VIRY.CZ

ja taky.)

budu sledovat, i kdyz tech startu zase tolik nebude. zkusim nejaky "navic" udelat, at muzu poreferovat.
zatim moc dekuju a dobrou noc.

nemate zac


zitra to dokoncime

zdravim a omlouvam se za zpozdenou odpoved, byl jsem nemocny, tak ani toho zkouseni nebylo tolik. tak se dostavam k odpovedi az ted. start je bohuzel porad pomaly. rychly byl jen ten jeden po restartu po oprave. coz se vicemene kryje s mou zkusenosti, kterou jsem popsal, ze prvni start po aktualizaci win byva rychly. muze byt problem v tom raidu, resp. programu, kterej ho monitoruje?

Ano, tomu prikladam nejvetsi pravdepodobnost.

Nakoukneme detailneji, co se deje pod poklickou

• Ulozte na plochu OTL http://oldtimer.geekstogo.com/OTL.exe
• kliknete pravym na ikonu OTL a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• zatrhnete moznosti Pro vsechny uzivatele, Kontrola na havet "LOP", Kontrola na havěť "Purity"
• do okna dole (Custom Scans/Fixes) zkopirujte script, ktery je nize
• zbytek ponechte, jak je a kliknete na Prohledat
• vysledne logy (OTL.txt a Extras.txt) budou dlouhe, takze je rozdelte do vice prispevku (odpovedi)

zdravim, tak vcera asi po deseti hodinach skenovani mi OTL vyhodil hlasku "cannot create file ...\plocha\cmd.bat"
dal se tvaril, ze skenuje, ale neskenoval. nebo skoncil a jen mi neotevrel logy? zkousim ted ten sken znova..

Tak dlouho OTL urcite skenovat nema (do pul hodiny, casto mene). Po kliknuti na tlacitko Prohledat ve spodni casti okna vidite, co prave OTL prohledava.

Pokud se nepodari ani napodruhe, nevkladejte do OTL skript (zbytek navodu zustava).

ano, tam se prave divam, ted je to u "documents and settings\all users\data aplikaci\data aplikaci\data aplikaci\data aplikaci\data aplikaci\data aplikaci\data aplikaci\data aplikaci\microsoft..." a tam to nejspis stravi (podle vcerejsi zkusenosti) nekolik dalsich hodin

Tak pustte OTL bez skriptu.

tak ted uz to neco vyplivlo.)


OTL logfile created on: 12.11.2014 12:06:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dexter\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 0,68 Gb Available Physical Memory | 17,05% Memory free
7,90 Gb Paging File | 4,60 Gb Available in Paging File | 58,21% Paging File free
Paging file location(s): e:\pagefile.sys 4000 8000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,53 Gb Total Space | 8,11 Gb Free Space | 13,62% Space Free | Partition Type: NTFS
Drive E: | 244,14 Gb Total Space | 48,74 Gb Free Space | 19,97% Space Free | Partition Type: NTFS
Drive F: | 454,49 Gb Total Space | 59,54 Gb Free Space | 13,10% Space Free | Partition Type: NTFS
Drive G: | 279,46 Gb Total Space | 159,16 Gb Free Space | 56,95% Space Free | Partition Type: NTFS
Drive I: | 350,39 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: DEXTER-PC | User Name: Dexter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.11.11 12:27:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dexter\Desktop\OTL.exe
PRC - [2014.10.21 17:52:24 | 022,869,088 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2014.09.12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.07.31 20:15:04 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014.07.25 14:51:18 | 002,403,104 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.07.25 14:51:13 | 001,720,608 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014.07.07 19:14:30 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.07.02 18:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.01.02 14:10:28 | 002,448,032 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2013.01.02 13:38:50 | 000,073,984 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2012.08.14 08:47:18 | 000,203,640 | ---- | M] (X-Rite Inc.) -- C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
PRC - [2012.02.01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.02.01 16:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012.01.09 05:04:22 | 000,410,942 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe InDesign CS5\Utilities\adb.exe
PRC - [2011.03.23 15:38:56 | 003,344,736 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe InDesign CS5\InDesign.exe
PRC - [2010.07.22 22:10:47 | 000,402,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
PRC - [2010.07.16 11:45:00 | 004,293,640 | ---- | M] (ApoliSoft) -- C:\Program Files (x86)\Font Fitting Room Deluxe\ffr.exe
PRC - [2010.04.07 14:00:04 | 005,758,976 | ---- | M] (http://www.emule-project.net) -- C:\Program Files (x86)\eMule\emule.exe
PRC - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
PRC - [2009.10.08 14:12:06 | 000,049,152 | ---- | M] (Samsung) -- C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe
PRC - [2007.12.11 03:03:00 | 000,151,552 | R--- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\EPSON\BSTM\PG\E_L20IC2.EXE
PRC - [2007.11.21 18:27:56 | 000,143,360 | ---- | M] (Impacct) -- C:\Program Files (x86)\Plustek\OpticBook 3600\Am32Plus.exe
PRC - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe


========== Modules (No Company Name) ==========

MOD - [2014.11.12 10:31:20 | 001,175,040 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\wx._core_.pyd
MOD - [2014.11.12 10:31:20 | 001,160,704 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\_ssl.pyd
MOD - [2014.11.12 10:31:20 | 001,062,400 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\wx._controls_.pyd
MOD - [2014.11.12 10:31:20 | 000,811,008 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\wx._windows_.pyd
MOD - [2014.11.12 10:31:20 | 000,805,888 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\wx._gdi_.pyd
MOD - [2014.11.12 10:31:20 | 000,735,232 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\wx._misc_.pyd
MOD - [2014.11.12 10:31:20 | 000,713,216 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\_hashlib.pyd
MOD - [2014.11.12 10:31:20 | 000,686,080 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\unicodedata.pyd
MOD - [2014.11.12 10:31:20 | 000,557,056 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\pysqlite2._sqlite.pyd
MOD - [2014.11.12 10:31:20 | 000,525,640 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\windows._lib_cacheinvalidation.pyd
MOD - [2014.11.12 10:31:20 | 000,364,544 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\pythoncom27.dll
MOD - [2014.11.12 10:31:20 | 000,320,512 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\win32com.shell.shell.pyd
MOD - [2014.11.12 10:31:20 | 000,167,936 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\win32gui.pyd
MOD - [2014.11.12 10:31:20 | 000,128,512 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\_elementtree.pyd
MOD - [2014.11.12 10:31:20 | 000,127,488 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\pyexpat.pyd
MOD - [2014.11.12 10:31:20 | 000,122,368 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\wx._wizard.pyd
MOD - [2014.11.12 10:31:20 | 000,119,808 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\win32file.pyd
MOD - [2014.11.12 10:31:20 | 000,110,080 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\PyWinTypes27.dll
MOD - [2014.11.12 10:31:20 | 000,108,544 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\win32security.pyd
MOD - [2014.11.12 10:31:20 | 000,098,816 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\win32api.pyd
MOD - [2014.11.12 10:31:20 | 000,087,552 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\_ctypes.pyd
MOD - [2014.11.12 10:31:20 | 000,078,336 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\wx._animate.pyd
MOD - [2014.11.12 10:31:20 | 000,070,656 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\wx._html2.pyd
MOD - [2014.11.12 10:31:20 | 000,045,568 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\_socket.pyd
MOD - [2014.11.12 10:31:20 | 000,038,912 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\win32inet.pyd
MOD - [2014.11.12 10:31:20 | 000,035,840 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\win32process.pyd
MOD - [2014.11.12 10:31:20 | 000,027,136 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\_multiprocessing.pyd
MOD - [2014.11.12 10:31:20 | 000,025,600 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\win32pdh.pyd
MOD - [2014.11.12 10:31:20 | 000,024,064 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\win32pipe.pyd
MOD - [2014.11.12 10:31:20 | 000,022,528 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\win32ts.pyd
MOD - [2014.11.12 10:31:20 | 000,018,432 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\win32event.pyd
MOD - [2014.11.12 10:31:20 | 000,017,408 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\win32profile.pyd
MOD - [2014.11.12 10:31:20 | 000,011,264 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\win32crypt.pyd
MOD - [2014.11.12 10:31:20 | 000,010,240 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\select.pyd
MOD - [2014.11.12 10:31:20 | 000,007,168 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Temp\_MEI23682\hashobjs_ext.pyd
MOD - [2014.10.16 13:52:23 | 000,054,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\OdfWordAddin\fcddf9f1c6fa48c2795d2bd16a88539b\OdfWordAddin.ni.dll
MOD - [2014.10.16 13:52:18 | 002,108,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WordprocessingConve#\5d3f0e0521adff0f206605f4b8d9c8dc\WordprocessingConverter.ni.dll
MOD - [2014.10.16 13:52:15 | 000,454,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\OdfConverterLib\731d5e82f4c4715c2568b64f9b42b368\OdfConverterLib.ni.dll
MOD - [2014.10.16 13:52:14 | 000,163,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\OdfAddinLib\f07412c5be265cc3e5e0838edb50db04\OdfAddinLib.ni.dll
MOD - [2014.10.16 13:52:10 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\bde16ccd8150e03e17575c9a7ae4e3f5\IAStorUtil.ni.dll
MOD - [2014.10.15 11:06:15 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b4001d722e320fa42cd87b04b5249b2d\System.Web.ni.dll
MOD - [2014.10.15 11:06:09 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b3011370dcbf33751d3b9dce8091c6c6\System.Runtime.Remoting.ni.dll
MOD - [2014.10.15 11:04:53 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014.10.15 11:04:46 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014.10.15 11:04:38 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014.10.15 11:04:34 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014.10.15 11:04:11 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014.10.15 11:04:07 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014.09.14 21:25:53 | 000,044,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\stdole\d02d73b65be937cc029399f60a65413c\stdole.ni.dll
MOD - [2014.09.14 21:25:39 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\26b50aa1e86a984a5c0d53f2bbf95798\IAStorCommon.ni.dll
MOD - [2014.09.11 21:45:13 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014.07.07 19:14:31 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.07.07 19:14:31 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2013.07.08 13:43:52 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2012.01.09 05:04:22 | 000,410,942 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe InDesign CS5\Utilities\adb.exe
MOD - [2010.11.13 03:36:45 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.03.26 21:09:12 | 000,095,680 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe InDesign CS5\unihan.dll
MOD - [2010.03.26 21:07:30 | 000,121,792 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe InDesign CS5\PMFileReader.dll
MOD - [2010.03.26 21:04:14 | 000,040,896 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe InDesign CS5\boost_threads.dll
MOD - [2010.03.26 21:04:06 | 000,018,368 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe InDesign CS5\boost_system.dll
MOD - [2010.03.26 21:03:58 | 000,654,784 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe InDesign CS5\boost_regex.dll
MOD - [2010.03.26 21:03:52 | 000,072,128 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe InDesign CS5\boost_filesystem.dll
MOD - [2010.03.26 21:02:46 | 000,061,888 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe InDesign CS5\ASLSupport.dll
MOD - [2010.03.26 21:02:10 | 000,046,016 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe InDesign CS5\aldvm32CJK.dll
MOD - [2010.03.26 21:02:04 | 000,051,136 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe InDesign CS5\aldfs32CJK.dll
MOD - [2010.02.22 04:50:20 | 000,060,416 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll
MOD - [2010.02.04 03:00:18 | 000,378,848 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe InDesign CS5\Plug-Ins\Filters\sangam readers\Reader For PageMaker.smrd
MOD - [2009.09.09 16:33:14 | 000,307,200 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\ScanApi.dll
MOD - [2008.12.13 09:47:26 | 000,026,112 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe InDesign CS5\tbbmalloc.dll
MOD - [2008.09.18 12:23:58 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\FineReader.dll
MOD - [2007.06.04 17:57:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\MaxReader.dll
MOD - [2007.05.30 16:48:06 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\Common Files\iMpacct\ControlFunc.dll
MOD - [2006.11.30 10:58:50 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\TWAINAPP.dll
MOD - [2006.05.15 15:24:18 | 000,122,938 | ---- | M] () -- C:\Program Files (x86)\Common Files\iMpacct\CommonFunc.dll
MOD - [2005.11.21 17:10:30 | 000,483,328 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\bmp2tiff.dll
MOD - [2005.09.21 14:38:54 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\Web Utility.dll
MOD - [2005.09.21 14:38:46 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\Wallpaper.dll
MOD - [2005.09.21 14:38:32 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\Scan Utility.dll
MOD - [2005.09.21 14:38:28 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\Power Save.dll
MOD - [2005.09.21 14:38:24 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\Positive Utility.dll
MOD - [2005.09.21 14:38:16 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\OCR Utility.dll
MOD - [2005.09.21 14:38:12 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\Negative Utility.dll
MOD - [2005.09.21 14:37:52 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\File Utility.dll
MOD - [2005.09.21 14:37:48 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\Fax Utility.dll
MOD - [2005.09.21 14:37:44 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\Email Utility.dll
MOD - [2005.09.21 14:37:36 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\Copy Utility.dll
MOD - [2005.09.21 14:37:24 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\Button Config.dll
MOD - [2005.09.21 14:37:00 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\BCR Utility.dll
MOD - [2005.09.21 14:36:54 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\Prndriver.dll
MOD - [2004.01.07 13:47:34 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\FzOCR.dll
MOD - [2004.01.07 13:47:24 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Plustek\OpticBook 3600\PenPower.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.09.19 02:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.07.25 14:51:10 | 018,956,064 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014.07.07 19:14:30 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.06.29 08:20:44 | 000,077,824 | ---- | M] () [Auto | Running] -- C:\Program Files\NZBDrive\dokanx_mount.exe -- (DokanMounter)
SRV:64bit: - [2013.06.13 20:31:10 | 000,357,144 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012.11.22 15:35:22 | 000,828,072 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV - [2014.10.18 20:18:22 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.09.12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014.07.25 14:51:13 | 001,720,608 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.07.02 18:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.03.20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.01.02 14:10:28 | 002,448,032 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012.08.14 08:47:18 | 000,203,640 | ---- | M] (X-Rite Inc.) [Auto | Running] -- C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe -- (xrdd.exe)
SRV - [2012.02.01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.01.26 19:47:58 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.07.25 14:51:10 | 000,020,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014.07.07 19:15:35 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014.07.07 19:14:48 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014.07.07 19:14:48 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.07.07 19:14:48 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.07.07 19:14:48 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.07.07 19:14:48 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.07.07 19:14:48 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.07.07 19:14:48 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014.03.31 17:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.11.28 14:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.10.02 03:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.09.30 08:25:12 | 000,031,136 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV:64bit: - [2013.06.29 08:18:14 | 000,057,160 | ---- | M] () [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\dokanx.sys -- (Dokan)
DRV:64bit: - [2013.05.23 07:12:52 | 000,059,160 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2013.05.23 07:12:50 | 000,076,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2013.03.04 14:35:08 | 000,838,216 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.12.13 11:49:42 | 000,450,136 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2012.11.22 15:35:36 | 000,033,712 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.07.01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010.01.27 03:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2009.11.12 13:48:56 | 000,005,504 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StarOpen.sys -- (StarOpen)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009.11.12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2006.08.28 17:12:04 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\MTictwl.sys -- (MagicTune)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-544068036-3592919291-2501284661-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-544068036-3592919291-2501284661-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-544068036-3592919291-2501284661-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-544068036-3592919291-2501284661-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-544068036-3592919291-2501284661-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8080

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://www.google.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:36.0a1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wolfram.com/Mathematica: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2609412\npmathplugin.dll (Wolfram Research, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: File not found
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 36.0a1\extensions\\Components: C:\PROGRAM FILES\NIGHTLY\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 36.0a1\extensions\\Plugins: C:\PROGRAM FILES\NIGHTLY\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013.08.01 13:11:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.07.07 19:14:49 | 000,000,000 | ---D | M]

[2012.11.17 13:23:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dexter\AppData\Roaming\Mozilla\Extensions
[2014.11.05 22:57:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dexter\AppData\Roaming\Mozilla\Firefox\Profiles\28tach34.default\extensions
[2014.11.05 22:57:35 | 000,979,610 | ---- | M] () (No name found) -- C:\Users\Dexter\AppData\Roaming\Mozilla\Firefox\Profiles\28tach34.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.10.29 22:53:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
CHR - plugin: Wolfram Mathematica (Enabled) = C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2609412\npmathplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll

O1 HOSTS File: ([2014.02.26 00:22:45 | 000,002,015 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 192.150.14.69
O1 - Hosts: 127.0.0.1 192.150.18.101
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 192.150.22.40
O1 - Hosts: 127.0.0.1 192.150.8.100
O1 - Hosts: 127.0.0.1 192.150.8.118
O1 - Hosts: 127.0.0.1 209-34-83-73.ood.opsource.net
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 41 more lines...
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EPSON PageSTM TrayIcon01] C:\Program Files (x86)\EPSON\BSTM\PG\E_L20IC2.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-544068036-3592919291-2501284661-1000..\Run: [eMuleAutoStart] C:\Program Files (x86)\eMule\emule.exe (http://www.emule-project.net)
O4 - HKU\S-1-5-21-544068036-3592919291-2501284661-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - Startup: C:\Users\Dexter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FFRDeluxe.lnk = C:\Program Files (x86)\Font Fitting Room Deluxe\ffr.exe (ApoliSoft)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-544068036-3592919291-2501284661-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-544068036-3592919291-2501284661-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.67.2)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.67.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2259E25B-439D-41A8-A0F7-ACBB0745A093}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.12.19 05:12:06 | 000,000,027 | R--- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.11.11 12:27:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dexter\Desktop\OTL.exe
[2014.11.07 22:00:32 | 000,000,000 | ---D | C] -- C:\Program Files\Nightly
[2014.11.07 03:14:43 | 000,000,000 | ---D | C] -- C:\NVIDIA Corporation
[2014.11.07 03:14:43 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014.11.07 00:57:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014.10.29 22:05:14 | 000,000,000 | ---D | C] -- C:\FRST
[2014.10.29 22:04:37 | 002,113,536 | ---- | C] (Farbar) -- C:\Users\Dexter\Desktop\FRST64.exe
[2014.10.28 01:24:43 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.10.28 01:22:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014.10.28 01:22:51 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014.10.28 01:22:51 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014.10.28 01:22:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014.10.15 10:22:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2014.10.15 10:18:13 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014.10.15 10:18:13 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014.10.15 10:18:12 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014.10.15 10:17:00 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.10.15 10:16:52 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.10.15 10:16:50 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.10.15 10:16:49 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.10.15 10:16:49 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.10.15 10:16:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.10.15 10:16:48 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.10.15 10:16:48 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.10.15 10:16:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.10.15 10:16:45 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.10.15 10:16:43 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.10.15 10:16:40 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.10.15 10:16:38 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.10.15 10:16:35 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.10.15 10:16:34 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.10.15 10:16:33 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.10.15 10:16:30 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.10.15 10:16:25 | 002,108,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.10.15 10:16:22 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014.10.15 10:16:22 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.10.15 10:16:19 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.10.15 10:16:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014.10.15 10:16:04 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.10.15 10:15:56 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.10.15 10:15:54 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.10.15 10:15:48 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.10.15 10:15:47 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014.10.15 10:15:47 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.10.15 10:15:46 | 005,829,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.10.15 10:15:46 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.10.15 10:15:45 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.10.15 10:15:45 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.10.15 10:15:43 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014.10.15 10:15:42 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.10.15 10:15:40 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.10.15 10:14:35 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2014.10.15 10:14:32 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
[2014.10.15 10:14:32 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2014.10.15 10:14:31 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
[2014.10.15 10:14:30 | 004,120,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2014.10.15 10:14:29 | 000,782,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2014.10.15 10:14:29 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2014.10.15 10:14:28 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014.10.15 10:14:26 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2014.10.15 10:14:17 | 003,208,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2014.10.15 10:13:47 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2014.10.15 10:13:40 | 000,457,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2014.10.15 10:13:33 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014.10.15 10:13:28 | 000,616,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2014.10.15 10:13:24 | 000,693,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2014.10.15 10:13:19 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014.10.15 10:13:00 | 001,574,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2014.10.15 10:12:45 | 000,619,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2014.10.15 10:12:29 | 000,532,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014.10.15 10:12:26 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014.10.15 10:12:24 | 005,551,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014.10.15 10:11:54 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2014.10.15 10:11:53 | 003,970,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014.10.15 10:11:48 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2014.10.15 10:11:44 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014.10.15 10:11:44 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2014.10.15 10:11:44 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014.10.15 10:11:43 | 003,914,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014.10.15 10:11:43 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2014.10.15 10:11:43 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2014.10.15 10:11:43 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2014.10.15 10:11:36 | 001,005,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2014.10.15 10:11:31 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014.10.15 10:11:31 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2014.10.15 10:11:20 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsp.dll
[2014.10.15 10:11:19 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2014.10.15 10:11:18 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2014.10.15 10:11:18 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2014.10.15 10:11:18 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2014.10.15 10:11:17 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2014.10.15 10:11:17 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2014.10.15 10:11:17 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2014.10.15 10:11:17 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2014.10.15 10:11:17 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2014.10.15 10:11:17 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2014.10.15 10:11:17 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2014.10.15 10:11:17 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2014.10.15 10:11:17 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2014.10.15 10:11:17 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2014.10.15 10:11:17 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2014.10.15 10:11:16 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2014.10.15 10:11:16 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2014.10.15 10:11:16 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2014.10.15 10:11:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2014.10.15 10:11:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2014.10.15 10:09:36 | 003,179,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014.10.15 10:08:00 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014.10.15 10:08:00 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
[2014.10.15 10:08:00 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014.10.15 10:07:31 | 006,584,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014.10.15 10:07:30 | 005,703,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014.10.15 10:07:29 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2014.10.15 10:07:29 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2014.10.15 10:07:27 | 003,241,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014.10.15 10:06:42 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2014.10.15 10:06:42 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2014.10.15 10:06:42 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2014.10.15 10:06:42 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2014.10.15 10:06:42 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2014.10.15 10:06:42 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2014.10.15 09:59:36 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014.10.15 09:59:36 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014.10.14 00:24:22 | 000,000,000 | -HSD | C] -- C:\Users\Dexter\AppData\Local\EmieUserList
[2014.10.14 00:24:22 | 000,000,000 | -HSD | C] -- C:\Users\Dexter\AppData\Local\EmieSiteList
[2 C:\Users\Dexter\Desktop\*.tmp files -> C:\Users\Dexter\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.11.12 11:35:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.11.12 10:46:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.11.12 10:39:06 | 000,022,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.11.12 10:39:06 | 000,022,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.11.12 10:31:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.11.11 12:27:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dexter\Desktop\OTL.exe
[2014.10.29 23:07:08 | 000,010,672 | ---- | M] () -- C:\Users\Dexter\Desktop\addition.RAR
[2014.10.29 22:04:41 | 002,113,536 | ---- | M] (Farbar) -- C:\Users\Dexter\Desktop\FRST64.exe
[2014.10.29 20:35:59 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.10.29 14:04:34 | 000,001,480 | ---- | M] () -- C:\Users\Dexter\AppData\Local\Adobe Uložit pro web 12.0 Prefs
[2014.10.28 21:07:17 | 001,584,626 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.10.28 21:07:17 | 000,668,882 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.10.28 21:07:17 | 000,654,270 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.10.28 21:07:17 | 000,141,542 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.10.28 21:07:17 | 000,122,142 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.10.28 01:23:05 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.10.27 20:04:19 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.10.27 20:04:07 | 001,998,336 | ---- | M] () -- C:\Users\Dexter\Desktop\adwcleaner_4.002.exe
[2014.10.26 16:06:16 | 001,222,144 | ---- | M] () -- C:\Users\Dexter\Desktop\RSITx64.exe
[2014.10.18 20:18:22 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.10.18 20:18:22 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.10.15 10:42:08 | 005,029,912 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.10.14 11:35:01 | 000,024,137 | ---- | M] () -- C:\Users\Dexter\Desktop\1891099_299739706898054_6598122829396492814_n.jpg
[2 C:\Users\Dexter\Desktop\*.tmp files -> C:\Users\Dexter\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.11.11 12:37:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.10.29 23:06:47 | 000,010,672 | ---- | C] () -- C:\Users\Dexter\Desktop\addition.RAR
[2014.10.27 20:04:07 | 001,998,336 | ---- | C] () -- C:\Users\Dexter\Desktop\adwcleaner_4.002.exe
[2014.10.14 11:35:01 | 000,024,137 | ---- | C] () -- C:\Users\Dexter\Desktop\1891099_299739706898054_6598122829396492814_n.jpg
[2014.08.13 11:02:21 | 000,000,218 | ---- | C] () -- C:\Users\Dexter\AppData\Local\recently-used.xbel
[2013.12.18 13:49:11 | 000,000,132 | ---- | C] () -- C:\Users\Dexter\AppData\Roaming\Adobe Formát BMP CS5 – předvolby
[2013.11.21 14:09:14 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\BarExpert.exe
[2013.09.05 10:19:02 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2013.05.30 13:17:16 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2013.04.02 18:23:24 | 000,004,096 | -H-- | C] () -- C:\Users\Dexter\AppData\Local\keyfile3.drm
[2013.03.20 16:35:42 | 000,000,132 | ---- | C] () -- C:\Users\Dexter\AppData\Roaming\Adobe Formát Targa CS5 – předvolby
[2013.03.07 23:24:55 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2013.02.05 23:26:02 | 000,013,030 | ---- | C] () -- C:\Users\Dexter\AppData\Roaming\PDOXUSRS.NET
[2013.01.13 22:14:05 | 001,559,340 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.01.05 11:44:34 | 000,007,605 | ---- | C] () -- C:\Users\Dexter\AppData\Local\resmon.resmoncfg
[2012.09.10 19:57:07 | 000,000,398 | ---- | C] () -- C:\Users\Dexter\AppData\Roaming\hexplorer.dat
[2012.09.10 19:57:07 | 000,000,004 | ---- | C] () -- C:\Users\Dexter\AppData\Roaming\mclip.dat
[2012.07.30 13:30:47 | 000,000,132 | ---- | C] () -- C:\Users\Dexter\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2012.03.30 09:31:00 | 000,000,132 | ---- | C] () -- C:\Users\Dexter\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
[2012.01.30 00:06:21 | 000,001,480 | ---- | C] () -- C:\Users\Dexter\AppData\Local\Adobe Uložit pro web 12.0 Prefs

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.01.24 00:46:34 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\Aegisub
[2012.02.02 01:21:16 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\Aladdin Systems
[2012.05.22 23:57:10 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\Amazon
[2013.10.23 11:43:11 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\AVAST Software
[2012.08.12 20:00:54 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\avidemux
[2012.05.20 16:24:47 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\Barnes & Noble
[2012.05.08 18:41:06 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\Canneverbe Limited
[2014.01.14 15:23:16 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\chc
[2012.01.29 20:15:11 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013.08.22 08:02:34 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\CheckPoint
[2013.10.25 13:39:12 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2012.03.06 02:01:13 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\com.adobe.dmp.contentviewer
[2012.05.22 01:43:28 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\com.rainwater-soft
[2012.01.29 01:25:41 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\Extensis
[2014.10.29 14:07:53 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\FileZilla
[2014.01.24 00:46:30 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\fontconfig
[2014.02.21 03:58:40 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\In-Tools
[2014.08.13 11:02:58 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\inkscape
[2013.06.19 09:42:56 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\JAM Software
[2013.05.23 21:41:51 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\Leadertech
[2012.12.31 20:49:12 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\MPEG Streamclip
[2012.08.15 23:12:45 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\Opera
[2013.06.29 15:02:54 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\Oracle
[2013.01.13 22:37:02 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\PANTONE
[2014.03.02 13:34:27 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\Quite
[2013.06.29 17:26:44 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\SketchUp
[2012.03.25 00:45:55 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\Software602
[2014.01.08 15:33:44 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\Spotify
[2012.01.29 20:28:48 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.09.05 10:19:35 | 000,000,000 | ---D | M] -- C:\Users\Dexter\AppData\Roaming\VDownloader

========== Purity Check ==========



< End of report >

OTL Extras logfile created on: 12.11.2014 12:06:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dexter\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 0,68 Gb Available Physical Memory | 17,05% Memory free
7,90 Gb Paging File | 4,60 Gb Available in Paging File | 58,21% Paging File free
Paging file location(s): e:\pagefile.sys 4000 8000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,53 Gb Total Space | 8,11 Gb Free Space | 13,62% Space Free | Partition Type: NTFS
Drive E: | 244,14 Gb Total Space | 48,74 Gb Free Space | 19,97% Space Free | Partition Type: NTFS
Drive F: | 454,49 Gb Total Space | 59,54 Gb Free Space | 13,10% Space Free | Partition Type: NTFS
Drive G: | 279,46 Gb Total Space | 159,16 Gb Free Space | 56,95% Space Free | Partition Type: NTFS
Drive I: | 350,39 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: DEXTER-PC | User Name: Dexter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-544068036-3592919291-2501284661-1000\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{051BC78B-31C9-4095-A115-F87C3FB64F7C}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{0739BE1D-7FA1-4943-8253-59C21829366C}" = rport=445 | protocol=6 | dir=out | app=system |
"{174E8BB7-B9CE-46C1-B2C3-8F2E5ADAD741}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{223ABEB0-4F71-46C1-BE60-F38FA0DFA29F}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{25803148-7CBC-4438-9423-AC9CE28C1769}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4FB400D3-154B-4A39-9F46-5D2912C683BA}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{5177B561-8FBA-417C-BA45-377B15270840}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{5866DFEB-B6AD-4E70-84AA-7DF8ADE3C03B}" = lport=137 | protocol=17 | dir=in | app=system |
"{5C3E0AD1-9D18-4BFD-AC03-AB8E804A70D6}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{5C4941C3-470A-46FF-A429-14B681B6DE42}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5F91174F-1D90-4269-B89E-ECB73B8D0BA2}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{81CAA1C3-3445-4AB9-9891-275ED7C310C5}" = rport=138 | protocol=17 | dir=out | app=system |
"{99B480C7-D7D8-44A5-8C44-3C85C5EE8308}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A8A23C46-2BB2-4A39-92C4-2ECBA6AA12E5}" = lport=139 | protocol=6 | dir=in | app=system |
"{B493D337-44FF-4201-B806-8DDBCA389840}" = lport=138 | protocol=17 | dir=in | app=system |
"{C41B5784-7E21-46BD-8D83-FECFDC333C00}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C490A71B-BA9C-4887-80B3-4F99D82D1083}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C5868176-E5CA-49D5-BA09-CC31FD0CA287}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CBC1D709-0EBB-4D38-9937-AEF8EBC49A6A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D17FFF09-0B4B-4FEC-B183-BEB7D449326E}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{D7FC461A-E057-4AA7-B7C1-311EC5631415}" = rport=139 | protocol=6 | dir=out | app=system |
"{F14C6649-0537-463D-A367-7DA5EE1256FE}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{F14D7F20-A4D0-4714-941A-1616958ED19B}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F96000CB-6365-4DFC-9B9F-BF1879F96D10}" = lport=445 | protocol=6 | dir=in | app=system |
"{FF3686B0-08C7-46E0-A2B5-04A72127866B}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02A73AA4-7D0A-4D8E-A776-0A911CBCEFCB}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{0465C90C-85B7-4015-B406-B22EC0E052FB}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{10748FE1-A43C-47FE-944A-DB9AFE7F0F4D}" = protocol=6 | dir=in | app=c:\program files\opera x64\opera.exe |
"{43F3D452-35B0-4504-8F3F-8C5DA77D7617}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{51F18810-9AF4-431B-AA64-FBDEBF538336}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6051EBA0-2243-4C59-BCEF-2BD461197BF3}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{613ACFC9-3756-4268-9042-99361905EE27}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{67B33E93-932A-4AB2-80CD-7A35FC5AC79B}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{6CC6B1C8-5ECC-40BD-9701-629E16AA1130}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{78B9C227-6442-4B4D-80EF-77B14EB54ACB}" = protocol=6 | dir=in | app=c:\users\dexter\appdata\roaming\spotify\spotify.exe |
"{8F0FFDEF-1DAF-44B7-9AA0-790979EDC0A4}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{9A4848EA-D210-4E1D-BBC8-4498FEE77065}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B865A919-8650-48C9-94AB-26882D4A516A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B8AB1172-EA6C-40BA-B8F8-8DD97B5A25D5}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{C4E9B325-EE97-4239-BEDC-2B51348F2342}" = protocol=17 | dir=in | app=c:\users\dexter\appdata\roaming\spotify\spotify.exe |
"{C5F3D8E1-7C5F-42C6-BEE8-49E497B0B63B}" = protocol=17 | dir=in | app=c:\program files\opera x64\opera.exe |
"{E1578381-078B-485E-AF2F-5B09E2CADBCF}" = protocol=17 | dir=in | app=c:\users\dexter\appdata\roaming\spotify\spotify.exe |
"{F39369F1-E710-4057-8E5E-CD4F6099EB06}" = protocol=6 | dir=in | app=c:\users\dexter\appdata\roaming\spotify\spotify.exe |
"{FA4E5E37-D322-4361-8082-AC0CC0FF7780}" = protocol=6 | dir=in | app=c:\program files (x86)\pantone color manager\pantonecolormanager.exe |
"{FC1D6CBF-4925-4681-9434-A20E1AC5F530}" = protocol=17 | dir=in | app=c:\program files (x86)\pantone color manager\pantonecolormanager.exe |
"TCP Query User{9CFD8E79-1395-4792-A3A9-864200D11DE6}C:\program files (x86)\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files (x86)\emule\emule.exe |
"UDP Query User{F97BAE94-7C08-42F9-A008-D96A2FA7C3CB}C:\program files (x86)\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files (x86)\emule\emule.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F06417067FF}" = Java 7 Update 67 (64-bit)
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 4.0.928
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 340.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C8F05E06-E5FF-4503-9151-F45CA45B6E51}_is1" = NZBDrive version 1.0.7
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"A-WIN-Extras 8.0.4 2609412_is1" = Mathematica Extras 8.0 (2609412)
"CCleaner" = CCleaner
"EPSON Printer and Utilities" = EPSON Printer Software
"Epson Universal Laser P6" = Epson Universal Laser P6
"HWiNFO64_is1" = HWiNFO64 Version 4.24
"Nightly 36.0a1 (x64 en-US)" = Nightly 36.0a1 (x64 en-US)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"Opera 12.17.1863" = Opera 12.17
"Recuva" = Recuva
"Sigil_is1" = Sigil 0.5.3
"sp6" = Logitech SetPoint 6.60
"Surftastic" = Surftastic
"Unlocker" = Unlocker 1.9.2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{12A33FA1-3D10-4E95-AEA1-B13A910A0BD8}" = GMinder
"{17F495F1-82F6-4A7B-88BF-5E6669ED51DB}" = Font Fitting Room Deluxe
"{19B98EFB-9493-4651-96DD-A6768A5024E3}_is1" = DfontSplitter 0.3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.20
"{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67
"{29D3773E-54F4-23C2-D523-236A4453B845}_is1" = FileAlyzer 2
"{2BC21CD2-8053-406A-80F6-9AB61717B49D}" = ODF Add-in for Microsoft Office
"{325988C2-8D7B-460E-8F6F-4747129CA495}" = ZoneAlarm Security
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F177D85-1822-405A-AC06-30227E9C08E1}" = wdxmlsdk
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{49DC7D87-B9F9-4782-9386-B7F13BC75E48}" = Adobe Creative Suite 5 Design Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1" = System Checkup 3.3
"{4D0DB8F1-80CF-466E-AC26-CDDC97594A2D}" = X-Rite Device Services Manager
"{548D042A-845E-1014-8AB8-954FDA1C690A}" = Adobe Folio Producer tools for InDesign CS5
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{6302C10E-1AEE-93CE-644C-40CA04F1724A}" = Adobe Content Viewer
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6ADCBB79-7B9A-449B-AE31-E1C7116042B9}" = ZoneAlarm Firewall
"{6DFC4B13-4489-4A59-AF95-12628A86FA76}" = 602PC SUITE
"{6FE2F5A6-8DC6-41B9-84AE-9FB32BCF7C02}" = Natural Color Pro
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72B622C9-AA10-47D7-A10C-377CF9BC8502}" = SketchUp 2013
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BBAEC47-1CC0-4CB8-ADB4-531B78DBD1DD}" = Adobe AIR
"{7D863662-0AB4-40BD-AD9F-A2ED548C3187}" = StuffIt Standard
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{83FA601A-241A-4956-8A21-F7D525C4422F}_is1" = SSD Tweaker version 3.0.3
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 8.0 Professional Edition
"{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-1029-4770-7760-000000000004}_955" = Adobe Acrobat 9.5.5 - CPSID_83708
"{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.09) - Czech
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B7C5EA94-B96A-41F5-BE95-25D78B486678}" = Splashtop Streamer
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C043B8C1-E512-46AB-AEE2-009EBDEC0061}" = Plustek OpticBook 3600
"{C2835850-FCEB-4A1A-A213-57E7A9A8EC62}" = Servis Na Klik
"{C60F3836-333A-4AE2-B526-CFDBA143A9BA}" = Google Drive
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CFB770D7-8D43-1014-922B-CC2715FADE3F}" = Adobe InDesign CS6
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F371CE3B-8994-44E3-9518-92B22EE4A7FF}" = SSDlife Free
"{F723C544-6BF7-1014-9AA0-90D2E1B1E3B8}" = Adobe Folio Builder panel for InDesign CS5
"{FC2C7405-BC58-4E11-8F51-29671BEAC06B}" = Natural Color Pro
"7-Zip" = 7-Zip 9.22beta
"Adobe AIR" = Adobe AIR
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"ARTS PDF Crackerjack 10.1.0.0" = ARTS PDF Crackerjack 10.1.0.0
"avast" = avast! Free Antivirus
"Avidemux 2.5" = Avidemux 2.5
"BN_DesktopReader" = NOOK for PC
"CDisplay_is1" = CDisplay 1.8
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.6.2
"Digital Editions" = Adobe Digital Editions
"DS EAN/UPC fontware DEMO_is1" = DS EAN/UPC fontware 1.01 DEMO
"DVD Flick_is1" = DVD Flick 1.3.0.7
"eMule" = eMule
"ePub Maker_is1" = ePub Maker version 1.65
"FileZilla Client" = FileZilla Client 3.9.0.3
"Fliqlo" = Fliqlo Screen Saver
"Free Video to GIF Converter_is1" = 2.0
"Google Chrome" = Google Chrome
"Hexplorer" = ICY Hexplorer (remove only)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"InstallShield_{7D863662-0AB4-40BD-AD9F-A2ED548C3187}" = StuffIt Standard
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.3.1025
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Pantone Color Manager_is1" = Pantone Color Manager 2.0
"qiplus3_uninstall.exe" = Quite Imposing Plus 3 (English)
"Recovery Toolbox for Illustrator_is1" = Recovery Toolbox for Illustrator 1.1
"The KMPlayer" = The KMPlayer (remove only)
"Winamp" = Winamp
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR archiver
"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-544068036-3592919291-2501284661-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"KindlePreviewer" = KindlePreviewer
"Spotify" = Spotify
"TimeAdjuster" = Time Adjuster STANDARD 3.1
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5.11.2014 15:10:28 | Computer Name = Dexter-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 5.11.2014 15:10:28 | Computer Name = Dexter-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 5.11.2014 15:10:28 | Computer Name = Dexter-PC | Source = NvStreamSvc | ID = 131073
Description =

Error - 6.11.2014 20:16:58 | Computer Name = Dexter-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: SALAMAND.EXE, verze: 1.0.0.0, časové razítko:
0x3568201d Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko:
0x521ea8e7 Kód výjimky: 0xc0000005 Posun chyby: 0x0003bcaa ID chybujícího procesu:
0x18d0 Čas spuštění chybující aplikace: 0x01cff9fd714bc6b6 Cesta k chybující aplikaci:
C:\Program Files (x86)\salcz152\SALAMAND.EXE Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll
ID
zprávy: 62cdbb20-6613-11e4-a069-001fd0967481

Error - 7.11.2014 7:56:53 | Computer Name = Dexter-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: InDesign.exe, verze: 7.0.4.553, časové razítko:
0x4d890440 Název chybujícího modulu: LAYOUT UI.RPLN, verze: 7.0.0.355, časové razítko:
0x4bad0bda Kód výjimky: 0xc0000005 Posun chyby: 0x000cee21 ID chybujícího procesu:
0x12f0 Čas spuštění chybující aplikace: 0x01cffa6f15851649 Cesta k chybující aplikaci:
C:\Program Files (x86)\Adobe\Adobe InDesign CS5\InDesign.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Adobe\Adobe InDesign CS5\Required\LAYOUT UI.RPLN
ID
zprávy: 29c842b6-6675-11e4-a128-001fd0967481

Error - 7.11.2014 8:29:02 | Computer Name = Dexter-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\Adobe\adobe
creative cloud\Utils\Creative Cloud Uninstaller.exe se nezdařilo. Chyba v souboru
manifestu nebo zásad na řádku . Verze součásti požadovaná aplikací je v konfliktu
s jinou verzí součásti, která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 7.11.2014 8:31:24 | Computer Name = Dexter-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\Adobe\acrobat
9.0\designer 8.2\FormDesigner.exe se nezdařilo. Chyba v souboru manifestu nebo
zásad na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí
součásti, která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 7.11.2014 18:28:38 | Computer Name = Dexter-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: SALAMAND.EXE, verze: 1.0.0.0, časové razítko:
0x3568201d Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko:
0x521ea8e7 Kód výjimky: 0xc0000005 Posun chyby: 0x0003bcaa ID chybujícího procesu:
0xc60 Čas spuštění chybující aplikace: 0x01cffad045d687fc Cesta k chybující aplikaci:
C:\Program Files (x86)\salcz152\SALAMAND.EXE Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll
ID
zprávy: 6aee50fc-66cd-11e4-897a-001fd0967481

Error - 10.11.2014 10:54:35 | Computer Name = Dexter-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: SALAMAND.EXE, verze: 1.0.0.0, časové razítko:
0x3568201d Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko:
0x521ea8e7 Kód výjimky: 0xc0000005 Posun chyby: 0x0003bcaa ID chybujícího procesu:
0x1fc Čas spuštění chybující aplikace: 0x01cffcc91da8180d Cesta k chybující aplikaci:
C:\Program Files (x86)\salcz152\SALAMAND.EXE Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll
ID
zprávy: 7bc88092-68e9-11e4-8462-001fd0967481

Error - 12.11.2014 7:06:14 | Computer Name = Dexter-PC | Source = Application Hang | ID = 1002
Description = Program OTL.exe verze 3.2.69.0 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: 1700 Čas
spuštění: 01cffe5bb49e9777 Čas ukončení: 5 Cesta k aplikaci: C:\Users\Dexter\Desktop\OTL.exe

ID
hlášení:

[ System Events ]
Error - 5.11.2014 6:00:59 | Computer Name = Dexter-PC | Source = DCOM | ID = 10005
Description =

Error - 5.11.2014 6:04:04 | Computer Name = Dexter-PC | Source = Service Control Manager | ID = 7022
Description = Služba Windows Update přestala během spouštění reagovat.

Error - 5.11.2014 9:20:49 | Computer Name = Dexter-PC | Source = DCOM | ID = 10010
Description =

Error - 6.11.2014 14:54:29 | Computer Name = Dexter-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Microsoft .NET Framework NGEN v4.0.30319_X86
bylo dosaženo časového limitu (30000 ms).

Error - 6.11.2014 14:55:30 | Computer Name = Dexter-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Microsoft .NET Framework NGEN v4.0.30319_X64
bylo dosaženo časového limitu (30000 ms).

Error - 7.11.2014 5:29:51 | Computer Name = Dexter-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby NVIDIA Streamer Service bylo dosaženo
časového limitu (30000 ms).

Error - 7.11.2014 11:39:20 | Computer Name = Dexter-PC | Source = DCOM | ID = 10010
Description =

Error - 7.11.2014 15:32:40 | Computer Name = Dexter-PC | Source = DCOM | ID = 10010
Description =

Error - 7.11.2014 17:18:51 | Computer Name = Dexter-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 11.11.2014 20:04:51 | Computer Name = Dexter-PC | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.


< End of report >

Otestujte nekolik nahodnych souboru s koncovkou .pyd ve slozce C:\Users\Dexter\AppData\Local\Temp\_MEI<nahodne cislo> na virustotal.com a soubor C:\Users\Dexter\AppData\Local\Temp\_MEI23682\PyWinTypes27.dll

Naughty píše: Po stazeni http://www.xuetr.com/download/PCHunter_free.zip
(rezervni odkaz http://www.epoolsoft.com/pchunter/PCHunter_free.zip ),
rozbaleni, spusteni spravne verze dle operacniho systemu 32b vs 64b, prejdi do zalozky Examination, v ni zaskrkej vsechny volby, dej generovat, po skonceni generovani klik na exportovat - textak do raru a vloz do prispevku (neb bude dlouhy a neveesel by se).

zdravim, v priloze posilam report z pc hunter.

vsechny testy na virustotal.com negativni. bud zadny komentar, nebo "Probably harmless! There are strong indicators suggesting that this file is safe to use." (v zahlavi takovem pripade vzdycky hlas pro to, ze soubor je "malicious"; u PyWinTypes27.dll to bylo 2/1 .-)

Tyto soubory patri ke cloudu Googlu (google drive). Zkuste zakazat sluzbu GoogleDriveSync spoustet pri startu, zda se konflikt vyresi (Start -> spustit -> msconfig -> zalozka Po spusteni).

Tezko rict, ktere konkretni aplikace si nesednou Kazdopadne po haveti ani vidu ani slechu

diky, vyzkousim to.
pokud by to bylo tim, neda se start takove aplikace nejak odlozit? ze by nenabehla hned po startu, ale treba po deseti minutach. nebo by to ten problem jen o deset minut odlozilo?

Toto taky nelze s urcitosti rict... Jedna verze dropboxu mi driv napriklad vzdy ukoncila a znovu spustila explorer.exe (znovu se nacitala plocha, aplikace atd.). Pokud sluzbu zakazete po spusteni (a nejedna se o sluzbu nutnou pro beh OS), kdykoli ji muzete dodatecne spustit rucne. Existuje take moznost vytvorit tzv. naplanovanou ulohu: Start -> Spustit -> taskschd.msc a napravo je moznost Vytvorit ulohu. Ted je k dispozici "klikacka", kdy si nastavite, jaky konkretni soubor se ma spoustet, s jakym prodlenim, zda po kazdem prihlaseni ci restartu... Vysledny soubor by mel byt ulozen v C:\Windows\Tasks\nazev.job a kdykoli jde samozrejme i dodatecne upravit.

Pokud narazite na jakoukoli nejasnost, ptejte se.

Pokud prijdete na to, ktera/ktere konkretni aplikace start prodluzuji, budu velice rad, kdyz se o toto zjisteni s nami podelite.