:49 | 000,002,138 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2017.01.30 20:38:21 | 000,668,138 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2017.01.30 20:38:21 | 000,653,526 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2017.01.30 20:38:21 | 000,140,798 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2017.01.30 20:38:21 | 000,121,398 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2017.01.19 18:41:03 | 000,095,808 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2017.01.10 13:06:48 | 020,358,232 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2017.02.07 15:25:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2017.02.06 16:13:55 | 000,002,115 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
[2017.02.06 16:13:54 | 000,002,103 | ---- | C] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2017.02.06 16:13:38 | 000,002,217 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 10.lnk
[2015.10.17 13:52:40 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2015.10.17 13:52:29 | 000,107,832 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2015.10.17 13:52:27 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2015.10.14 17:10:50 | 000,000,275 | ---- | C] () -- C:\Windows\game.ini
[2015.04.17 18:39:52 | 000,000,298 | ---- | C] () -- C:\Windows\wininit.ini
[2015.03.22 11:38:18 | 000,000,856 | ---- | C] () -- C:\Program Files\Uninstall Xvid Video Codec.lnk
[2015.03.22 11:38:18 | 000,000,046 | ---- | C] () -- C:\Program Files\xvidhomepage.url
[2015.03.22 11:38:17 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2015.03.22 11:38:17 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2015.03.22 11:38:12 | 000,144,384 | ---- | C] () -- C:\Program Files\xvid_encraw.exe
[2015.03.22 11:38:12 | 000,023,040 | ---- | C] () -- C:\Program Files\MiniCalc.exe
[2015.03.22 11:38:12 | 000,015,227 | ---- | C] () -- C:\Program Files\LICENSE
[2015.03.22 11:38:12 | 000,013,824 | ---- | C] () -- C:\Program Files\StatsReader.exe
[2015.03.22 11:38:12 | 000,009,216 | ---- | C] () -- C:\Program Files\OGMCalc.exe
[2015.03.22 11:38:12 | 000,008,704 | ---- | C] () -- C:\Program Files\vidccleaner.exe
[2015.03.22 11:38:12 | 000,008,192 | ---- | C] () -- C:\Program Files\CheckUpdate.exe
[2015.03.22 11:38:12 | 000,006,144 | ---- | C] () -- C:\Program Files\AviC.exe
[2015.03.22 11:38:12 | 000,002,967 | ---- | C] () -- C:\Program Files\Xvid_Quant_Matrices.zip
[2015.03.22 11:38:12 | 000,002,338 | ---- | C] () -- C:\Program Files\xvid.inf
[2015.03.22 11:38:12 | 000,000,124 | ---- | C] () -- C:\Program Files\update.ini
[2014.11.08 08:35:17 | 000,000,004 | ---- | C] () -- C:\Users\Vladan\AppData\Roaming\appdataFr2.bin
[2014.09.12 18:47:35 | 000,000,406 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014.09.01 09:18:44 | 000,001,248 | ---- | C] () -- C:\Users\Vladan\AppData\Roaming\YJGXUZ
[2014.07.27 09:44:33 | 000,000,003 | ---- | C] () -- C:\Users\Vladan\stut
[2014.07.27 09:42:16 | 000,000,334 | ---- | C] () -- C:\Users\Vladan\rgut
[2014.07.27 07:20:37 | 000,008,073 | ---- | C] () -- C:\Users\Vladan\AppData\Roaming\mslcjsuu.dat
[2014.07.27 07:20:36 | 000,000,029 | ---- | C] () -- C:\Users\Vladan\AppData\Roaming\msyciwq.dat
[2014.03.11 16:54:00 | 000,022,328 | ---- | C] () -- C:\Users\Vladan\AppData\Roaming\PnkBstrK.sys
[2002.08.29 17:33:56 | 000,319,488 | R--- | C] () -- C:\Users\Vladan\AppData\Roaming\MafiaSetup.exe
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.08.06 18:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014.11.04 09:28:19 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\337Games
[2014.03.12 17:37:19 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Acronis
[2014.11.07 19:32:03 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\AdvancedSystemProtector
[2017.02.06 17:15:55 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\AIMP3
[2014.03.02 09:44:26 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Airytec
[2016.10.24 14:41:41 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\AVAST Software
[2014.05.06 14:13:23 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\AVG
[2015.12.09 16:15:01 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\DAEMON Tools Lite
[2014.10.23 07:46:50 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\DVDVideoSoft
[2016.01.13 08:20:36 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\FileOpenerWindows
[2015.08.17 09:43:43 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\fltk.org
[2014.08.31 08:07:32 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Hornil
[2017.02.06 16:15:36 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\IObit
[2015.07.20 10:53:53 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\IsolatedStorage
[2014.02.21 20:04:58 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Leadertech
[2014.02.27 17:29:31 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\OpenOffice
[2015.09.19 16:45:10 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Opera Software
[2017.02.06 16:14:58 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\ProductData
[2016.01.13 07:35:04 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\pyramidak
[2017.02.06 07:03:08 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Seznam.cz
[2015.07.20 10:57:12 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Solvusoft
[2014.03.02 08:42:47 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Sony
[2014.06.09 13:38:58 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\SumatraPDF
[2014.11.08 07:53:14 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Systweak
[2014.04.12 17:46:30 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\TuneUp Software
[2017.02.03 18:04:13 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Unity
[2015.06.02 08:35:06 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\YoWindow
[2016.11.17 11:20:13 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 05:53:46 | 000,032,610 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2014.06.24 09:42:02 | 004,818,848 | ---- | M] (Safer-Networking Ltd.) MD5=280C014187E24860A7C860329513208F -- C:\Program Files\Spybot - Search & Destroy 2\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SERVICES.EXE >
[2015.04.13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\System32\services.exe
[2015.04.13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_d1614ac32b8ec5cf\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2015.04.11 04:53:55 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=97981140500E86E5BBAD7B76BA890146 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_d1d9ee0844ba1cc2\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2014.11.21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2014.04.05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013.11.26 12:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2014.04.05 03:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
< MD5 for: WINLOGON.EXE >
[2014.07.16 03:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014.07.17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014.07.17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2014.11.21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2014.03.04 10:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 11:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\_avast_\*.tmp files -> C:\Windows\Temp\_avast_\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014.11.04 09:28:19 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\337Games
[2014.03.12 17:37:19 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Acronis
[2016.11.19 15:14:48 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Adobe
[2014.11.07 19:32:03 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\AdvancedSystemProtector
[2017.02.06 17:15:55 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\AIMP3
[2014.03.02 09:44:26 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Airytec
[2016.10.24 14:41:41 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\AVAST Software
[2014.05.06 14:13:23 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\AVG
[2015.12.09 16:15:01 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\DAEMON Tools Lite
[2014.10.23 07:46:50 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\DVDVideoSoft
[2016.01.13 08:20:36 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\FileOpenerWindows
[2015.08.17 09:43:43 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\fltk.org
[2014.08.31 08:07:32 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Hornil
[2014.02.15 19:02:49 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Identities
[2014.02.19 16:33:53 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\InstallShield
[2017.02.06 16:15:36 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\IObit
[2015.07.20 10:53:53 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\IsolatedStorage
[2014.02.21 20:04:58 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Leadertech
[2014.02.17 17:21:20 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Macromedia
[2014.10.01 07:55:32 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Malwarebytes
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Media Center Programs
[2015.07.20 10:38:01 | 000,000,000 | --SD | M] -- C:\Users\Vladan\AppData\Roaming\Microsoft
[2015.04.17 14:19:13 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Mozilla
[2015.10.05 16:45:00 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\NVIDIA
[2014.02.27 17:29:31 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\OpenOffice
[2015.09.19 16:45:10 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Opera Software
[2017.02.06 16:14:58 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\ProductData
[2016.01.13 07:35:04 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\pyramidak
[2014.02.22 11:39:04 | 000,000,000 | RH-D | M] -- C:\Users\Vladan\AppData\Roaming\SecuROM
[2017.02.06 07:03:08 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Seznam.cz
[2015.07.20 10:57:12 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Solvusoft
[2014.03.02 08:42:47 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Sony
[2014.06.09 13:38:58 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\SumatraPDF
[2016.10.25 14:55:08 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Sun
[2014.11.08 07:53:14 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Systweak
[2014.04.12 17:46:30 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\TuneUp Software
[2017.02.03 18:04:13 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Unity
[2017.02.06 19:29:25 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\vlc
[2014.02.15 23:26:14 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\WinRAR
[2015.06.02 08:35:06 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\YoWindow
[2016.11.17 11:20:13 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2002.08.29 17:33:56 | 000,319,488 | R--- | M] () -- C:\Users\Vladan\AppData\Roaming\MafiaSetup.exe
[2015.12.24 18:58:54 | 000,071,856 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\FileOpenerWindows\wfo.exe
[2013.05.16 14:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 14:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.16 11:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2015.05.26 12:36:54 | 000,073,896 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2015.05.26 12:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2015.05.26 12:38:44 | 000,103,080 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2016.11.01 09:51:18 | 000,091,136 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\x64loader.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2015.12.09 16:09:59 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2017.02.07 15:22:54 | 000,020,704 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017.02.07 15:22:54 | 000,020,704 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017.02.06 16:32:15 | 000,802,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2017.02.06 16:32:15 | 000,144,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ISUSPM Startup" = C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup -- [2004.06.16 06:03:26 | 000,221,184 | ---- | M] (InstallShield Software Corporation)
"Xvid" = C:\Program Files\CheckUpdate.exe -- [2011.01.17 20:41:43 | 000,008,192 | ---- | M] ()
"cz.seznam.software.szndesktop" = "C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -- [2015.05.26 12:38:44 | 000,103,080 | ---- | M] ()
"Advanced SystemCare 10" = "C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /Auto -- [2016.10.18 19:21:02 | 003,078,432 | ---- | M] (IObit)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2017.01.28 08:42:19 | 000,517,576 | ---- | M] (Mozilla Corporation) MD5=2EF2B10E5F65FB054D2D54BDA54D230B -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2016.11.14 23:39:49 | 000,815,312 | ---- | M] (Microsoft Corporation) MD5=EE79D654A04333F566DF07EBDE217928 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2017.02.01 10:01:18 | 000,945,496 | ---- | M] (Google Inc.) MD5=38372AA4CC9FBD0EB7A26FC7B5F24562 -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2017.02.07 15:25:40 | 000,000,512 | ---- | M] () MD5=DF4533203F044772117C30DFF7B28D12 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2003.04.30 16:53:36 | 000,087,536 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\textures\decals\decal@stone_cracked1.dds
[2003.06.16 14:58:24 | 000,174,904 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\textures\germany\walls\rock@damface2cracked.dds
< *keygen* /s >
< *loader* /s >
[2003.09.24 13:32:50 | 000,012,597 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_fire_antiair
[2003.09.24 13:32:50 | 000,013,430 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_fire_antitank
[2003.09.24 13:32:50 | 000,002,614 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_idle_antiair
[2003.09.24 13:32:50 | 000,002,349 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_idle_antitank
[2003.09.24 13:32:50 | 000,002,209 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_preturnidle_antitank
[2003.09.24 13:32:54 | 000,006,798 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_turn_antiair
[2003.09.24 13:32:52 | 000,006,882 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_turn_antitank
[2003.09.24 13:32:52 | 000,003,475 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_twitch_antiair
[2003.09.24 13:32:52 | 000,003,976 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_twitch_antitank
[2003.09.24 13:33:14 | 000,018,794 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flakpanzer_leftloader_fire_a
[2003.09.24 13:33:14 | 000,004,714 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flakpanzer_leftloader_fire_b
[2003.09.24 13:33:16 | 000,013,741 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flakpanzer_rightloader_fire_a
[2003.09.24 13:33:16 | 000,004,135 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flakpanzer_rightloader_fire_b
[2003.09.24 13:31:52 | 000,010,852 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\scripted_mg42loader_shoot
[2006.04.07 16:59:02 | 000,049,152 | ---- | M] () -- \Veškeré hry!\Gothic 3\PhysXLoader.dll
[2010.08.24 16:23:59 | 000,071,008 | ---- | M] () -- \Veškeré hry!\Mafia 2\pc\PhysXLoader.dll
[2010.09.01 18:45:20 | 000,065,536 | ---- | M] () -- \Veškeré hry!\Medal of Honor 2010\Binaries\PhysXLocal\PhysXLoader.dll
[2016.12.24 07:43:54 | 000,248,055 | ---- | M] () -- \Veškeré hry!\xc\packages\common\pub\preloader.swf
< End of report >
Druhý LOG:
OTL Extras logfile created on: 7.2.2017 15:22:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Stažené soubory
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18537)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 58,26% Memory free
6,00 Gb Paging File | 4,50 Gb Available in Paging File | 74,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 45,14 Gb Total Space | 11,49 Gb Free Space | 25,46% Space Free | Partition Type: NTFS
Drive D: | 420,52 Gb Total Space | 9,22 Gb Free Space | 2,19% Space Free | Partition Type: NTFS
Computer Name: VLADAN-PC | User Name: Vladan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = OperaStable] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-756457375-3611543804-2474886263-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
http [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1"
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Users\Vladan\AppData\Roaming\FileOpenerWindows\wfo.exe "%1" ()
Directory [AddToPlaylistVLC] -- "D:\moje instalace\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\moje instalace\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F3D8304-E0A1-407F-825F-DB62BE113484}" = lport=139 | protocol=6 | dir=in | app=system |
"{1878770D-9595-428B-87A4-0D3406D0D733}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{27D2CC46-F890-4AA3-B66A-A28A6F69881D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2F24E8A2-F5D6-4962-943D-9DA157D08268}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2F67F7EE-B162-4401-9798-252342D26EC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{38F098B5-CED0-47B2-A8AF-028CE7BFF259}" = rport=445 | protocol=6 | dir=out | app=system |
"{3A9F5CD6-C310-44C8-AED5-AC296D20FD37}" = lport=137 | protocol=17 | dir=in | app=system |
"{3C4100A6-71FA-4684-84E2-2FD715F57754}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{3CE71D38-F9BC-47AC-B35A-F26D80579EE0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{411EB758-0F90-4E86-8914-8915A3B62235}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{444F147F-C862-4F4D-8E96-165C106FB1A5}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{50535B19-AED5-4B6F-BC10-CD838FF120D3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{65C42B43-1AE4-4028-A679-B00EC3C12A64}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{78901BC8-2D4F-4D8B-A009-FF4218EA1889}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7AA37CC6-F02E-4E8A-8E7A-18B306FC7101}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{89737443-6E05-4EA1-90C4-0FFEB7FA44DA}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{94505A10-A842-4757-9393-F5F15696CB73}" = lport=10243 | protocol=6 | dir=in | app=system |
"{97C4F451-74B2-427F-B0BF-4137C8476894}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9C396718-A2C1-4D6E-9459-794C1DA2D048}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9D01EA84-EEC7-4A7A-BA40-DA1BA52694F4}" = lport=445 | protocol=6 | dir=in | app=system |
"{A1335C6D-E699-4E32-B140-1D89B9A6B4F4}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{A594A18D-CF9C-42A2-A421-E7C0406A676C}" = rport=138 | protocol=17 | dir=out | app=system |
"{B102540A-02CA-49E3-996F-7D105A4B7A0F}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B5616E81-C317-48ED-BA2A-54FAAA3D5EB0}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{BB35D3E3-A455-44F2-B49C-C1A32F3957C6}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{CC28389A-19ED-42A4-85F6-4C58DCC2D0C1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CE234D32-21F7-4D03-B7A9-BAAE3DCF309A}" = lport=138 | protocol=17 | dir=in | app=system |
"{D8EE83BE-7750-42D1-AA80-8750F84214FC}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{E6662035-EE93-4AA7-89CD-FE3E9C4591C0}" = rport=139 | protocol=6 | dir=out | app=system |
"{EE3BC975-B9B2-4921-A4FD-7340283CEAA5}" = rport=137 | protocol=17 | dir=out | app=system |
"{F965E99E-7CE2-4819-A226-A12175B19899}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0284B5E6-1D51-4960-B1A2-3023E04217DF}" = protocol=17 | dir=in | app=c:\program files\sony mobile\update engine\sony mobile update engine.exe |
"{06BC6C83-1A29-4662-882A-56801F31D103}" = protocol=17 | dir=in | app=d:\veškeré hry!\far cry 2\bin\fc2launcher.exe |
"{137631A1-CC1A-490B-B880-436D90D9C7B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1AB00174-24D8-47F2-B752-61F9002191EB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2979FEBF-18ED-4A52-9A02-580CCBE0DE03}" = dir=out | app=c:\program files\iobit\advanced systemcare\surfing protection\ffnativemessage.exe |
"{33B80128-4DA7-45DA-A0EC-F4650C2C2956}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{354E1A03-CDB1-4F72-9F80-10E78998FF46}" = protocol=17 | dir=in | app=d:\veškeré hry!\far cry 2\bin\farcry2.exe |
"{4275BA9A-9B9D-45F1-8FF6-97EE74B1D074}" = protocol=6 | dir=out | app=system |
"{43CEFB2A-8076-4E74-8A3D-53F4A545BAE6}" = dir=in | app=c:\program files\iobit\advanced systemcare\surfing protection\ffnativemessage.exe |
"{4FF5BFE4-1573-46CC-8F52-0F9D64480D3E}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{51A7494B-8A9C-404E-87FA-3A527AD11D2E}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{57257700-33D8-4529-86F4-862091E2656A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{5EE87784-3D3D-4435-AA4B-349A89EBB154}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{63DD75F6-4A4A-404E-969C-7739E89BF3C8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{64C0DAA2-4CBC-4A4E-8F0F-20BB52456629}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{796666F9-A1CE-4C7A-8959-A18FDA1AAF6D}" = protocol=6 | dir=in | app=d:\veškeré hry!\far cry 2\bin\farcry2.exe |
"{8291A7C3-B92E-4F13-8B15-15EAE30D73E9}" = protocol=17 | dir=in | app=d:\veškeré hry!\far cry 2\bin\fc2editor.exe |
"{873C6360-B737-4E39-AF33-24434F1D5561}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9764316D-AD21-4E37-9DCB-7064F916DC0D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{99F42C10-2D72-4228-9784-2304B2835F5C}" = protocol=6 | dir=in | app=d:\veškeré hry!\far cry 2\bin\fc2launcher.exe |
"{A27D8670-19D5-4151-879E-20A3358BAD1B}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{A6296234-BAD2-4089-8748-D07AFC0EEED8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{AD18840A-40C1-4663-ADB6-C57FD64D00D5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{AFCA6810-D740-45C4-ABDE-02A1BAA28DA1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B0E47A50-79C1-4A22-9581-5FBB13259E4C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B6807352-0084-467A-AF98-045B173D6E1E}" = protocol=6 | dir=in | app=d:\veškeré hry!\far cry 2\bin\fc2editor.exe |
"{B77AAA27-F5EC-466F-AB8B-C018C12692C0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BB76BF95-60C6-494E-8B6E-C59441C7D0EE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BF160B2B-5422-45C7-B94D-28768F42748C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C55902D1-3DD8-44E7-AC9B-B5B6FC3C7858}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6A91361-CDBE-4B1E-A8F6-A8B82A201FB4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C7C21471-047E-4471-811D-3B03E5DFB775}" = protocol=6 | dir=in | app=c:\program files\sony mobile\update engine\sony mobile update engine.exe |
"{D1968E22-BEEB-4F86-817E-0F0389290570}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DAE38BA0-EC61-4876-B8E7-84B5D4AAE048}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{DE20641C-A4B4-49EC-9770-0C35E15070B2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EA5FFAA0-F550-4F61-A731-A82AAF3D1E59}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FA50C55A-AE04-4FD4-BAD8-7C2A07AD8E86}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{FFE37E0F-8996-4BFC-97E0-A7899447E05A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{62F3A251-DC98-45F5-9C2A-33301371079B}D:\veškeré hry!\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=d:\veškeré hry!\far cry 2\bin\farcry2.exe |
"TCP Query User{65A29C7B-BFA1-47BA-86C3-614875B11B91}D:\veškeré hry!\medal of honor 2010\binaries\moh.exe" = protocol=6 | dir=in | app=d:\veškeré hry!\medal of honor 2010\binaries\moh.exe |
"TCP Query User{9FE4184E-BD9F-4A0E-8A2E-B4BB681DF6E4}D:\veškeré hry!\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=d:\veškeré hry!\call of duty 2\cod2mp_s.exe |
"TCP Query User{D97D702F-07C3-42CA-A019-08D2E77AA9D7}D:\veškeré hry!\call of duty 1\the call of duty\codmp.exe" = protocol=6 | dir=in | app=d:\veškeré hry!\call of duty 1\the call of duty\codmp.exe |
"UDP Query User{250F7390-74BD-4FEA-8E14-43AD903E0E0C}D:\veškeré hry!\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=d:\veškeré hry!\far cry 2\bin\farcry2.exe |
"UDP Query User{830201A0-6222-4B2A-80B6-D70EBFA399C3}D:\veškeré hry!\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=d:\veškeré hry!\call of duty 2\cod2mp_s.exe |
"UDP Query User{A67E1479-8194-465B-8F8E-F520125EE7B6}D:\veškeré hry!\medal of honor 2010\binaries\moh.exe" = protocol=17 | dir=in | app=d:\veškeré hry!\medal of honor 2010\binaries\moh.exe |
"UDP Query User{B618AFB0-0879-497E-8387-F8C9F9280623}D:\veškeré hry!\call of duty 1\the call of duty\codmp.exe" = protocol=17 | dir=in | app=d:\veškeré hry!\call of duty 1\the call of duty\codmp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}" = Microsoft .NET Framework 4.5.1 (CSY)
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{220C463A-2890-4C7F-B97C-C49FE175B849}" = OpenOffice 4.0.1
"{26A24AE4-039D-4CA4-87B4-2F32180121F0}" = Java 8 Update 121
"{26A24AE4-039D-4CA4-87B4-2F83218031F0}" = Java 8 Update 31
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A2C635B-7ECE-4294-AE66-195BBFBC82F7}" = Colin McRae Rally 04
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63B5DA5A-477B-438D-A6A0-118787A4C71B}" = Adobe AIR
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{827B97A9-B347-4110-9F89-37AF2B758F94}" = NHL™ 09
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{C72D7008-266D-4DD8-BF3C-296B736127F6}" = Mafia
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.188
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"Acoustica Beatcraft" = Acoustica Beatcraft
"Acoustica Effects Pack" = Acoustica Effects Pack
"Adobe AIR" = Adobe AIR
"Adobe Flash Player NPAPI" = Adobe Flash Player 24 NPAPI
"Advanced SystemCare_is1" = Advanced SystemCare 10
"AIDA64 Extreme_is1" = AIDA64 Extreme v4.20
"AIMP3" = AIMP3
"Avast" = Avast Free Antivirus
"Avisynth" = AviSynth 2.5
"CCleaner" = CCleaner
"CoD 2 čeština_is1" = CoD 2 čeština
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Electronic Arts Game Updater" = Electronic Arts Game Updater
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FormatFactory" = FormatFactory 3.3.5.0
"Google Chrome" = Google Chrome
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{5A2C635B-7ECE-4294-AE66-195BBFBC82F7}" = Colin McRae Rally 04
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"IObitUninstall" = IObit Uninstaller
"Kalendar" = Kalendář
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.4.1028
"Mozilla Firefox 51.0.1 (x86 cs)" = Mozilla Firefox 51.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PokerStars" = PokerStars
"PunkBusterSvc" = PunkBuster Services
"SafeZone 1.51.2220.62" = SafeZone Stable 1.51.2220.62
"Sniper Skrytý bojovník_is1" = Sniper Skrytý bojovník
"SumatraPDF" = SumatraPDF
"Update Engine" = Sony Mobile Update Engine
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player
"WinRAR archiver" = WinRAR 5.00 (32-bit)
"XnView_is1" = XnView 2.22
"Xvid Video Codec 1.3.2" = Xvid Video Codec
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-756457375-3611543804-2474886263-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.1.2017 11:17:52 | Computer Name = Vladan-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Sony\sony pc companion\Drivers\DPInst64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 22.1.2017 9:05:29 | Computer Name = Vladan-PC | Source = SDFSSvc.exe | ID = 0
Description =
Error - 23.1.2017 10:45:19 | Computer Name = Vladan-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d6727a7 Název chybujícího modulu: snlThirdParty150.bpl_unloaded, verze:
0.0.0.0, časové razítko: 0x5371ee3d Kód výjimky: 0xc0000005 Posun chyby: 0x04b70fef
ID
chybujícího procesu: 0x358 Čas spuštění chybující aplikace: 0x01d2758303763de0 Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: snlThirdParty150.bpl
ID
zprávy: 8f6b2410-e17a-11e6-806f-e0cb4eea0f8b
Error - 25.1.2017 13:31:19 | Computer Name = Vladan-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d6727a7 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x03ea0fef ID chybujícího procesu:
0x748 Čas spuštění chybující aplikace: 0x01d2772442ce25a0 Cesta k chybující aplikaci:
C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: unknown ID zprávy: 14c3f830-e324-11e6-86f9-e0cb4eea0f8b
Error - 29.1.2017 8:04:36 | Computer Name = Vladan-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d6727a7 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x047a0fef ID chybujícího procesu:
0x6f8 Čas spuštění chybující aplikace: 0x01d279ed97c35280 Cesta k chybující aplikaci:
C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: unknown ID zprávy: 1a2b94a0-e61b-11e6-8146-e0cb4eea0f8b
Error - 29.1.2017 8:05:06 | Computer Name = Vladan-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d6727a7 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x047a0fef ID chybujícího procesu:
0x6f8 Čas spuštění chybující aplikace: 0x01d279ed97c35280 Cesta k chybující aplikaci:
C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: unknown ID zprávy: 2b912200-e61b-11e6-8146-e0cb4eea0f8b
Error - 2.2.2017 10:34:59 | Computer Name = Vladan-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d6727a7 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x064f0fef ID chybujícího procesu:
0x714 Čas spuštění chybující aplikace: 0x01d27d57696d4040 Cesta k chybující aplikaci:
C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: unknown ID zprávy: c5f50a50-e954-11e6-b52a-e0cb4eea0f8b
Error - 4.2.2017 6:49:02 | Computer Name = Vladan-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Sony\sony pc companion\Drivers\DPInst64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 6.2.2017 4:32:48 | Computer Name = Vladan-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Sony\sony pc companion\Drivers\DPInst64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 6.2.2017 11:37:42 | Computer Name = Vladan-PC | Source = ESENT | ID = 455
Description = taskhost (648) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Vladan\AppData\Local\Microsoft\Windows\WebCache\V01.log
došlo k chybě -1811 (0xfffff8ed).
[ OSession Events ]
Error - 7.8.2015 11:15:07 | Computer Name = Vladan-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 13, Application Name: Microsoft Office OneNote, Application Version:
12.0.6650.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 1.2.2017 10:36:55 | Computer Name = Vladan-PC | Source = Service Control Manager | ID = 7000
Description = Služba Spybot-S&D 2 Scanner Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 2.2.2017 9:23:07 | Computer Name = Vladan-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Spybot-S&D 2 Scanner Service bylo dosaženo
časového limitu (30000 ms).
Error - 2.2.2017 9:23:07 | Computer Name = Vladan-PC | Source = Service Control Manager | ID = 7000
Description = Služba Spybot-S&D 2 Scanner Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 3.2.2017 9:14:14 | Computer Name = Vladan-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Spybot-S&D 2 Scanner Service bylo dosaženo
časového limitu (30000 ms).
Error - 3.2.2017 9:14:14 | Computer Name = Vladan-PC | Source = Service Control Manager | ID = 7000
Description = Služba Spybot-S&D 2 Scanner Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 3.2.2017 11:42:46 | Computer Name = Vladan-PC | Source = volsnap | ID = 393251
Description = Stínové kopie svazku D: byly přerušeny, protože se nepodařilo zvětšit
úložiště stínové kopie.
Error - 4.2.2017 0:45:31 | Computer Name = Vladan-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (5:44:44, ?4.?2.?2017) bylo neočekávané.
Error - 6.2.2017 1:58:05 | Computer Name = Vladan-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Spybot-S&D 2 Scanner Service bylo dosaženo
časového limitu (30000 ms).
Error - 6.2.2017 1:58:05 | Computer Name = Vladan-PC | Source = Service Control Manager | ID = 7000
Description = Služba Spybot-S&D 2 Scanner Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 6.2.2017 11:30:49 | Computer Name = Vladan-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
< End of report >
OTL logfile created on: 7.2.2017 15:22:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Stažené soubory
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18537)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 58,26% Memory free
6,00 Gb Paging File | 4,50 Gb Available in Paging File | 74,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 45,14 Gb Total Space | 11,49 Gb Free Space | 25,46% Space Free | Partition Type: NTFS
Drive D: | 420,52 Gb Total Space | 9,22 Gb Free Space | 2,19% Space Free | Partition Type: NTFS
Computer Name: VLADAN-PC | User Name: Vladan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2017.02.07 15:17:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Stažené soubory\OTL.exe
PRC - [2017.01.28 08:42:19 | 000,517,576 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2016.11.15 14:41:01 | 009,080,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2016.10.24 14:40:27 | 000,197,128 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016.10.20 17:47:28 | 003,339,552 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
PRC - [2016.10.18 19:21:02 | 003,078,432 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe
PRC - [2016.10.14 10:37:14 | 000,462,624 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
PRC - [2016.09.23 16:02:44 | 002,274,080 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2015.05.26 12:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
PRC - [2014.06.27 10:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014.06.24 09:42:12 | 004,101,576 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014.06.24 09:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014.04.25 13:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2014.02.17 19:38:51 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2016.10.24 14:40:28 | 048,936,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2016.10.24 14:40:27 | 000,169,064 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016.10.19 17:52:42 | 000,078,624 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare\GetProcessDLL.dll
MOD - [2016.09.26 13:59:22 | 000,631,072 | ---- | M] () -- C:\Program Files\IObit\IObit Uninstaller\ProductStatistics.dll
MOD - [2016.09.26 13:59:22 | 000,631,072 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare\ProductStatistics.dll
MOD - [2016.08.18 18:43:40 | 000,442,144 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare\madexcept_.bpl
MOD - [2016.08.18 18:43:36 | 000,059,680 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare\maddisAsm_.bpl
MOD - [2016.08.18 18:43:34 | 000,210,720 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare\madbasic_.bpl
MOD - [2016.06.21 19:30:02 | 000,442,144 | ---- | M] () -- C:\Program Files\IObit\IObit Uninstaller\madexcept_.bpl
MOD - [2016.06.21 19:29:58 | 000,059,680 | ---- | M] () -- C:\Program Files\IObit\IObit Uninstaller\maddisAsm_.bpl
MOD - [2016.06.21 19:29:56 | 000,210,720 | ---- | M] () -- C:\Program Files\IObit\IObit Uninstaller\madbasic_.bpl
MOD - [2015.12.28 13:50:58 | 000,899,872 | ---- | M] () -- C:\Program Files\IObit\IObit Uninstaller\webres.dll
MOD - [2015.12.28 13:50:58 | 000,899,872 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare\webres.dll
MOD - [2015.05.26 12:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
MOD - [2015.05.26 12:38:34 | 000,862,888 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
MOD - [2015.05.26 12:37:42 | 000,078,504 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\32524libfoxloader.dll
MOD - [2014.05.13 11:04:48 | 000,167,768 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014.05.13 11:04:46 | 000,109,400 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014.05.13 11:04:42 | 000,416,600 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
========== Services (SafeList) ==========
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2016.12.14 15:34:25 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016.11.12 19:15:03 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2016.10.24 14:40:27 | 000,197,128 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2016.10.14 10:37:14 | 000,462,624 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare\ASCService.exe -- (AdvancedSystemCareService10)
SRV - [2016.09.28 13:54:46 | 000,359,200 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObit\IObit Uninstaller\IUService.exe -- (IObitUnSvr)
SRV - [2016.08.21 14:05:24 | 000,935,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2014.03.12 17:30:15 | 003,246,040 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2014.02.17 17:42:28 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2014.02.08 17:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.02.05 10:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.02.05 10:32:31 | 015,904,544 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.02.04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.10.13 07:01:16 | 000,804,448 | ---- | M] (Acronis) [On_Demand | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (abby33rc)
DRV - [2016.12.30 07:29:51 | 000,065,344 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswHdsKe.sys -- (aswHdsKe)
DRV - [2016.10.24 16:51:19 | 000,035,096 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2016.10.24 14:41:20 | 000,224,752 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswvmm.sys -- (aswVmm)
DRV - [2016.10.24 14:41:19 | 000,433,768 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2016.10.24 14:41:17 | 000,735,488 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2016.10.24 14:40:29 | 000,118,664 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2016.10.24 14:40:29 | 000,092,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2016.10.24 14:40:29 | 000,091,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2016.10.24 14:40:29 | 000,060,424 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2016.10.24 14:40:29 | 000,034,008 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2015.12.09 16:09:59 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2015.03.06 18:52:39 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2014.03.14 14:12:26 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2014.03.14 14:12:26 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2014.03.12 17:30:16 | 000,167,968 | ---- | M] (Acronis) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV - [2014.03.12 17:30:13 | 000,752,128 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tdrpm273.sys -- (tdrpman273)
DRV - [2014.03.12 17:30:11 | 000,600,928 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV - [2014.03.12 17:29:56 | 000,170,528 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV - [2014.02.15 22:23:41 | 000,076,768 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\fltsrv.sys -- (fltsrv)
DRV - [2014.02.08 19:27:20 | 010,180,896 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013.12.27 19:42:24 | 000,034,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2013.10.02 01:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012.08.23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.08.12 12:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.05.13 19:11:34 | 000,006,504 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009.05.01 03:08:30 | 000,210,464 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007.12.17 17:14:06 | 000,012,400 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\Stažené soubory
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 30 0C 19 5C 0A 9E D1 01 [binary data]
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes,DefaultScope = {FDE9DF76-E760-4E35-9AFF-B40F9D8E35E9}
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{0100AF53-D945-42A7-85CF-7A16D9083CB0}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{119855C9-7EDD-4D73-B75E-E55E2A3AF7C0}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{171BA470-94EC-4D56-86A5-D1E6A6A85D65}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{31A34051-E774-4C37-9744-2A430F53433C}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{D3F358DD-2F02-48D7-BEC2-08FEA6F90A79}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{DA6F7AE2-2F09-4B0E-B790-4D45EB1FD79B}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{E5D4378F-FA6E-4EA2-8B3C-DC57C9B747A5}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{EE5AD64C-7342-4D92-A4DB-0161F86C626C}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{FDE9DF76-E760-4E35-9AFF-B40F9D8E35E9}: "URL" = http://www.bing.com/search?q={searchTer ... 02&pc=UE08
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{FF67341C-D00D-4941-A1D1-EEE224F17524}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_12454
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.hiddenOneOffs: "DuckDuckGo,Heuréka,Mapy.cz,Slunečnice,Wikipedie (cs)"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:51.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.121.2: C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2: C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: D:\moje instalace\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: D:\moje instalace\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: D:\moje instalace\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Vladan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016.10.24 14:40:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016.10.24 14:40:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 51.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 51.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2015.04.17 14:19:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Extensions
[2017.02.02 17:19:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\extensions
[2017.02.02 17:19:26 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2016.11.24 14:24:46 | 001,055,311 | ---- | M] () (No name found) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2017.02.02 17:18:45 | 000,005,527 | ---- | M] () (No name found) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\features\{5424dbbe-3c37-4b8d-9250-b04d3ea061e2}\diagnostics@mozilla.org.xpi
[2017.02.02 17:18:46 | 000,005,336 | ---- | M] () (No name found) -- C:\Users\Vladan\AppData\Roaming\Mozilla\Firefox\Profiles\yhowlmv1.default\features\{5424dbbe-3c37-4b8d-9250-b04d3ea061e2}\hsts-priming@mozilla.org.xpi
[2017.01.28 08:42:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
========== Chrome ==========
CHR - homepage: http://www.seznam.cz/?clid=12454
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.4.3_0\
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\
CHR - Extension: No name found = C:\Users\Vladan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2015.11.20 08:45:42 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll (IObit)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswwebrepie.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files\Seznam.cz\distribution\szninstall.exe ()
O4 - HKU\S-1-5-21-756457375-3611543804-2474886263-1000..\Run: [Advanced SystemCare 10] C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-756457375-3611543804-2474886263-1000..\Run: [cz.seznam.software.szndesktop] C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-21-756457375-3611543804-2474886263-1000..\Run: [Xvid] C:\Program Files\CheckUpdate.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\Veškeré hry!\PokerStarsUpdate.exe (Rational Intellectual Holdings Ltd.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C618E29A-4747-453F-A9AF-9815A5E3B1DC}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6b89a043-021c-11e6-b480-e0cb4eea0f8b}\Shell - "" = AutoRun
O33 - MountPoints2\{6b89a043-021c-11e6-b480-e0cb4eea0f8b}\Shell\AutoRun\command - "" = G:\Lenovo_Suite.exe
O33 - MountPoints2\{9f7c025f-7296-11e6-896d-e0cb4eea0f8b}\Shell - "" = AutoRun
O33 - MountPoints2\{9f7c025f-7296-11e6-896d-e0cb4eea0f8b}\Shell\AutoRun\command - "" = G:\Lenovo_Suite.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2017.02.06 16:32:15 | 000,802,904 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2017.02.06 16:32:15 | 000,144,472 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2017.02.06 16:14:58 | 000,000,000 | ---D | C] -- C:\Users\Vladan\AppData\Roaming\ProductData
[2017.02.06 16:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2017.02.06 16:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2017.02.06 16:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
[2017.02.06 16:13:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\IObit
[2017.02.06 16:13:40 | 000,000,000 | ---D | C] -- C:\Windows\tasks\ImCleanDisabled
[2017.02.06 16:13:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
[2017.02.06 16:13:20 | 000,000,000 | ---D | C] -- C:\Users\Vladan\AppData\Roaming\IObit
[2017.02.06 16:12:59 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2017.02.06 16:12:59 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2017.02.05 15:33:06 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2017.02.05 15:33:06 | 000,000,000 | ---D | C] -- C:\rsit
[2017.02.03 18:04:13 | 000,000,000 | ---D | C] -- C:\Users\Vladan\AppData\Roaming\Unity
[2017.01.19 18:42:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2017.01.12 04:52:43 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2017.01.12 04:52:43 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2017.01.12 04:52:42 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2017.01.12 04:52:42 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2017.01.12 04:52:42 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2017.01.12 04:52:41 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2017.01.12 04:52:41 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2017.01.12 04:52:40 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015.03.22 11:38:17 | 003,509,694 | ---- | C] (Xvid Team) -- C:\Program Files\uninstall.exe
[2015.03.22 11:38:13 | 006,150,331 | ---- | C] (Xvid Team) -- C:\Program Files\autoupdate-windows.exe
[2015.03.22 11:38:12 | 000,166,912 | ---- | C] (Xvid Solutions) -- C:\Program Files\MiniConvert.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2017.02.07 15:25:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2017.02.07 15:22:54 | 000,020,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017.02.07 15:22:54 | 000,020,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017.02.07 15:14:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017.02.06 16:32:15 | 000,802,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2017.02.06 16:32:15 | 000,144,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2017.02.06 16:18:22 | 000,002,217 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 10.lnk
[2017.02.06 16:13:54 | 000,002,103 | ---- | M] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2017.02.02 04:51:49 | 000,002,138 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2017.01.30 20:38:21 | 000,668,138 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2017.01.30 20:38:21 | 000,653,526 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2017.01.30 20:38:21 | 000,140,798 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2017.01.30 20:38:21 | 000,121,398 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2017.01.19 18:41:03 | 000,095,808 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2017.01.10 13:06:48 | 020,358,232 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2017.02.07 15:25:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2017.02.06 16:13:55 | 000,002,115 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
[2017.02.06 16:13:54 | 000,002,103 | ---- | C] () -- C:\Users\Public\Desktop\IObit Uninstaller.lnk
[2017.02.06 16:13:38 | 000,002,217 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 10.lnk
[2015.10.17 13:52:40 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2015.10.17 13:52:29 | 000,107,832 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2015.10.17 13:52:27 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2015.10.14 17:10:50 | 000,000,275 | ---- | C] () -- C:\Windows\game.ini
[2015.04.17 18:39:52 | 000,000,298 | ---- | C] () -- C:\Windows\wininit.ini
[2015.03.22 11:38:18 | 000,000,856 | ---- | C] () -- C:\Program Files\Uninstall Xvid Video Codec.lnk
[2015.03.22 11:38:18 | 000,000,046 | ---- | C] () -- C:\Program Files\xvidhomepage.url
[2015.03.22 11:38:17 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2015.03.22 11:38:17 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2015.03.22 11:38:12 | 000,144,384 | ---- | C] () -- C:\Program Files\xvid_encraw.exe
[2015.03.22 11:38:12 | 000,023,040 | ---- | C] () -- C:\Program Files\MiniCalc.exe
[2015.03.22 11:38:12 | 000,015,227 | ---- | C] () -- C:\Program Files\LICENSE
[2015.03.22 11:38:12 | 000,013,824 | ---- | C] () -- C:\Program Files\StatsReader.exe
[2015.03.22 11:38:12 | 000,009,216 | ---- | C] () -- C:\Program Files\OGMCalc.exe
[2015.03.22 11:38:12 | 000,008,704 | ---- | C] () -- C:\Program Files\vidccleaner.exe
[2015.03.22 11:38:12 | 000,008,192 | ---- | C] () -- C:\Program Files\CheckUpdate.exe
[2015.03.22 11:38:12 | 000,006,144 | ---- | C] () -- C:\Program Files\AviC.exe
[2015.03.22 11:38:12 | 000,002,967 | ---- | C] () -- C:\Program Files\Xvid_Quant_Matrices.zip
[2015.03.22 11:38:12 | 000,002,338 | ---- | C] () -- C:\Program Files\xvid.inf
[2015.03.22 11:38:12 | 000,000,124 | ---- | C] () -- C:\Program Files\update.ini
[2014.11.08 08:35:17 | 000,000,004 | ---- | C] () -- C:\Users\Vladan\AppData\Roaming\appdataFr2.bin
[2014.09.12 18:47:35 | 000,000,406 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014.09.01 09:18:44 | 000,001,248 | ---- | C] () -- C:\Users\Vladan\AppData\Roaming\YJGXUZ
[2014.07.27 09:44:33 | 000,000,003 | ---- | C] () -- C:\Users\Vladan\stut
[2014.07.27 09:42:16 | 000,000,334 | ---- | C] () -- C:\Users\Vladan\rgut
[2014.07.27 07:20:37 | 000,008,073 | ---- | C] () -- C:\Users\Vladan\AppData\Roaming\mslcjsuu.dat
[2014.07.27 07:20:36 | 000,000,029 | ---- | C] () -- C:\Users\Vladan\AppData\Roaming\msyciwq.dat
[2014.03.11 16:54:00 | 000,022,328 | ---- | C] () -- C:\Users\Vladan\AppData\Roaming\PnkBstrK.sys
[2002.08.29 17:33:56 | 000,319,488 | R--- | C] () -- C:\Users\Vladan\AppData\Roaming\MafiaSetup.exe
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.08.06 18:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014.11.04 09:28:19 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\337Games
[2014.03.12 17:37:19 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Acronis
[2014.11.07 19:32:03 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\AdvancedSystemProtector
[2017.02.06 17:15:55 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\AIMP3
[2014.03.02 09:44:26 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Airytec
[2016.10.24 14:41:41 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\AVAST Software
[2014.05.06 14:13:23 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\AVG
[2015.12.09 16:15:01 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\DAEMON Tools Lite
[2014.10.23 07:46:50 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\DVDVideoSoft
[2016.01.13 08:20:36 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\FileOpenerWindows
[2015.08.17 09:43:43 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\fltk.org
[2014.08.31 08:07:32 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Hornil
[2017.02.06 16:15:36 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\IObit
[2015.07.20 10:53:53 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\IsolatedStorage
[2014.02.21 20:04:58 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Leadertech
[2014.02.27 17:29:31 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\OpenOffice
[2015.09.19 16:45:10 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Opera Software
[2017.02.06 16:14:58 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\ProductData
[2016.01.13 07:35:04 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\pyramidak
[2017.02.06 07:03:08 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Seznam.cz
[2015.07.20 10:57:12 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Solvusoft
[2014.03.02 08:42:47 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Sony
[2014.06.09 13:38:58 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\SumatraPDF
[2014.11.08 07:53:14 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Systweak
[2014.04.12 17:46:30 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\TuneUp Software
[2017.02.03 18:04:13 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Unity
[2015.06.02 08:35:06 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\YoWindow
[2016.11.17 11:20:13 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 05:53:46 | 000,032,610 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2014.06.24 09:42:02 | 004,818,848 | ---- | M] (Safer-Networking Ltd.) MD5=280C014187E24860A7C860329513208F -- C:\Program Files\Spybot - Search & Destroy 2\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SERVICES.EXE >
[2015.04.13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\System32\services.exe
[2015.04.13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_d1614ac32b8ec5cf\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2015.04.11 04:53:55 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=97981140500E86E5BBAD7B76BA890146 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_d1d9ee0844ba1cc2\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2014.11.21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2014.04.05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\System32\drivers\tcpip.sys
[2014.04.05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013.11.26 12:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2014.04.05 03:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
< MD5 for: WINLOGON.EXE >
[2014.07.16 03:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014.07.17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014.07.17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2014.11.21 06:12:42 | 000,761,656 | ---- | M] (MalwareBytes) MD5=625BB08813743947985B0DEEFC35ED12 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2014.03.04 10:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 11:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\Temp\_avast_\*.tmp files -> C:\Windows\Temp\_avast_\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014.11.04 09:28:19 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\337Games
[2014.03.12 17:37:19 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Acronis
[2016.11.19 15:14:48 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Adobe
[2014.11.07 19:32:03 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\AdvancedSystemProtector
[2017.02.06 17:15:55 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\AIMP3
[2014.03.02 09:44:26 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Airytec
[2016.10.24 14:41:41 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\AVAST Software
[2014.05.06 14:13:23 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\AVG
[2015.12.09 16:15:01 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\DAEMON Tools Lite
[2014.10.23 07:46:50 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\DVDVideoSoft
[2016.01.13 08:20:36 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\FileOpenerWindows
[2015.08.17 09:43:43 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\fltk.org
[2014.08.31 08:07:32 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Hornil
[2014.02.15 19:02:49 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Identities
[2014.02.19 16:33:53 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\InstallShield
[2017.02.06 16:15:36 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\IObit
[2015.07.20 10:53:53 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\IsolatedStorage
[2014.02.21 20:04:58 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Leadertech
[2014.02.17 17:21:20 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Macromedia
[2014.10.01 07:55:32 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Malwarebytes
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Media Center Programs
[2015.07.20 10:38:01 | 000,000,000 | --SD | M] -- C:\Users\Vladan\AppData\Roaming\Microsoft
[2015.04.17 14:19:13 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Mozilla
[2015.10.05 16:45:00 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\NVIDIA
[2014.02.27 17:29:31 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\OpenOffice
[2015.09.19 16:45:10 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Opera Software
[2017.02.06 16:14:58 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\ProductData
[2016.01.13 07:35:04 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\pyramidak
[2014.02.22 11:39:04 | 000,000,000 | RH-D | M] -- C:\Users\Vladan\AppData\Roaming\SecuROM
[2017.02.06 07:03:08 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Seznam.cz
[2015.07.20 10:57:12 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Solvusoft
[2014.03.02 08:42:47 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Sony
[2014.06.09 13:38:58 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\SumatraPDF
[2016.10.25 14:55:08 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Sun
[2014.11.08 07:53:14 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Systweak
[2014.04.12 17:46:30 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\TuneUp Software
[2017.02.03 18:04:13 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Unity
[2017.02.06 19:29:25 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\vlc
[2014.02.15 23:26:14 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\WinRAR
[2015.06.02 08:35:06 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\YoWindow
[2016.11.17 11:20:13 | 000,000,000 | ---D | M] -- C:\Users\Vladan\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2002.08.29 17:33:56 | 000,319,488 | R--- | M] () -- C:\Users\Vladan\AppData\Roaming\MafiaSetup.exe
[2015.12.24 18:58:54 | 000,071,856 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\FileOpenerWindows\wfo.exe
[2013.05.16 14:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 14:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.16 11:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2015.05.26 12:36:54 | 000,073,896 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2015.05.26 12:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2015.05.26 12:38:44 | 000,103,080 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2016.11.01 09:51:18 | 000,091,136 | ---- | M] () -- C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\x64loader.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2015.12.09 16:09:59 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2017.02.07 15:22:54 | 000,020,704 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017.02.07 15:22:54 | 000,020,704 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017.02.06 16:32:15 | 000,802,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2017.02.06 16:32:15 | 000,144,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ISUSPM Startup" = C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup -- [2004.06.16 06:03:26 | 000,221,184 | ---- | M] (InstallShield Software Corporation)
"Xvid" = C:\Program Files\CheckUpdate.exe -- [2011.01.17 20:41:43 | 000,008,192 | ---- | M] ()
"cz.seznam.software.szndesktop" = "C:\Users\Vladan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -- [2015.05.26 12:38:44 | 000,103,080 | ---- | M] ()
"Advanced SystemCare 10" = "C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /Auto -- [2016.10.18 19:21:02 | 003,078,432 | ---- | M] (IObit)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2017.01.28 08:42:19 | 000,517,576 | ---- | M] (Mozilla Corporation) MD5=2EF2B10E5F65FB054D2D54BDA54D230B -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2016.11.14 23:39:49 | 000,815,312 | ---- | M] (Microsoft Corporation) MD5=EE79D654A04333F566DF07EBDE217928 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2017.02.01 10:01:18 | 000,945,496 | ---- | M] (Google Inc.) MD5=38372AA4CC9FBD0EB7A26FC7B5F24562 -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2017.02.07 15:25:40 | 000,000,512 | ---- | M] () MD5=DF4533203F044772117C30DFF7B28D12 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2003.04.30 16:53:36 | 000,087,536 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\textures\decals\decal@stone_cracked1.dds
[2003.06.16 14:58:24 | 000,174,904 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\textures\germany\walls\rock@damface2cracked.dds
< *keygen* /s >
< *loader* /s >
[2003.09.24 13:32:50 | 000,012,597 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_fire_antiair
[2003.09.24 13:32:50 | 000,013,430 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_fire_antitank
[2003.09.24 13:32:50 | 000,002,614 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_idle_antiair
[2003.09.24 13:32:50 | 000,002,349 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_idle_antitank
[2003.09.24 13:32:50 | 000,002,209 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_preturnidle_antitank
[2003.09.24 13:32:54 | 000,006,798 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_turn_antiair
[2003.09.24 13:32:52 | 000,006,882 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_turn_antitank
[2003.09.24 13:32:52 | 000,003,475 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_twitch_antiair
[2003.09.24 13:32:52 | 000,003,976 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flak88_loader_twitch_antitank
[2003.09.24 13:33:14 | 000,018,794 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flakpanzer_leftloader_fire_a
[2003.09.24 13:33:14 | 000,004,714 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flakpanzer_leftloader_fire_b
[2003.09.24 13:33:16 | 000,013,741 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flakpanzer_rightloader_fire_a
[2003.09.24 13:33:16 | 000,004,135 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\flakpanzer_rightloader_fire_b
[2003.09.24 13:31:52 | 000,010,852 | ---- | M] () -- \Veškeré hry!\call of duty 1\The Call of Duty\Main\xanim\scripted_mg42loader_shoot
[2006.04.07 16:59:02 | 000,049,152 | ---- | M] () -- \Veškeré hry!\Gothic 3\PhysXLoader.dll
[2010.08.24 16:23:59 | 000,071,008 | ---- | M] () -- \Veškeré hry!\Mafia 2\pc\PhysXLoader.dll
[2010.09.01 18:45:20 | 000,065,536 | ---- | M] () -- \Veškeré hry!\Medal of Honor 2010\Binaries\PhysXLocal\PhysXLoader.dll
[2016.12.24 07:43:54 | 000,248,055 | ---- | M] () -- \Veškeré hry!\xc\packages\common\pub\preloader.swf
< End of report >
Druhý LOG:
OTL Extras logfile created on: 7.2.2017 15:22:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Stažené soubory
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18537)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 58,26% Memory free
6,00 Gb Paging File | 4,50 Gb Available in Paging File | 74,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 45,14 Gb Total Space | 11,49 Gb Free Space | 25,46% Space Free | Partition Type: NTFS
Drive D: | 420,52 Gb Total Space | 9,22 Gb Free Space | 2,19% Space Free | Partition Type: NTFS
Computer Name: VLADAN-PC | User Name: Vladan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = OperaStable] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-756457375-3611543804-2474886263-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
http [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1"
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Users\Vladan\AppData\Roaming\FileOpenerWindows\wfo.exe "%1" ()
Directory [AddToPlaylistVLC] -- "D:\moje instalace\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\moje instalace\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F3D8304-E0A1-407F-825F-DB62BE113484}" = lport=139 | protocol=6 | dir=in | app=system |
"{1878770D-9595-428B-87A4-0D3406D0D733}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{27D2CC46-F890-4AA3-B66A-A28A6F69881D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2F24E8A2-F5D6-4962-943D-9DA157D08268}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2F67F7EE-B162-4401-9798-252342D26EC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{38F098B5-CED0-47B2-A8AF-028CE7BFF259}" = rport=445 | protocol=6 | dir=out | app=system |
"{3A9F5CD6-C310-44C8-AED5-AC296D20FD37}" = lport=137 | protocol=17 | dir=in | app=system |
"{3C4100A6-71FA-4684-84E2-2FD715F57754}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{3CE71D38-F9BC-47AC-B35A-F26D80579EE0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{411EB758-0F90-4E86-8914-8915A3B62235}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{444F147F-C862-4F4D-8E96-165C106FB1A5}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{50535B19-AED5-4B6F-BC10-CD838FF120D3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{65C42B43-1AE4-4028-A679-B00EC3C12A64}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{78901BC8-2D4F-4D8B-A009-FF4218EA1889}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7AA37CC6-F02E-4E8A-8E7A-18B306FC7101}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{89737443-6E05-4EA1-90C4-0FFEB7FA44DA}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{94505A10-A842-4757-9393-F5F15696CB73}" = lport=10243 | protocol=6 | dir=in | app=system |
"{97C4F451-74B2-427F-B0BF-4137C8476894}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9C396718-A2C1-4D6E-9459-794C1DA2D048}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9D01EA84-EEC7-4A7A-BA40-DA1BA52694F4}" = lport=445 | protocol=6 | dir=in | app=system |
"{A1335C6D-E699-4E32-B140-1D89B9A6B4F4}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{A594A18D-CF9C-42A2-A421-E7C0406A676C}" = rport=138 | protocol=17 | dir=out | app=system |
"{B102540A-02CA-49E3-996F-7D105A4B7A0F}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B5616E81-C317-48ED-BA2A-54FAAA3D5EB0}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{BB35D3E3-A455-44F2-B49C-C1A32F3957C6}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{CC28389A-19ED-42A4-85F6-4C58DCC2D0C1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CE234D32-21F7-4D03-B7A9-BAAE3DCF309A}" = lport=138 | protocol=17 | dir=in | app=system |
"{D8EE83BE-7750-42D1-AA80-8750F84214FC}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{E6662035-EE93-4AA7-89CD-FE3E9C4591C0}" = rport=139 | protocol=6 | dir=out | app=system |
"{EE3BC975-B9B2-4921-A4FD-7340283CEAA5}" = rport=137 | protocol=17 | dir=out | app=system |
"{F965E99E-7CE2-4819-A226-A12175B19899}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0284B5E6-1D51-4960-B1A2-3023E04217DF}" = protocol=17 | dir=in | app=c:\program files\sony mobile\update engine\sony mobile update engine.exe |
"{06BC6C83-1A29-4662-882A-56801F31D103}" = protocol=17 | dir=in | app=d:\veškeré hry!\far cry 2\bin\fc2launcher.exe |
"{137631A1-CC1A-490B-B880-436D90D9C7B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1AB00174-24D8-47F2-B752-61F9002191EB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2979FEBF-18ED-4A52-9A02-580CCBE0DE03}" = dir=out | app=c:\program files\iobit\advanced systemcare\surfing protection\ffnativemessage.exe |
"{33B80128-4DA7-45DA-A0EC-F4650C2C2956}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{354E1A03-CDB1-4F72-9F80-10E78998FF46}" = protocol=17 | dir=in | app=d:\veškeré hry!\far cry 2\bin\farcry2.exe |
"{4275BA9A-9B9D-45F1-8FF6-97EE74B1D074}" = protocol=6 | dir=out | app=system |
"{43CEFB2A-8076-4E74-8A3D-53F4A545BAE6}" = dir=in | app=c:\program files\iobit\advanced systemcare\surfing protection\ffnativemessage.exe |
"{4FF5BFE4-1573-46CC-8F52-0F9D64480D3E}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{51A7494B-8A9C-404E-87FA-3A527AD11D2E}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{57257700-33D8-4529-86F4-862091E2656A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{5EE87784-3D3D-4435-AA4B-349A89EBB154}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{63DD75F6-4A4A-404E-969C-7739E89BF3C8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{64C0DAA2-4CBC-4A4E-8F0F-20BB52456629}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{796666F9-A1CE-4C7A-8959-A18FDA1AAF6D}" = protocol=6 | dir=in | app=d:\veškeré hry!\far cry 2\bin\farcry2.exe |
"{8291A7C3-B92E-4F13-8B15-15EAE30D73E9}" = protocol=17 | dir=in | app=d:\veškeré hry!\far cry 2\bin\fc2editor.exe |
"{873C6360-B737-4E39-AF33-24434F1D5561}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9764316D-AD21-4E37-9DCB-7064F916DC0D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{99F42C10-2D72-4228-9784-2304B2835F5C}" = protocol=6 | dir=in | app=d:\veškeré hry!\far cry 2\bin\fc2launcher.exe |
"{A27D8670-19D5-4151-879E-20A3358BAD1B}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{A6296234-BAD2-4089-8748-D07AFC0EEED8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{AD18840A-40C1-4663-ADB6-C57FD64D00D5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{AFCA6810-D740-45C4-ABDE-02A1BAA28DA1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B0E47A50-79C1-4A22-9581-5FBB13259E4C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B6807352-0084-467A-AF98-045B173D6E1E}" = protocol=6 | dir=in | app=d:\veškeré hry!\far cry 2\bin\fc2editor.exe |
"{B77AAA27-F5EC-466F-AB8B-C018C12692C0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BB76BF95-60C6-494E-8B6E-C59441C7D0EE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BF160B2B-5422-45C7-B94D-28768F42748C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C55902D1-3DD8-44E7-AC9B-B5B6FC3C7858}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C6A91361-CDBE-4B1E-A8F6-A8B82A201FB4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C7C21471-047E-4471-811D-3B03E5DFB775}" = protocol=6 | dir=in | app=c:\program files\sony mobile\update engine\sony mobile update engine.exe |
"{D1968E22-BEEB-4F86-817E-0F0389290570}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DAE38BA0-EC61-4876-B8E7-84B5D4AAE048}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{DE20641C-A4B4-49EC-9770-0C35E15070B2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EA5FFAA0-F550-4F61-A731-A82AAF3D1E59}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FA50C55A-AE04-4FD4-BAD8-7C2A07AD8E86}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{FFE37E0F-8996-4BFC-97E0-A7899447E05A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{62F3A251-DC98-45F5-9C2A-33301371079B}D:\veškeré hry!\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=d:\veškeré hry!\far cry 2\bin\farcry2.exe |
"TCP Query User{65A29C7B-BFA1-47BA-86C3-614875B11B91}D:\veškeré hry!\medal of honor 2010\binaries\moh.exe" = protocol=6 | dir=in | app=d:\veškeré hry!\medal of honor 2010\binaries\moh.exe |
"TCP Query User{9FE4184E-BD9F-4A0E-8A2E-B4BB681DF6E4}D:\veškeré hry!\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=d:\veškeré hry!\call of duty 2\cod2mp_s.exe |
"TCP Query User{D97D702F-07C3-42CA-A019-08D2E77AA9D7}D:\veškeré hry!\call of duty 1\the call of duty\codmp.exe" = protocol=6 | dir=in | app=d:\veškeré hry!\call of duty 1\the call of duty\codmp.exe |
"UDP Query User{250F7390-74BD-4FEA-8E14-43AD903E0E0C}D:\veškeré hry!\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=d:\veškeré hry!\far cry 2\bin\farcry2.exe |
"UDP Query User{830201A0-6222-4B2A-80B6-D70EBFA399C3}D:\veškeré hry!\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=d:\veškeré hry!\call of duty 2\cod2mp_s.exe |
"UDP Query User{A67E1479-8194-465B-8F8E-F520125EE7B6}D:\veškeré hry!\medal of honor 2010\binaries\moh.exe" = protocol=17 | dir=in | app=d:\veškeré hry!\medal of honor 2010\binaries\moh.exe |
"UDP Query User{B618AFB0-0879-497E-8387-F8C9F9280623}D:\veškeré hry!\call of duty 1\the call of duty\codmp.exe" = protocol=17 | dir=in | app=d:\veškeré hry!\call of duty 1\the call of duty\codmp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}" = Microsoft .NET Framework 4.5.1 (CSY)
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{220C463A-2890-4C7F-B97C-C49FE175B849}" = OpenOffice 4.0.1
"{26A24AE4-039D-4CA4-87B4-2F32180121F0}" = Java 8 Update 121
"{26A24AE4-039D-4CA4-87B4-2F83218031F0}" = Java 8 Update 31
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A2C635B-7ECE-4294-AE66-195BBFBC82F7}" = Colin McRae Rally 04
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63B5DA5A-477B-438D-A6A0-118787A4C71B}" = Adobe AIR
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{827B97A9-B347-4110-9F89-37AF2B758F94}" = NHL™ 09
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{C72D7008-266D-4DD8-BF3C-296B736127F6}" = Mafia
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.188
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"Acoustica Beatcraft" = Acoustica Beatcraft
"Acoustica Effects Pack" = Acoustica Effects Pack
"Adobe AIR" = Adobe AIR
"Adobe Flash Player NPAPI" = Adobe Flash Player 24 NPAPI
"Advanced SystemCare_is1" = Advanced SystemCare 10
"AIDA64 Extreme_is1" = AIDA64 Extreme v4.20
"AIMP3" = AIMP3
"Avast" = Avast Free Antivirus
"Avisynth" = AviSynth 2.5
"CCleaner" = CCleaner
"CoD 2 čeština_is1" = CoD 2 čeština
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Electronic Arts Game Updater" = Electronic Arts Game Updater
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FormatFactory" = FormatFactory 3.3.5.0
"Google Chrome" = Google Chrome
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{5A2C635B-7ECE-4294-AE66-195BBFBC82F7}" = Colin McRae Rally 04
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"IObitUninstall" = IObit Uninstaller
"Kalendar" = Kalendář
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.4.1028
"Mozilla Firefox 51.0.1 (x86 cs)" = Mozilla Firefox 51.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PokerStars" = PokerStars
"PunkBusterSvc" = PunkBuster Services
"SafeZone 1.51.2220.62" = SafeZone Stable 1.51.2220.62
"Sniper Skrytý bojovník_is1" = Sniper Skrytý bojovník
"SumatraPDF" = SumatraPDF
"Update Engine" = Sony Mobile Update Engine
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player
"WinRAR archiver" = WinRAR 5.00 (32-bit)
"XnView_is1" = XnView 2.22
"Xvid Video Codec 1.3.2" = Xvid Video Codec
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-756457375-3611543804-2474886263-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.1.2017 11:17:52 | Computer Name = Vladan-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Sony\sony pc companion\Drivers\DPInst64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 22.1.2017 9:05:29 | Computer Name = Vladan-PC | Source = SDFSSvc.exe | ID = 0
Description =
Error - 23.1.2017 10:45:19 | Computer Name = Vladan-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d6727a7 Název chybujícího modulu: snlThirdParty150.bpl_unloaded, verze:
0.0.0.0, časové razítko: 0x5371ee3d Kód výjimky: 0xc0000005 Posun chyby: 0x04b70fef
ID
chybujícího procesu: 0x358 Čas spuštění chybující aplikace: 0x01d2758303763de0 Cesta
k chybující aplikaci: C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: snlThirdParty150.bpl
ID
zprávy: 8f6b2410-e17a-11e6-806f-e0cb4eea0f8b
Error - 25.1.2017 13:31:19 | Computer Name = Vladan-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d6727a7 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x03ea0fef ID chybujícího procesu:
0x748 Čas spuštění chybující aplikace: 0x01d2772442ce25a0 Cesta k chybující aplikaci:
C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: unknown ID zprávy: 14c3f830-e324-11e6-86f9-e0cb4eea0f8b
Error - 29.1.2017 8:04:36 | Computer Name = Vladan-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d6727a7 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x047a0fef ID chybujícího procesu:
0x6f8 Čas spuštění chybující aplikace: 0x01d279ed97c35280 Cesta k chybující aplikaci:
C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: unknown ID zprávy: 1a2b94a0-e61b-11e6-8146-e0cb4eea0f8b
Error - 29.1.2017 8:05:06 | Computer Name = Vladan-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d6727a7 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x047a0fef ID chybujícího procesu:
0x6f8 Čas spuštění chybující aplikace: 0x01d279ed97c35280 Cesta k chybující aplikaci:
C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: unknown ID zprávy: 2b912200-e61b-11e6-8146-e0cb4eea0f8b
Error - 2.2.2017 10:34:59 | Computer Name = Vladan-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové
razítko: 0x4d6727a7 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x064f0fef ID chybujícího procesu:
0x714 Čas spuštění chybující aplikace: 0x01d27d57696d4040 Cesta k chybující aplikaci:
C:\Windows\Explorer.EXE Cesta k chybujícímu modulu: unknown ID zprávy: c5f50a50-e954-11e6-b52a-e0cb4eea0f8b
Error - 4.2.2017 6:49:02 | Computer Name = Vladan-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Sony\sony pc companion\Drivers\DPInst64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 6.2.2017 4:32:48 | Computer Name = Vladan-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Sony\sony pc companion\Drivers\DPInst64.exe
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error - 6.2.2017 11:37:42 | Computer Name = Vladan-PC | Source = ESENT | ID = 455
Description = taskhost (648) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Vladan\AppData\Local\Microsoft\Windows\WebCache\V01.log
došlo k chybě -1811 (0xfffff8ed).
[ OSession Events ]
Error - 7.8.2015 11:15:07 | Computer Name = Vladan-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 13, Application Name: Microsoft Office OneNote, Application Version:
12.0.6650.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 1.2.2017 10:36:55 | Computer Name = Vladan-PC | Source = Service Control Manager | ID = 7000
Description = Služba Spybot-S&D 2 Scanner Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 2.2.2017 9:23:07 | Computer Name = Vladan-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Spybot-S&D 2 Scanner Service bylo dosaženo
časového limitu (30000 ms).
Error - 2.2.2017 9:23:07 | Computer Name = Vladan-PC | Source = Service Control Manager | ID = 7000
Description = Služba Spybot-S&D 2 Scanner Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 3.2.2017 9:14:14 | Computer Name = Vladan-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Spybot-S&D 2 Scanner Service bylo dosaženo
časového limitu (30000 ms).
Error - 3.2.2017 9:14:14 | Computer Name = Vladan-PC | Source = Service Control Manager | ID = 7000
Description = Služba Spybot-S&D 2 Scanner Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 3.2.2017 11:42:46 | Computer Name = Vladan-PC | Source = volsnap | ID = 393251
Description = Stínové kopie svazku D: byly přerušeny, protože se nepodařilo zvětšit
úložiště stínové kopie.
Error - 4.2.2017 0:45:31 | Computer Name = Vladan-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (5:44:44, ?4.?2.?2017) bylo neočekávané.
Error - 6.2.2017 1:58:05 | Computer Name = Vladan-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Spybot-S&D 2 Scanner Service bylo dosaženo
časového limitu (30000 ms).
Error - 6.2.2017 1:58:05 | Computer Name = Vladan-PC | Source = Service Control Manager | ID = 7000
Description = Služba Spybot-S&D 2 Scanner Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 6.2.2017 11:30:49 | Computer Name = Vladan-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý chod a vypadávání zásuvných modulů
Spusťte znovu OTL jako správce.
Do spodniho okna vlozte nasledujici text:
Po restartu se objevi novy log, ten sem dejte.
Do spodniho okna vlozte nasledujici text:
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.:OTL
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (abby33rc)
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-756457375-3611543804-2474886263-1000\..\SearchScopes\{FDE9DF76-E760-4E35-9AFF-B40F9D8E35E9}: "URL" = http://www.bing.com/search?q={searchTer ... 02&pc=UE08
FF - user.js - File not found
O13 - gopher Prefix: missing
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{6b89a043-021c-11e6-b480-e0cb4eea0f8b}\Shell - "" = AutoRun
O33 - MountPoints2\{6b89a043-021c-11e6-b480-e0cb4eea0f8b}\Shell\AutoRun\command - "" = G:\Lenovo_Suite.exe
O33 - MountPoints2\{9f7c025f-7296-11e6-896d-e0cb4eea0f8b}\Shell - "" = AutoRun
O33 - MountPoints2\{9f7c025f-7296-11e6-896d-e0cb4eea0f8b}\Shell\AutoRun\command - "" = G:\Lenovo_Suite.exe
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]
Po restartu se objevi novy log, ten sem dejte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý chod a vypadávání zásuvných modulů
Log z OTL:
All processes killed
========== OTL ==========
Error: No service named abby33rc was found to stop!
Service\Driver key abby33rc not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-756457375-3611543804-2474886263-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FDE9DF76-E760-4E35-9AFF-B40F9D8E35E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FDE9DF76-E760-4E35-9AFF-B40F9D8E35E9}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b89a043-021c-11e6-b480-e0cb4eea0f8b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6b89a043-021c-11e6-b480-e0cb4eea0f8b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b89a043-021c-11e6-b480-e0cb4eea0f8b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6b89a043-021c-11e6-b480-e0cb4eea0f8b}\ not found.
File G:\Lenovo_Suite.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f7c025f-7296-11e6-896d-e0cb4eea0f8b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9f7c025f-7296-11e6-896d-e0cb4eea0f8b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f7c025f-7296-11e6-896d-e0cb4eea0f8b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9f7c025f-7296-11e6-896d-e0cb4eea0f8b}\ not found.
File G:\Lenovo_Suite.exe not found.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\455F074C814E4520B69B5584BD90400C.TMP folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 314760 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Guest
User: HomeGroupUser$
User: Public
User: Vladan
->Temp folder emptied: 94842449 bytes
->Temporary Internet Files folder emptied: 2916581 bytes
->Java cache emptied: 42131 bytes
->FireFox cache emptied: 334827895 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 4224 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1722210 bytes
RecycleBin emptied: 2053379323 bytes
Total Files Cleaned = 2 373,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Guest
User: HomeGroupUser$
User: Public
User: Vladan
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 02082017_164707
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20161024175141.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20161024175142.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20161024175149.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20161025045034.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20161025045035.log scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
Error: No service named abby33rc was found to stop!
Service\Driver key abby33rc not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-756457375-3611543804-2474886263-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FDE9DF76-E760-4E35-9AFF-B40F9D8E35E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FDE9DF76-E760-4E35-9AFF-B40F9D8E35E9}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b89a043-021c-11e6-b480-e0cb4eea0f8b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6b89a043-021c-11e6-b480-e0cb4eea0f8b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b89a043-021c-11e6-b480-e0cb4eea0f8b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6b89a043-021c-11e6-b480-e0cb4eea0f8b}\ not found.
File G:\Lenovo_Suite.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f7c025f-7296-11e6-896d-e0cb4eea0f8b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9f7c025f-7296-11e6-896d-e0cb4eea0f8b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9f7c025f-7296-11e6-896d-e0cb4eea0f8b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9f7c025f-7296-11e6-896d-e0cb4eea0f8b}\ not found.
File G:\Lenovo_Suite.exe not found.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\455F074C814E4520B69B5584BD90400C.TMP folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 314760 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Guest
User: HomeGroupUser$
User: Public
User: Vladan
->Temp folder emptied: 94842449 bytes
->Temporary Internet Files folder emptied: 2916581 bytes
->Java cache emptied: 42131 bytes
->FireFox cache emptied: 334827895 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 4224 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1722210 bytes
RecycleBin emptied: 2053379323 bytes
Total Files Cleaned = 2 373,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Guest
User: HomeGroupUser$
User: Public
User: Vladan
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 02082017_164707
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20161024175141.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20161024175142.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20161024175149.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20161025045034.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20161025045035.log scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý chod a vypadávání zásuvných modulů
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý chod a vypadávání zásuvných modulů
Určitě, pc se zrychlilo, načítání složek např. s fotkama běží plynule a rychle. Zmizela nějaká nějaká hláška, která prý vyskakovala po zapnutí pc(o které jsem ani nevěděl) a zrychlení na webu se také projevilo, až na jisté výjimky, které asi budou zapříčiněné flash playerem, ketrý se nějak nechce upgradovat na nejnovější verzi.
Zatím můžeme poděkovat a kdyby se něco změnilo, ozvali bychom se.
Já se možná ještě některý den ozvu se svým PC na kontrolu.
Přeji hezký zbytek dne.
Zatím můžeme poděkovat a kdyby se něco změnilo, ozvali bychom se.
Já se možná ještě některý den ozvu se svým PC na kontrolu.
Přeji hezký zbytek dne.
-
Rudy
- Site Admin
- Příspěvky: 119671
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý chod a vypadávání zásuvných modulů
Zkuste FP přeinstalovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?