Zpomalené PC

Zpráva

StribogCZ · #1 Příspěvek od **StribogCZ** » 21 lis 2015 22:30

Ahoj. Dost se mi zpomalilo PC. Je pomalé při nabíhání i při zpouštění některých programů. Můžete mi pomoci? Přikládám log z RSITu.
Díky.

Logfile of random's system information tool 1.10 (written by random/random)
Run by pt at 2015-11-21 22:15:31
WIN_VISTA Service Pack 2
System drive C: has 35 GB (26%) free of 136 GB
Total RAM: 8190 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:18:03, on 21.11.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16599)
Boot mode: Normal

Running processes:
C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
E:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\PDVD9Serv.exe
E:\Program Files (x86)\PowerISO\PWRISOVM.EXE
E:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\pt\Desktop\RSIT.exe
C:\Program Files\trend micro\pt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: PDF Architect Helper - {691B33B0-B86E-47F3-81C7-56E4FE3B929C} - C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BDRegion] "C:\Program Files (x86)\Cyberlink\Shared files\brs.exe"
O4 - HKLM\..\Run: [RemoteControl9] "e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] "e:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] E:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [KiesTrayAgent] "C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.894
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-3635251681-664119229-3205739600-1000\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] E:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User '?')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] E:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - E:\Program Files (x86)\Sync\FreeAgentService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NetLimiter (nlsvc) - Locktime Software - e:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: PDF Architect 2 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\ws.exe
O23 - Service: PDF Architect 2 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: pdfforge CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Transoft Solutions License Server V1.7 - Unknown owner - C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16899 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000Core.job - C:\Users\pt\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000UA.job - C:\Users\pt\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-09-17 38112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{691B33B0-B86E-47F3-81C7-56E4FE3B929C}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10 37928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10 478760]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23 194504]
{2DFF3579-5AA7-45B9-9328-1D38EA230861} - PDF Architect 3 Toolbar - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-09-17 517344]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2009-11-19 75048]
"RemoteControl9"=e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\PDVD9Serv.exe [2009-07-06 87336]
"PDVD9LanguageShortcut"=e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\Language\Language.exe [2009-04-27 50472]
"PWRISOVM.EXE"=e:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2009-07-27 180224]
"PCSuiteTrayApplication"=E:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]
"Acrobat Assistant 8.0"=E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2013-05-08 642664]
"CarboniteSetupLite"=C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe [2009-08-04 318096]
""= []
"RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-11-02 90448]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-03-28 310640]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]
"UnlockerAssistant"=C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avgui.exe [2015-10-30 3826600]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2015-11-12 1136552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.894 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"uTorrent"=C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe [2015-11-21 802136]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2008-12-01 380928]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"E:\Program Files (x86)\ZWCAD 2010 Csy\ZWCAD.EXE"="E:\Program Files (x86)\ZWCAD 2010 Csy\ZWCAD.EXE:*:Enabled:ZWCAD.EXE"
"E:\Program Files (x86)\ZWCAD 2010 Csy\ZWErrorDialog.exe"="E:\Program Files (x86)\ZWCAD 2010 Csy\ZWErrorDialog.exe:*:Enabled:ZWErrorDialog.exe"
"E:\Program Files (x86)\ZWCAD 2010 Csy\CrashReportManagement.exe"="E:\Program Files (x86)\ZWCAD 2010 Csy\CrashReportManagement.exe:*:Enabled:CrashReportManagement.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=ac3acm.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.DIVX"=divx.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.mjpg"=pvmjpg30.dll
"SENTINEL"=snti386.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-11-21 20:20:39 ----D---- C:\Users\pt\AppData\Roaming\Registry Mechanic
2015-11-21 15:23:10 ----SHD---- C:\Config.Msi
2015-11-12 00:22:02 ----A---- C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-10-26 21:11:29 ----A---- C:\Windows\SysWOW64\authuitu.dll
2015-10-26 07:49:45 ----D---- C:\Users\pt\AppData\Roaming\AVG
2015-10-26 07:41:22 ----D---- C:\ProgramData\Avg

======List of files/folders modified in the last 1 month======

2015-11-21 22:16:11 ----D---- C:\Windows\Temp
2015-11-21 22:15:39 ----D---- C:\Users\pt\AppData\Roaming\uTorrent
2015-11-21 21:25:44 ----D---- C:\ProgramData\MFAData
2015-11-21 21:06:25 ----A---- C:\servicetest.txt
2015-11-21 20:22:52 ----SHD---- C:\System Volume Information
2015-11-21 20:17:50 ----D---- C:\Users\pt\AppData\Roaming\vlc
2015-11-21 20:10:09 ----AD---- C:\ProgramData\Temp
2015-11-21 16:25:32 ----D---- C:\Windows\Prefetch
2015-11-21 15:24:23 ----SHD---- C:\Windows\Installer
2015-11-12 01:56:57 ----D---- C:\ProgramData\AVG Security Toolbar
2015-11-12 00:38:21 ----HD---- C:\ProgramData
2015-11-12 00:38:21 ----D---- C:\Windows\Tasks
2015-11-12 00:32:17 ----D---- C:\Windows\Minidump
2015-11-12 00:32:11 ----D---- C:\Windows
2015-11-12 00:22:09 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-12 00:22:02 ----D---- C:\Windows\SysWOW64
2015-11-06 17:59:08 ----HD---- C:\$AVG
2015-11-01 22:18:13 ----D---- C:\Program Files (x86)\PDF Architect 3
2015-10-27 17:50:01 ----D---- C:\Users\pt\AppData\Roaming\HpUpdate
2015-10-26 21:56:23 ----D---- C:\Program Files (x86)\Windows Live
2015-10-26 21:46:20 ----D---- C:\Users\pt\AppData\Roaming\Nero
2015-10-26 21:34:25 ----D---- C:\Users\pt\AppData\Roaming\proDAD
2015-10-26 21:33:16 ----RD---- C:\Program Files (x86)
2015-10-26 21:33:14 ----D---- C:\Program Files (x86)\Pinnacle
2015-10-26 21:17:02 ----D---- C:\Windows\SysWOW64\drivers
2015-10-26 21:12:00 ----D---- C:\Windows\System32
2015-10-26 21:10:52 ----D---- C:\Program Files (x86)\AVG
2015-10-26 21:09:13 ----D---- C:\ProgramData\Google
2015-10-26 20:48:17 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-10-26 20:37:14 ----D---- C:\ProgramData\CyberLink
2015-10-26 20:37:14 ----D---- C:\Program Files (x86)\Common Files\CyberLink
2015-10-26 20:33:57 ----D---- C:\OETemp
2015-10-26 20:32:57 ----D---- C:\Program Files (x86)\Common Files
2015-10-26 08:03:22 ----D---- C:\ProgramData\AVG2015
2015-10-26 07:47:07 ----D---- C:\Windows\inf

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys []
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys []
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys []
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys []
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys []
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys []
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys []
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys []
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys []
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys []
R1 nltdi;nltdi; \??\C:\Windows\system32\drivers\nltdi.sys []
R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys []
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/07/14 19:23:27]; \??\e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\000.fcl [2009-09-01 146928]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
R2 regi;regi; C:\Windows\system32\drivers\regi.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH6.sys []
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys []
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys []
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\Windows\system32\DRIVERS\Rockey4.sys []
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys []
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2015-10-14 31144]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222;F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc2.cfg []
S1 VD_FileDisk;VD_FileDisk; C:\Windows\SysWOW64\drivers\VD_FileDisk.sys [2006-01-13 15872]
S2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS [2010-03-14 51072]
S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [1999-07-20 73216]
S3 ai37pjpu;ai37pjpu; C:\Windows\SysWOW64\drivers\ai37pjpu.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-03-17 24072]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys []
S3 nmwcdcjx64;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcjx64.sys []
S3 nmwcdcmx64;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcmx64.sys []
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdcx64.sys []
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcdx64.sys []
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys []
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys []
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl64.sys []
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys []
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S3 XUIF;X10 USB Wireless Transceiver; C:\Windows\System32\Drivers\x10ufx2.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\Av\avgfws.exe [2015-10-30 1569416]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2015-10-30 3815648]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2015-11-12 1046952]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2015-10-30 579776]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 FreeAgentGoNext Service;Seagate Service; E:\Program Files (x86)\Sync\FreeAgentService.exe [2009-09-25 189736]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 nlsvc;NetLimiter; e:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-05-13 867840]
R2 PDF Architect 2 Creator;PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [2014-10-10 738856]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-09-17 767712]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-03-23 75064]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 Transoft Solutions License Server V1.7;Transoft Solutions License Server V1.7; C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe [2012-05-01 446464]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2015-10-14 4368808]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-31 68096]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-12 269000]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-05-05 85096]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2015-10-30 595376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-07-17 1436424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2000-11-10 1045256]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-28 194032]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe [2010-09-02 227232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PDF Architect 2;PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [2014-10-10 1771560]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-09-17 964832]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-09-17 2244832]
S3 pdfforge CrashHandler;pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [2014-10-10 861736]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-18 19968]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-06-03 403240]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 1024680]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 22 lis 2015 08:56

Zdravim

Mate 64bit system, tak dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe

StribogCZ · #3 Příspěvek od **StribogCZ** » 22 lis 2015 14:52

Tak ještě jednou a lépe:-)

Logfile of random's system information tool 1.10 (written by random/random)
Run by pt at 2015-11-22 14:45:36
WIN_VISTA Service Pack 2
System drive C: has 35 GB (26%) free of 136 GB
Total RAM: 8190 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:48:09, on 22.11.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16599)
Boot mode: Normal

Running processes:
C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
E:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\PDVD9Serv.exe
E:\Program Files (x86)\PowerISO\PWRISOVM.EXE
E:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_ActiveX.exe
C:\Program Files\trend micro\pt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: PDF Architect Helper - {691B33B0-B86E-47F3-81C7-56E4FE3B929C} - C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BDRegion] "C:\Program Files (x86)\Cyberlink\Shared files\brs.exe"
O4 - HKLM\..\Run: [RemoteControl9] "e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] "e:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] E:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [KiesTrayAgent] "C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.894
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-3635251681-664119229-3205739600-1000\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] E:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User '?')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] E:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - E:\Program Files (x86)\Sync\FreeAgentService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NetLimiter (nlsvc) - Locktime Software - e:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: PDF Architect 2 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\ws.exe
O23 - Service: PDF Architect 2 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: pdfforge CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Transoft Solutions License Server V1.7 - Unknown owner - C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16885 bytes

======Listing Processes======

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000Core.job - C:\Users\pt\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000UA.job - C:\Users\pt\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-09-17 38112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{691B33B0-B86E-47F3-81C7-56E4FE3B929C}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10 37928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10 478760]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23 194504]
{2DFF3579-5AA7-45B9-9328-1D38EA230861} - PDF Architect 3 Toolbar - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-09-17 517344]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1584184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"uTorrent"=C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe [2015-11-21 802136]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2008-12-01 380928]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2009-11-19 75048]
"RemoteControl9"=e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\PDVD9Serv.exe [2009-07-06 87336]
"PDVD9LanguageShortcut"=e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\Language\Language.exe [2009-04-27 50472]
"PWRISOVM.EXE"=e:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2009-07-27 180224]
"PCSuiteTrayApplication"=E:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]
"Acrobat Assistant 8.0"=E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2013-05-08 642664]
"CarboniteSetupLite"=C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe [2009-08-04 318096]
""= []
"RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-11-02 90448]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-03-28 310640]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]
"UnlockerAssistant"=C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avgui.exe [2015-10-30 3826600]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2015-11-12 1136552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.894 []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"E:\Program Files (x86)\ZWCAD 2010 Csy\ZWCAD.EXE"="E:\Program Files (x86)\ZWCAD 2010 Csy\ZWCAD.EXE:*:Enabled:ZWCAD.EXE"
"E:\Program Files (x86)\ZWCAD 2010 Csy\ZWErrorDialog.exe"="E:\Program Files (x86)\ZWCAD 2010 Csy\ZWErrorDialog.exe:*:Enabled:ZWErrorDialog.exe"
"E:\Program Files (x86)\ZWCAD 2010 Csy\CrashReportManagement.exe"="E:\Program Files (x86)\ZWCAD 2010 Csy\CrashReportManagement.exe:*:Enabled:CrashReportManagement.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-11-21 20:20:39 ----D---- C:\Users\pt\AppData\Roaming\Registry Mechanic
2015-11-21 15:23:10 ----SHD---- C:\Config.Msi
2015-11-12 00:22:02 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2015-10-26 21:12:00 ----A---- C:\Windows\system32\TURegOpt.exe
2015-10-26 21:11:29 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2015-10-26 21:11:29 ----A---- C:\Windows\system32\authuitu.dll
2015-10-26 07:49:45 ----D---- C:\Users\pt\AppData\Roaming\AVG
2015-10-26 07:41:22 ----D---- C:\ProgramData\Avg

======List of files/folders modified in the last 1 month======

2015-11-22 14:47:01 ----D---- C:\Users\pt\AppData\Roaming\uTorrent
2015-11-22 14:46:18 ----D---- C:\Windows\Prefetch
2015-11-22 14:46:11 ----D---- C:\Windows\Temp
2015-11-22 14:46:08 ----D---- C:\Program Files\trend micro
2015-11-22 13:29:05 ----D---- C:\ProgramData\MFAData
2015-11-22 00:40:17 ----SHD---- C:\System Volume Information
2015-11-21 23:30:38 ----D---- C:\Windows
2015-11-21 21:06:25 ----A---- C:\servicetest.txt
2015-11-21 20:17:50 ----D---- C:\Users\pt\AppData\Roaming\vlc
2015-11-21 20:10:09 ----AD---- C:\ProgramData\Temp
2015-11-21 15:24:23 ----SHD---- C:\Windows\Installer
2015-11-12 01:56:57 ----D---- C:\ProgramData\AVG Security Toolbar
2015-11-12 00:38:21 ----HD---- C:\ProgramData
2015-11-12 00:38:21 ----D---- C:\Windows\Tasks
2015-11-12 00:32:17 ----D---- C:\Windows\Minidump
2015-11-12 00:22:09 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-11-12 00:22:02 ----D---- C:\Windows\SysWOW64
2015-11-12 00:01:54 ----D---- C:\Windows\system32\Tasks
2015-11-06 17:59:45 ----D---- C:\Windows\system32\drivers
2015-11-06 17:59:08 ----HD---- C:\$AVG
2015-11-01 22:18:13 ----D---- C:\Program Files (x86)\PDF Architect 3
2015-10-27 17:50:01 ----D---- C:\Users\pt\AppData\Roaming\HpUpdate
2015-10-26 21:56:23 ----D---- C:\Program Files (x86)\Windows Live
2015-10-26 21:46:20 ----D---- C:\Users\pt\AppData\Roaming\Nero
2015-10-26 21:34:25 ----D---- C:\Users\pt\AppData\Roaming\proDAD
2015-10-26 21:33:16 ----RD---- C:\Program Files (x86)
2015-10-26 21:33:14 ----D---- C:\Program Files (x86)\Pinnacle
2015-10-26 21:17:02 ----D---- C:\Windows\SYSWOW64\drivers
2015-10-26 21:12:00 ----D---- C:\Windows\System32
2015-10-26 21:10:52 ----D---- C:\Program Files (x86)\AVG
2015-10-26 21:09:13 ----D---- C:\ProgramData\Google
2015-10-26 20:48:17 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-10-26 20:37:14 ----D---- C:\ProgramData\CyberLink
2015-10-26 20:33:57 ----D---- C:\OETemp
2015-10-26 20:32:57 ----D---- C:\Program Files (x86)\Common Files
2015-10-26 08:03:22 ----D---- C:\ProgramData\AVG2015
2015-10-26 07:47:07 ----D---- C:\Windows\system32\catroot
2015-10-26 07:47:07 ----D---- C:\Windows\inf
2015-10-24 23:00:34 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2015-08-20 298416]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2015-08-14 398256]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2015-10-21 255408]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-08-10 42416]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2008-07-31 93784]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-15 828912]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2015-08-10 197040]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2015-08-29 97208]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2015-10-19 313776]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-10-08 302000]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-02-19 39768]
R1 nltdi;nltdi; \??\C:\Windows\system32\drivers\nltdi.sys [2007-05-13 89320]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-07-27 90544]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/07/14 19:23:27]; \??\e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\000.fcl [2009-09-01 146928]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-05-22 312480]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-05-22 43168]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-16 14112]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 359936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH6.sys [2012-02-23 92176]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2011-07-20 44032]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\Windows\system32\DRIVERS\Rockey4.sys [2000-11-10 36904]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-18 11264]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2008-02-14 160768]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2015-10-14 31144]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 40960]
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222;F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc2.cfg []
S1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys []
S2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS []
S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS []
S3 ai37pjpu;ai37pjpu; C:\Windows\system32\drivers\ai37pjpu.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-11-19 120848]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-30 103576]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 6144]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-03-17 24072]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2014-01-30 33736]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-01-17 129752]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 7936]
S3 nmwcdcjx64;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcjx64.sys [2007-02-22 17408]
S3 nmwcdcmx64;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcmx64.sys [2007-02-22 17408]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdcx64.sys [2007-02-22 12288]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcdx64.sys [2007-02-22 173056]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-05-31 82816]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2011-07-25 74752]
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl64.sys [2009-01-14 92672]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-30 204568]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2013-02-22 203544]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-01-30 54784]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 108544]
S3 XUIF;X10 USB Wireless Transceiver; C:\Windows\System32\Drivers\x10ufx2.sys [2006-11-30 33048]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 238080]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\Av\avgfws.exe [2015-10-30 1569416]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2015-10-30 3815648]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2015-11-12 1046952]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2015-10-30 579776]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 FreeAgentGoNext Service;Seagate Service; E:\Program Files (x86)\Sync\FreeAgentService.exe [2009-09-25 189736]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 nlsvc;NetLimiter; e:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-05-13 867840]
R2 PDF Architect 2 Creator;PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [2014-10-10 738856]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-09-17 767712]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-03-23 75064]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 Transoft Solutions License Server V1.7;Transoft Solutions License Server V1.7; C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe [2012-05-01 446464]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2015-10-14 4368808]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-31 68096]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-12 269000]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-05-05 85096]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2015-10-30 595376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-07-17 1436424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2000-11-10 1045256]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-28 194032]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe [2010-09-02 227232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PDF Architect 2;PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [2014-10-10 1771560]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-09-17 964832]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-09-17 2244832]
S3 pdfforge CrashHandler;pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [2014-10-10 861736]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-18 19968]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-06-03 403240]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 1024680]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#4 Příspěvek od **Márty84** » 22 lis 2015 16:22

Odinstalujte McAfee Security Scan.

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

StribogCZ · #5 Příspěvek od **StribogCZ** » 22 lis 2015 17:03

Tak McAfee jsem odinstaloval.

Log z CrytsalDisku:

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows Vista Home Premium Edition SP2 [6.0 Build 6002] (x64)
Date : 2015/11/22 16:40:47

-- Controller Map ----------------------------------------------------------

-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD103UJ : 1000,2 GB [0/X/X, pd1]
(2) Maxtor 6B200M0 : 203,9 GB [1/X/X, pd1]
(3) ST32000540AS : 2000,3 GB [3/X/X, sa1] - st

----------------------------------------------------------------------------
(1) SAMSUNG HD103UJ
----------------------------------------------------------------------------
Model : SAMSUNG HD103UJ
Firmware : 1AA01113
Serial Number : S13PJDWS227497
Disk Size : 1000,2 GB (8,4/137,4/1000,2)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 1953523055
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : SATA/300
Power On Hours : 41600 hod.
Power On Count : 1118 krát
Temparature : 37 C (98 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 _74 _74 _11 000000002120 Čas na roztočení ploten
04 _99 _99 __0 00000000051F Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _51 000000000000 Počet chybných hledání
08 100 100 _15 000000000000 Čas potřebný na vyhledání
09 _92 _92 __0 00000000A280 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 00000000045E Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B7 100 100 __0 000000000000 Neznámý
B8 100 100 __0 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _63 _51 __0 000029100025 Teplota toku vzduchu
C2 _63 _50 __0 00002B100025 Teplota
C3 100 100 __0 00000328D040 Počet oprav chybného čtení
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000002 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 100 100 __0 000000000000 Počet chyb při čtení programů z disku

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 8856 003F 003F 0000 0000 0000
010: 5331 3350 4A44 5753 3232 3937 3937 2020 2020 2020
020: 0003 FFFF 0004 3141 4130 3133 3133 5341 4D53 554E
030: 4720 4844 3130 3355 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1706 1706 0000 004C 0040
080: 00F8 0052 746B 7F69 4133 BC41 BC41 4123 20FF 0055
090: 0055 0000 FFFE 0000 FE00 0005 0005 005D 86A0 0001
100: 656F 7470 0000 0000 0064 0000 0000 0000 5002 4E90
110: 00FD D914 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003F 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 9CA5

----------------------------------------------------------------------------
(2) Maxtor 6B200M0
----------------------------------------------------------------------------
Model : Maxtor 6B200M0
Firmware : BANC1BY0
Serial Number : B41VHC6H
Disk Size : 203,9 GB (8,4/137,4/203,9)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 398297088
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 0
Transfer Mode : SATA/150
Power On Hours : 735 hod. (?)
Power On Count : 2091 krát
Temparature : 38 C (100 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : C0FEh [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
03 207 206 _63 000000004693 Čas na roztočení ploten
04 245 245 __0 000000003EAD Počet spuštění/zastavení
05 253 253 _63 000000000001 Počet přemapovaných sektorů
06 253 253 100 000000000000 Počet dosáhnutí konce při čtení
07 253 252 __0 000000000000 Počet chybných hledání
08 248 243 187 00000000835E Čas potřebný na vyhledání
09 173 173 __0 00000000AC46 Hodin v činnosti
0A 253 252 157 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 253 252 223 000000000000 Počet pokusů o překalibrování
0C 248 248 __0 00000000082B Počet cyklů zapnutí zařízení
C0 253 253 __0 000000000000 Počet vypnutí disku
C1 253 253 __0 000000000000 Počet cyklů načítání/vymazání
C2 _44 253 __0 000000000026 Teplota
C3 252 252 __0 00000000E85A Počet oprav chybného čtení
C4 253 253 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 253 253 __0 000000000000 Počet podezřelých sektorů
C6 253 253 __0 000000000000 Počet neopravitelných sektorů
C7 199 199 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 253 252 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 252 __0 000000000000 Počet chyb při čtení programů z disku
CA 253 241 __0 000000000000 Počet chyb při směrování údajů
CB 253 252 180 000000000000 Počet chyb v kódech na opravu chyb
CC 253 252 __0 000000000000 Počet softvérově opravených chyb v opravných kódech
CD 253 252 __0 000000000000 Počet chyb způsobených vysokou teplotou
CF 253 252 __0 000000000000 Množství napětí potřebného na roztočení disku
D0 253 252 __0 000000000000 Počet vyslaných impulzů na roztočení disku při nedostatečném napájení
D1 239 239 __0 0000000000B1 Výkon při vyhledávaní na disku při interních testech disku
D2 253 252 __0 000000000000 Neznámý
D3 253 252 __0 000000000000 Počet vibrací při čtení
D4 253 253 __0 000000000000 Počet otřesů při zápisu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 4234 3156 4843 3648 2020 2020 2020 2020 2020 2020
020: 0003 4000 0004 4241 4E43 5930 5930 4D61 7874 6F72
030: 2036 4232 3030 4D30 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 003F 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0407 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0102 0102 0000 0000 0000
080: 00FE 001E 7C6B 7F09 4063 3E01 3E01 4063 007F 0000
090: 0000 0000 FFFE 0000 C0FE 0000 0000 0000 0000 0000
100: 8800 17BD 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0113 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 EFA5

----------------------------------------------------------------------------
(3) ST32000540AS
----------------------------------------------------------------------------
Model : ST32000540AS
Firmware : CC83
Serial Number : 9WM03SAN
Disk Size : 2000,3 GB (8,4/137,4/2000,3)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 3907029168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 42716 hod.
Power On Count : 36 krát
Host Reads : 1295 GB
Host Writes : 1379 GB
Temparature : 51 C (123 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : FE00h [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 117 _99 __6 0000077287D8 Počet chyb čtení
03 100 100 __0 000000000000 Čas na roztočení ploten
04 _86 _86 _20 0000000038F6 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _32 _32 _30 33E0015EFC76 Počet chybných hledání
09 _52 _52 __0 00000000A6DC Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 _20 000000000024 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _99 __0 000200020006 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _49 _38 _45 1E5237160033 Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000009 Počet vypnutí disku
C1 _93 _93 __0 0000000038FE Počet cyklů načítání/vymazání
C2 _51 _62 __0 000F00000033 Teplota
C3 _39 _24 __0 0000077287D8 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 B38200002858 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 0000AC6869B5 Total LBAs Written
F2 100 253 __0 0000A1F19CF3 Total LBAs Read

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3957 3957 4D30 3353 414E
020: 0000 0000 0004 4343 3833 2020 2020 5354 3332 3030
030: 3035 3430 4153 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0040
080: 01F0 0029 346B 7F61 4063 BE01 BE01 4063 407F 0098
090: 0098 0000 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 88B0 E8E0 0000 0000 0000 6003 6003 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 88B0
130: E8E0 88B0 E8E0 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 005F 005F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3A00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103B 103B 0000 0000 4001
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 25A5

A log z AdwCleaneru:

# AdwCleaner v5.021 - Logfile created 22/11/2015 at 16:45:39
# Updated 14/11/2015 by Xplode
# Database : 2015-11-19.4 [Server]
# Operating system : Windows (TM) Vista Home Premium Service Pack 2 (x64)
# Username : pt - PT-PC
# Running from : C:\Users\pt\Desktop\adwcleaner_5.021.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222

***** [ Folders ] *****

[#] Folder Deleted : C:\Program Files (x86)\AVG Secure Search
[#] Folder Deleted : C:\Program Files (x86)\BabylonToolbar
[#] Folder Deleted : C:\Program Files (x86)\BS_Player
[#] Folder Deleted : C:\Program Files (x86)\Conduit
[#] Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
[#] Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
[#] Folder Deleted : C:\Program Files (x86)\Winamp Toolbar
[#] Folder Deleted : C:\Program Files (x86)\Yontoo
[#] Folder Deleted : C:\Program Files (x86)\uTorrentControl2
[#] Folder Deleted : C:\Program Files (x86)\myfree codec
[#] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[#] Folder Deleted : C:\ProgramData\AVG Secure Search
[#] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[#] Folder Deleted : C:\ProgramData\Babylon
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
[#] Folder Deleted : C:\ProgramData\Tarma Installer
[#] Folder Deleted : C:\ProgramData\Winamp Toolbar
[#] Folder Deleted : C:\ProgramData\41430078FD77134A788030B8367666EA
[#] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
[#] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\registry mechanic
[#] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[#] Folder Deleted : C:\Users\Admin\AppData\Local\Winamp Toolbar
[#] Folder Deleted : C:\Users\Admin\AppData\LocalLow\AVG Secure Search
[#] Folder Deleted : C:\Users\Admin\AppData\LocalLow\BS_Player
[#] Folder Deleted : C:\Users\Admin\AppData\LocalLow\facemoods.com
[#] Folder Deleted : C:\Users\pt\AppData\Local\PackageAware
[#] Folder Deleted : C:\Users\pt\AppData\Roaming\registry mechanic
[#] Folder Deleted : C:\Users\pt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlvPlayer
[#] Folder Deleted : C:\Users\pt\AppData\Roaming\Mozilla\Firefox\Profiles\atmxxqas.default\ICQToolbarData
[#] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Winamp Toolbar

***** [ Files ] *****

[-] File Deleted : C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pacgpkgadgmibnhpdidcnfafllnmeomc_0.localstorage
[-] File Deleted : C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pacgpkgadgmibnhpdidcnfafllnmeomc_0.localstorage-journal
[-] File Deleted : C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
[-] File Deleted : C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
[-] File Deleted : C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.avg.com_0.localstorage
[-] File Deleted : C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.avg.com_0.localstorage-journal
[-] File Deleted : C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
[-] File Deleted : C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
[-] File Deleted : C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_youtube.conduitapps.com_0.localstorage
[-] File Deleted : C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_youtube.conduitapps.com_0.localstorage-journal
[-] File Deleted : C:\Users\pt\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E716F183-5AD7-11DC-9670-00508DC0D496}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3041D03E-FD4B-44E0-B742-2D9B88305F98}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
[!] Key Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
[!] Key Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
[-] Key Deleted : HKCU\Software\ICQ\ICQToolbar
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\Smart PC Solutions
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKLM\SOFTWARE\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
[-] Key Deleted : HKLM\SOFTWARE\FlvPlayer
[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKLM\SOFTWARE\SafetyNut
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FlvPlayer
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{83AA2913-C123-4146-85BD-AD8F93971D39}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FlvPlayer
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Security Toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\BrowserMngr
[-] Key Deleted : HKU\.DEFAULT\Software\facemoods.com
[-] Key Deleted : HKU\.DEFAULT\Software\ICQ\ICQToolbar
[-] Key Deleted : HKU\.DEFAULT\Software\IGearSettings
[-] Key Deleted : HKU\.DEFAULT\Software\Winamp Toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\AskBarDis
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\AVG Security Toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Conduit
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}

***** [ Web browsers ] *****

[-] [C:\Users\pt\AppData\Roaming\Mozilla\Firefox\Profiles\atmxxqas.default\prefs.js] [Preference] Deleted : user_pref("extensions.snipit.searchAssistEnabled", true);
[-] [C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.conduit.com_
[-] [C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : slirsredirect.search.aol.com
[-] [C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : toolbar.ask.com
[-] [C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : daemon-search.com
[-] [C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : icq.com
[-] [C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.conduit.com
[-] [C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : facemoods.com
[-] [C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : isearch.avg.com
[-] [C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : babylon.com
[-] [C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.search.ask.com/?o=APN11459&gct=hp&d ... 77-344&t=4
[-] [C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.search.ask.com/?o=APN11459&gct=hp&d ... 77-344&t=4
[-] [C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : isearch.avg.com
[-] [C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxps://isearch.avg.com/?cid={70479F57-5955-4179-8550-CC6635A182DF}&mid=a289887f5fbca81eec50bc8008854ca2-593fd05dea9af77b8935d16e99d1d691698f10ee&lang=cs&ds=pd011&pr=sa&d=2012-10-15 22:54:51&v=13.2.0.1&sap=hp

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner[R1].txt - [63618 bytes] - [07/06/2013 17:04:15]
C:\AdwCleaner[R2].txt - [63573 bytes] - [07/06/2013 18:00:42]
C:\AdwCleaner[S1].txt - [51724 bytes] - [07/06/2013 18:04:55]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [16765 bytes] ##########

#6 Příspěvek od **Márty84** » 23 lis 2015 06:25

Druhy a treti disk hlasi chyby, i to muze delat potize. Ale uvidime az po uplnem docisteni...

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

StribogCZ · #7 Příspěvek od **StribogCZ** » 26 lis 2015 19:45

Tak konečně jsem dodělal sken. Přikládám výpis. Našlo to 82 hrozeb:-(
Před tím jsem omylem odsouhlasil aktualizaci windowsů, snad to nevadí.

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 25.11.2015
Čas skenování: 21:40:48
Protokol: malware.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.11.25.05
Databáze rootkitů: v2015.11.23.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows Vista Service Pack 2
CPU: x64
Souborový systém: NTFS
Uživatel: pt

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 1311152
Uplynulý čas: 5 hod, 6 min, 29 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 9
PUP.Optional.Babylon, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [e75298ea44472d091cf44bf39b67c739],
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}, , [cc6d7909f29964d2764efbee828148b8],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOLARO, , [1d1c1072c3c8ea4c2f81b2d471923fc1],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VONTEERA, , [94a56f1396f5b4821a97e99dc63d6a96],
PUP.Optional.BSPlayer, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\BS_Player, , [e35682000f7c61d5fe2f3c3604ffbc44],
PUP.Optional.FaceMoods, HKU\S-1-5-21-3635251681-664119229-3205739600-1001\SOFTWARE\facemoods.com, , [94a50d75870453e313099ee1c43f45bb],
PUP.Optional.BSPlayer, HKU\S-1-5-21-3635251681-664119229-3205739600-1001\SOFTWARE\APPDATALOW\SOFTWARE\BS_Player, , [c376671bd2b9e25404290a6863a07987],
PUP.Optional.Bandoo.AppFlsh, HKU\S-1-5-21-3635251681-664119229-3205739600-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}, , [8cadb6ccb5d6171f15a3c821e122ae52],
PUP.Optional.BProtector, HKU\S-1-5-21-3635251681-664119229-3205739600-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\BPROTECTSETTINGS, , [17223b4796f58aacfe1d630d62a1926e],

Hodnoty registru: 10
PUP.Optional.BSPlayer, HKU\S-1-5-21-3635251681-664119229-3205739600-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}, , [bb7e1a684348be78a00ab98514ee41bf],
PUP.Optional.BSPlayer, HKU\S-1-5-21-3635251681-664119229-3205739600-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}, ĹmÖţt JŹ\ Ĺ¬âąĄ, , [bb7e1a684348be78a00ab98514ee41bf]
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}|URL, http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}, , [cc6d7909f29964d2764efbee828148b8]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOLARO|debugger, tasklist.exe, , [1d1c1072c3c8ea4c2f81b2d471923fc1]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VONTEERA|debugger, tasklist.exe, , [94a56f1396f5b4821a97e99dc63d6a96]
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{FA827889-D63A-429D-8BAB-97FED58B1AD6}, v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Admin\AppData\Local\Temp\~osD0A2.tmp\rlvknlg.exe|Name=rlvknlg.exe|Edge=FALSE|, , [46f393ef8a012412fa438e55a06319e7]
PUP.Optional.RelevantKnowledge, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5D8AE5B5-75F8-40F7-9DC3-8E15FEE320EA}, v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\pt\AppData\Local\Temp\~os9C7C.tmp\rlvknlg.exe|Name=rlvknlg.exe|Edge=FALSE|, , [4ced5f23d3b843f380bd3ca716edfb05]
PUP.Optional.BrowserMngr, HKU\S-1-5-21-3635251681-664119229-3205739600-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|BrowserMngrDefaultScope, {6A1806CD-94D4-4689-BA73-E35EA1EA9990}, , [ce6b2959f6951a1cfe849550e91a7090]
PUP.Optional.BProtector, HKU\S-1-5-21-3635251681-664119229-3205739600-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {95B7759C-8C7F-4BF1-B163-73684A933233}, , [370298eaec9f033384efbd1f2fd47987]
PUP.Optional.Bandoo.AppFlsh, HKU\S-1-5-21-3635251681-664119229-3205739600-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}|URL, http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}, , [8cadb6ccb5d6171f15a3c821e122ae52]

Data registru: 1
Hijack.WMI, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINMGMT\PARAMETERS|ServiceDll, C:\PROGRA~3\8fbrw0.zvv, Dobré: (%SystemRoot%\system32\wbem\WMIsvc.dll), Špatné: (C:\PROGRA~3\8fbrw0.zvv),,[1a1fa0e23f4cca6c12335fff5da736ca]

Složky: 3
PUP.Optional.ConduitTB.Gen, C:\Users\pt\AppData\Local\CRE, , [a7923f436d1e6cca3281098f48ba7b85],
PUP.Optional.DataMngr.AppFlsh, C:\Users\Admin\AppData\LocalLow\DataMngr, , [db5eee94ff8c47efbb037b176e94ae52],
PUP.Optional.DataMngr.AppFlsh, C:\Users\pt\AppData\LocalLow\DataMngr, , [eb4eacd6305b6acc734bade59b67d729],

Soubory: 59
RiskWare.Tool.CK, K:\Dokumenty - K\Instal - Hry - K\MOH_CRACK_Antixrist.rar, , [9f9a1b676d1e5adc6d94db1d7190ca36],
CrackTool.Agent, K:\Dokumenty - K\Instal - Hry - K\Mafia 2 CZ\Crack.zip, , [eb4efe84f39812249cd8ec1b8c76f808],
Trojan.Agent.Generic, K:\Dokumenty - K\Instal - Hry - K\Dr._Mozek\Klikni_a_cti.exe, , [0a2f354d404b40f6f30e63f242bf12ee],
RiskWare.Tool.CK, K:\Dokumenty - K\Instal - Hry - K\Medal Of Honor Limited Edition MULTi3 CLONEDVD-P2P\MOH_CRACK_Antixrist\MOH_CRACK\Binaries\loader.dll, , [a6931c66e2a9003617ea38c0847da25e],
RiskWare.Tool.CK, K:\Dokumenty - K\Instal - Hry - K\crysis maximum edition cz\Crysis\crysis keygen+patch+crack\Crysis_Keygen.zip, , [aa8f4f33563572c45dc5f27d7193639d],
RiskWare.Tool.HCK, K:\Dokumenty - K\Instal - Programy - K\Autocad 2009 cz\Autodesk.AutoCAD.2009.zip, , [73c6c5bdc8c373c39b879740976ad12f],
Trojan.HTKeyGen, K:\Dokumenty - K\Instal - Programy - K\AutoCAD 2011 Czech Win 32 & 64 bit\AutoCAD.2011.KeyGen.Gnrsu.com.rar, , [cf6a532f503baa8c334600a18b751ae6],
Trojan.Agent, K:\Dokumenty - K\Instal - Programy - K\Daemon Tools Pro 4.30.0303 Advanced-DARK0D3R\DTP4300303PRO\DTP4300303PRO.rar, , [14251969d5b6152155a03f8c2fd2bf41],
PUP.Optional.AsteriskPasswords, F:\Instal2\hesla\astlog.zip, , [1227acd694f7cc6a930b325521e334cc],
RiskWare.Tool.CK, F:\Instal2\NetLimiter v 1.30\NetLimiter[1].v1.30.zip, , [d564701258333bfb5df22a233bc5db25],
CrackTool.Agent, F:\Instal2\Nod2\Nod2.zip, , [c079fd85602b45f147725b29c53fa65a],
Trojan.KillAV, F:\Instal2\VYPÁLENO\ACDSee 8.0\Crack\ACDSee8.exe, , [1a1f2161197233039f0c879af212d729],
Trojan.KillAV, F:\Instal2\VYPÁLENO\ACDSee 8.0 Build 39\Crack.zip, , [0d2c334f0a8183b3fbb0190848bcc53b],
Trojan.KillAV, F:\Instal2\VYPÁLENO\ACDSee 8.0 Build 39\Crack\ACDSee8.exe, , [d762255dbfcc082e2e7d0d145ba9728e],
Backdoor.Bot, J:\Instal\programy G\ArchiCAD 10 CZ + CRACK\Crack\Archicad.10.build.2421_Crk.exe, , [6bce6c16a6e5d363eac398c2c9374ab6],
Trojan.Agent.W, J:\Instal\programy G\W7 Eternity by nOwAsToRm\Windows 7 Loader\Windows 7 Loader.exe, , [b485542e86053cfa760feb24f113ee12],
Trojan.Agent.CK, J:\Instal\programy G\CIVIL3D\Autodesk_2010_all.rar, , [42f7cfb3137888ae05aec10cc1405ca4],
Trojan.Agent.Drop, J:\System Volume Information\_restore{8B8489ED-7AFA-4FBF-BDCB-05EC1B039889}\RP1670\A0315596.EXE, , [f148a6dc484338fe71a893824ab849b7],
Trojan.Dropper.SFXAI, J:\System Volume Information\_restore{8B8489ED-7AFA-4FBF-BDCB-05EC1B039889}\RP1670\A0316099.EXE, , [ee4be0a2ef9ce056a6f205bba65a8080],
Adware.Agent, J:\torrent\Nová složka\fuel crack\fu-crc.rar, , [6fca87fb206b4fe7d0ffe7735da3c13f],
PUP.Optional.BabylonToolBar, C:\AdwCleaner\Quarantine\C\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarApp.dll.vir, , [aa8f384acfbc3501ea6b1215e91829d7],
PUP.Optional.BabylonToolBar, C:\AdwCleaner\Quarantine\C\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarEng.dll.vir, , [5edb6f13e3a84de92a2b949356ab03fd],
PUP.Optional.BabylonToolBar, C:\AdwCleaner\Quarantine\C\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarsrv.exe.vir, , [14250e742d5e8caa70e5de49758c9e62],
PUP.Optional.BabylonToolBar, C:\AdwCleaner\Quarantine\C\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll.vir, , [f2476f13dead0a2ccd88ee391ce58878],
PUP.Optional.BabylonToolBar, C:\AdwCleaner\Quarantine\C\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\uninstall.exe.vir, , [e653ceb47a11350156fd0522e120ae52],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir, , [46f31b676b20063009a50a0527d9758b],
PUP.Optional.ConduitTB.Gen, C:\AdwCleaner\Quarantine\C\Program Files (x86)\uTorrentControl2\ldrtbuTor.dll.vir, , [a594760c1873ca6c3bed057f05ff6b95],
PUP.Optional.ConduitTB.Gen, C:\AdwCleaner\Quarantine\C\Program Files (x86)\uTorrentControl2\prxtbuTor.dll.vir, , [e0597b07becd989e2ff9ee96729257a9],
PUP.Optional.ConduitTB.Gen, C:\AdwCleaner\Quarantine\C\Program Files (x86)\uTorrentControl2\tbuTor.dll.vir, , [7bbe6a18206b6cca57d11a6aa55fb64a],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Yontoo\YontooIEClient.dll.vir, , [93a62b571873270f6c064f39c93b37c9],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir, , [5edbcbb7c8c3ff37fc0d0b9db15041bf],
PUP.Optional.OpenCandy, C:\Program Files (x86)\ICQ7.0\upgrade\2dcd1d63cb45e6613582211c3d5f4b23, , [56e3f38ffd8ec5719d0ee5970df7728e],
PUP.Optional.OpenCandy, C:\Program Files (x86)\ICQ7.0\upgrade\53e83dd5315bfb1f928441c9b4618b68, , [51e8443ee3a8b680c4e7e498b84cad53],
Trojan.Agent, E:\Instal\hry\Arma2 crack.rar, , [b7823f439eedf83e604dcefc98691ae6],
HackTool.Agent, E:\Instal\hry\CRACK_CPCW.rar, , [1d1c3c461f6cd462f4697591857b6c94],
Trojan.Agent.Generic, E:\Instal\hry\CHEATY na css\Amschnock Pub 1.5 for_Counter Strike Source.zip, , [91a86f13a6e5fb3b753b084ce71a45bb],
HackTool.HotKeysHook, E:\Instal\hry\CHEATY na css\Dark Evolution 2009 v3.1 for Counter Strike Source.zip, , [1f1aea98a1ea0432e32398aab94bc937],
PUP.Optional.WirelessKeyView, E:\Instal\programy\wirelesskeyview-x64.zip, , [77c2542e7516d264d9ecbacca1635ea2],
RiskWare.Tool.CK, E:\Instal\programy\vsoConvertXtoDVD_3.8.0.193.rar, , [1425077b2368e650606bd8ec00018779],
Trojan.Agent, E:\Instal\programy\Alcohol120 v1.9.6.5429 + crack.rar, , [c970f0924348fb3beefc785331d0639d],
Trojan.FakeAlert, E:\Instal\programy\PowerDVD Ultra v8.0.2217.50 + HD DVD Playback Addon\Tweak Pack.zip, , [be7b85fd98f3fb3b7f8ee56dfe02fc04],
PUP.Optional.WirelessKeyView, E:\Instal\programy\wirelesskeyview-x64\wirelesskeyview-x64.zip, , [64d5c3bff39848eec0055a2c6a9aba46],
PUP.Optional.WirelessKeyView, E:\Instal\programy\wirelesskeyview-x64\WirelessKeyView.exe, , [be7b4141c0cb0f276a5b6323758f11ef],
PUP.Optional.WirelessKeyView, E:\Instal\programy\wirelesskeyview-x64\wirelesskeyview-x64\WirelessKeyView.exe, , [1c1d671b95f65cdadfe6ee980ff56a96],
RiskWare.Tool.CK, E:\Instal\programy\CloneDVD 4.2.5.0 CZ\KEYGEN.rar, , [4dec9fe33f4ce94d7fbd242df907f808],
HackTool.Agent, E:\Instal\programy\total_video_converter_version_3_14\e_m__total_video_converter_version_3_14_patch_by_veltaros.zip, , [51e8fd85d1badf57015c679f44bcf709],
RiskWare.Tool.CK, E:\Instal\programy\Aktivátory - Legalizátory\Windows 7 Legalizátor\Windows 7 Legalizátor.exe, , [2514e1a1d6b503334290151b29dbca36],
Adware.Agent, E:\Program Files\Codemasters\FUEL\1911.dll, , [e851463c6922c96d9a354812bd43669a],
RiskWare.Tool.HCK, E:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\rld-bbc2.exe, , [1d1cf68c3259c96d58f609cee41d11ef],
RiskWare.Tool.CK, E:\Program Files (x86)\Electronic Arts\Medal of Honor\Binaries\loader.dll, , [ad8c463c3952b48208f96197ac55a55b],
PUP.Optional.DealioTB, E:\torrent\hotovo\windows.7.codec.pack.v2.9.0.setup.exe, , [8dac87fbd3b89e989866057d3bc9966a],
PUP.Optional.SweetPacks, E:\torrent\hotovo\YouTubeDownloaderSetup274.exe, , [d9602d552e5d1a1cea962904a35e8b75],
RiskWare.Tool.CK, E:\torrent\hotovo\MOH_CRACK_Antixrist.rar, , [39007210a2e996a0df2249af32cfd828],
PUP.Optional.OpenCandy, E:\torrent\hotovo\RTS Stavitel 2012\DTLite4451-0236.exe, , [e752b4ceb1daf1454e5dd1ab5aaa44bc],
PUP.Optional.IntroKeygen, E:\torrent\hotovo\BS.Player Pro 2.41.1003\!keygen\CORE10k.EXE, , [73c67111abe0290da70e2727b45055ab],
PUP.Optional.ConduitTB.Gen, C:\Users\pt\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx, , [a7923f436d1e6cca3281098f48ba7b85],
PUP.Optional.FaceMoods, C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrchfalco.xml, , [cd6cc9b994f7c571e3372a55b94a6997],
PUP.Optional.DataMngr.AppFlsh, C:\Users\Admin\AppData\LocalLow\DataMngr\{2ad95a4b-54b3-4570-bc8b-e85db90c1775}, , [db5eee94ff8c47efbb037b176e94ae52],
PUP.Optional.DataMngr.AppFlsh, C:\Users\pt\AppData\LocalLow\DataMngr\{2ad95a4b-54b3-4570-bc8b-e85db90c1775}, , [eb4eacd6305b6acc734bade59b67d729],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#8 Příspěvek od **Márty84** » 27 lis 2015 16:49

Vy jste vykradl skladiste cracku? Se nedivte, ze to mate zavsivene, kdyz skladujete takovou sbirku

Vcetne nelegalnich aktivatoru windowsu

Doufam, ze aspon ty Visty jsou legalni

Jelikoz je havet i v bodech obnovy...

Postupujte presne v tomto poradi.
1) MBAM nezavirejte, jen minimalizujte.
2) Vymazte/Vypnete vytvareni bodu obnovy http://forum.viry.cz/viewtopic.php?f=46&t=47040 , ale nerestartujte pc.
3) Ted nechte nalezy MBAM odstranit a restartujte pc.
4) Zopakujte test s MBAM a napiste jeho vysledek a podle toho zvolim dalsi postup.

Pokud bude cisto, zapnete zase funkci vytvareni bodu obnovy, at pak na to nezapomenem.

StribogCZ · #9 Příspěvek od **StribogCZ** » 28 lis 2015 15:00

No něco málo nelegálního tam možná bude

Sken proveden:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 27.11.2015
Čas skenování: 21:34:50
Protokol: malware2.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.11.27.03
Databáze rootkitů: v2015.11.26.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows Vista Service Pack 2
CPU: x64
Souborový systém: NTFS
Uživatel: pt

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 1311602
Uplynulý čas: 5 hod, 43 min, 51 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#10 Příspěvek od **Márty84** » 28 lis 2015 23:33

No zas takova sranda to neni

Ani nevim, jestli to ma cenu cistit, protoze pri tom mnozstvi cracku je dost pravdepodobne, ze si to zaliskate znova

Dejte novy log z RSIT

a k tomu

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

StribogCZ · #11 Příspěvek od **StribogCZ** » 29 lis 2015 16:13

Hotovo.
z FRST mi vyjely dva logy. Tak přikládám oba.

1) RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by pt at 2015-11-29 15:22:14
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 48 GB (35%) free of 136 GB
Total RAM: 8190 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:22:16, on 29.11.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16717)
Boot mode: Normal

Running processes:
C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
E:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\PDVD9Serv.exe
E:\Program Files (x86)\PowerISO\PWRISOVM.EXE
E:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\pt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: PDF Architect Helper - {691B33B0-B86E-47F3-81C7-56E4FE3B929C} - C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [BDRegion] "C:\Program Files (x86)\Cyberlink\Shared files\brs.exe"
O4 - HKLM\..\Run: [RemoteControl9] "e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] "e:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] E:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [KiesTrayAgent] "C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.894
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] E:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] E:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - E:\Program Files (x86)\Sync\FreeAgentService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NetLimiter (nlsvc) - Locktime Software - e:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: PDF Architect 2 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\ws.exe
O23 - Service: PDF Architect 2 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: pdfforge CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Transoft Solutions License Server V1.7 - Unknown owner - C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16573 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"E:\Program Files (x86)\Sync\FreeAgentService.exe"
"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"e:\Program Files\NetLimiter 2 Pro\nlsvc.exe"
"C:\Program Files (x86)\PDF Architect 2\creator-ws.exe"
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 852
taskeng.exe {5F970867-235D-4D24-AB7F-5E8FA4C8B87E}
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\Dwm.exe"
taskeng.exe {507E7E01-B32B-44BF-B71D-01420B66478C}
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:940
C:\Windows\Explorer.EXE
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe"
"E:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\PDVD9Serv.exe"
/runonlyonce /tray
"E:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
"E:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe" -startup
"E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
"C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
ctfmon.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
HydraDM64.exe -h:66596 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_ActiveX.exe -Embedding
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:5348 CREDAT:203009
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:5348 CREDAT:137476
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:5348 CREDAT:137554
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\pt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A5PI9GJN\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000Core.job - C:\Users\pt\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000UA.job - C:\Users\pt\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-09-17 38112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{691B33B0-B86E-47F3-81C7-56E4FE3B929C}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10 37928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
{DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10 478760]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23 194504]
{2DFF3579-5AA7-45B9-9328-1D38EA230861} - PDF Architect 3 Toolbar - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-09-17 517344]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1584184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"uTorrent"=C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe [2015-11-21 802136]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2008-12-01 380928]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2009-11-19 75048]
"RemoteControl9"=e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\PDVD9Serv.exe [2009-07-06 87336]
"PDVD9LanguageShortcut"=e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\Language\Language.exe [2009-04-27 50472]
"PWRISOVM.EXE"=e:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2009-07-27 180224]
"PCSuiteTrayApplication"=E:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]
"Acrobat Assistant 8.0"=E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2013-05-08 642664]
"CarboniteSetupLite"=C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe [2009-08-04 318096]
""= []
"RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-11-02 90448]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-03-28 310640]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]
"UnlockerAssistant"=C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avgui.exe [2015-10-30 3826600]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2015-11-12 1136552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.894 []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"E:\Program Files (x86)\ZWCAD 2010 Csy\ZWCAD.EXE"="E:\Program Files (x86)\ZWCAD 2010 Csy\ZWCAD.EXE:*:Enabled:ZWCAD.EXE"
"E:\Program Files (x86)\ZWCAD 2010 Csy\ZWErrorDialog.exe"="E:\Program Files (x86)\ZWCAD 2010 Csy\ZWErrorDialog.exe:*:Enabled:ZWErrorDialog.exe"
"E:\Program Files (x86)\ZWCAD 2010 Csy\CrashReportManagement.exe"="E:\Program Files (x86)\ZWCAD 2010 Csy\CrashReportManagement.exe:*:Enabled:CrashReportManagement.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-11-24 19:15:40 ----A---- C:\Windows\SYSWOW64\uxtuneup.dll
2015-11-24 19:15:40 ----A---- C:\Windows\system32\uxtuneup.dll
2015-11-24 19:15:05 ----SHD---- C:\Config.Msi
2015-11-23 01:02:03 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-11-23 01:02:02 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-11-23 01:02:02 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2015-11-23 01:02:02 ----A---- C:\Windows\system32\ncrypt.dll
2015-11-23 01:02:01 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-11-23 01:02:01 ----A---- C:\Windows\system32\schannel.dll
2015-11-23 01:02:01 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-11-23 01:02:01 ----A---- C:\Windows\system32\bcrypt.dll
2015-11-23 00:47:58 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-11-23 00:47:58 ----A---- C:\Windows\system32\scesrv.dll
2015-11-23 00:47:03 ----A---- C:\Windows\system32\win32k.sys
2015-11-23 00:43:44 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-11-23 00:43:44 ----A---- C:\Windows\system32\kernel32.dll
2015-11-23 00:41:53 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-11-23 00:41:53 ----A---- C:\Windows\system32\msv1_0.dll
2015-11-23 00:41:53 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-11-23 00:41:53 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-11-23 00:41:53 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-11-23 00:41:52 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-11-23 00:41:52 ----A---- C:\Windows\system32\rpcrt4.dll
2015-11-23 00:41:51 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-11-23 00:41:51 ----A---- C:\Windows\system32\advapi32.dll
2015-11-23 00:13:56 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-11-23 00:13:56 ----A---- C:\Windows\system32\tzres.dll
2015-11-23 00:12:36 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-11-23 00:12:36 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-11-23 00:11:12 ----A---- C:\Windows\system32\drivers\srvnet.sys
2015-11-23 00:11:12 ----A---- C:\Windows\system32\drivers\srv.sys
2015-11-23 00:10:38 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-11-23 00:10:38 ----A---- C:\Windows\system32\ole32.dll
2015-11-23 00:10:02 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-11-23 00:10:02 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-11-23 00:09:28 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-11-23 00:09:28 ----A---- C:\Windows\system32\msctf.dll
2015-11-23 00:08:53 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-11-23 00:08:53 ----A---- C:\Windows\system32\mstscax.dll
2015-11-22 23:55:57 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-11-22 23:55:57 ----A---- C:\Windows\system32\kerberos.dll
2015-11-22 23:42:26 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2015-11-22 23:42:26 ----A---- C:\Windows\system32\cewmdm.dll
2015-11-22 23:42:06 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-11-22 23:41:33 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-11-22 23:41:33 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-11-22 23:41:33 ----A---- C:\Windows\system32\msiexec.exe
2015-11-22 23:41:33 ----A---- C:\Windows\system32\msi.dll
2015-11-22 23:40:26 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-11-22 23:40:26 ----A---- C:\Windows\system32\spwmp.dll
2015-11-22 23:40:26 ----A---- C:\Windows\system32\dxmasf.dll
2015-11-22 23:40:25 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-11-22 23:40:22 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-11-22 23:40:21 ----A---- C:\Windows\system32\wmploc.DLL
2015-11-22 23:40:21 ----A---- C:\Windows\system32\wmp.dll
2015-11-22 23:40:20 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-11-22 23:39:01 ----A---- C:\Windows\SYSWOW64\notepad.exe
2015-11-22 23:39:01 ----A---- C:\Windows\system32\notepad.exe
2015-11-22 23:39:01 ----A---- C:\Windows\notepad.exe
2015-11-22 23:38:43 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-11-22 23:38:43 ----A---- C:\Windows\system32\gdi32.dll
2015-11-22 23:37:50 ----A---- C:\Windows\system32\basesrv.dll
2015-11-22 23:35:20 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-11-22 23:35:19 ----A---- C:\Windows\system32\shell32.dll
2015-11-22 23:34:42 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-11-22 23:34:42 ----A---- C:\Windows\system32\comctl32.dll
2015-11-22 23:34:35 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-11-22 23:34:35 ----A---- C:\Windows\system32\WMPhoto.dll
2015-11-22 23:34:26 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-11-22 23:34:26 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-11-22 23:34:26 ----A---- C:\Windows\system32\msxml6.dll
2015-11-22 23:34:26 ----A---- C:\Windows\system32\msxml3.dll
2015-11-22 23:34:18 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-11-22 23:34:18 ----A---- C:\Windows\system32\clfsw32.dll
2015-11-22 23:34:18 ----A---- C:\Windows\system32\clfs.sys
2015-11-22 23:34:03 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-11-22 23:34:03 ----A---- C:\Windows\system32\drivers\ecache.sys
2015-11-22 23:34:02 ----A---- C:\Windows\system32\msmmsp.dll
2015-11-22 23:34:02 ----A---- C:\Windows\system32\emdmgmt.dll
2015-11-22 23:33:55 ----A---- C:\Windows\SYSWOW64\services.exe
2015-11-22 23:33:55 ----A---- C:\Windows\system32\services.exe
2015-11-22 23:33:11 ----A---- C:\Windows\system32\schedsvc.dll
2015-11-22 23:33:04 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-22 23:33:04 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-22 23:23:04 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-11-22 23:23:04 ----A---- C:\Windows\SYSWOW64\user.exe
2015-11-22 23:23:04 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-11-22 23:23:04 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-11-22 23:23:04 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-11-22 23:23:04 ----A---- C:\Windows\system32\wow64cpu.dll
2015-11-22 23:23:04 ----A---- C:\Windows\system32\smss.exe
2015-11-22 23:23:04 ----A---- C:\Windows\system32\ntvdm64.dll
2015-11-22 23:23:04 ----A---- C:\Windows\system32\csrsrv.dll
2015-11-22 23:23:03 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-11-22 23:23:03 ----A---- C:\Windows\system32\wow64win.dll
2015-11-22 23:23:03 ----A---- C:\Windows\system32\wow64.dll
2015-11-22 23:23:03 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-11-22 23:23:03 ----A---- C:\Windows\system32\ntdll.dll
2015-11-22 23:12:16 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-11-22 23:12:16 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2015-11-22 23:12:16 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2015-11-22 23:12:16 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2015-11-22 23:12:16 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2015-11-22 23:12:16 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2015-11-22 23:12:16 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2015-11-22 23:12:16 ----A---- C:\Windows\system32\d3d10warp.dll
2015-11-22 23:12:16 ----A---- C:\Windows\system32\d3d10level9.dll
2015-11-22 23:12:16 ----A---- C:\Windows\system32\d3d10core.dll
2015-11-22 23:12:16 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-11-22 23:12:16 ----A---- C:\Windows\system32\d3d10_1.dll
2015-11-22 23:12:16 ----A---- C:\Windows\system32\d3d10.dll
2015-11-22 23:12:16 ----A---- C:\Windows\system32\d2d1.dll
2015-11-22 23:12:15 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-11-22 23:12:15 ----A---- C:\Windows\system32\FntCache.dll
2015-11-22 23:12:15 ----A---- C:\Windows\system32\DWrite.dll
2015-11-22 23:12:08 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-11-22 23:12:08 ----A---- C:\Windows\system32\atmlib.dll
2015-11-22 23:12:07 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-11-22 23:12:07 ----A---- C:\Windows\system32\atmfd.dll
2015-11-22 23:11:51 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-11-22 23:11:51 ----A---- C:\Windows\system32\WebClnt.dll
2015-11-22 23:09:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-11-22 23:09:46 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2015-11-22 23:09:46 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2015-11-22 23:09:45 ----A---- C:\Windows\SYSWOW64\url.dll
2015-11-22 23:09:45 ----A---- C:\Windows\SYSWOW64\mshta.exe
2015-11-22 23:09:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-11-22 23:09:45 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-11-22 23:09:45 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-11-22 23:09:45 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-11-22 23:09:45 ----A---- C:\Windows\system32\urlmon.dll
2015-11-22 23:09:45 ----A---- C:\Windows\system32\mshta.exe
2015-11-22 23:09:45 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-11-22 23:09:45 ----A---- C:\Windows\system32\msfeeds.dll
2015-11-22 23:09:45 ----A---- C:\Windows\system32\jsproxy.dll
2015-11-22 23:09:45 ----A---- C:\Windows\system32\ieUnatt.exe
2015-11-22 23:09:45 ----A---- C:\Windows\system32\iertutil.dll
2015-11-22 23:09:44 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-11-22 23:09:44 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-11-22 23:09:44 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-11-22 23:09:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-11-22 23:09:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-11-22 23:09:43 ----A---- C:\Windows\system32\url.dll
2015-11-22 23:09:43 ----A---- C:\Windows\system32\dxtrans.dll
2015-11-22 23:09:42 ----A---- C:\Windows\system32\wininet.dll
2015-11-22 23:09:42 ----A---- C:\Windows\system32\mshtmled.dll
2015-11-22 23:09:42 ----A---- C:\Windows\system32\ieui.dll
2015-11-22 23:09:42 ----A---- C:\Windows\system32\ieframe.dll
2015-11-22 23:09:42 ----A---- C:\Windows\system32\dxtmsft.dll
2015-11-22 23:09:40 ----A---- C:\Windows\system32\mshtml.dll
2015-11-22 23:09:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-11-22 23:09:39 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-11-22 23:09:39 ----A---- C:\Windows\system32\vbscript.dll
2015-11-22 23:09:39 ----A---- C:\Windows\system32\jscript9.dll
2015-11-22 23:09:39 ----A---- C:\Windows\system32\jscript.dll
2015-11-22 23:09:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-11-22 23:09:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-11-22 23:09:38 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-11-22 23:09:37 ----A---- C:\Windows\system32\msfeedssync.exe
2015-11-22 16:43:30 ----D---- C:\AdwCleaner
2015-11-12 00:22:02 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe

======List of files/folders modified in the last 1 month======

2015-11-29 15:22:16 ----D---- C:\Windows\Prefetch
2015-11-29 15:22:15 ----D---- C:\Program Files\trend micro
2015-11-29 15:22:12 ----D---- C:\Windows\Temp
2015-11-29 15:22:11 ----D---- C:\Users\pt\AppData\Roaming\uTorrent
2015-11-28 16:37:25 ----D---- C:\Windows\System32
2015-11-28 16:37:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-28 16:37:24 ----D---- C:\Windows\inf
2015-11-28 16:30:01 ----A---- C:\servicetest.txt
2015-11-27 22:16:08 ----D---- C:\Windows\system32\Tasks
2015-11-27 21:23:39 ----D---- C:\Windows\system32\drivers
2015-11-27 21:23:39 ----D---- C:\Windows\registration
2015-11-27 00:00:42 ----SHD---- C:\System Volume Information
2015-11-25 21:30:44 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-25 07:30:32 ----D---- C:\ProgramData\MFAData
2015-11-24 19:16:24 ----SHD---- C:\Windows\Installer
2015-11-24 19:15:44 ----D---- C:\Windows\SysWOW64
2015-11-23 16:41:12 ----A---- C:\Windows\system32\TURegOpt.exe
2015-11-23 16:37:00 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2015-11-23 16:37:00 ----A---- C:\Windows\system32\authuitu.dll
2015-11-23 02:11:22 ----D---- C:\Windows\winsxs
2015-11-23 02:07:50 ----D---- C:\Windows\rescache
2015-11-23 02:05:45 ----D---- C:\Windows\Microsoft.NET
2015-11-23 02:05:24 ----RSD---- C:\Windows\assembly
2015-11-23 01:51:14 ----D---- C:\Windows\system32\catroot
2015-11-23 01:46:18 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-11-23 01:46:18 ----D---- C:\Windows\system32\cs-CZ
2015-11-23 01:46:16 ----D---- C:\Windows\SYSWOW64\XPSViewer
2015-11-23 01:46:13 ----D---- C:\Windows\SYSWOW64\migration
2015-11-23 01:46:13 ----D---- C:\Windows\system32\CodeIntegrity
2015-11-23 01:46:13 ----D---- C:\Program Files (x86)\Internet Explorer
2015-11-23 01:46:12 ----D---- C:\Windows\system32\migration
2015-11-23 01:46:12 ----D---- C:\Program Files\Internet Explorer
2015-11-23 01:46:11 ----D---- C:\Windows\ehome
2015-11-23 01:46:11 ----D---- C:\Program Files\Windows Media Player
2015-11-23 01:46:11 ----D---- C:\Program Files (x86)\Windows Media Player
2015-11-23 01:46:09 ----D---- C:\Windows
2015-11-23 01:46:09 ----D---- C:\Program Files\Windows Journal
2015-11-23 01:46:07 ----D---- C:\Windows\AppPatch
2015-11-23 01:12:42 ----D---- C:\Windows\system32\MRT
2015-11-23 01:02:21 ----D---- C:\Windows\system32\catroot2
2015-11-23 01:01:56 ----D---- C:\ProgramData\Microsoft Help
2015-11-22 16:50:46 ----RD---- C:\Program Files (x86)
2015-11-22 16:50:46 ----HD---- C:\ProgramData
2015-11-22 16:50:46 ----D---- C:\Program Files (x86)\Common Files
2015-11-22 16:50:45 ----D---- C:\ProgramData\ICQ
2015-11-21 23:31:52 ----D---- C:\ProgramData\Avg
2015-11-21 20:17:50 ----D---- C:\Users\pt\AppData\Roaming\vlc
2015-11-21 20:10:09 ----AD---- C:\ProgramData\Temp
2015-11-12 00:38:21 ----D---- C:\Windows\Tasks
2015-11-12 00:32:17 ----D---- C:\Windows\Minidump
2015-11-12 00:22:09 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-11-06 17:59:08 ----HD---- C:\$AVG
2015-11-01 22:18:13 ----D---- C:\Program Files (x86)\PDF Architect 3

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2015-08-20 298416]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2015-08-14 398256]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2015-10-21 255408]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-08-10 42416]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2008-07-31 93784]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-15 828912]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2015-08-10 197040]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2015-08-29 97208]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2015-10-19 313776]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-10-08 302000]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-02-19 39768]
R1 nltdi;nltdi; \??\C:\Windows\system32\drivers\nltdi.sys [2007-05-13 89320]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-07-27 90544]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/07/14 19:23:27]; \??\e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\000.fcl [2009-09-01 146928]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-05-22 312480]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-05-22 43168]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-16 14112]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 359936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH6.sys [2012-02-23 92176]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2011-07-20 44032]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\Windows\system32\DRIVERS\Rockey4.sys [2000-11-10 36904]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-18 11264]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2008-02-14 160768]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2015-10-14 31144]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 40960]
S1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys []
S2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS []
S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-11-19 120848]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 11922944]
S3 aus7mrku;aus7mrku; C:\Windows\system32\drivers\aus7mrku.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-30 103576]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 6144]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-03-17 24072]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2014-01-30 33736]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-11-27 192216]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 64216]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 7936]
S3 nmwcdcjx64;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcjx64.sys [2007-02-22 17408]
S3 nmwcdcmx64;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcmx64.sys [2007-02-22 17408]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdcx64.sys [2007-02-22 12288]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcdx64.sys [2007-02-22 173056]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-05-31 82816]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2011-07-25 74752]
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl64.sys [2009-01-14 92672]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-30 204568]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2013-02-22 203544]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-01-30 54784]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 108544]
S3 XUIF;X10 USB Wireless Transceiver; C:\Windows\System32\Drivers\x10ufx2.sys [2006-11-30 33048]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 238080]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2015-11-12 1046952]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2015-10-30 579776]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 FreeAgentGoNext Service;Seagate Service; E:\Program Files (x86)\Sync\FreeAgentService.exe [2009-09-25 189736]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 nlsvc;NetLimiter; e:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-05-13 867840]
R2 PDF Architect 2 Creator;PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [2014-10-10 738856]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-09-17 767712]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-03-23 75064]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 Transoft Solutions License Server V1.7;Transoft Solutions License Server V1.7; C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe [2012-05-01 446464]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2015-11-23 4378024]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\Av\avgfws.exe [2015-10-30 1569416]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2015-10-30 3815648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-31 68096]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-12 269000]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-05-05 85096]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2015-10-30 595376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-07-17 1436424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2000-11-10 1045256]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-28 194032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PDF Architect 2;PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [2014-10-10 1771560]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-09-17 964832]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-09-17 2244832]
S3 pdfforge CrashHandler;pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [2014-10-10 861736]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-18 19968]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-06-03 403240]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 1024680]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

StribogCZ · #12 Příspěvek od **StribogCZ** » 29 lis 2015 16:15

2) FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-11-2015
Ran by pt (administrator) on PT-PC (29-11-2015 16:02:59)
Running from C:\Users\pt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HT0ULUSS
Loaded Profiles: pt (Available Profiles: pt & Admin)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Seagate Technology LLC) E:\Program Files (x86)\Sync\FreeAgentService.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Locktime Software) E:\Program Files\NetLimiter 2 Pro\nlsvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(BitTorrent Inc.) C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
(CyberLink Corp.) E:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\PDVD9Serv.exe
(Locktime Software) E:\Program Files\NetLimiter 2 Pro\NLClient.exe
(PowerISO Computing, Inc.) E:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Nokia) E:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe
(Adobe Systems Inc.) E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Nokia.) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
() C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Autodesk, Inc.) E:\Program Files\Autodesk\AutoCAD 2011\acad.exe
(Acresso Software Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Autodesk, Inc.) C:\Program Files\Common Files\Autodesk Shared\WSCommCntr\lib\WSCommCntr2.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-19] (Microsoft Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2009-11-19] (cyberlink)
HKLM-x32\...\Run: [RemoteControl9] => e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\Language\Language.exe [50472 2009-04-27] (CyberLink Corp.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => e:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2009-07-27] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [PCSuiteTrayApplication] => E:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe [227328 2007-03-23] (Nokia)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [CarboniteSetupLite] => C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe [318096 2009-08-04] (Carbonite, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448 2011-11-02] (Research In Motion Limited)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UnlockerAssistant] => C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3826600 2015-10-30] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start hxxp://www.avg.com/ww.special-uninstallation-f ... ADMAMgA3AD (the data entry has 229 more characters).
HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\Run: [uTorrent] => C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe [802136 2015-11-21] (BitTorrent Inc.)
HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [380928 2008-12-01] (AMD)
HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\MountPoints2: G - G:\Setup.exe
HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\MountPoints2: H - H:\Setup.exe
HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\MountPoints2: M - M:\Setup.exe
HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\MountPoints2: O - O:\Setup.exe
HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\MountPoints2: P - P:\Setup.exe
HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\MountPoints2: {0fed10b3-f656-11df-9994-001fd08fc81f} - I:\Setup.exe
HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\MountPoints2: {30bd5172-d880-11df-a7e5-806e6f6e6963} - I:\Setup.exe
HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\MountPoints2: {5daa12f2-1b9c-11de-a89f-806e6f6e6963} - D:\cont32.exe data\uvod_1.ctx
HKU\S-1-5-18\...\Run: [Nokia.PCSync] => E:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe [1744896 2007-03-27] (Time Information Services Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2010-02-10] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2010-02-10] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2009-03-31]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176 2008-01-18] (Společnost Microsoft)
Winsock: Catalog5-x64 02 C:\Windows\system32\napinsp.dll [62976 2008-01-19] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AC54CC71-46AF-4CF1-8B70-19A66F024290}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3635251681-664119229-3205739600-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
URLSearchHook: HKLM-x32 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> {13FDBF85-DB4A-4FD3-937E-B058C7E4D89F} URL = hxxp://www.webhledani.cz/results.aspx?i=42&tp= ... earchTerms}
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3635251681-664119229-3205739600-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-09-17] (pdfforge GmbH)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25] (Sun Microsystems, Inc.)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-09-17] (pdfforge GmbH)
Toolbar: HKU\.DEFAULT -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-3635251681-664119229-3205739600-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-3635251681-664119229-3205739600-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
DPF: HKLM-x32 {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

FireFox:
========
FF ProfilePath: C:\Users\pt\AppData\Roaming\Mozilla\Firefox\Profiles\atmxxqas.default
FF SearchEngineOrder.1: Ask
FF SelectedSearchEngine: ICQ Search
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll [2010-09-16] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @rim.com/npappworld -> C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll [2012-03-13] ()
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-07-03] ()
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\pt\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-09-17] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3635251681-664119229-3205739600-1000: @tools.google.com/Google Update;version=3 -> C:\Users\pt\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-3635251681-664119229-3205739600-1000: @tools.google.com/Google Update;version=9 -> C:\Users\pt\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-3635251681-664119229-3205739600-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3635251681-664119229-3205739600-1000: google.com/WidevineMediaOptimizer -> C:\Users\pt\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\pt\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Extension: Microsoft .NET Framework Assistant - C:\Users\pt\AppData\Roaming\Mozilla\Firefox\Profiles\atmxxqas.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-08-22] [not signed]
FF Extension: ICQ Toolbar - C:\Users\pt\AppData\Roaming\Mozilla\Firefox\Profiles\atmxxqas.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(64) [2011-02-21] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-26] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-05-06] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-02-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-11-01] [not signed]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=210&systemid=488&v=a13277-344&apn_uid=1021015032014396&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-13]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2009-03-31] () [File not signed]
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2009-05-05] (Autodesk)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [595376 2015-10-30] (AVG Technologies CZ, s.r.o.)
S2 avgfws; C:\Program Files (x86)\AVG\Av\avgfws.exe [1569416 2015-10-30] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3815648 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-11-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 FreeAgentGoNext Service; E:\Program Files (x86)\Sync\FreeAgentService.exe [189736 2009-09-25] (Seagate Technology LLC)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 nlsvc; e:\Program Files\NetLimiter 2 Pro\nlsvc.exe [867840 2007-05-13] (Locktime Software) [File not signed]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244832 2015-09-17] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [964832 2015-09-17] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [767712 2015-09-17] (pdfforge GmbH)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2010-03-23] ()
R3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [292864 2007-03-26] (Nokia.) [File not signed]
R2 Transoft Solutions License Server V1.7; C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe [446464 2012-05-01] () [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4378024 2015-11-23] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [48552 2015-11-23] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [42408 2015-11-23] (AVG Technologies CZ, s.r.o.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-19] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2009-05-22] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [197040 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [97208 2015-08-29] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-10-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [255408 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-19] (AVG Technologies)
U4 Dfswsegsse; no ImagePath
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [275432 2009-04-11] (Společnost Microsoft)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2009-05-22] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-27] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R1 nltdi; C:\Windows\system32\drivers\nltdi.sys [89320 2007-05-13] (Locktime Software)
S3 nmwcdcjx64; C:\Windows\System32\drivers\nmwcdcjx64.sys [17408 2007-02-22] (Nokia)
S3 nmwcdcmx64; C:\Windows\System32\drivers\nmwcdcmx64.sys [17408 2007-02-22] (Nokia)
S3 nmwcdcx64; C:\Windows\System32\drivers\nmwcdcx64.sys [12288 2007-02-22] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\nmwcdx64.sys [173056 2007-02-22] (Nokia)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1513320 2013-03-03] (Společnost Microsoft)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
R3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [36904 2000-11-10] (Feitian Technologies Co., Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2010-10-15] () [File not signed]
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203544 2013-02-22] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-10-14] (TuneUp Software)
U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S1 VD_FileDisk; C:\Windows\SysWow64\Drivers\VD_FileDisk.sys [15872 2006-01-13] (Flint Incorporation)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [33048 2006-11-30] (X10 Wireless Technology, Inc.)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\000.fcl [146928 2009-09-01] (CyberLink Corp.)
U3 aus7mrku; C:\Windows\System32\Drivers\aus7mrku.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S2 Angelnt; \SystemRoot\System32\Drivers\ANGELNT.SYS [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S2 Sentinel; \SystemRoot\System32\Drivers\SENTINEL.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-29 15:58 - 2015-11-29 16:02 - 00000000 ____D C:\FRST
2015-11-29 15:22 - 2015-11-29 15:22 - 00058154 _____ C:\Users\pt\Desktop\rsit log2015-11-29.txt
2015-11-28 16:36 - 2015-11-28 16:36 - 00000000 ___RD C:\Users\pt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
2015-11-28 14:57 - 2015-11-28 14:57 - 00001167 _____ C:\Users\pt\Desktop\malware2.txt
2015-11-27 22:16 - 2015-11-27 22:16 - 00002760 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2015-11-26 19:40 - 2015-11-26 19:40 - 00013640 _____ C:\Users\pt\Desktop\malware.txt
2015-11-25 21:29 - 2015-11-25 21:29 - 22908888 _____ (Malwarebytes ) C:\Users\pt\Desktop\mbam-setup-2.2.0.1024.exe
2015-11-24 19:15 - 2015-11-24 19:15 - 00000000 ____D C:\Users\Default\AppData\Roaming\AVG
2015-11-24 19:15 - 2015-11-24 19:15 - 00000000 ____D C:\Users\Default\AppData\Local\AVG
2015-11-24 19:15 - 2015-11-24 19:15 - 00000000 ____D C:\Users\Default User\AppData\Roaming\AVG
2015-11-24 19:15 - 2015-11-24 19:15 - 00000000 ____D C:\Users\Default User\AppData\Local\AVG
2015-11-24 19:15 - 2015-11-23 16:37 - 00048552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\uxtuneup.dll
2015-11-24 19:15 - 2015-11-23 16:37 - 00042408 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\uxtuneup.dll
2015-11-23 01:02 - 2015-09-26 17:05 - 00281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-23 01:02 - 2015-09-26 17:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-23 01:02 - 2015-09-26 17:04 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-23 01:02 - 2015-09-26 16:58 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-23 01:02 - 2015-09-26 16:58 - 00257536 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-23 01:02 - 2015-09-26 14:21 - 00275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2015-11-23 01:02 - 2015-09-22 14:10 - 00517976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-23 01:02 - 2015-09-22 14:10 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2015-11-23 00:47 - 2015-10-17 15:35 - 02798592 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-23 00:47 - 2014-12-08 02:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-11-23 00:47 - 2014-12-08 02:37 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-11-23 00:43 - 2015-05-09 00:09 - 00861696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-23 00:43 - 2015-05-09 00:01 - 01212416 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-23 00:41 - 2015-06-27 17:03 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-23 00:41 - 2015-06-27 17:02 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-23 00:41 - 2015-06-27 17:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-11-23 00:41 - 2015-06-27 16:40 - 01304576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-23 00:41 - 2015-06-27 16:40 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-23 00:41 - 2015-06-27 16:39 - 01065472 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-11-23 00:41 - 2015-06-27 15:30 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-23 00:41 - 2015-06-27 15:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-23 00:41 - 2015-01-09 01:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-23 00:13 - 2015-07-10 15:31 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-11-23 00:13 - 2015-07-10 15:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-11-23 00:12 - 2015-07-31 21:03 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-11-23 00:12 - 2015-07-31 20:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-11-23 00:11 - 2015-08-13 15:36 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-11-23 00:11 - 2015-08-13 15:36 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-11-23 00:10 - 2015-07-03 17:04 - 01316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-11-23 00:10 - 2015-07-03 16:41 - 01916416 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-11-23 00:10 - 2015-01-29 02:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-11-23 00:10 - 2015-01-29 02:33 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-11-23 00:09 - 2015-01-21 03:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-11-23 00:09 - 2015-01-21 02:42 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-11-23 00:08 - 2015-07-10 20:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-11-23 00:08 - 2015-07-10 20:35 - 02425344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-11-22 23:55 - 2015-10-17 17:01 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-22 23:55 - 2015-10-17 16:41 - 00659456 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-22 23:42 - 2015-10-10 16:48 - 00736192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-22 23:42 - 2015-05-31 09:11 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-11-22 23:42 - 2015-05-31 08:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-11-22 23:41 - 2015-06-17 17:50 - 02264576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-11-22 23:41 - 2015-06-17 17:23 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-11-22 23:41 - 2015-06-17 16:18 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-11-22 23:41 - 2015-06-17 16:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-11-22 23:40 - 2015-05-04 23:51 - 10627584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-11-22 23:40 - 2015-05-04 23:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-11-22 23:40 - 2015-05-04 23:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-11-22 23:40 - 2015-05-04 23:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-11-22 23:40 - 2015-05-04 23:33 - 13427712 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-11-22 23:40 - 2015-05-04 23:33 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-11-22 23:40 - 2015-05-04 23:33 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-11-22 23:40 - 2015-05-04 23:32 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-11-22 23:40 - 2015-05-04 22:39 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-11-22 23:40 - 2015-05-04 22:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-11-22 23:39 - 2015-07-09 15:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-11-22 23:39 - 2015-07-09 15:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-11-22 23:39 - 2015-07-09 15:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-11-22 23:38 - 2015-06-12 17:03 - 00304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-22 23:38 - 2015-06-12 16:46 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-22 23:37 - 2015-07-18 16:41 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-11-22 23:35 - 2015-07-29 01:46 - 11588096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-11-22 23:35 - 2015-07-29 01:31 - 12901888 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-11-22 23:34 - 2015-07-21 16:50 - 00154048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-11-22 23:34 - 2015-07-21 16:50 - 00068544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-11-22 23:34 - 2015-07-21 16:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-11-22 23:34 - 2015-07-21 16:40 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-11-22 23:34 - 2015-07-10 20:37 - 01402368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-11-22 23:34 - 2015-07-10 20:37 - 01253376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-11-22 23:34 - 2015-07-10 20:35 - 01875968 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-11-22 23:34 - 2015-07-10 20:35 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-11-22 23:34 - 2015-04-24 16:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-11-22 23:34 - 2015-04-24 16:41 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-11-22 23:34 - 2015-03-05 03:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-11-22 23:34 - 2015-03-05 03:14 - 00360384 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-11-22 23:34 - 2015-03-05 02:58 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-11-22 23:34 - 2015-01-29 02:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-11-22 23:34 - 2015-01-29 02:33 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-11-22 23:33 - 2015-10-13 15:45 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-22 23:33 - 2015-10-13 15:44 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-22 23:33 - 2015-08-05 16:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-11-22 23:33 - 2015-04-11 00:33 - 00384512 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-11-22 23:33 - 2015-04-11 00:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\services.exe
2015-11-22 23:23 - 2015-10-14 21:25 - 01586304 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-22 23:23 - 2015-10-14 21:25 - 01168600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-22 23:23 - 2015-10-14 16:47 - 04691392 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-22 23:23 - 2015-07-21 16:40 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-22 23:23 - 2015-03-13 02:44 - 00014336 _____ (Společnost Microsoft) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-22 23:23 - 2015-03-13 02:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-22 23:23 - 2015-03-13 02:30 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-22 23:23 - 2015-03-13 02:30 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-22 23:23 - 2015-03-13 02:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-22 23:23 - 2015-03-13 02:30 - 00016384 _____ (Společnost Microsoft) C:\Windows\system32\ntvdm64.dll
2015-11-22 23:23 - 2015-03-13 01:08 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-22 23:23 - 2015-03-13 01:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-22 23:23 - 2015-03-13 01:08 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-22 23:23 - 2015-01-09 01:29 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-22 23:12 - 2015-09-02 22:26 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-11-22 23:12 - 2015-09-02 22:25 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-11-22 23:12 - 2015-09-02 21:16 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-11-22 23:12 - 2015-09-02 20:54 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-11-22 23:12 - 2015-07-31 22:46 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-11-22 23:12 - 2015-07-31 22:46 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-11-22 23:12 - 2015-07-31 22:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-11-22 23:12 - 2015-07-31 22:46 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-11-22 23:12 - 2015-07-31 22:44 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-11-22 23:12 - 2015-07-31 22:44 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-11-22 23:12 - 2015-07-31 22:44 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-11-22 23:12 - 2015-07-31 22:44 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-11-22 23:12 - 2015-07-31 22:10 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-11-22 23:12 - 2015-07-31 22:09 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-11-22 23:12 - 2015-07-31 22:00 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-11-22 23:12 - 2015-07-31 21:59 - 01561088 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-11-22 23:12 - 2015-07-31 21:59 - 01154560 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-11-22 23:12 - 2015-07-31 21:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-11-22 23:12 - 2015-07-31 21:40 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-11-22 23:12 - 2015-07-31 21:35 - 00682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-11-22 23:12 - 2015-07-31 21:33 - 01072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-11-22 23:11 - 2015-07-01 16:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-11-22 23:11 - 2015-07-01 16:43 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-11-22 23:09 - 2015-10-31 20:48 - 17079296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-22 23:09 - 2015-10-31 20:45 - 10886144 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-22 23:09 - 2015-10-31 20:45 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-22 23:09 - 2015-10-31 20:44 - 02264576 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-22 23:09 - 2015-10-31 20:44 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-22 23:09 - 2015-10-31 20:44 - 01299968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-22 23:09 - 2015-10-31 20:44 - 01295872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-22 23:09 - 2015-10-31 20:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-22 23:09 - 2015-10-31 20:43 - 02129408 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-22 23:09 - 2015-10-31 20:43 - 00887296 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-22 23:09 - 2015-10-31 20:43 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-22 23:09 - 2015-10-31 20:43 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-22 23:09 - 2015-10-31 20:43 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-22 23:09 - 2015-10-31 20:43 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-22 23:09 - 2015-10-31 20:43 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-11-22 23:09 - 2015-10-31 20:43 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-22 23:09 - 2015-10-31 20:43 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-22 23:09 - 2015-10-31 20:43 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-22 23:09 - 2015-10-31 20:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-22 23:09 - 2015-10-31 20:43 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-11-22 23:09 - 2015-10-31 20:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-11-22 23:09 - 2015-10-31 20:43 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-11-22 23:09 - 2015-10-31 19:40 - 12376576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-22 23:09 - 2015-10-31 19:38 - 09727488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-22 23:09 - 2015-10-31 19:38 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-22 23:09 - 2015-10-31 19:37 - 01830912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-22 23:09 - 2015-10-31 19:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-22 23:09 - 2015-10-31 19:36 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-22 23:09 - 2015-10-31 19:36 - 01436160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-22 23:09 - 2015-10-31 19:36 - 01093632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-22 23:09 - 2015-10-31 19:36 - 01088512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-22 23:09 - 2015-10-31 19:36 - 00711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-22 23:09 - 2015-10-31 19:36 - 00615424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-22 23:09 - 2015-10-31 19:36 - 00412672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-22 23:09 - 2015-10-31 19:36 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-22 23:09 - 2015-10-31 19:36 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-11-22 23:09 - 2015-10-31 19:36 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-22 23:09 - 2015-10-31 19:36 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-22 23:09 - 2015-10-31 19:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-22 23:09 - 2015-10-31 19:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-22 23:09 - 2015-10-31 19:36 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-22 23:09 - 2015-10-31 19:36 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-11-22 23:09 - 2015-10-31 19:36 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-11-22 23:09 - 2015-10-31 19:36 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-11-22 16:43 - 2015-11-22 16:45 - 00000000 ____D C:\AdwCleaner
2015-11-22 16:41 - 2015-11-22 16:42 - 01732096 _____ C:\Users\pt\Desktop\adwcleaner_5.021.exe
2015-11-22 16:41 - 2015-11-22 16:41 - 00012802 _____ C:\Users\pt\Desktop\crystal disk.txt
2015-11-22 16:39 - 2015-11-22 16:40 - 00000000 ____D C:\Users\pt\Desktop\CrystalDiskInfo5_0_0
2015-11-22 16:39 - 2015-11-22 16:39 - 01496172 _____ C:\Users\pt\Desktop\CrystalDiskInfo5_0_0.zip
2015-11-21 22:14 - 2015-11-21 22:14 - 01107968 _____ C:\Users\pt\Desktop\RSIT.exe
2015-11-21 22:13 - 2015-11-21 22:13 - 00000000 _____ C:\Users\pt\Desktop\FRSTLauncher.exe
2015-11-21 22:12 - 2015-11-21 22:12 - 02345984 _____ (Farbar) C:\Users\pt\Desktop\FRST64.exe
2015-11-21 16:26 - 2015-11-21 16:26 - 00000000 ___RD C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9
2015-11-12 00:36 - 2015-11-21 17:40 - 00000000 ____D C:\Users\pt\AppData\LocalLow\uTorrent
2015-11-12 00:32 - 2015-11-23 01:45 - 1041755752 _____ C:\Windows\MEMORY.DMP
2015-11-12 00:32 - 2015-11-12 00:32 - 00274024 _____ C:\Windows\Minidump\Mini111215-01.dmp
2015-11-12 00:22 - 2015-11-12 00:22 - 04699336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-11-01 22:13 - 2015-11-01 22:13 - 00000000 ____D C:\Users\pt\Documents\PDF Architect

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-29 16:02 - 2009-03-28 20:47 - 00000000 ____D C:\Users\pt\AppData\Roaming\uTorrent
2015-11-29 16:00 - 2006-11-02 14:33 - 00000000 ____D C:\Windows
2015-11-29 15:54 - 2015-02-26 14:26 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000UA.job
2015-11-29 15:22 - 2013-06-06 22:09 - 00000000 ____D C:\Program Files\trend micro
2015-11-29 15:21 - 2013-01-22 10:42 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-29 15:21 - 2010-02-02 17:49 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-29 14:54 - 2015-02-26 14:26 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000Core.job
2015-11-29 14:29 - 2006-11-02 16:22 - 00004048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-29 14:29 - 2006-11-02 16:22 - 00004048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-29 10:22 - 2010-02-02 17:49 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-28 16:37 - 2007-01-08 23:10 - 00620410 _____ C:\Windows\system32\perfh005.dat
2015-11-28 16:37 - 2007-01-08 23:10 - 00122538 _____ C:\Windows\system32\perfc005.dat
2015-11-28 16:37 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\inf
2015-11-28 16:37 - 2006-11-02 13:46 - 01445358 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-28 16:30 - 2012-12-15 18:07 - 00000286 _____ C:\servicetest.txt
2015-11-28 16:29 - 2006-11-02 16:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-27 21:34 - 2014-12-24 22:16 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-27 21:23 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\registration
2015-11-27 21:22 - 2006-11-02 16:42 - 00032518 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-25 21:30 - 2014-12-24 21:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-25 21:30 - 2013-06-06 23:02 - 00000941 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-25 07:30 - 2011-02-04 19:28 - 00000000 ____D C:\ProgramData\MFAData
2015-11-24 19:15 - 2015-10-26 21:11 - 00001972 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2015-11-24 19:15 - 2015-10-26 21:11 - 00001960 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2015-11-23 16:41 - 2015-10-26 21:12 - 00046504 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2015-11-23 16:37 - 2015-10-26 21:11 - 00037288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2015-11-23 16:37 - 2015-10-26 21:11 - 00032680 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll
2015-11-23 02:07 - 2006-11-02 14:33 - 00000000 ____D C:\Windows\rescache
2015-11-23 01:49 - 2006-11-02 16:21 - 00523272 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-23 01:46 - 2006-11-02 16:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-11-23 01:46 - 2006-11-02 16:07 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-23 01:12 - 2015-02-04 17:44 - 00000000 ____D C:\Windows\system32\MRT
2015-11-23 01:01 - 2009-03-31 23:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-22 16:50 - 2009-03-29 00:58 - 00000000 ____D C:\ProgramData\ICQ
2015-11-22 13:55 - 2010-04-28 15:34 - 00000000 _____ C:\Users\Admin\AppData\LocalLow\prvlcl.dat
2015-11-22 13:55 - 2010-04-22 21:16 - 00000000 _____ C:\Users\pt\AppData\LocalLow\prvlcl.dat
2015-11-21 23:31 - 2015-10-26 07:41 - 00000000 ____D C:\ProgramData\Avg
2015-11-21 20:23 - 2010-01-18 16:16 - 11972608 _____ C:\Users\pt\s-1-5-21-3635251681-664119229-3205739600-1000.rrr
2015-11-21 20:23 - 2010-01-18 16:16 - 02363392 _____ C:\Users\Admin\s-1-5-21-3635251681-664119229-3205739600-1001.rrr
2015-11-21 20:23 - 2009-03-30 15:50 - 00000000 ____D C:\Users\Admin
2015-11-21 20:23 - 2009-03-28 14:38 - 00000000 ____D C:\Users\pt
2015-11-21 20:22 - 2009-03-29 01:17 - 00097280 _____ C:\Users\pt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-21 20:17 - 2009-04-28 15:30 - 00000000 ____D C:\Users\pt\AppData\Roaming\vlc
2015-11-21 20:12 - 2012-05-11 07:55 - 00000790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-11-21 20:12 - 2012-05-11 07:55 - 00000766 _____ C:\Users\Public\Desktop\µTorrent.lnk
2015-11-21 20:10 - 2009-05-19 21:33 - 00000000 ____D C:\ProgramData\Temp
2015-11-21 15:31 - 2011-09-27 20:17 - 00003718 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{58141BE2-7445-4C3C-A805-442CE3CFED8D}
2015-11-12 06:24 - 2010-03-12 01:33 - 00002025 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-12 00:32 - 2009-10-29 02:20 - 00000000 ____D C:\Windows\Minidump
2015-11-12 00:23 - 2013-01-22 10:42 - 00003766 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-12 00:22 - 2012-09-14 19:17 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-12 00:22 - 2012-09-14 19:17 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-09 15:39 - 2011-09-27 19:36 - 00003706 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5233E41E-9214-44DA-81E5-3E435E9265F5}
2015-11-06 17:59 - 2015-10-26 07:47 - 00000843 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2015-11-06 17:59 - 2014-12-03 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-11-06 17:59 - 2014-12-03 19:12 - 00000000 ___HD C:\$AVG
2015-11-05 17:02 - 2015-06-03 08:04 - 00000000 ____D C:\Users\pt\AppData\Local\Avg
2015-11-05 17:02 - 2015-06-03 08:04 - 00000000 ____D C:\Users\Admin\AppData\Local\Avg
2015-11-05 14:22 - 2015-06-01 17:20 - 00000000 ____D C:\Users\pt\Desktop\rapiiid
2015-11-01 22:18 - 2015-05-30 18:36 - 00000000 ____D C:\Program Files (x86)\PDF Architect 3

==================== Files in the root of some directories =======

2009-04-03 23:22 - 2009-06-25 15:37 - 0000062 _____ () C:\Users\pt\AppData\Roaming\AVSDVDPlayer.m3u
2009-04-24 18:56 - 1999-10-23 21:01 - 0000160 _____ () C:\Users\pt\AppData\Roaming\default.rss
2009-04-24 18:56 - 2009-04-24 18:56 - 0000000 _____ () C:\Users\pt\AppData\Roaming\downloads.m3u
2009-05-31 19:40 - 2012-02-24 21:42 - 0099384 _____ () C:\Users\pt\AppData\Roaming\inst.exe
2009-05-31 19:40 - 2012-02-24 21:42 - 0007859 _____ () C:\Users\pt\AppData\Roaming\pcouffin.cat
2009-05-31 19:40 - 2012-02-24 21:42 - 0001167 _____ () C:\Users\pt\AppData\Roaming\pcouffin.inf
2009-05-31 19:40 - 2012-02-24 21:42 - 0000033 _____ () C:\Users\pt\AppData\Roaming\pcouffin.log
2009-05-31 19:40 - 2012-02-24 21:42 - 0082816 _____ (VSO Software) C:\Users\pt\AppData\Roaming\pcouffin.sys
2012-07-05 22:45 - 2012-12-06 23:52 - 0003465 _____ () C:\Users\pt\AppData\Roaming\Rim.Desktop.Exception.log
2012-07-05 22:37 - 2012-12-07 23:58 - 0003361 _____ () C:\Users\pt\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2012-07-05 22:45 - 2012-12-06 23:52 - 0003542 _____ () C:\Users\pt\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-07-05 22:46 - 2012-09-27 09:52 - 0003465 _____ () C:\Users\pt\AppData\Roaming\Rim.Transcoder.Exception.log
2011-02-15 20:23 - 2011-05-21 19:21 - 0000040 _____ () C:\Users\pt\AppData\Roaming\ScaryTetris.cfg
2010-04-20 15:06 - 2010-04-20 20:49 - 0000990 ___SH () C:\Users\pt\AppData\Roaming\systemfl.$dk
2009-10-09 00:48 - 2010-03-14 22:57 - 0000668 _____ () C:\Users\pt\AppData\Roaming\vso_ts_preview.xml
2000-11-25 20:49 - 2013-05-27 17:05 - 0000680 _____ () C:\Users\pt\AppData\Local\d3d9caps.dat
2009-03-28 14:38 - 2015-06-20 14:43 - 0001460 _____ () C:\Users\pt\AppData\Local\d3d9caps64.dat
2009-03-29 01:17 - 2015-11-21 20:22 - 0097280 _____ () C:\Users\pt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-04-23 17:19 - 2011-02-26 16:41 - 1451329 _____ () C:\Users\pt\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
2009-04-23 17:19 - 2009-04-23 17:19 - 0000002 _____ () C:\Users\pt\AppData\Local\dd_dotnetfx35error.txt
2009-04-23 17:27 - 2009-04-23 17:27 - 0000002 _____ () C:\Users\pt\AppData\Local\dd_dotnetfx35error_lp.txt
2009-04-23 17:19 - 2010-01-12 22:49 - 1366744 _____ () C:\Users\pt\AppData\Local\dd_dotnetfx35install.txt
2009-04-23 17:27 - 2011-02-26 16:41 - 0153460 _____ () C:\Users\pt\AppData\Local\dd_dotnetfx35install_lp.txt
2009-04-23 17:27 - 2009-04-23 17:27 - 0591290 _____ () C:\Users\pt\AppData\Local\dd_NET_Framework35_LangPack_MSI4F43.txt
2011-02-26 16:41 - 2011-02-26 16:41 - 1511210 _____ () C:\Users\pt\AppData\Local\dd_NET_Framework35_LangPack_MSI61C0.txt
2010-12-06 13:37 - 2010-12-06 13:37 - 0010928 _____ () C:\Users\pt\AppData\Local\dd_vbpowerpacksUI4DC3.txt
2010-03-09 00:18 - 2010-03-09 00:18 - 0012888 _____ () C:\Users\pt\AppData\Local\dd_vbpowerpacksUI6678.txt
2012-12-07 23:56 - 2012-12-07 23:56 - 0359740 _____ () C:\Users\pt\AppData\Local\dd_vcredistMSI1121.txt
2012-08-07 22:34 - 2012-08-07 22:34 - 0358298 _____ () C:\Users\pt\AppData\Local\dd_vcredistMSI1635.txt
2010-09-29 22:26 - 2010-09-29 22:26 - 0370612 _____ () C:\Users\pt\AppData\Local\dd_vcredistMSI21AD.txt
2000-11-10 21:25 - 2000-11-10 21:25 - 0345692 _____ () C:\Users\pt\AppData\Local\dd_vcredistMSI26DA.txt
2012-04-10 19:59 - 2012-04-10 19:59 - 0368478 _____ () C:\Users\pt\AppData\Local\dd_vcredistMSI4DB9.txt
2012-09-28 10:51 - 2012-09-28 10:51 - 0366944 _____ () C:\Users\pt\AppData\Local\dd_vcredistMSI5AE7.txt
2012-08-27 18:08 - 2012-08-27 18:09 - 0368478 _____ () C:\Users\pt\AppData\Local\dd_vcredistMSI657C.txt
2012-12-07 23:56 - 2012-12-07 23:56 - 0014470 _____ () C:\Users\pt\AppData\Local\dd_vcredistUI1121.txt
2012-08-07 22:34 - 2012-08-07 22:34 - 0011114 _____ () C:\Users\pt\AppData\Local\dd_vcredistUI1635.txt
2010-09-29 22:26 - 2010-09-29 22:26 - 0014816 _____ () C:\Users\pt\AppData\Local\dd_vcredistUI21AD.txt
2000-11-10 21:25 - 2000-11-10 21:25 - 0011226 _____ () C:\Users\pt\AppData\Local\dd_vcredistUI26DA.txt
2012-04-10 19:59 - 2012-04-10 19:59 - 0011568 _____ () C:\Users\pt\AppData\Local\dd_vcredistUI4DB9.txt
2012-09-28 10:51 - 2012-09-28 10:51 - 0011536 _____ () C:\Users\pt\AppData\Local\dd_vcredistUI5AE7.txt
2010-03-09 00:16 - 2010-03-09 00:16 - 0013202 _____ () C:\Users\pt\AppData\Local\dd_vcredistUI646D.txt
2012-08-27 18:08 - 2012-08-27 18:09 - 0011568 _____ () C:\Users\pt\AppData\Local\dd_vcredistUI657C.txt
2010-03-09 00:17 - 2010-03-09 00:18 - 0013234 _____ () C:\Users\pt\AppData\Local\dd_vcredistUI65B4.txt
1999-12-17 22:49 - 1999-12-17 22:49 - 0011824 _____ () C:\Users\pt\AppData\Local\dd_vcredistUI7D9F.txt
2010-06-07 16:45 - 2010-06-07 16:45 - 0004096 ____H () C:\Users\pt\AppData\Local\keyfile3.drm
2009-04-23 17:19 - 2011-02-26 16:41 - 0025148 _____ () C:\Users\pt\AppData\Local\uxeventlog.txt
2009-07-04 20:45 - 2015-10-08 15:27 - 0000040 ___SH () C:\ProgramData\.zreglib
2013-12-09 21:31 - 2013-12-09 21:31 - 0000000 _____ () C:\ProgramData\8fbrw0.odd
2013-12-09 21:32 - 2013-12-09 21:32 - 0000273 _____ () C:\ProgramData\8fbrw0.reg
2014-12-01 11:51 - 2014-12-01 11:51 - 0350208 ____T () C:\ProgramData\D3B658CE6.zot
2009-04-23 17:13 - 2009-06-25 16:08 - 0000088 __RSH () C:\ProgramData\F325730AD4.sys
2009-04-23 17:13 - 2009-06-25 16:08 - 0002672 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-08-07 07:06 - 2014-08-07 07:07 - 0000269 _____ () C:\ProgramData\RUNDLL32.EXE-10176-F.txt
2015-02-05 10:22 - 2015-02-05 19:23 - 0081642 _____ () C:\ProgramData\RUNDLL32.EXE-12156-F.txt
2014-06-19 11:48 - 2014-06-19 11:49 - 0000168 _____ () C:\ProgramData\RUNDLL32.EXE-3932-F.txt
2014-06-18 15:58 - 2014-06-18 15:59 - 0000390 _____ () C:\ProgramData\RUNDLL32.EXE-4116-F.txt
2015-02-04 11:01 - 2015-02-05 09:45 - 0207708 _____ () C:\ProgramData\RUNDLL32.EXE-4896-F.txt
2015-02-04 02:26 - 2015-02-04 10:56 - 0076438 _____ () C:\ProgramData\RUNDLL32.EXE-5260-F.txt
2015-02-05 19:42 - 2015-02-06 22:18 - 0243612 _____ () C:\ProgramData\RUNDLL32.EXE-5388-F.txt
2014-06-17 17:55 - 2014-06-17 17:55 - 0000112 _____ () C:\ProgramData\RUNDLL32.EXE-63032-F.txt
2014-12-24 03:26 - 2014-12-24 03:28 - 0000387 _____ () C:\ProgramData\RUNDLL32.EXE-66428-F.txt
2014-08-07 07:08 - 2014-08-07 07:09 - 0000271 _____ () C:\ProgramData\RUNDLL32.EXE-6744-F.txt
2015-02-03 11:56 - 2015-02-03 12:04 - 0001193 _____ () C:\ProgramData\RUNDLL32.EXE-7656-F.txt
2014-06-18 15:40 - 2014-06-18 15:41 - 0000221 _____ () C:\ProgramData\RUNDLL32.EXE-79736-F.txt
2014-12-01 11:51 - 2014-12-01 11:53 - 0000281 _____ () C:\ProgramData\RUNDLL32.EXE-9008-F.txt
2014-08-07 07:05 - 2014-08-07 07:05 - 0000164 _____ () C:\ProgramData\RUNDLL32.EXE-9552-F.txt
2014-12-24 10:20 - 2014-12-24 10:37 - 0003119 _____ () C:\ProgramData\RUNDLL32.EXE-97492-F.txt
2014-08-07 07:06 - 2014-08-07 07:06 - 0000158 _____ () C:\ProgramData\RUNDLL32.EXE-9772-F.txt
2014-06-19 11:27 - 2014-06-19 11:27 - 0000104 _____ () C:\ProgramData\RUNDLL32.EXE-9920-F.txt

Files to move or delete:
====================
C:\ProgramData\8fbrw0.odd
C:\ProgramData\8fbrw0.reg

Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\contentDATs.exe
C:\Users\Admin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaujtrj.dll
C:\Users\Admin\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Admin\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Admin\AppData\Local\Temp\_is2A13.exe
C:\Users\Admin\AppData\Local\Temp\_is570.exe
C:\Users\Admin\AppData\Local\Temp\_is9A96.exe
C:\Users\Admin\AppData\Local\Temp\_isDC0E.exe
C:\Users\pt\AppData\Local\Temp\avg-7fcefa20-6b9a-4602-8135-4753e1feef1c.exe
C:\Users\pt\AppData\Local\Temp\sqlite3.dll
C:\Users\pt\AppData\Local\Temp\_is331F.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-11-29 04:43

==================== End of FRST.txt ============================

StribogCZ · #13 Příspěvek od **StribogCZ** » 29 lis 2015 16:16

3) Addition z FRST

Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-11-2015
Ran by pt (2015-11-29 16:03:31)
Running from C:\Users\pt\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HT0ULUSS
Windows Vista (TM) Home Premium Service Pack 2 (X64) (2009-03-28 13:34:26)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Admin (S-1-5-21-3635251681-664119229-3205739600-1001 - Limited - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3635251681-664119229-3205739600-500 - Administrator - Disabled)
Guest (S-1-5-21-3635251681-664119229-3205739600-501 - Limited - Disabled)
pt (S-1-5-21-3635251681-664119229-3205739600-1000 - Administrator - Enabled) => C:\Users\pt

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Nero SoundTrax Help (x32 Version: 4.0.15.0 - Nero AG) Hidden
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29625 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
µTorrent CZ 1.8.2 (build 14153) (HKLM-x32\...\µTorrent CZ_is1) (Version: - emc)
ACDSee Photo Manager 2009 (HKLM-x32\...\{300578F9-9EFF-4B93-9AB1-C0E5707EF463}) (Version: 11.0.85 - ACD Systems International)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activision(R) (x32 Version: 1.0 - Activision) Hidden
Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak (HKLM-x32\...\{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1029-4770-7760-000000000004}_955) (Version: - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader 9.3.4 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A93000000001}) (Version: 9.3.4 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}) (Version: 1.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{328CC232-CFDC-468B-A214-2E21300E4CB5}) (Version: 3.1.0.62 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ArchiCAD 12 CZE (HKLM-x32\...\001FFFFFFF12FF00FF1101F03F02F000-R1) (Version: - )
ATI AVIVO64 Codecs (Version: 10.0.0.31121 - ATI Technologies Inc.) Hidden
AutoCAD 2009 - český (HKLM\...\AutoCAD 2009 - český) (Version: 17.2.56.0 - Autodesk)
AutoCAD 2009 - český (Version: 17.2.56.0 - Autodesk) Hidden
AutoCAD 2011 - česky (HKLM\...\AutoCAD 2011 - česky) (Version: 18.1.49.0 - Autodesk)
AutoCAD 2011 - česky (Version: 18.1.49.0 - Autodesk) Hidden
AutoCAD 2011 Language Pack - česky (Version: 18.1.49.0 - Autodesk) Hidden
Autodesk CAD Manager Tools (HKLM\...\{5783F2D7-0111-0409-0110-0060B0CE6BBA}) (Version: 16.0.0.65 - Autodesk)
Autodesk Design Review 2009 (HKLM-x32\...\Autodesk Design Review 2009) (Version: 9.0.96 - Autodesk, Inc.)
Autodesk Design Review 2009 (x32 Version: 9.0.96 - Autodesk, Inc.) Hidden
Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 5.1 - Autodesk, Inc.)
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
Autodesk Student Community Download Tool (HKLM-x32\...\Autodesk Student Community Download Tool_is1) (Version: - )
Autodesk Vault 2010 (Client) (HKLM-x32\...\Autodesk Vault 2010 (Client)) (Version: 14.0.63.0 - Autodesk, Inc.)
Autodesk Vault 2010 (Client) (x32 Version: 14.0.63.0 - Autodesk, Inc.) Hidden
AutoTURN 8 (HKLM-x32\...\AutoTURN 8) (Version: 8.1 - Transoft Solutions)
AVG (Version: 16.7.7227 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4477 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.12.1.43164 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.12.3 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.7.7227 - AVG Technologies)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.3 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Bentley View V8i (SELECTseries 2) 08.11.07.440 (HKLM-x32\...\{87D6CF41-5817-4725-8AB2-90E6B20EDE02}) (Version: 8.11.7.440 - Bentley Systems, Incorporated)
Bird's Town (HKLM-x32\...\Bird's Town1.0.0.1) (Version: 1.0.0.1 - Friends & VeST Games)
BlackBerry App World Browser Plugin (HKLM-x32\...\{1B7BE7BC-A350-4795-9AC2-1C2F1F1F27A8}) (Version: 3.1.2.14 - Research In Motion Limited)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.33 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.33 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Borland Database Engine Setup (HKLM-x32\...\Borland Database Engine Setup) (Version: - )
Brothers In Arms (HKLM-x32\...\BrothersInArms) (Version: - Ubisoft)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.40.996 - Webteh, d.o.o.)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.41.1003 - Webteh, d.o.o.)
Bullzip PDF Printer 6.0.0.702 (HKLM\...\Bullzip PDF Printer_is1) (Version: - Bullzip)
CadTools (HKLM-x32\...\{07291D1E-253B-4250-9263-4944898FD423}) (Version: 1.0.0 - Glamsen utveckling (Lars Karlsson))
Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version: - Activision)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Cenega)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Cenega) Hidden
Carbonite Online Backup Setup (HKLM-x32\...\Carbonite Setup Lite) (Version: 3.8.0 - Carbonite Inc.)
CCleaner (remove only) (HKLM-x32\...\CCleaner) (Version: - )
CloneDVD 4.2.5.0 (HKLM-x32\...\MainApp.exe_is1) (Version: - Copyright (C) 2003-2008 DVD X Studios.)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
Combined Community Codec Pack 2013-04-20 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.04.20.0 - CCCP Project)
Compiled Driver Disc (Full) 0.99 (HKLM-x32\...\{3DCF00F5-04A5-4543-A088-70548081120E}_is1) (Version: 0.99.1.1 - COMPELSON Labs)
Compiled Driver Disc (Full) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-70548081120E}_is1) (Version: 1.0.9.1 - COMPELSON Labs)
Corel WinDVD 9 (HKLM-x32\...\InstallShield_{E3993D46-AE3F-402E-9F9D-EEBDFBEC3564}) (Version: 9.0-B14.84 - Corel Corporation)
Corel WinDVD 9 (x32 Version: 9.0-B14.84 - Corel Corporation) Hidden
CorelCAD (HKLM-x32\...\{FA5D493E-F262-441C-9D77-BC58AE093BA0}) (Version: 11.6.208 - Corel Corporation)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1501 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders II (HKLM-x32\...\Darksiders II_is1) (Version: - )
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0002 - Microsoft Corporation)
Disney-Pixar VALL-I (HKLM-x32\...\{1E249838-D27F-4C11-8C62-0D1CACCFC7EB}) (Version: 1.00.0000 - THQ)
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
DTS Plug-in (HKLM-x32\...\{3cf57fe5-84fe-4ba3-a8d2-9fcb465c3411}) (Version: - Nero AG)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DWG TrueView 2010 (HKLM\...\DWG TrueView 2010) (Version: 18.0.55.0 - Autodesk)
DWG TrueView 2010 (Version: 18.0.55.0 - Autodesk) Hidden
Encyklopedie 1.1 (HKLM-x32\...\Velká encyklopedie měst a obcí ČR_is1) (Version: - Arbor a.s.)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Feat2000 - Finite Element Analysis Tool (HKLM-x32\...\Feat2000) (Version: - )
Feat'98 v 2.51 - Finite Element Analysis Tool (HKLM-x32\...\Feat9825) (Version: - )
File Informer 1.2 (HKLM-x32\...\File Informer) (Version: - )
FileOpen Client Installer (HKLM-x32\...\{39468292-5D68-4E93-9E09-5D9D5CA00E7A}) (Version: 3.0.6.878 - FileOpen Systems, Inc.)
FMW 1 (Version: 1.32.2 - AVG Technologies) Hidden
Free DWG Viewer 7.0 (HKLM-x32\...\{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}) (Version: 7.0.1 - IGC)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - Gigabyte Technology Corp.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GPL Ghostscript Lite 8.63 (HKLM-x32\...\GPL Ghostscript Lite_is1) (Version: - )
Gracenote Plug-in (HKLM-x32\...\{c8be6ae5-fea8-46c7-9905-dc78cecf2a07}) (Version: - Nero AG)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
HP Photo Creations (HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\HP Photo Creations) (Version: 1.0.0.18332 - HP)
HP Print Diagnostic Utility (HKLM-x32\...\{2F264191-64FB-4163-813C-70641B24089F}) (Version: 1.51.0000 - Hewlett_Packard)
HP Product Detection (HKLM-x32\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 9.7.2 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.88.0 - ATI Technologies Inc.) Hidden
ICQ7 (HKLM-x32\...\{88EB38EF-4D2C-436D-ABD3-56B232674062}) (Version: 7.0 - ICQ)
ICQ7.4 (HKLM-x32\...\{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}) (Version: 7.4 - ICQ)
IL-2 Sturmovik: Forgotten Battles (HKLM-x32\...\InstallShield_{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}) (Version: 1.00.0000 - Ubi Soft)
IL-2 Sturmovik: Forgotten Battles (x32 Version: 1.00.0000 - Ubi Soft) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
James Bond 007: Nightfire (HKLM-x32\...\James Bond 007: Nightfire) (Version: - Electronic Arts)
Java 2 Runtime Environment, SE v1.4.2_10 (HKLM-x32\...\{7148F0A8-6813-11D6-A77B-00B0D0142100}) (Version: 1.4.2_10 - Sun Microsystems, Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java(TM) 6 Update 3 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160030}) (Version: 1.6.0.30 - Sun Microsystems, Inc.)
Jazykový balíček Autodesk Vault 2010 (Client) – čeština (x32 Version: 14.0.63.0 - Autodesk, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Karen's Directory Printer (HKLM-x32\...\Karen's Directory Printer) (Version: 5.2.0.5 - Karen Kenworthy)
K-Lite Codec Pack 4.7.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 4.7.5 - )
L&H TTS3000 British English (HKLM-x32\...\LHTTSENG) (Version: - )
Magic Bullet Looks Studio (HKLM-x32\...\Magic Bullet Looks Studio) (Version: - )
Magic ISO Maker v5.3 (build 0221) (HKLM-x32\...\Magic ISO Maker v5.3 (build 0221)) (Version: - )
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Menu Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{86A4C6D9-29EE-4719-AFA1-BA3341862B83}) (Version: 3.4.54.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{1FDA5A37-B22D-43FF-B582-B8964050DC13}) (Version: 3.4.18.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50917.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual Basic Power Packs 3.0 (HKLM-x32\...\{7B4D193B-D76D-308B-8B12-5D9BB1CBCE6C}) (Version: 9.0.30214 - Microsoft)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MotoGP 2007 (HKLM-x32\...\MotoGP 2007_is1) (Version: - THQ)
Movie Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Mozilla Firefox (3.5) (HKLM-x32\...\Mozilla Firefox (3.5)) (Version: 3.5 (cs) - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal Seagate Edition (HKLM-x32\...\{78E9A751-5616-233F-1249-16AC5758C646}) (Version: 7.0.41.11017 - muvee Technologies Pte Ltd)
Nero 9 (HKLM-x32\...\{eeedf432-0e83-43e7-a0e8-77058df3b4c5}) (Version: - Nero AG)
Nero BackItUp 4 (HKLM-x32\...\{67ff9769-304b-4c47-b0d6-f64a8d275489}) (Version: - Nero AG)
Nero MediaHome 4 (HKLM-x32\...\{9c0d1be4-15a1-4299-bd71-04035b84d048}) (Version: - Nero AG)
Nero Move it (HKLM-x32\...\{a071a483-4911-4ebf-be6a-5cfd4dc9b854}) (Version: - Nero AG)
NetLimiter 2 Pro (remove only) (HKLM-x32\...\NetLimiter 2 Pro) (Version: - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}) (Version: 6.83.9.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 6.83.14.1 - Nokia)
Nokia PC Suite (x32 Version: 6.83.14.1 - Nokia) Hidden
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\Octoshape add-in for Adobe Flash Player) (Version: - )
OfficeSharedAddInMFCSetup (HKLM-x32\...\{3D316CFB-1825-4030-A13A-29D18DC6B177}) (Version: 1.0.0 - Smart Soft)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovladače videa společnosti Pinnacle (HKLM\...\{5EB90C06-964F-4195-B83E-BD7E55C88415}) (Version: 12.00.0017 - Pinnacle Systems)
PC Connectivity Solution (HKLM-x32\...\{066D65EA-ED53-44E4-A96A-F81B6E409D2E}) (Version: 7.7.10.0 - Nokia)
PC Connectivity Solution 64 (Version: 7.7.10.0 - Nokia) Hidden
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Asian Fonts Pack (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Create Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Forms Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Insert Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Review Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Secure Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Decrypt 2009 v1.3 (HKLM-x32\...\PDF Decrypt 2009 <<ZzTeaM2009>>_is1) (Version: - Zz TeaM 2009)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Phone Drivers Downloader 1.1 (HKLM\...\{BDDB58A5-F98E-4D3C-B554-4A4D31C6D405}_is1) (Version: 1.1.0.0 - COMPELSON Labs)
Pinnacle Studio 12 (HKLM-x32\...\{D041EB9E-890A-4098-8F94-51DA194AC72A}) (Version: 12.0.0.6163 - Pinnacle Systems)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
PowerISO (HKLM-x32\...\PowerISO) (Version: - )
progeCAD 2011 Professional (HKLM-x32\...\{EA144AA0-BDB8-11E0-6784-6CE5192718BE}) (Version: 11.0.2.9 - Progecad s.r.l.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Quantum of Solace(TM) (HKLM-x32\...\InstallShield_{CDF29D6C-AA05-49F9-A55A-89C2F8F4F46E}) (Version: 1.00.0000 - Activision)
Quantum of Solace(TM) (x32 Version: 1.00.0000 - Activision) Hidden
QuickTime (HKLM-x32\...\{E7004147-2CCA-431C-AA05-2AB166B9785D}) (Version: 7.68.75.0 - Apple Inc.)
RailCAD verze 3.2 pro AutoCAD 200x (HKLM-x32\...\RailCAD v.3.2_is1) (Version: - )
Readon TV Movie Radio Player 7.3.0.0 (HKLM-x32\...\{BCDA7B81-D35B-4D72-8266-6BAB9383CF2B}) (Version: 7.3.0 - Readon Technology)
Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Regi (Version: 1.00.0000 - InterVideo Inc.) Hidden
Registry Mechanic 9.0 (HKLM-x32\...\Registry Mechanic_is1) (Version: 9.0 - PC Tools)
RTS Stavitel+ 2012 (HKLM-x32\...\RTS Stavitel+ 2012_is1) (Version: - )
S.T.A.L.K.E.R. - Call of Pripyat [v1.6.01] (HKLM-x32\...\{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1) (Version: 1.6.01 - CENEGA)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.22.0 - SAMSUNG Electronics Co., Ltd.)
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version: - )
Seagate Manager Installer (HKLM-x32\...\InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}) (Version: 2.01.0600 - Seagate)
Seagate Manager Installer (x32 Version: 2.01.0600 - Seagate) Hidden
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Sentinel System Driver (HKLM-x32\...\Rainbow Sentinel Driver) (Version: - )
Smart Partition Recovery v2.0 (HKLM-x32\...\Smart Partition Recovery_is1) (Version: 2.0 - Smart PC Solutions)
SoundTrax (x32 Version: 4.0.18.0 - Nero AG) Hidden
Speed-Link Vibration Joystick (HKLM-x32\...\Speed-Link Vibration Joystick) (Version: - )
Starcraft (HKLM-x32\...\Starcraft) (Version: - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.1.1.16605 - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
Total Commander Ultima Prime 4.6.0.0 (HKLM-x32\...\TC UP) (Version: 4.6.0.0 - ULTIMA PRIME)
Total Uninstall 5.7.0 (HKLM-x32\...\Total Uninstall 5_is1) (Version: 5.7.0 - Gavrila Martau)
Transformers(TM) - Revenge of the Fallen(TM) (HKLM-x32\...\InstallShield_{08F173A8-AB81-4760-AEB0-CE91F3B05AEF}) (Version: 1.0 - Activision)
Transoft Solutions Civil 3D Framework 1.0 (HKLM-x32\...\Transoft Solutions Civil 3D Framework1.0) (Version: 1.0 - Transoft Solutions)
Transoft Solutions License Server 1.7 (HKLM-x32\...\Transoft Solutions License Server 1.7) (Version: 1.7 - Transoft Solutions)
Transoft Solutions Presentation Framework 2.0 (HKLM-x32\...\Transoft Solutions Presentation Framework2.0) (Version: 2.0 - Transoft Solutions)
UberSoldier (HKLM-x32\...\{13BB0BC4-5C66-41A9-9EB1-E2B8B312D2D9}_is1) (Version: 2.7 - US - ACTION, s.r.o.)
Unity Web Player (HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Unlocker 1.9.0 (HKLM-x32\...\Unlocker) (Version: 1.9.0 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2720) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
WhoCrashed 4.01 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Widevine Media Optimizer Chrome 6.0.0 (HKLM-x32\...\optimizer_chrome) (Version: 6.0.0.12757 - Widevine Technologies)
Widevine Media Optimizer Chrome 6.0.0 (HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\optimizer_chrome) (Version: 6.0.0.12757 - Widevine Technologies)
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
Winamp (HKLM-x32\...\Winamp) (Version: 5.552 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Wise Registry Cleaner 4 Professional V4.92 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: - WiseCleaner.com, Inc.)
ZWCAD 2010 Český (HKLM-x32\...\{A7058F9A-7069-4E67-B32A-684E7B4F8FBF}) (Version: 10.0.0.0531 - ZWCAD Software Co.,Ltd)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\pt\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\pt\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\pt\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\DWG TrueView 2010\DWGVIEWRficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\pt\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{591E5416-DDC3-45E6-BE9D-C40D0B418F6E}\localserver32 -> C:\Program Files\DWG TrueView 2010\DWGVIEWR.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{7644204c-5eb0-4e21-b225-fc6c1fca74f7}\localserver32 -> E:\Program Files (x86)\Nokia\Nokia PC Suite 6\MultimediaPlayer.exe (Nokia)
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> e:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\pt\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> e:\Program Files\Autodesk\AutoCAD 2011\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\pt\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3635251681-664119229-3205739600-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\pt\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 13:34 - 2006-09-18 22:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02C140D8-43A6-43E9-A6DC-F9BAD935259B} - System32\Tasks\{84C34402-E106-4DA8-9C7A-99CF0A2C7D5A} => pcalua.exe -a D:\InstellBluetooth.exe -d D:\
Task: {087FECCE-4DA5-41C0-96EC-E2D07B2EFF52} - System32\Tasks\{E6D5314B-85BB-4999-BF31-304F928B8EB3} => pcalua.exe -a "E:\torrent\hotovo\DAEMON_Tools_Pro_4.10.218.0\DAEMON Tools Pro 4.10.218.0\Setup\DTPro4100218Advanced.exe" -d "E:\torrent\hotovo\DAEMON_Tools_Pro_4.10.218.0\DAEMON Tools Pro 4.10.218.0\Setup"
Task: {0F0EE610-B1F5-44F9-94C0-CDAA9CE29E27} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {19397195-2169-447F-85F0-1C2FBC5D101B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1B438455-AA41-4091-A240-D83B115169DC} - System32\Tasks\{C45DEBB7-A8FC-4461-9702-EB29E7BE3123} => pcalua.exe -a "C:\Program Files (x86)\thriXXX\WebLaunch\WebLaunchUninstall.exe"
Task: {1B43DAB8-2696-4AAE-8EC4-26F86CC87BA6} - System32\Tasks\{634B4137-56D0-4AA9-AE05-0EFE7FCA18A3} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe -c /M{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3} /l1029
Task: {1D1171A8-A067-47ED-81EC-700D0ACA7DBE} - System32\Tasks\{4AD2F62E-21B3-4116-8339-830C2CBA44FB} => pcalua.exe -a "E:\ANSYS Inc\v121\Uninstall.exe" -d C:\Users\pt
Task: {2005826C-0E68-4896-B655-2DAC9A8BD528} - System32\Tasks\{95D40793-4944-4893-BE69-09B15FA2BD40} => pcalua.exe -a "K:\Dokumenty - K\Instal - Programy - K\EClea2_0.exe" -d C:\Users\pt\Desktop
Task: {31EC8DBB-9507-476C-8CA6-56BF43B194C0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000Core => C:\Users\pt\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-05] (Google Inc.)
Task: {370B3BF5-56F6-4E9A-A1CD-857F27A5EF39} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000UA => C:\Users\pt\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-05] (Google Inc.)
Task: {70A5663F-4F78-48C1-AD5A-BF9F7AF9BC05} - System32\Tasks\{5B874229-4811-4124-BAAA-304BF1DF930C} => pcalua.exe -a "E:\Instal\programy\Samsung-USB-Driver_4.50.0.7.0\Samsung USB Driver_4.50.0.7.0\V_Mobile_1.0\Setup.exe" -d "E:\Instal\programy\Samsung-USB-Driver_4.50.0.7.0\Samsung USB Driver_4.50.0.7.0\V_Mobile_1.0"
Task: {73FBBBA8-7621-457B-BA6F-9A8D5DB29D44} - System32\Tasks\{0683B66F-40C4-44A9-AD59-BB7BE7E9A1A7} => pcalua.exe -a "E:\Program Files (x86)\Electronic Arts\Medal of Honor\Support\Medal of Honor_code.exe" -d "E:\Program Files (x86)\Electronic Arts\Medal of Honor\Support"
Task: {7B431146-CA38-45CD-99A7-ECE57D9DEDE6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {7B571C29-A528-4C6A-84CD-A71F7DA3C9CE} - System32\Tasks\{315853DF-35D7-43FC-83AB-466C7C8DDFF0} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {7EA7CC5D-A60E-4702-B35F-9B7DF9C39109} - System32\Tasks\Java(TM) Platform SE Auto Updater 2 0 => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {8BBCB8E8-51E7-455C-8EDB-89FF9E843F4A} - System32\Tasks\{009037F3-7101-430A-A090-E326381081D4} => pcalua.exe -a I:\setup.exe -d I:\
Task: {8D001939-DE8E-40D5-BDF2-6A540B203661} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-12] (Adobe Systems Incorporated)
Task: {921318DC-F2CC-4985-B4C4-4D1D34AAAB0F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2015-11-23] (AVG Technologies CZ, s.r.o.)
Task: {A4BA2ECE-E427-477C-A961-89BD92ADF421} - System32\Tasks\{466517BC-D0F1-4799-B9FB-B62DEBCAFA49} => pcalua.exe -a "E:\Instal\programy\CyberLink PowerDVD Ultra 9.0.1530\CyberLink PowerDVD Ultra 9.0.1530\Aktualizacia PowerDVD Ultra 9.0.1530\PDVD9UA.Activator_Fixed\PDVD9UA.Activator_Fixed\PDVD9UA.Activator_Fixed.exe" -d "E:\Instal\programy\CyberLink PowerDVD Ultra 9.0.1530\CyberLink PowerDVD Ultra 9.0.1530\Aktualizacia PowerDVD Ultra 9.0.1530\PDVD9UA.Activator_Fixed\PDVD9UA.Activator_Fixed"
Task: {AC840A35-88A3-44DE-B50A-B4F5179EFB0D} - System32\Tasks\Microsoft\Windows\RestartManager\{51C423B2-89B8-4b7c-AD65-BCE238C73546} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {BDBC923C-E274-4094-840B-A124021DD590} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-19] (Společnost Microsoft)
Task: {C18F88A5-9758-4BD1-95C1-133CB6EA7FE8} - System32\Tasks\{81C808D4-E4B8-4C37-A5BD-958959FD1E56} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{EABF2170-CA2F-4C48-9921-3D5050F30EBA}\Setup.exe"
Task: {D9EB8B7A-B99C-439F-9809-8C4930B67914} - System32\Tasks\{B8C2425B-EE43-410A-A605-A40125DBDC7C} => pcalua.exe -a "e:\Program Files (x86)\RailCAD\unins000.exe"
Task: {DB25B0F1-7371-4313-A9A4-DD5D6BE0D154} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
Task: {E516D919-26B7-4FB4-81D5-97CCC8E2DE0E} - System32\Tasks\Google Update => C:\Users\pt\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-05] (Google Inc.)
Task: {EA986B45-1C52-4836-BCD4-E59506909C6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {ED4E8876-BF55-4D64-B96D-CEFC6B6528E1} - System32\Tasks\{726C9BCE-43B0-41DE-B000-EB7ACB0C3163} => pcalua.exe -a "F:\Instal2\RailCAD\railcad 3.0.exe" -d F:\Instal2\RailCAD
Task: {F22315DD-C4F6-41A6-BA48-7149CCC7F58C} - System32\Tasks\{5DD95B35-B51C-4CFF-8085-FB3F8670504F} => pcalua.exe -a I:\FUEL.part01.exe -d I:\

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000Core.job => C:\Users\pt\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000UA.job => C:\Users\pt\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\pt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ANSYS 12.1\ICEM CFD.lnk -> E:\ANSYS Inc\v121\icemcfd\win64_amd\bin\icemcfd.bat () <==== ATTENTION

ShortcutWithArgument: C:\Users\pt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ANSYS 12.1\Help\Installation & System FAQs.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.fluentusers.com/support/installatio ... /index.htm <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2009-03-29 20:42 - 2010-03-23 18:48 - 00075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-05-25 23:48 - 2012-05-01 19:21 - 00446464 _____ () C:\Program Files (x86)\Transoft Solutions\License Server\TransoftLS.exe
2009-12-11 20:49 - 2012-11-16 20:37 - 00045056 _____ () C:\Windows\system32\atitmp64.dll
2010-07-04 20:51 - 2010-07-04 20:51 - 00017408 _____ () C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
2012-11-16 15:09 - 2012-11-16 15:09 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-02-09 14:46 - 2010-02-09 14:46 - 00221184 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr\lib\axutil.dll
2010-02-09 14:46 - 2010-02-09 14:46 - 00474624 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr\lib\axis2_engine.dll
2010-02-09 14:46 - 2010-02-09 14:46 - 00225280 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr\lib\axiom.dll
2010-02-09 14:46 - 2010-02-09 14:46 - 00073728 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr\lib\axis2_parser.dll
2010-02-09 14:47 - 2010-02-09 14:47 - 01331200 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr\lib\libxml2.dll
2010-02-09 14:46 - 2010-02-09 14:46 - 00131072 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr\lib\neethi.dll
2012-05-25 23:48 - 2012-05-01 19:21 - 00126976 _____ () C:\Program Files (x86)\Transoft Solutions\License Server\LSCOMMUNICATIONS.dll
2010-07-04 22:32 - 2010-07-04 22:32 - 00004608 _____ () C:\Program Files (x86)\Unlocker\UnlockerHook.dll
2014-09-22 19:28 - 2009-02-27 18:51 - 00019968 _____ () E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.cze
2015-10-26 07:41 - 2015-10-26 07:00 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2008-12-01 14:56 - 2008-12-01 14:56 - 00090112 _____ () C:\Program Files (x86)\ATI Technologies\HydraVision\HydraCsy.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:B879A65B
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\google.com -> hxxps://local.google.com
IE trusted site: HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\mojebanka.cz -> hxxps://www.mojebanka.cz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3635251681-664119229-3205739600-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\Wallpaper\img24.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [TCP Query User{D40B936F-2395-4B3D-9EFB-C6F10AFB0B5D}J:\program files (x86)\icq6\icq.exe] => (Block) J:\program files (x86)\icq6\icq.exe
FirewallRules: [UDP Query User{CCF1365B-3417-4133-8A5E-8CA488BB74E9}J:\program files (x86)\icq6\icq.exe] => (Block) J:\program files (x86)\icq6\icq.exe
FirewallRules: [{21FE67E9-170A-46F8-BE03-4739604F579C}] => (Allow) J:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{A7926675-DFC0-4B6E-8182-04DBAF45911D}] => (Allow) J:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{7259E81D-734E-4BB2-836E-1935AB864EAC}] => (Allow) J:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{291F358F-E030-4FFD-B5EF-97C9CF357B6B}] => (Allow) J:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [TCP Query User{ABFDD3BE-281F-4B53-B7BC-DED71225F1CC}J:\program files (x86)\corel\dvd9\windvd.exe] => (Allow) J:\program files (x86)\corel\dvd9\windvd.exe
FirewallRules: [UDP Query User{28D3CE8C-D139-48A6-8AE4-422C07C35DB2}J:\program files (x86)\corel\dvd9\windvd.exe] => (Allow) J:\program files (x86)\corel\dvd9\windvd.exe
FirewallRules: [{7316EB22-C8AC-4500-BB46-7E5DAEF69A0E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{896CFB57-BEC2-4484-A665-741244C46528}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{692F6CD2-0B8B-461B-AF5D-E897A8EDF9F0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{54F992E1-D7FA-4246-994E-CF0C2555BD97}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1452AAAC-0CAC-4289-AA08-B73FE211D797}] => (Allow) J:\Program Files (x86)\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe
FirewallRules: [{D0764BD7-4F3E-4B28-AD37-6A4257B1354D}] => (Allow) J:\Program Files (x86)\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe
FirewallRules: [{7D3F284A-28EE-4A02-A2E7-597C0A82EEE0}] => (Allow) J:\Program Files (x86)\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe
FirewallRules: [{BD194785-C0A4-4FD3-9E08-40D60E140147}] => (Allow) J:\Program Files (x86)\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe
FirewallRules: [{81B23D2C-2994-4E31-ABE8-CCC80BFEAFF7}] => (Allow) J:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{C238B3A8-0FA3-4C76-97CF-02BC161B4678}] => (Allow) J:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{2BDB5219-A114-479D-AAA1-79CCA5A1A102}] => (Allow) J:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{2AE26A8E-BA86-4128-8BDA-51CAA423B93B}] => (Allow) J:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{F7EA70DF-EE4B-4D27-A3B4-80F97059EC21}] => (Allow) J:\Program Files (x86)\Pinnacle\Studio 12\Programs\RM.exe
FirewallRules: [{B1E008F6-4215-47C6-ACFC-AC09DA39000D}] => (Allow) J:\Program Files (x86)\Pinnacle\Studio 12\Programs\RM.exe
FirewallRules: [{9AF459A1-90A0-41D2-BAC6-79B2390C5496}] => (Allow) J:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe
FirewallRules: [{6450B06B-25AC-4FAA-B616-AF685EBFE3A1}] => (Allow) J:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe
FirewallRules: [{CFB4D879-F208-44FE-AD3C-08833502E8A4}] => (Allow) J:\Program Files (x86)\Pinnacle\Studio 12\Programs\umi.exe
FirewallRules: [{F6484150-6DE9-42D2-99D0-01EF8B58FA3A}] => (Allow) J:\Program Files (x86)\Pinnacle\Studio 12\Programs\umi.exe
FirewallRules: [{28164F1E-F1BC-407D-8297-0C5C92E9CA3D}] => (Allow) E:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{E9B6377E-7E2C-4AF3-B3A5-DB4C9FCC8A40}] => (Allow) E:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{32343586-FC6C-40D4-B5FD-FCD7086ECB5A}] => (Allow) E:\Program Files (x86)\Activision\Quantum of Solace(TM)\JB_LiveEngine_s.exe
FirewallRules: [{CBE5D859-7CB6-440A-838C-A55FB751A6E0}] => (Allow) E:\Program Files (x86)\Activision\Quantum of Solace(TM)\JB_LiveEngine_s.exe
FirewallRules: [{575C8105-6CDE-4B1E-A826-85C20D71537B}] => (Allow) E:\Program Files (x86)\Activision\Quantum of Solace(TM)\JB_LiveEngine_s.exe
FirewallRules: [{1D5FFF38-211D-4E4F-932A-30D4E2D948FC}] => (Allow) E:\Program Files (x86)\Activision\Quantum of Solace(TM)\JB_LiveEngine_s.exe
FirewallRules: [{DF02ECB8-86D8-4A8D-A246-482DC5862EAC}] => (Allow) E:\Program Files (x86)\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe
FirewallRules: [{07D58F10-8019-4939-81AF-97B30E85B193}] => (Allow) E:\Program Files (x86)\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe
FirewallRules: [{4C228C18-CEB1-420E-A3E8-4E08566FF6BD}] => (Allow) E:\Program Files (x86)\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe
FirewallRules: [{340E0E06-2CF5-4F77-AC7C-834F0E129479}] => (Allow) E:\Program Files (x86)\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe
FirewallRules: [TCP Query User{31029521-422D-48C6-85AE-789D75CD91B7}E:\program files (x86)\utorrent\utorrent.exe] => (Allow) E:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{FA7CCDE6-FB8E-4B75-B66C-E38AC96C3F78}E:\program files (x86)\utorrent\utorrent.exe] => (Allow) E:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [TCP Query User{8CBE47D3-67B2-4D17-A18D-900F89BDDA33}E:\program files (x86)\utorrent\utorrent.exe] => (Block) E:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{9BD03B2A-0CCC-45A8-850F-B18B16CF9151}E:\program files (x86)\utorrent\utorrent.exe] => (Block) E:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{EBBA67C1-0FB6-4F8C-95DA-E3FE55199127}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3733378A-7956-45EF-810E-4C2182E15193}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2EB3E101-F68A-4C6D-AB2C-A056A3DBBB32}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AD756FBB-7F74-4C0E-9BD9-44FA8E4CC7DE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{F9BB2DBD-8E5F-4458-9A14-36BB80482228}E:\program files (x86)\icq6.5\icq.exe] => (Block) E:\program files (x86)\icq6.5\icq.exe
FirewallRules: [UDP Query User{90BC144E-6F78-4D99-B6EC-ED0143ED50D1}E:\program files (x86)\icq6.5\icq.exe] => (Block) E:\program files (x86)\icq6.5\icq.exe
FirewallRules: [{8C826FD1-23A5-4273-A9C2-2A6501C19681}] => (Allow) E:\Program Files (x86)\Activision\Transformers - Revenge of the Fallen\Transformers2.exe
FirewallRules: [{E778CB50-68B4-468E-B1BF-4BCF40909FFF}] => (Allow) E:\Program Files (x86)\Activision\Transformers - Revenge of the Fallen\Transformers2.exe
FirewallRules: [TCP Query User{8E8A6F39-CEC4-4D01-8939-23DBBC15C4FC}E:\program files (x86)\activision\modern warfare 2\iw4mp.exe] => (Block) E:\program files (x86)\activision\modern warfare 2\iw4mp.exe
FirewallRules: [UDP Query User{BB3F2266-FD37-45E9-A847-732320461BBD}E:\program files (x86)\activision\modern warfare 2\iw4mp.exe] => (Block) E:\program files (x86)\activision\modern warfare 2\iw4mp.exe
FirewallRules: [{016C3D6E-5022-424F-B62A-DCFFB84E156E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D8D31683-06F1-4E3E-A5FC-AA6B3A5A4574}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{C5840874-72F1-479E-89F3-DCFDB294037C}E:\program files (x86)\icq7.2\icq.exe] => (Allow) E:\program files (x86)\icq7.2\icq.exe
FirewallRules: [UDP Query User{E62836C0-2B90-4477-8D88-DAEB2EDEBEE2}E:\program files (x86)\icq7.2\icq.exe] => (Allow) E:\program files (x86)\icq7.2\icq.exe
FirewallRules: [{0E674E27-ADE1-48CC-A637-D73EF28A04CC}] => (Allow) E:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{FC932FDE-16E2-4F50-BBC5-53B783EA47F3}] => (Allow) E:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{1AC8D2D3-17CE-4515-A7B8-A428EEF7FE02}K:\dokumenty - k\strabag - záloha 2010-10-08\tolarpet\stav\!moje\strongdc\strongdc\strongdc.exe] => (Allow) K:\dokumenty - k\strabag - záloha 2010-10-08\tolarpet\stav\!moje\strongdc\strongdc\strongdc.exe
FirewallRules: [UDP Query User{0E08044C-866F-46D1-98E8-58858A0BC9A0}K:\dokumenty - k\strabag - záloha 2010-10-08\tolarpet\stav\!moje\strongdc\strongdc\strongdc.exe] => (Allow) K:\dokumenty - k\strabag - záloha 2010-10-08\tolarpet\stav\!moje\strongdc\strongdc\strongdc.exe
FirewallRules: [TCP Query User{2D58156B-58C9-4984-9AC5-52F86B7E3691}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Block) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{FE6ABEAA-3706-4BE9-A8A0-A6570F7EED16}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Block) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [TCP Query User{478DF1AD-9742-4CBA-BA55-83A641CC8776}E:\program files (x86)\activision\call of duty - world at war\codwaw.exe] => (Block) E:\program files (x86)\activision\call of duty - world at war\codwaw.exe
FirewallRules: [UDP Query User{E9C7E10E-8421-4B7A-A2BD-82DDB8A7B10F}E:\program files (x86)\activision\call of duty - world at war\codwaw.exe] => (Block) E:\program files (x86)\activision\call of duty - world at war\codwaw.exe
FirewallRules: [{BB2A2218-AE35-485C-938B-0AB9034EDE8F}] => (Allow) C:\Program Files (x86)\ICQ7.4\ICQ.exe
FirewallRules: [{729DE9C7-0899-4813-A5E7-AC48FE3A9B23}] => (Allow) C:\Program Files (x86)\ICQ7.4\ICQ.exe
FirewallRules: [{B0CACEAE-C51E-4B55-81CC-24D51C262056}] => (Allow) C:\Program Files (x86)\ICQ7.4\ICQ.exe
FirewallRules: [{40892FF9-896F-4265-97CF-B98894ABAA96}] => (Allow) C:\Program Files (x86)\ICQ7.4\ICQ.exe
FirewallRules: [{86B6AE53-AA73-43CB-8B3E-C98A7ECB945B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{88A69827-DF8B-4095-A1EA-F39655F1A2B8}] => (Allow) LPort=2869
FirewallRules: [{02DA2F73-2E3F-4658-A191-658234B603DC}] => (Allow) LPort=1900
FirewallRules: [{5FE004B0-8182-43D4-81AC-D0B10ADDB780}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{3987FF1B-8A10-45A4-B388-B2791138B973}] => (Allow) LPort=80
FirewallRules: [{80599D9D-76F8-4EA8-A987-6683172FC280}] => (Allow) LPort=80
FirewallRules: [{6BF91971-C361-43D3-B636-387C54BAF7BD}] => (Allow) LPort=80
FirewallRules: [{9B6B749F-E98E-4B6A-A72C-4B0F4B78B7AC}] => (Allow) C:\Program Files (x86)\ICQ7.0\ICQ.exe
FirewallRules: [{90904408-5E8E-44F3-BEF2-1C89ECCCEC18}] => (Allow) C:\Program Files (x86)\ICQ7.0\ICQ.exe
FirewallRules: [{B40E0A15-AF92-4159-8853-352919848256}] => (Allow) C:\Program Files (x86)\ICQ7.0\ICQ.exe
FirewallRules: [{119F1536-9207-4624-9002-9A7305A4B082}] => (Allow) C:\Program Files (x86)\ICQ7.0\ICQ.exe
FirewallRules: [{57A0DB80-0015-4B9A-9F60-8865D86A9CEB}] => (Allow) C:\Program Files (x86)\ICQ7.0\ICQ.exe
FirewallRules: [{F05D5059-3F5C-4820-9187-F08E292A49B4}] => (Allow) C:\Program Files (x86)\ICQ7.0\ICQ.exe
FirewallRules: [{486686D7-D95C-46E1-84C8-52A0F110019A}] => (Allow) C:\Program Files (x86)\ICQ7.0\aolload.exe
FirewallRules: [{E5B14790-A562-4D3B-A108-9E26EED819FB}] => (Allow) C:\Program Files (x86)\ICQ7.0\aolload.exe
FirewallRules: [{37455E1D-8F35-43D4-9954-1B2991C02776}] => (Allow) C:\Program Files (x86)\ICQ7.0\aolload.exe
FirewallRules: [{A4665391-C8B1-4745-83B8-6A7F25AAAFAA}] => (Allow) C:\Program Files (x86)\ICQ7.0\aolload.exe
FirewallRules: [{2193AF42-8EC2-4A89-97DE-B93C88277BD4}] => (Allow) C:\Program Files (x86)\ICQ7.0\aolload.exe
FirewallRules: [{F368EE5A-EBBD-4AA7-9CDD-3EACE0B82A29}] => (Allow) C:\Program Files (x86)\ICQ7.0\aolload.exe
FirewallRules: [TCP Query User{E079AB5E-A659-44AF-A640-A8B184B91AEF}D:\d-link.exe] => (Allow) D:\d-link.exe
FirewallRules: [UDP Query User{358A61DD-535F-456F-90E7-3BB771759284}D:\d-link.exe] => (Allow) D:\d-link.exe
FirewallRules: [TCP Query User{B4FDA8E3-F3C1-4DE3-9541-07059DFAADBA}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{3D0B641B-C3E3-4843-AC34-1AEB3765E1FA}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{465D8E40-7297-4CA6-B182-B9E8F21CDA53}] => (Allow) LPort=4481
FirewallRules: [{C858252F-AFA8-4CA6-B651-CED47FABE863}] => (Allow) LPort=4481
FirewallRules: [{BA7FBFEC-D59A-4521-A60A-3F501EE48561}] => (Allow) LPort=4482
FirewallRules: [{EF7A4EBB-51A1-49D9-9127-AE5FF1E48A38}] => (Allow) LPort=4482
FirewallRules: [TCP Query User{9D0EFD6C-F671-49C3-936D-3C11EE5F3FB4}D:\d-link.exe] => (Allow) D:\d-link.exe
FirewallRules: [UDP Query User{ADE8362B-367D-404E-B08C-9E0BECE1040D}D:\d-link.exe] => (Allow) D:\d-link.exe
FirewallRules: [{ED53CE42-5168-4831-8BA2-40706FB52BE3}] => (Allow) C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{94A7CE51-6277-4A0C-9E24-C72F64158A04}] => (Allow) C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9B0F6C60-388F-4D4E-B86D-93E84296D35D}] => (Allow) C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8EABFC56-FA8F-4C5E-B2FD-7D13F9403E47}] => (Allow) C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CBFD73D6-88C6-4231-B320-69386D6A8D03}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{9D6DD17C-43D7-45DC-AF20-CD2ED2F39D74}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{E97DAC3B-77C0-44C6-83A0-60CA7FA9017F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{D85878D6-CE9E-482F-9193-9C14A471AABC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{3F1547F3-1ECF-49B8-B9EB-64DF7F816D8B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{91B5A1EC-4AF7-41A8-9F43-4100C25E2AC9}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{9D7FF851-5D64-4A74-8B42-5587EC0B8A9C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{45390094-1880-458F-BE45-06E3831FB5C1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{89BEFAFF-2B3F-4591-919B-37ED4CDD0A12}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [E:\Program Files (x86)\ZWCAD 2010 Csy\ZWCAD.EXE] => Enabled:ZWCAD.EXE
StandardProfile\AuthorizedApplications: [E:\Program Files (x86)\ZWCAD 2010 Csy\ZWErrorDialog.exe] => Enabled:ZWErrorDialog.exe
StandardProfile\AuthorizedApplications: [E:\Program Files (x86)\ZWCAD 2010 Csy\CrashReportManagement.exe] => Enabled:CrashReportManagement.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Nokia 6300
Description: Nokia 6300
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/29/2015 04:01:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest1. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

Error: (11/29/2015 04:01:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest1. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

Error: (11/28/2015 04:37:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest1. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

Error: (11/28/2015 04:37:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest1. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

Error: (11/28/2015 04:37:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest1. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest2 na řádku C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.

Error: (11/28/2015 04:37:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest1. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest2 na řádku C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.

Error: (11/28/2015 04:37:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest1. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

Error: (11/28/2015 04:37:09 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest1. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

Error: (11/28/2015 04:36:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest1. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

Error: (11/28/2015 04:36:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Selhalo generování kontextu aktivace pro: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest1. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti jsou:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_151129cef4086113.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19.manifest.

System errors:
=============
Error: (11/28/2015 04:30:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: VD_FileDisk

Error: (11/28/2015 04:30:10 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: AVGIDSAgent3758213660 (0xE001CA1C)

Error: (11/28/2015 04:30:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Sentinel%%1275

Error: (11/28/2015 04:30:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Angelnt%%1275

Error: (11/28/2015 04:29:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \SystemRoot\SysWow64\Drivers\SENTINEL.SYS bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (11/28/2015 04:29:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \SystemRoot\SysWow64\Drivers\ANGELNT.SYS bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (11/28/2015 04:29:38 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Zapůjčení adresy IP 192.168.0.103 pro síťovou kartu s adresou 001FD08FC81F byla serverem DHCP 192.168.0.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error: (11/28/2015 04:29:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (16:26:19, 28.11.2015) bylo neočekávané.

Error: (11/28/2015 04:29:04 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \SystemRoot\SysWow64\Drivers\VD_FileDisk.SYS bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (11/27/2015 09:25:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: VD_FileDisk

CodeIntegrity:
===================================
Date: 2015-11-29 16:03:06.432
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-29 16:03:06.276
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-29 16:03:06.104
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-29 16:03:05.932
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-29 16:03:04.010
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgmfx64.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-29 16:03:03.838
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgmfx64.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-29 16:03:03.666
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgmfx64.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-29 16:03:03.494
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgmfx64.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-29 16:03:03.276
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

Date: 2015-11-29 16:03:03.104
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 38%
Total physical RAM: 8189.58 MB
Available physical RAM: 5030.03 MB
Total Virtual: 16590.17 MB
Available Virtual: 12977.76 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:132.72 GB) (Free:46.51 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RSJPK2014) (CDROM) (Total:0.8 GB) (Free:0 GB) CDFS
Drive e: (Data, Programy) (Fixed) (Total:798.79 GB) (Free:52.17 GB) NTFS
Drive f: (Audio, Dokumenty) (Fixed) (Total:189.92 GB) (Free:52.47 GB) NTFS
Drive g: (acad2009) (CDROM) (Total:3.06 GB) (Free:0 GB) CDFS
Drive j: (FreeAgent Xtreme) (Fixed) (Total:465.76 GB) (Free:118.37 GB) NTFS
Drive k: (FreeAgent Drive) (Fixed) (Total:1863.01 GB) (Free:8.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 0FED0FEC)
Partition 1: (Active) - (Size=132.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=798.8 GB) - (Type=05)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 189.9 GB) (Disk ID: 4FE12B0F)
Partition 1: (Not Active) - (Size=189.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 0B8E7C5D)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: E5E10F44)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#14 Příspěvek od **Márty84** » 30 lis 2015 20:14

To sice moc podle navodu nebylo, ale aspon tak.

Napiste mi velikost adresare plochy.

Presunte FRST na plochu, jinak to nebude fungovat!

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-19] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [RemoteControl9] => e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\Language\Language.exe [50472 2009-04-27] (CyberLink Corp.)
HKLM-x32\...\Run: [PCSuiteTrayApplication] => E:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe [227328 2007-03-23] (Nokia)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [UnlockerAssistant] => C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKLM-x32\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start hxxp://www.avg.com/ww.special-uninstall ... QBNAEIAUgA"&"inst=NwA2AC0ANwAwADMAMgA3AD (the data entry has 229 more characters).
HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\Run: [uTorrent] => C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe [802136 2015-11-21] (BitTorrent Inc.)
HKU\S-1-5-18\...\Run: [Nokia.PCSync] => E:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe [1744896 2007-03-27] (Time Information Services Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2009-03-31]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

URLSearchHook: HKLM-x32 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\.DEFAULT -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-3635251681-664119229-3205739600-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-3635251681-664119229-3205739600-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)

FF SearchEngineOrder.1: Ask
FF SelectedSearchEngine: ICQ Search
FF Extension: ICQ Toolbar - C:\Users\pt\AppData\Roaming\Mozilla\Firefox\Profiles\atmxxqas.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(64) [2011-02-21] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

CHR DefaultSearchURL: Default -> hxxp://dts.search.ask.com/sr?src=crb&gc ... nrs=AG1&q={searchTerms}

2015-11-25 21:29 - 2015-11-25 21:29 - 22908888 _____ (Malwarebytes ) C:\Users\pt\Desktop\mbam-setup-2.2.0.1024.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000Core.job => C:\Users\pt\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000UA.job => C:\Users\pt\AppData\Local\Google\Update\GoogleUpdate.exe

Shortcut: C:\Users\pt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ANSYS 12.1\ICEM CFD.lnk -> E:\ANSYS Inc\v121\icemcfd\win64_amd\bin\icemcfd.bat () <==== ATTENTION

ShortcutWithArgument: C:\Users\pt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ANSYS 12.1\Help\Installation & System FAQs.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.fluentusers.com/support/inst ... /index.htm <==== ATTENTION

AlternateDataStreams: C:\ProgramData\Temp:B879A65B
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-31 68096]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-28 194032]

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

StribogCZ · #15 Příspěvek od **StribogCZ** » 17 pro 2015 00:36

Byl jsem chvíli pryč, ale už jsem zpátky.

Plocha je vleká 848 MB.

Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version:17-12-2015
Ran by pt (2015-12-17 00:03:49) Run:1
Running from C:\Users\pt\Desktop
Loaded Profiles: pt (Available Profiles: pt & Admin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-19] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [RemoteControl9] => e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => e:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9\Language\Language.exe [50472 2009-04-27] (CyberLink Corp.)
HKLM-x32\...\Run: [PCSuiteTrayApplication] => E:\Program Files (x86)\Nokia\Nokia PC Suite 6\LaunchApplication.exe [227328 2007-03-23] (Nokia)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => E:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [UnlockerAssistant] => C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKLM-x32\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start hxxp://www.avg.com/ww.special-uninstall ... QBNAEIAUgA"&"inst=NwA2AC0ANwAwADMAMgA3AD (the data entry has 229 more characters).
HKU\S-1-5-21-3635251681-664119229-3205739600-1000\...\Run: [uTorrent] => C:\Users\pt\AppData\Roaming\uTorrent\uTorrent.exe [802136 2015-11-21] (BitTorrent Inc.)
HKU\S-1-5-18\...\Run: [Nokia.PCSync] => E:\Program Files (x86)\Nokia\Nokia PC Suite 6\PcSync2.exe [1744896 2007-03-27] (Time Information Services Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2009-03-31]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

URLSearchHook: HKLM-x32 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\.DEFAULT -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-3635251681-664119229-3205739600-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-3635251681-664119229-3205739600-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)

FF SearchEngineOrder.1: Ask
FF SelectedSearchEngine: ICQ Search
FF Extension: ICQ Toolbar - C:\Users\pt\AppData\Roaming\Mozilla\Firefox\Profiles\atmxxqas.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(64) [2011-02-21] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

CHR DefaultSearchURL: Default -> hxxp://dts.search.ask.com/sr?src=crb&gc ... nrs=AG1&q={searchTerms}

2015-11-25 21:29 - 2015-11-25 21:29 - 22908888 _____ (Malwarebytes ) C:\Users\pt\Desktop\mbam-setup-2.2.0.1024.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000Core.job => C:\Users\pt\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000UA.job => C:\Users\pt\AppData\Local\Google\Update\GoogleUpdate.exe

Shortcut: C:\Users\pt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ANSYS 12.1\ICEM CFD.lnk -> E:\ANSYS Inc\v121\icemcfd\win64_amd\bin\icemcfd.bat () <==== ATTENTION

ShortcutWithArgument: C:\Users\pt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ANSYS 12.1\Help\Installation & System FAQs.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.fluentusers.com/support/inst ... /index.htm <==== ATTENTION

AlternateDataStreams: C:\ProgramData\Temp:B879A65B
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-31 68096]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-28 194032]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Defender => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl9 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PDVD9LanguageShortcut => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PCSuiteTrayApplication => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UnlockerAssistant => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\AvgUninstallURL => value removed successfully
HKU\S-1-5-21-3635251681-664119229-3205739600-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Nokia.PCSync => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Správa překryvné ikony digitálních podpisů AutoCADu " => key removed successfully
"HKCR\Wow6432Node\CLSID\{36A21736-36C2-4C11-8ACB-D4136F2B57BD}" => key removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk => moved successfully
C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe => moved successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => value removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value removed successfully
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-3635251681-664119229-3205739600-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value removed successfully
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => key not found.
HKU\S-1-5-21-3635251681-664119229-3205739600-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
Firefox SearchEngineOrder.1 removed successfully
Firefox SelectedSearchEngine removed successfully
C:\Users\pt\AppData\Roaming\Mozilla\Firefox\Profiles\atmxxqas.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}(64) => moved successfully
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully
Chrome DefaultSearchURL => removed successfully
C:\Users\pt\Desktop\mbam-setup-2.2.0.1024.exe => moved successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000Core.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3635251681-664119229-3205739600-1000UA.job => moved successfully
Shortcut: C:\Users\pt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ANSYS 12.1\ICEM CFD.lnk -> E:\ANSYS Inc\v121\icemcfd\win64_amd\bin\icemcfd.bat () <==== ATTENTION => Error: No automatic fix found for this entry.
C:\Users\pt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ANSYS 12.1\Help\Installation & System FAQs.lnk => Shortcut argument removed successfully.
C:\ProgramData\Temp => ":B879A65B" ADS removed successfully.
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.
Nero BackItUp Scheduler 4.0 => Service stopped successfully.
Nero BackItUp Scheduler 4.0 => service removed successfully
gupdate => service removed successfully
Adobe LM Service => service removed successfully
gupdatem => service removed successfully
gusvc => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 3.9 GB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 00:11:47 ====

VIRY.CZ

Zpomalené PC

Zpomalené PC

Re: Zpomalené PC

Re: Zpomalené PC

Re: Zpomalené PC

Re: Zpomalené PC

Re: Zpomalené PC

Re: Zpomalené PC

Re: Zpomalené PC

Re: Zpomalené PC

Re: Zpomalené PC

Re: Zpomalené PC

Re: Zpomalené PC

Re: Zpomalené PC

Re: Zpomalené PC

Re: Zpomalené PC