Zdravím, OTL jel několik hodin plus vložené okopírované od Vás, ale skousl se na několika souborech. Tak jsem udělala ještě rychlou kontrolu bez vložených souborů, abych mohla aspoň částečně splnit zadání.
Zároveň se omlouvám, budu on-line až 7.12. (dovolená), tudíž s odpovědí není třeba spěchat, ale téma prosím Vás nezavírejte, potřebuji to dořešit. Děkuji moc. To extras log zobrazuje asi dost problémů
OTL logfile created on: 11/27/2015 11:02:02 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petra\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17843)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4.00 Gb Total Physical Memory | 1.51 Gb Available Physical Memory | 37.80% Memory free
8.00 Gb Paging File | 5.44 Gb Available in Paging File | 68.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.04 Gb Total Space | 106.03 Gb Free Space | 71.14% Space Free | Partition Type: NTFS
Drive D: | 427.59 Gb Total Space | 426.96 Gb Free Space | 99.85% Space Free | Partition Type: NTFS
Computer Name: DARKWELL | User Name: Petra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015/11/27 20:11:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Petra\Downloads\OTL.exe
PRC - [2015/11/20 18:40:09 | 007,004,376 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2015/11/20 18:40:08 | 000,174,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/02/10 04:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/02/09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/12/02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/12/02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
========== Modules (No Company Name) ==========
MOD - [2015/11/20 18:40:10 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015/11/20 18:40:09 | 000,466,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2015/11/20 18:40:09 | 000,103,888 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015/11/20 18:40:08 | 000,125,512 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
========== Services (SafeList) ==========
SRV:
64bit: - [2015/11/24 20:39:07 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:
64bit: - [2015/11/20 18:40:08 | 000,174,416 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:
64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2015/11/21 21:42:30 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/10/05 09:48:46 | 001,135,416 | ---- | M] (Malwarebytes) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/02/10 04:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/02/09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/12/02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:
64bit: - [2015/11/20 18:40:12 | 000,449,992 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:
64bit: - [2015/11/20 18:40:12 | 000,273,784 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:
64bit: - [2015/11/20 18:40:12 | 000,154,256 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:
64bit: - [2015/11/20 18:40:12 | 000,097,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:
64bit: - [2015/11/20 18:40:12 | 000,093,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:
64bit: - [2015/11/20 18:40:12 | 000,065,224 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:
64bit: - [2015/11/20 18:40:12 | 000,028,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:
64bit: - [2015/11/20 18:40:03 | 001,059,656 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:
64bit: - [2015/10/05 09:50:18 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:
64bit: - [2015/10/05 09:50:06 | 000,025,816 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2013/01/27 16:47:12 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:
64bit: - [2013/01/27 16:47:12 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:
64bit: - [2013/01/22 15:09:19 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:
64bit: - [2012/12/19 06:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:
64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2010/11/20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2009/12/02 22:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:
64bit: - [2009/12/02 22:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:
64bit: - [2009/12/02 22:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:
64bit: - [2009/12/02 22:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:
64bit: - [2009/10/15 10:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:
64bit: - [2009/10/05 02:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:
64bit: - [2009/07/20 18:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:
64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/06/10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:
64bit: - [2009/06/10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:
64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2009/05/13 17:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:
64bit: - [2008/05/24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/01/04 13:14:13 | 000,011,320 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\eSupport\eDriver\I386\ASPROB64.SYS -- (ASUSProcObsrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTer ... -SearchBox
IE:
64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
https://www.google.com/?trackid=sp-006
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
https://www.google.com/search?trackid=s ... earchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" =
http://www.google.com/search?sourceid=i ... lz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" =
https://www.google.com/search?trackid=s ... earchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
https://www.google.com/?trackid=sp-006
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
https://www.google.com/search?trackid=s ... earchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
https://www.google.com/?trackid=sp-006
IE - HKCU\..\SearchScopes,DefaultScope = {E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
IE - HKCU\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" =
https://www.google.com/search?trackid=s ... earchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:42.0
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2: C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\
wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/11/20 18:41:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\
sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015/11/20 18:41:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2015/11/20 19:53:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petra\AppData\Roaming\mozilla\Extensions
[2015/11/20 20:04:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petra\AppData\Roaming\mozilla\Firefox\Profiles\c0wojbzk.default\extensions
[2015/11/20 19:53:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/11/20 19:53:27 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2015/11/27 18:48:35 | 000,000,035 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 16
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F329D31-ABB8-4CF8-B7CF-4D85539B5560}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BCF72ADC-1A50-4434-8CF0-DECE8FB2DF80}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{81831cc0-649e-11e2-b483-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{81831cc0-649e-11e2-b483-806e6f6e6963}\Shell\AutoRun\command - "" = F:\INSTALL.EXE
O33 - MountPoints2\{8e54418a-649f-11e2-b18a-20cf30541808}\Shell - "" = AutoRun
O33 - MountPoints2\{8e54418a-649f-11e2-b18a-20cf30541808}\Shell\AutoRun\command - "" = F:\INSTALL.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015/11/27 19:11:04 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2015/11/27 18:48:26 | 002,348,544 | ---- | C] (Farbar) -- C:\Users\Petra\Desktop\FRST64.exe
[2015/11/26 00:02:23 | 000,000,000 | ---D | C] -- C:\FRST
[2015/11/22 22:15:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2015/11/22 22:15:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2015/11/22 21:28:43 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/11/22 21:28:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/11/22 21:28:21 | 000,109,272 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015/11/22 21:28:20 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015/11/22 21:28:20 | 000,025,816 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2015/11/22 21:28:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/11/22 21:28:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/11/22 21:28:05 | 000,000,000 | ---D | C] -- C:\Users\Petra\AppData\Local\Programs
[2015/11/22 21:20:16 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/11/22 21:18:00 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2015/11/22 21:17:20 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2015/11/21 23:18:40 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2015/11/21 23:18:38 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2015/11/21 23:18:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser
[2015/11/21 21:43:05 | 000,000,000 | ---D | C] -- C:\Users\Petra\AppData\Local\Macromedia
[2015/11/21 21:22:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/11/21 21:22:09 | 000,000,000 | ---D | C] -- C:\Users\Petra\AppData\Roaming\Sun
[2015/11/21 21:22:08 | 000,000,000 | ---D | C] -- C:\Users\Petra\.oracle_jre_usage
[2015/11/21 21:21:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015/11/21 21:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2015/11/21 18:48:24 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015/11/21 18:48:24 | 000,000,000 | ---D | C] -- C:\rsit
[2015/11/21 16:15:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2015/11/21 16:14:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2015/11/21 16:14:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2015/11/21 16:14:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2015/11/21 16:12:04 | 000,000,000 | ---D | C] -- C:\Users\Petra\AppData\Local\Microsoft Help
[2015/11/21 16:12:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2015/11/21 16:11:49 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2015/11/21 14:05:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2015/11/20 20:50:15 | 000,000,000 | ---D | C] -- C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2015/11/20 20:50:13 | 000,000,000 | ---D | C] -- C:\Users\Petra\AppData\Roaming\IrfanView
[2015/11/20 20:50:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2015/11/20 19:53:40 | 000,000,000 | ---D | C] -- C:\Users\Petra\AppData\Roaming\Mozilla
[2015/11/20 19:53:40 | 000,000,000 | ---D | C] -- C:\Users\Petra\AppData\Local\Mozilla
[2015/11/20 19:53:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/11/20 18:41:52 | 000,386,096 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015/11/20 18:41:07 | 000,000,000 | ---D | C] -- C:\Users\Petra\AppData\Roaming\AVAST Software
[2015/11/20 18:40:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2015/11/20 18:40:33 | 000,273,784 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015/11/20 18:40:33 | 000,154,256 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015/11/20 18:40:32 | 000,449,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015/11/20 18:40:32 | 000,065,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015/11/20 18:40:31 | 000,097,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015/11/20 18:40:31 | 000,028,656 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015/11/20 18:40:30 | 000,093,528 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015/11/20 18:40:29 | 001,059,656 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015/11/20 18:40:09 | 000,043,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2015/11/20 18:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2015/11/20 18:39:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2015/11/20 18:37:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codec Pack
[2015/11/20 18:37:12 | 000,737,280 | ---- | C] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2015/11/20 18:37:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codec Pack - All In 1
[2015/11/19 19:08:16 | 000,000,000 | ---D | C] -- C:\Users\Petra\AppData\Local\Skype
[2015/11/19 19:08:02 | 000,000,000 | ---D | C] -- C:\Users\Petra\AppData\Roaming\Skype
[2015/11/19 19:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015/11/19 19:07:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2015/11/19 19:07:28 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2015/11/19 19:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2015/11/19 18:55:54 | 000,000,000 | ---D | C] -- C:\Users\Petra\AppData\Roaming\Google
[2015/11/19 18:52:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/11/19 18:52:10 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
========== Files - Modified Within 30 Days ==========
[2015/11/27 23:00:01 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2015/11/27 21:46:03 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/11/27 21:26:17 | 000,015,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/11/27 21:26:17 | 000,015,904 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/11/27 21:24:47 | 000,000,095 | ---- | M] () -- C:\Users\Petra\.accessibility.properties
[2015/11/27 21:01:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/11/27 21:01:29 | 3220,647,936 | -HS- | M] () -- C:\hiberfil.sys
[2015/11/27 19:11:08 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2015/11/27 18:48:35 | 000,000,035 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2015/11/26 22:31:47 | 001,270,586 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015/11/26 22:31:47 | 000,847,902 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/11/26 22:31:47 | 000,342,590 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015/11/26 22:31:47 | 000,320,764 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/11/26 22:31:47 | 000,005,502 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/11/26 00:02:22 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/11/26 00:01:50 | 002,348,544 | ---- | M] (Farbar) -- C:\Users\Petra\Desktop\FRST64.exe
[2015/11/24 22:17:47 | 000,181,594 | ---- | M] () -- C:\Users\Petra\Documents\www_IE11.jpg
[2015/11/24 22:16:27 | 000,205,966 | ---- | M] () -- C:\Users\Petra\Documents\www_mozilla.jpg
[2015/11/24 20:54:46 | 000,348,176 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/11/24 20:39:18 | 000,016,303 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2015/11/24 20:39:10 | 000,016,303 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2015/11/24 20:38:26 | 000,120,736 | ---- | M] () -- C:\Users\Petra\Documents\Clipboard01.jpg
[2015/11/24 20:38:26 | 000,078,182 | ---- | M] () -- C:\Users\Petra\Documents\crystal.jpg
[2015/11/24 20:37:43 | 001,301,310 | ---- | M] () -- C:\Users\Petra\Documents\crystaldisk.bmp
[2015/11/22 21:28:24 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/11/20 20:50:15 | 000,001,004 | ---- | M] () -- C:\Users\Petra\Desktop\IrfanView.lnk
[2015/11/20 20:49:24 | 098,035,444 | ---- | M] () -- C:\Users\Petra\Desktop\propetru.zip
[2015/11/20 20:33:39 | 002,089,815 | ---- | M] () -- C:\Users\Petra\Documents\eva_strasidlo.jpg
[2015/11/20 20:33:28 | 002,217,480 | ---- | M] () -- C:\Users\Petra\Documents\anicka_ivka_ja2.jpg
[2015/11/20 20:33:28 | 001,328,510 | ---- | M] () -- C:\Users\Petra\Documents\anicka_ivka_ja.jpg
[2015/11/20 20:33:27 | 001,622,979 | ---- | M] () -- C:\Users\Petra\Documents\anicka_ivka.jpg
[2015/11/20 20:33:11 | 000,307,011 | ---- | M] () -- C:\Users\Petra\Documents\jaajaponci.jpg
[2015/11/20 19:53:32 | 000,001,153 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/11/20 18:40:52 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2015/11/20 18:40:12 | 000,449,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015/11/20 18:40:12 | 000,386,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015/11/20 18:40:12 | 000,273,784 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015/11/20 18:40:12 | 000,154,256 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015/11/20 18:40:12 | 000,097,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015/11/20 18:40:12 | 000,093,528 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015/11/20 18:40:12 | 000,065,224 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015/11/20 18:40:12 | 000,028,656 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015/11/20 18:40:09 | 000,043,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2015/11/20 18:40:03 | 001,059,656 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015/11/20 18:36:36 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2015/11/19 21:55:38 | 000,108,096 | ---- | M] () -- C:\Users\Petra\Documents\bookmarks.html
[2015/11/19 19:07:30 | 000,002,731 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2015/11/19 18:53:07 | 000,078,292 | ---- | M] () -- C:\Users\Petra\Documents\cc_20151119_185258.reg
[2015/11/19 18:52:11 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
========== Files Created - No Company Name ==========
[2015/11/27 23:00:01 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2015/11/27 20:19:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/11/27 19:11:08 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2015/11/24 22:17:47 | 000,181,594 | ---- | C] () -- C:\Users\Petra\Documents\www_IE11.jpg
[2015/11/24 22:16:27 | 000,205,966 | ---- | C] () -- C:\Users\Petra\Documents\www_mozilla.jpg
[2015/11/24 20:39:18 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2015/11/24 20:39:10 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2015/11/24 20:38:26 | 000,120,736 | ---- | C] () -- C:\Users\Petra\Documents\Clipboard01.jpg
[2015/11/24 20:38:26 | 000,078,182 | ---- | C] () -- C:\Users\Petra\Documents\crystal.jpg
[2015/11/24 20:37:43 | 001,301,310 | ---- | C] () -- C:\Users\Petra\Documents\crystaldisk.bmp
[2015/11/22 21:28:24 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/11/22 21:19:36 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2015/11/22 21:16:45 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2015/11/22 21:16:07 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2015/11/22 21:16:07 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2015/11/22 21:15:14 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2015/11/20 20:50:15 | 000,001,004 | ---- | C] () -- C:\Users\Petra\Desktop\IrfanView.lnk
[2015/11/20 20:49:10 | 098,035,444 | ---- | C] () -- C:\Users\Petra\Desktop\propetru.zip
[2015/11/20 19:53:32 | 000,001,165 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015/11/20 19:53:32 | 000,001,153 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/11/20 19:48:47 | 000,108,096 | ---- | C] () -- C:\Users\Petra\Documents\bookmarks.html
[2015/11/20 18:40:52 | 000,001,924 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2015/11/19 23:50:06 | 002,217,480 | ---- | C] () -- C:\Users\Petra\Documents\anicka_ivka_ja2.jpg
[2015/11/19 23:50:06 | 002,089,815 | ---- | C] () -- C:\Users\Petra\Documents\eva_strasidlo.jpg
[2015/11/19 23:50:06 | 001,622,979 | ---- | C] () -- C:\Users\Petra\Documents\anicka_ivka.jpg
[2015/11/19 23:50:06 | 001,328,510 | ---- | C] () -- C:\Users\Petra\Documents\anicka_ivka_ja.jpg
[2015/11/19 23:50:04 | 000,307,011 | ---- | C] () -- C:\Users\Petra\Documents\jaajaponci.jpg
[2015/11/19 19:07:30 | 000,002,731 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2015/11/19 18:53:00 | 000,078,292 | ---- | C] () -- C:\Users\Petra\Documents\cc_20151119_185258.reg
[2015/11/19 18:52:11 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/26 19:47:57 | 000,000,095 | ---- | C] () -- C:\Users\Petra\.accessibility.properties
[2010/09/17 01:27:50 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
========== ZeroAccess Check ==========
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/11/20 14:27:25 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 13:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2015/11/20 20:40:23 | 000,000,000 | ---D | M] -- C:\Users\Petra\AppData\Roaming\Asus WebStorage
[2015/11/20 18:41:07 | 000,000,000 | ---D | M] -- C:\Users\Petra\AppData\Roaming\AVAST Software
[2015/11/19 18:52:44 | 000,000,000 | ---D | M] -- C:\Users\Petra\AppData\Roaming\BitTorrent
[2015/11/19 18:52:44 | 000,000,000 | ---D | M] -- C:\Users\Petra\AppData\Roaming\DAEMON Tools Lite
[2013/03/21 16:49:12 | 000,000,000 | ---D | M] -- C:\Users\Petra\AppData\Roaming\GHISLER
[2015/11/20 20:50:13 | 000,000,000 | ---D | M] -- C:\Users\Petra\AppData\Roaming\IrfanView
[2015/11/20 21:03:16 | 000,000,000 | ---D | M] -- C:\Users\Petra\AppData\Roaming\SoftGrid Client
[2012/12/17 11:32:01 | 000,000,000 | ---D | M] -- C:\Users\Petra\AppData\Roaming\TP
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 11/27/2015 11:02:02 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petra\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17843)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4.00 Gb Total Physical Memory | 1.51 Gb Available Physical Memory | 37.80% Memory free
8.00 Gb Paging File | 5.44 Gb Available in Paging File | 68.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.04 Gb Total Space | 106.03 Gb Free Space | 71.14% Space Free | Partition Type: NTFS
Drive D: | 427.59 Gb Total Space | 426.96 Gb Free Space | 99.85% Space Free | Partition Type: NTFS
Computer Name: DARKWELL | User Name: Petra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{068695ED-118B-4DC4-B652-4B3A118872A2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{16C5CCB4-4337-4889-8ECD-03C9F6BE1A77}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1D79A161-3A2F-48C9-9717-94560FB711A8}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |
"{20B69D72-7114-4BA9-912E-C5233FBF3800}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |
"{256CEA0D-5BC8-4EBB-8676-36214012AD1C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2D3E7013-D080-48A2-8FD3-8BEB78DD05D7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3305287A-D80C-404B-BD75-29DF16493820}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{46749772-AFAF-4DCC-83F7-FED4180397E2}" = lport=139 | protocol=6 | dir=in | app=system |
"{4A0E7B2D-EE67-4C07-BA1D-6E03970269C1}" = rport=445 | protocol=6 | dir=out | app=system |
"{5C9093BE-6676-4AD7-99F9-EE9844082E64}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5FF752B7-2942-4C2B-A146-196AB40777B0}" = lport=445 | protocol=6 | dir=in | app=system |
"{7C670C5E-7C3F-46A9-B861-6728B762E02E}" = lport=138 | protocol=17 | dir=in | app=system |
"{7F97A998-E52B-4A99-A9E1-F7028448A978}" = rport=138 | protocol=17 | dir=out | app=system |
"{81E8FE8E-DDEE-45BB-A925-4742B9731586}" = rport=10243 | protocol=6 | dir=out | app=system |
"{94ADE4EC-17E5-4B26-A903-FAAA3E4F1565}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9CC99C01-4AB0-40F8-9584-AFA235B64267}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A151EE2E-4BFD-4B83-957D-100BEFF2D7B5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A3CAA940-3E04-4D0D-9D08-BB57D9FB9EB9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B0EEF59E-FA1C-44E8-8509-32ABB313AE5C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D35E427B-36FF-416B-92F0-041269238A91}" = lport=137 | protocol=17 | dir=in | app=system |
"{DBE79618-C41C-4266-A3E1-0C62CE0C17B7}" = rport=139 | protocol=6 | dir=out | app=system |
"{E9B933B4-19F3-462C-A9D3-2B373728F92A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F1489DD9-3B81-4D26-ABFA-5176D60FF8C3}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002DF4C4-BE9E-40C6-86F3-C27419EAD1DE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0C51AB98-85AD-4156-8E1B-AD9D35D44AFA}" = protocol=6 | dir=out | app=system |
"{1B0122DD-5ABE-45FE-8AD8-3A19B0CB0570}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{235893EB-C3E0-4E20-ADDF-530A94DD7958}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{351BD1FD-AD92-4312-A082-95C0A94CA22C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{50EBB3C0-DEC0-4C56-AB84-7AAD1B7C8A2A}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{50F0E1D1-824B-4B9A-BB27-E7AA4CC7BEAA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5FFE5913-0780-4576-8579-0AAADAD38E9F}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{6B239292-CC52-476B-9F90-959A133EB973}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6C39C465-F5D8-420B-9C2E-7734B4BBCAA2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8BF54C4A-9E64-4842-B3CF-B373F9281D02}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8F1BDA2A-662A-47A8-B62D-7A4F2C6504C5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{95455C13-5354-4A88-AF85-F3A7D503FE1A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A4F1922E-AEFD-4006-A792-E0E36139914E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A51F99E4-1EA5-4707-9F4D-0A82BDA23D7E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AC430691-00AA-4A31-8C37-519C4E5B216D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AC5E9858-C1CD-4191-A3FA-9E250001B74C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DAB0E71E-24A1-4454-9ED7-9DE410435C5A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DCC93680-CAEA-407F-A3F5-60815A1088FD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E3783748-25CD-4D2A-9DE3-73B36E0BECB0}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E76BD8F4-90B1-4623-AB1D-E506C160AED7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F6E42368-0B3B-4A44-A065-FF87E3781339}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90140000-006D-0405-1000-0000000FF1CE}" = Microsoft Office Klikni a spusť 2010
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{26A24AE4-039D-4CA4-87B4-2F83218066F0}" = Java 8 Update 66
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6A0549A9-1B96-498C-ACBC-3943001FEB19}" = Skype™ 7.15
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 19 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 19 NPAPI
"ASUS_Screensaver" = ASUS_Screensaver
"Avast" = Avast Free Antivirus
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"IrfanView" = IrfanView (remove only)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.0.1024
"Mozilla Firefox 42.0 (x86 cs)" = Mozilla Firefox 42.0 (x86 cs)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klikni a spusť 2010
"PROPLUS" = Microsoft Office Professional Plus 2007
"The KMPlayer" = The KMPlayer (remove only)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11/26/2015 5:06:59 PM | Computer Name = Darkwell | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu SMSvcHost 4.0.0.0 (SMSvcHost
4.0.0.0) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.
Error - 11/26/2015 5:07:00 PM | Computer Name = Darkwell | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.
Error - 11/26/2015 5:07:00 PM | Computer Name = Darkwell | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.
Error - 11/26/2015 5:07:00 PM | Computer Name = Darkwell | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu MSDTC Bridge 4.0.0.0 (MSDTC
Bridge 4.0.0.0) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód
chyby.
Error - 11/26/2015 5:07:00 PM | Computer Name = Darkwell | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.
Error - 11/26/2015 5:07:00 PM | Computer Name = Darkwell | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.
Error - 11/26/2015 5:07:00 PM | Computer Name = Darkwell | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu MSDTC Bridge 4.0.0.0 (MSDTC
Bridge 4.0.0.0) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód
chyby.
Error - 11/26/2015 5:31:44 PM | Computer Name = Darkwell | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.
Error - 11/26/2015 5:31:44 PM | Computer Name = Darkwell | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.
Error - 11/26/2015 5:31:44 PM | Computer Name = Darkwell | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.
[ System Events ]
Error - 11/23/2015 4:00:51 PM | Computer Name = Darkwell | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Update Service Daemon byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 11/23/2015 4:00:54 PM | Computer Name = Darkwell | Source = Service Control Manager | ID = 7000
Description = Služba Avast Antivirus neuspěla při spuštění v důsledku následující
chyby: %%109
Error - 11/23/2015 4:04:54 PM | Computer Name = Darkwell | Source = DCOM | ID = 10016
Description =
Error - 11/24/2015 3:53:06 PM | Computer Name = Darkwell | Source = Service Control Manager | ID = 7031
Description = Služba Microsoft .NET Framework NGEN v4.0.30319_X86 byla nečekaně
ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund:
Restartovat službu.
Error - 11/24/2015 3:53:06 PM | Computer Name = Darkwell | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 11/24/2015 3:53:11 PM | Computer Name = Darkwell | Source = Service Control Manager | ID = 7031
Description = Služba Avast Antivirus byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error - 11/24/2015 3:53:11 PM | Computer Name = Darkwell | Source = Service Control Manager | ID = 7034
Description = Služba Application Virtualization Service Agent byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 11/24/2015 3:53:13 PM | Computer Name = Darkwell | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Update Service Daemon byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 11/24/2015 3:53:19 PM | Computer Name = Darkwell | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Avast Antivirus bylo dosaženo časového
limitu (30000 ms).
Error - 11/24/2015 3:53:19 PM | Computer Name = Darkwell | Source = Service Control Manager | ID = 7000
Description = Služba Avast Antivirus neuspěla při spuštění v důsledku následující
chyby: %%1053
< End of report >
mám nově darovaný noťas, starší, po neopatrných uživatelích, ráda bych se ujistila, jestli mi tam někde neběhá nějaká zlobivá breberka. 
Stahnete AdwCleaner 
Přispějete na provoz fóra?