VIRY.CZ

Dobry den chcel by som poziadt o kontrolu logu, mam velky vysoky upload asi 3x vyssi ako bezny dowload co sposobuje vysoky pinkg 2500ms a uplne spomaleny internet... dakujem za pomoc

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-07-2017
Ran by Juraj (administrator) on JURAJ-PC (25-07-2017 19:50:19)
Running from C:\Users\Juraj\Downloads
Loaded Profiles: Juraj & UpdatusUser (Available Profiles: Juraj & UpdatusUser)
Platform: Windows 7 Ultimate (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ACD Systems) C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
(© 2015 Microsoft Corporation) C:\Users\Juraj\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Imtiger Software Inc.) C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-17] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2916584 2010-08-12] (ESET)
HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2014-11-22] ()
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1828136 2007-08-08] (Nero AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [pamfax] => C:\ProgramData\SquirrelMachineInstalls\pamfax.exe [88206848 2016-11-06] (PamConsult GmbH.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [Device Detector] => DevDetect.exe -autorun
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-03] (Nero AG)
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [BingSvc] => C:\Users\Juraj\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-11] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [cz.seznam.software.autoupdate] => "C:\Users\Juraj\AppData\Roaming\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [cz.seznam.software.szndesktop] => "C:\Users\Juraj\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [supertintin_skype] => C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe [999936 2011-01-10] (Imtiger Software Inc.)
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\Run: [DU Meter] => "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\MountPoints2: {7d3ccceb-7256-11e4-bca4-806e6f6e6963} - G:\InstAll.exe
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\...\MountPoints2: {f3c50061-897c-11e5-8047-ac72891e9a7d} - H:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-782316400-2823983723-2572573682-1001\...\MountPoints2: {7d3ccceb-7256-11e4-bca4-806e6f6e6963} - G:\InstAll.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-05-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [193128 2011-05-10] (NVIDIA Corporation)
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 update.ross-tech.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E5834865-BC5E-4F04-BB26-5A318D4A8408}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-782316400-2823983723-2572573682-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {0B73A7D8-3068-488C-B05E-819C5574CA86} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_27368
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {1F289AEE-C833-4A0E-ACCD-40E34D3AEE9C} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_27368
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {4B259FBA-5678-40B7-8908-620FA27017BE} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {520A0F05-2154-49EE-B204-144D32F488BC} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {5B8E9D41-3E63-472F-9740-D0CDD40C4AF4} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {98A407C3-C740-433C-A7B9-79A41D3B0720} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_27368
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {B0E549E1-CB0E-409F-B96D-5C321533A08C} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {B49950CC-F5C8-4CD1-900A-12B49940CEA4} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_27368
SearchScopes: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> {DF0FDA1F-B07D-40F0-8A63-838EDD002884} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_27368
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Pomocník pri prihlasovaní v konte Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2009-10-30] ()
Toolbar: HKLM-x32 - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30] ()
Toolbar: HKU\S-1-5-21-782316400-2823983723-2572573682-1000 -> DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2009-10-30] ()
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: (ESET Smart Security Extension) - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-11-22] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default [2017-07-25]
CHR Extension: (Prezentácie Google) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-06]
CHR Extension: (Dokumenty Google) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Disk Google) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-15]
CHR Extension: (Google Search) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tipli do prehliadača) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2017-07-19]
CHR Extension: (Tabuľky Google) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-06]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-07-19]
CHR Extension: (Google Keep – poznámky a zoznamy) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-07-18]
CHR Extension: (Rozšírenie Google Keep pre Chrome) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2016-12-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-12]
CHR Extension: (Gmail) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-15]
CHR HKU\S-1-5-21-782316400-2823983723-2572573682-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [42360 2010-08-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [810144 2010-08-12] (ESET)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [836904 2007-08-08] (Nero AG)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG)
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [168544 2010-07-29] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-07-29] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [171152 2010-07-29] (ESET)
R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [33632 2010-07-29] (ESET)
R2 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [50624 2010-07-29] (ESET)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-11-22] () [File not signed]
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()
U3 axnodvuy; C:\Windows\System32\Drivers\axnodvuy.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-25 19:50 - 2017-07-25 19:51 - 00020312 _____ C:\Users\Juraj\Downloads\FRST.txt
2017-07-25 19:50 - 2017-07-25 19:50 - 00000000 ____D C:\FRST
2017-07-25 19:49 - 2017-07-25 19:49 - 02382336 _____ (Farbar) C:\Users\Juraj\Downloads\FRST64.exe
2017-07-25 19:10 - 2017-07-25 19:10 - 00262144 _____ C:\Windows\Minidump\072517-19359-01.dmp
2017-07-25 19:01 - 2017-07-25 19:02 - 00262144 _____ C:\Windows\Minidump\072517-19500-01.dmp
2017-07-25 18:55 - 2017-07-25 19:09 - 00000000 ____D C:\AdwCleaner
2017-07-24 21:42 - 2017-07-24 21:42 - 00281454 _____ C:\Users\Juraj\Desktop\Košík _ GAFA AUTODIELY.pdf
2017-07-23 20:25 - 2017-07-23 20:25 - 00103359 _____ C:\Users\Juraj\Downloads\231934610.pdf
2017-07-15 20:05 - 2017-07-15 20:05 - 02458632 _____ (Megaify Software ) C:\Users\Juraj\Downloads\DriverToolkitInstaller.exe
2017-07-15 20:00 - 2017-07-15 20:00 - 00518058 _____ C:\Users\Juraj\Downloads\Nepotvrdené 872854.crdownload
2017-07-15 19:51 - 2017-07-15 19:51 - 00000000 ___HD C:\$Windows.~WS
2017-07-15 19:50 - 2017-07-15 19:50 - 18357776 _____ (Microsoft Corporation) C:\Users\Juraj\Downloads\MediaCreationTool.exe
2017-07-15 18:17 - 2017-07-15 18:46 - 00000432 __RSH C:\ProgramData\ntuser.pol
2017-07-15 14:39 - 2017-07-15 14:39 - 00000000 ____D C:\ProgramData\redistpart
2017-07-15 14:38 - 2017-07-15 14:38 - 00000000 ____D C:\ProgramData\formatpart
2017-07-15 14:34 - 2017-07-15 14:34 - 00000000 ____D C:\ProgramData\launcher
2017-07-15 14:34 - 2017-07-15 14:34 - 00000000 ____D C:\ProgramData\explauncher
2017-07-15 14:34 - 2017-07-15 14:34 - 00000000 ____D C:\ProgramData\deletepart
2017-07-15 14:31 - 2017-07-15 14:31 - 00000000 ____D C:\Program Files\Paragon Software

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-25 19:15 - 2009-07-14 07:13 - 00805410 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-25 19:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-07-25 19:10 - 2015-08-30 10:39 - 00000000 ____D C:\Windows\Minidump
2017-07-25 19:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-24 19:39 - 2014-11-22 21:27 - 00000000 ____D C:\Users\Juraj\AppData\Roaming\uTorrent
2017-07-24 19:37 - 2017-06-06 17:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter
2017-07-24 19:35 - 2017-06-07 22:32 - 00003348 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2017-07-23 09:28 - 2015-02-08 16:13 - 00000000 ____D C:\Users\Juraj\AppData\Local\Windows Live
2017-07-18 23:04 - 2014-11-22 23:07 - 00000000 ____D C:\Users\Juraj\AppData\Roaming\Skype
2017-07-18 19:03 - 2009-07-14 06:45 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-18 19:03 - 2009-07-14 06:45 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-17 21:42 - 2015-12-27 23:30 - 00042801 _____ C:\Users\Juraj\Desktop\Ohrievace.xlsx
2017-07-15 19:51 - 2014-11-22 16:47 - 00000000 ____D C:\Windows\Panther
2017-07-15 18:17 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-07-15 18:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-07-15 14:30 - 2014-11-22 18:46 - 00000000 ____D C:\Users\Juraj\AppData\Local\Downloaded Installations
2017-07-15 14:29 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-07-11 22:07 - 2014-12-30 18:50 - 00004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-07-11 22:07 - 2014-12-30 18:49 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-07-11 22:07 - 2014-12-30 18:49 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-11 22:06 - 2014-12-30 18:49 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-07-11 22:06 - 2014-12-30 18:49 - 00000000 ____D C:\Windows\system32\Macromed
2017-07-11 14:30 - 2016-04-27 16:03 - 00000000 ____D C:\Users\Juraj\AppData\Local\CrashDumps
2017-07-11 01:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2017-06-27 21:24 - 2014-11-22 19:24 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories =======

2014-11-22 19:00 - 2014-11-22 19:00 - 6000640 _____ () C:\Program Files (x86)\GUT61CF.tmp
2015-10-11 21:14 - 2015-10-11 21:14 - 0000209 _____ () C:\Users\Juraj\AppData\Roaming\JURAJ-PC.MTBF.txt
2015-10-11 21:15 - 2015-10-11 21:28 - 0000861 _____ () C:\Users\Juraj\AppData\Roaming\__AvidCloudManager.log
2015-10-11 21:15 - 2015-10-11 21:20 - 0000959 _____ () C:\Users\Juraj\AppData\Roaming\__AvidCloudManagerPrevious.log
2015-05-15 18:23 - 2016-10-29 20:11 - 0009216 _____ () C:\Users\Juraj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-25 18:20 - 2016-02-25 18:20 - 0000058 _____ () C:\Users\Juraj\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-10-24 23:06 - 2015-10-24 23:06 - 0000001 _____ () C:\Users\Juraj\AppData\Local\llftool.4.40.agreement
2015-08-28 23:59 - 2015-08-28 23:59 - 0007605 _____ () C:\Users\Juraj\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2009-07-14 01:38] - [2014-11-26 20:07] - 1008640 _____ (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2009-07-14 01:24] - [2014-11-26 20:07] - 0833024 _____ (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-12 18:06

==================== End of FRST.txt ============================

Jak je na tom váš oper. systém s legalitou?

mam 64bit verzou WIn od kupi NB

OK. Teď udělejte sken OTL:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<. Dejte oba logy.

OTL logfile created on: 25. 7. 2017 20:54:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Juraj\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,91 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 27,23% Memory free
7,82 Gb Paging File | 4,53 Gb Available in Paging File | 57,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 39,90 Gb Total Space | 1,55 Gb Free Space | 3,88% Space Free | Partition Type: NTFS
Drive D: | 30,00 Gb Total Space | 3,61 Gb Free Space | 12,05% Space Free | Partition Type: NTFS
Drive E: | 50,00 Gb Total Space | 0,51 Gb Free Space | 1,03% Space Free | Partition Type: NTFS
Drive F: | 476,17 Gb Total Space | 16,93 Gb Free Space | 3,56% Space Free | Partition Type: NTFS

Computer Name: JURAJ-PC | User Name: Juraj | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2017/07/25 20:53:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Juraj\Downloads\OTL.exe
PRC - [2015/11/11 22:57:01 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\Juraj\AppData\Local\Microsoft\BingSvc\BingSvc.exe
PRC - [2014/05/27 14:58:30 | 002,139,328 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
PRC - [2012/09/23 21:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/20 12:01:06 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011/05/10 20:47:00 | 002,009,704 | R--- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/03/30 15:42:34 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011/03/30 15:42:32 | 001,321,296 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011/03/30 15:42:30 | 000,923,984 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011/03/30 15:42:28 | 000,985,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2011/01/10 17:56:14 | 000,999,936 | ---- | M] (Imtiger Software Inc.) -- C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe
PRC - [2010/10/07 15:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/09/23 17:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010/08/17 15:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/08/12 15:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2010/07/09 23:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
PRC - [2009/12/15 11:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/10/30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009/06/19 11:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 11:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 18:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/01/30 11:35:16 | 000,451,920 | ---- | M] (ACD Systems) -- C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe
PRC - [2008/12/22 18:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/13 22:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007/08/03 13:51:18 | 001,422,632 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007/08/03 13:51:06 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe

========== Modules (No Company Name) ==========

MOD - [2010/09/23 17:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2007/03/13 12:28:36 | 000,823,296 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nero\Lib\log4cxx.dll

========== Services (SafeList) ==========

SRV:64bit: - [2011/05/02 15:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/05/02 15:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/05/02 15:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/04/21 10:34:16 | 001,136,640 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011/04/21 09:42:50 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2011/03/03 17:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010/11/30 14:27:58 | 000,336,824 | ---- | M] (arvato digital services llc) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:64bit: - [2010/08/12 15:18:40 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010/08/12 15:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010/04/16 17:07:42 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2017/07/11 22:07:01 | 000,272,384 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/09/20 13:54:54 | 000,324,224 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/05/27 14:58:30 | 002,139,328 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2014/04/12 00:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/09/23 21:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/10 20:47:00 | 002,009,704 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/03/30 15:42:34 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011/03/30 15:42:32 | 001,321,296 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011/03/30 15:42:30 | 000,923,984 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2009/12/15 11:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/15 18:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/11/22 21:13:19 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/05/17 14:01:08 | 000,033,872 | ---- | M] (AnvSoft Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\anvsnddrv.sys -- (anvsnddrv)
DRV:64bit: - [2011/11/24 16:16:25 | 000,083,776 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2011/11/24 16:16:25 | 000,063,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011/06/02 11:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/06/02 11:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/05/10 20:47:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/05/01 15:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/04/21 10:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011/04/21 10:09:26 | 000,294,912 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011/04/12 23:18:08 | 000,142,632 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011/03/22 19:14:04 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011/03/08 15:44:08 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011/03/08 15:44:08 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011/01/27 02:57:12 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/01/13 13:58:30 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/10/14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/22 03:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/13 12:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/08/03 20:43:14 | 000,290,920 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010/07/29 14:31:26 | 000,171,152 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2010/07/29 14:31:26 | 000,168,544 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010/07/29 14:31:26 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010/07/29 14:31:26 | 000,050,624 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2010/07/29 14:31:26 | 000,033,632 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2010/04/16 17:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/07/20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBSER.sys -- (usbser)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011/05/25 20:06:20 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 18:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.msn.com/?pc=SK2M&ocid=S [Binary data over 200 bytes]
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sk
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BD 74 1A 8E 75 06 D0 01 [binary data]
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{0B73A7D8-3068-488C-B05E-819C5574CA86}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{1F289AEE-C833-4A0E-ACCD-40E34D3AEE9C}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{4B259FBA-5678-40B7-8908-620FA27017BE}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{520A0F05-2154-49EE-B204-144D32F488BC}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{5B8E9D41-3E63-472F-9740-D0CDD40C4AF4}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{98A407C3-C740-433C-A7B9-79A41D3B0720}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{B0E549E1-CB0E-409F-B96D-5C321533A08C}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{B49950CC-F5C8-4CD1-900A-12B49940CEA4}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{DF0FDA1F-B07D-40F0-8A63-838EDD002884}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_27368
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014/11/22 22:29:05 | 000,000,000 | ---D | M]

[2017/04/04 20:47:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juraj\AppData\Roaming\mozilla\Extensions

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.13.3_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp\1.3.0_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.14.0_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki\3.1.17284.467_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi\3.1.16302.1110_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5917.424.0.7_0\

O1 HOSTS File: ([2016/01/27 20:41:56 | 000,000,862 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 update.ross-tech.com
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3:64bit: - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe ()
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [pamfax] C:\ProgramData\SquirrelMachineInstalls\pamfax.exe (PamConsult GmbH.)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe ()
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [BingSvc] C:\Users\Juraj\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation)
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [cz.seznam.software.autoupdate] "C:\Users\Juraj\AppData\Roaming\Seznam.cz\szninstall.exe" -c File not found
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [cz.seznam.software.szndesktop] "C:\Users\Juraj\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q File not found
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [Device Detector] DevDetect.exe -autorun File not found
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [DU Meter] "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart File not found
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [supertintin_skype] C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe (Imtiger Software Inc.)
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5834865-BC5E-4F04-BB26-5A318D4A8408}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/05/28 09:44:42 | 000,000,000 | ---D | M] - F:\AUTO 2 -- [ NTFS ]
O33 - MountPoints2\{7d3ccceb-7256-11e4-bca4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7d3ccceb-7256-11e4-bca4-806e6f6e6963}\Shell\AutoRun\command - "" = G:\InstAll.exe
O33 - MountPoints2\{f3c50061-897c-11e5-8047-ac72891e9a7d}\Shell - "" = AutoRun
O33 - MountPoints2\{f3c50061-897c-11e5-8047-ac72891e9a7d}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.ac3filter - ac3filter64.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.ACDV - File not found
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: VIDC.ACDV - ACDV.dll File not found
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.MP42 - C:\Windows\SysWow64\MPG4c32.dll (Microsoft Corporation)
Drivers32: vidc.MP43 - C:\Windows\SysWow64\MPG4c32.dll (Microsoft Corporation)
Drivers32: vidc.MPG4 - C:\Windows\SysWow64\MPG4c32.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2017/07/25 19:50:09 | 000,000,000 | ---D | C] -- C:\FRST
[2017/07/25 19:49:08 | 002,382,336 | ---- | C] (Farbar) -- C:\Users\Juraj\Desktop\FRST64.exe
[2017/07/25 18:55:21 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017/07/15 19:51:06 | 000,000,000 | -H-D | C] -- C:\$Windows.~WS
[2017/07/15 14:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\redistpart
[2017/07/15 14:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\formatpart
[2017/07/15 14:34:39 | 000,000,000 | ---D | C] -- C:\ProgramData\deletepart
[2017/07/15 14:34:27 | 000,000,000 | ---D | C] -- C:\ProgramData\explauncher
[2017/07/15 14:34:26 | 000,000,000 | ---D | C] -- C:\ProgramData\launcher
[2017/07/15 14:31:47 | 000,000,000 | ---D | C] -- C:\Program Files\Paragon Software
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2017/07/25 20:58:53 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2017/07/25 20:58:29 | 000,805,410 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017/07/25 20:58:29 | 000,669,418 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017/07/25 20:58:29 | 000,129,438 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017/07/25 20:58:00 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017/07/25 20:58:00 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017/07/25 19:49:58 | 002,382,336 | ---- | M] (Farbar) -- C:\Users\Juraj\Desktop\FRST64.exe
[2017/07/25 19:10:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017/07/25 19:10:24 | 3150,991,360 | -HS- | M] () -- C:\hiberfil.sys
[2017/07/24 21:42:26 | 000,281,454 | ---- | M] () -- C:\Users\Juraj\Desktop\Košík _ GAFA AUTODIELY.pdf
[2017/07/24 19:15:34 | 000,050,497 | ---- | M] () -- C:\Users\Juraj\Desktop\pink.jpg
[2017/07/15 18:46:42 | 000,000,432 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2017/07/11 22:07:00 | 000,803,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2017/07/11 22:07:00 | 000,144,896 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2017/07/25 20:58:53 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2017/07/24 21:42:26 | 000,281,454 | ---- | C] () -- C:\Users\Juraj\Desktop\Košík _ GAFA AUTODIELY.pdf
[2017/07/24 19:15:33 | 000,050,497 | ---- | C] () -- C:\Users\Juraj\Desktop\pink.jpg
[2017/07/15 18:17:57 | 000,000,432 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2016/12/24 03:14:31 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll
[2016/02/25 18:20:35 | 000,000,058 | ---- | C] () -- C:\Windows\SysWow64\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2016/02/25 18:20:35 | 000,000,058 | ---- | C] () -- C:\Users\Juraj\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2015/10/24 23:06:07 | 000,000,001 | ---- | C] () -- C:\Users\Juraj\AppData\Local\llftool.4.40.agreement
[2015/08/28 23:59:00 | 000,007,605 | ---- | C] () -- C:\Users\Juraj\AppData\Local\Resmon.ResmonCfg
[2015/06/02 21:57:43 | 000,476,280 | ---- | C] () -- C:\Users\Juraj\gym.jpg
[2015/05/15 18:23:44 | 000,009,216 | ---- | C] () -- C:\Users\Juraj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/11/22 19:56:09 | 041,421,415 | ---- | C] () -- C:\Users\Juraj\Strip Ustrica.mp4

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009/07/14 03:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/11/22 21:09:41 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\ACD Systems
[2016/02/25 18:27:38 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\AnvSoft
[2015/05/21 21:08:53 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\AVG
[2016/12/31 17:31:34 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\DAEMON Tools Lite
[2016/02/25 18:20:35 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\DonationCoder
[2015/05/21 21:05:16 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\DVDVideoSoft
[2014/11/22 22:29:34 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\ESET
[2015/10/26 18:30:02 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\HD Tune Pro
[2016/06/23 20:31:36 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\ICQ
[2016/02/16 23:40:47 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\IGC
[2014/12/08 18:30:34 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\IHlpr
[2014/12/08 18:32:16 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\ImgBurn
[2015/05/21 20:56:46 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\MAGIX
[2015/05/21 20:37:11 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Nico Mak Computing
[2014/12/08 18:29:59 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\OpenCandy
[2014/11/22 22:56:56 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Opera Software
[2016/11/06 00:45:50 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Pamela
[2016/11/06 00:42:38 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\PamFax
[2015/05/21 21:03:49 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\RPEng
[2017/04/12 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Seznam.cz
[2014/11/22 22:55:00 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\TuneUp Software
[2017/07/24 19:39:32 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\uTorrent
[2016/02/08 23:39:57 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\XnView

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,536 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2015/05/21 20:56:36 | 000,000,376 | ---- | C] () -- C:\Windows\Tasks\Power Suite.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\SysNative\drivers\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/11/22 21:09:41 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\ACD Systems
[2014/11/24 13:18:10 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Adobe
[2016/02/25 18:27:38 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\AnvSoft
[2015/05/21 21:08:53 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\AVG
[2014/11/23 18:34:24 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Corel
[2016/12/31 17:31:34 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\DAEMON Tools Lite
[2016/02/25 18:20:35 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\DonationCoder
[2015/05/21 21:05:16 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\DVDVideoSoft
[2014/11/22 22:29:34 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\ESET
[2014/11/22 22:59:23 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\GRETECH
[2015/10/26 18:30:02 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\HD Tune Pro
[2016/06/23 20:31:36 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\ICQ
[2014/11/22 18:26:02 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Identities
[2016/02/16 23:40:47 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\IGC
[2014/12/08 18:30:34 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\IHlpr
[2014/12/08 18:32:16 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\ImgBurn
[2014/11/22 18:56:34 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\InstallShield
[2014/11/22 18:53:28 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Intel
[2014/12/30 18:51:28 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Macromedia
[2015/05/21 20:56:46 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\MAGIX
[2009/07/14 09:54:31 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Media Center Programs
[2016/11/30 22:15:40 | 000,000,000 | --SD | M] -- C:\Users\Juraj\AppData\Roaming\Microsoft
[2017/04/04 20:47:59 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Mozilla
[2014/11/22 21:30:51 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Nero
[2015/05/21 20:37:11 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Nico Mak Computing
[2014/12/08 18:29:59 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\OpenCandy
[2014/11/22 22:56:56 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Opera Software
[2016/11/06 00:45:50 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Pamela
[2016/11/06 00:42:38 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\PamFax
[2015/05/21 21:03:49 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\RPEng
[2017/04/12 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Seznam.cz
[2017/07/18 23:04:44 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\Skype
[2014/11/22 22:55:00 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\TuneUp Software
[2017/07/24 19:39:32 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\uTorrent
[2016/02/08 23:39:57 | 000,000,000 | ---D | M] -- C:\Users\Juraj\AppData\Roaming\XnView

< %APPDATA%\*.exe /s >
[2014/10/02 07:31:16 | 001,922,152 | ---- | M] (Gretech Corporation) -- C:\Users\Juraj\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2016/06/15 21:51:38 | 031,057,032 | ---- | M] () -- C:\Users\Juraj\AppData\Roaming\ICQ\bin\icq.exe
[2016/06/15 21:51:23 | 049,178,248 | ---- | M] () -- C:\Users\Juraj\AppData\Roaming\ICQ\bin\icqsetup.exe
[2014/12/08 18:30:20 | 008,658,800 | ---- | M] (Aztec Media Inc) -- C:\Users\Juraj\AppData\Roaming\IHlpr\96ED02A2F3184D94885C9B9D1732FED1\SettingsManagerSetup.exe
[2014/12/08 18:31:02 | 028,369,720 | ---- | M] (TuneUp Software) -- C:\Users\Juraj\AppData\Roaming\IHlpr\9CD2F909D418455A84D48D8A0FFFAF79\TuneUpUtilities2014WORLDW15D_en-US.exe
[2014/11/22 22:43:41 | 000,786,492 | ---- | M] () -- C:\Users\Juraj\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
[2014/11/22 22:43:43 | 015,823,872 | ---- | M] () -- C:\Users\Juraj\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
[2014/11/22 22:43:41 | 000,107,008 | ---- | M] () -- C:\Users\Juraj\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
[2014/11/22 22:55:34 | 000,683,104 | ---- | M] (Opera Software) -- C:\Users\Juraj\AppData\Roaming\OpenCandy\6208B6FB20F24BE8B56ACEF852B3B4F9\Opera_NI_stable.exe
[2014/11/22 23:02:50 | 028,369,720 | ---- | M] (TuneUp Software) -- C:\Users\Juraj\AppData\Roaming\OpenCandy\72973B7378BD49B0B0F5EA45096622C4\TuneUpUtilities2014WORLDW1D_en-US.exe
[2014/11/22 22:54:32 | 028,369,720 | ---- | M] (TuneUp Software) -- C:\Users\Juraj\AppData\Roaming\OpenCandy\F9BF19443D5C42F5A632FADE617470F2\TuneUpUtilities2014WORLDW1D_en-US.exe
[2015/05/21 21:04:02 | 009,529,592 | ---- | M] (Lenovo Group Limited ) -- C:\Users\Juraj\AppData\Roaming\RPEng\889FE61DE2F34E80BB1C02CC60BD5EF0\LenovoSHAREit2.2.2-42715.exe
[2015/05/21 21:08:22 | 049,801,016 | ---- | M] (AVG Technologies) -- C:\Users\Juraj\AppData\Roaming\RPEng\F5809531706E4109A7EDD8B8956595C2\AVG-PC-TuneUp2015-2200620.exe
[2014/04/14 01:00:00 | 000,042,496 | ---- | M] () -- C:\Users\Juraj\AppData\Roaming\uTorrent\uninstall.exe
[2014/04/14 01:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Juraj\AppData\Roaming\uTorrent\utorrent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2015/05/21 20:57:43 | 000,000,376 | ---- | M] () -- C:\Windows\Tasks\Power Suite.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2014/10/30 16:45:50 | 006,501,656 | ---- | M] (Piriform Ltd)
"Device Detector" = DevDetect.exe -autorun
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2009/10/30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" -- [2007/08/03 13:51:06 | 000,202,024 | ---- | M] (Nero AG)
"BingSvc" = C:\Users\Juraj\AppData\Local\Microsoft\BingSvc\BingSvc.exe -- [2015/11/11 22:57:01 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation)
"cz.seznam.software.autoupdate" = "C:\Users\Juraj\AppData\Roaming\Seznam.cz\szninstall.exe" -c
"cz.seznam.software.szndesktop" = "C:\Users\Juraj\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
"supertintin_skype" = C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe /start_context sys_auto -- [2011/01/10 17:56:14 | 000,999,936 | ---- | M] (Imtiger Software Inc.)
"DU Meter" = "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009/07/14 03:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2017/06/23 05:21:09 | 001,197,912 | ---- | M] (Google Inc.) MD5=D387A06CD4BF5FCC1B50C3882F41A44E -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2017/07/25 20:58:53 | 000,000,512 | ---- | M] () MD5=BF28A5E9F6A7F50F56C458675680ECED -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010/07/08 11:23:11 | 002,889,544 | ---- | M] () -- \Users\Juraj\Documents\ICQ\441565366\ReceivedFiles\195159544 znac\RegCure 3.0.2 + Crack.rar
[2016/12/24 03:07:32 | 000,611,294 | ---- | M] () -- \Users\Juraj\Downloads\crack.zip

< *keygen* /s >
[2015/09/27 18:10:32 | 000,011,991 | ---- | M] () -- \Users\Juraj\AppData\Roaming\uTorrent\Sony-Vegas-10-HD-+-keygen-+-patch-+-CZ-návod.rar.torrent
[2010/11/23 01:32:34 | 035,350,650 | ---- | M] () -- \Users\Juraj\Documents\ICQ\441565366\ReceivedFiles\195159544 znac\Eagle 5.9.0 + keygen.rar
[2010/04/07 11:30:00 | 000,039,936 | ---- | M] () -- \Users\Juraj\Documents\ICQ\441565366\ReceivedFiles\195159544 znac\Eagle 5.9.0 + keygen\Eagle 5.9.0 + keygen\Keygen.exe

< *loader* /s >
[2006/10/26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader.dll
[2006/10/26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader.tlb
[2008/07/30 11:06:58 | 000,072,192 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2008/07/29 04:43:16 | 000,004,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2007/08/03 13:48:16 | 000,271,656 | ---- | M] () -- \Program Files (x86)\Common Files\Nero\Shared\NSCLoader.dll
[2014/05/27 16:15:42 | 000,597,278 | ---- | M] () -- \Program Files (x86)\Comodo\Dragon\extensions\media_downloader.crx
[2014/01/08 15:12:32 | 000,002,871 | ---- | M] () -- \Program Files (x86)\IGC\Free DWG Viewer\Igc.Loaders\loader-config.xml
[2015/02/18 17:27:02 | 000,031,516 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2005/06/07 13:25:46 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2007/08/03 12:48:14 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2007/08/03 12:48:14 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2014/12/28 14:12:49 | 000,019,765 | ---- | M] () -- \Users\Juraj\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\2.1.0.23_0\js\configLoader.js
[2014/12/28 14:12:49 | 000,002,597 | ---- | M] () -- \Users\Juraj\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\2.1.0.23_0\js\scriptLoader.js
[2017/07/12 10:37:38 | 000,003,208 | ---- | M] () -- \Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.13.3_0\skin\ajax-loader.gif
[2017/07/19 09:25:16 | 000,003,605 | ---- | M] () -- \Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.14.0_0\icons\loader.gif
[2017/07/19 09:25:16 | 000,003,208 | ---- | M] () -- \Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.14.0_0\skin\ajax-loader.gif
[2014/11/22 21:20:38 | 000,057,728 | ---- | M] () -- \Users\Juraj\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DTLite.gadget\img\dt_dadget_loader.png
[2014/01/08 15:12:32 | 000,002,871 | ---- | M] () -- \Users\Juraj\AppData\Roaming\IGC\Brava! FreeDWG Viewer\loader-config.xml
[2010/04/26 00:17:48 | 014,277,301 | ---- | M] () -- \Users\Juraj\Documents\ICQ\441565366\ReceivedFiles\264049369 Ptm\databaza_tel.cisel_by_Shadow_of_elite_uploaders_group.part1.rar
[2017/07/25 21:11:19 | 000,031,240 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-4B76CB3C.pf
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 09:44:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 09:44:39 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009/07/14 09:44:39 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009/07/14 09:44:39 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009/07/14 09:44:39 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2009/07/14 04:58:45 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2009/07/14 04:58:45 | 000,641,088 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.efi_75834aa0
[2009/07/14 04:58:45 | 000,604,192 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.exe_75835076
[2009/07/14 04:58:45 | 000,557,136 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.efi_85cd069f
[2009/07/14 04:58:45 | 000,518,352 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 09:43:41 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

OTL Extras logfile created on: 25. 7. 2017 20:54:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Juraj\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,91 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 27,23% Memory free
7,82 Gb Paging File | 4,53 Gb Available in Paging File | 57,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 39,90 Gb Total Space | 1,55 Gb Free Space | 3,88% Space Free | Partition Type: NTFS
Drive D: | 30,00 Gb Total Space | 3,61 Gb Free Space | 12,05% Space Free | Partition Type: NTFS
Drive E: | 50,00 Gb Total Space | 0,51 Gb Free Space | 1,03% Space Free | Partition Type: NTFS
Drive F: | 476,17 Gb Total Space | 16,93 Gb Free Space | 3,56% Space Free | Partition Type: NTFS

Computer Name: JURAJ-PC | User Name: Juraj | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-782316400-2823983723-2572573682-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 11.0.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 11.0.Browse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03316973-FC82-45B1-A8B4-40D97DB34C83}" = lport=445 | protocol=6 | dir=in | app=system |
"{07FB20CC-B0CA-403F-9AD2-499B69E2C7F5}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{12A38A42-0C5B-432C-AAFB-35ECA30405BE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{13A377BE-25B5-4EA0-AFE9-DDB5DF317164}" = rport=139 | protocol=6 | dir=out | app=system |
"{15C303A2-CFBC-4DD4-86ED-6A638F8341B3}" = lport=137 | protocol=17 | dir=in | app=system |
"{339EF21A-6DED-4379-B3E3-B066C9C03B45}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{37F50EF2-21E5-4582-96E5-EEFFD7F0332C}" = rport=138 | protocol=17 | dir=out | app=system |
"{5BD25D9E-E568-451A-A59D-79F534BC274B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7EB1E714-8B0B-417A-BFB7-9C96F5704255}" = lport=138 | protocol=17 | dir=in | app=system |
"{9AAA1C38-E0FE-46C2-8382-43784F8AEB19}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A8AA43B3-B37C-442A-AAFF-80161566DE9D}" = rport=445 | protocol=6 | dir=out | app=system |
"{AAD5FB7F-6974-4FE9-917A-CB1269D95DB6}" = lport=139 | protocol=6 | dir=in | app=system |
"{C26E8999-1017-4DDD-A3ED-9663AB6E6DFF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CE36CC65-47AB-414B-9098-DF3F0E8F1EF2}" = rport=137 | protocol=17 | dir=out | app=system |
"{FEE755EB-DDA2-461D-B92B-E52E17C335ED}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01DAAB7B-85C3-4C37-9298-E2B1BE278BF6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0291CFFD-F26F-4943-9330-C201EC939C59}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{05D42926-F1B1-4252-8198-55420AF32BEC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{063BCDA6-4C3D-4704-9C83-37B86540C819}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0679793A-31AE-4EA8-ABF4-7D07E4DFCD8E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2882494E-7193-467D-A9EC-B1F6C861471F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3ABDB78E-6455-4FCF-B358-178BB1F878D8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6243CBEE-02FF-4AB0-9144-BCDAF13561B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D05E9A3A-E108-4E3A-9878-958C6280C802}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D838F07E-A2AA-427C-9A18-684833E7B74C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F1F2D484-CD20-40E0-88F1-B1686747FE49}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F6EF2144-B909-4BFA-84C2-2755EEEBB09B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FCD9C270-D6AF-4258-B99A-50FBD9F21AC2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{338B6889-5C98-4439-83D8-50BB21266602}C:\users\juraj\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\juraj\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{A4B24DCE-C7D0-4A99-88C4-342549B0D355}C:\users\juraj\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\juraj\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{8EA1D92D-C873-499F-B969-BFAD72BED83C}C:\users\juraj\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\juraj\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{A28BBE3A-CC79-495D-A36D-F4F32F98532D}C:\users\juraj\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\juraj\appdata\roaming\utorrent\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 (64-Bit)
"_{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}" = Corel Graphics - Windows Shell Extension
"{006B5C65-3938-4246-B182-994A7E415EDE}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{10762393-1B90-4AC2-AF1A-4C0C04AE303F}" = CorelDRAW Graphics Suite X6 - VBA (x64)
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1967EF95-E00B-4669-8B1C-A589BE8BF24F}" = CorelDRAW Graphics Suite X6 - Capture (x64)
"{1E3A578C-0A7D-4820-990F-B7545C0B2303}" = CorelDRAW Graphics Suite X6 - VSTA (x64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{27AE72A4-B217-4CDC-B82B-3311E9D7460E}" = CorelDRAW Graphics Suite X6 - Draw (x64)
"{2C72B5E4-AA34-4F1A-8C7E-468530F9F6A3}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64)
"{35869A6C-BA31-4F23-B52D-BC1B1E41EC1B}" = CorelDRAW Graphics Suite X6 - Common (x64)
"{3933C06C-8239-432B-87FC-F2BDC5B49A10}" = CorelDRAW Graphics Suite X6 - FontNav (x64)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software
"{6099F026-0A98-4D40-9B3D-ED2123A8CBD0}" = CorelDRAW Graphics Suite X6 - Redist (x64)
"{63264409-6933-48E9-B0AD-A70367E98BAF}" = ESET Smart Security
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7386B5FA-8715-481D-821F-7785110506DF}" = CorelDRAW Graphics Suite X6 - Custom Data (x64)
"{79899C6B-E315-4A3F-8904-02DEAB8D660D}" = Corel Graphics - Windows Shell Extension 32 Bit
"{7B79AE44-9B76-4815-84E5-ACAC3F0F0278}" = CorelDRAW Graphics Suite X6 - VideoBrowser (x64)
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
"{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AAAB95-AEBE-437A-B7CA-37C7BE13FFE9}" = CorelDRAW Graphics Suite X6 - Connect (x64)
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}" = Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 268.56
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 268.56
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6294D78-AFAA-48DF-8243-B41902D7F236}" = CorelDRAW Graphics Suite X6 - CZ (x64)
"{B6DF7031-2843-44FD-9CAB-DECAB4257456}" = CorelDRAW Graphics Suite X6 - IPM
"{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 - Setup Files (x64)
"{CCE7423E-1D84-4CD3-9E32-220EC9358D97}" = CorelDRAW Graphics Suite X6 (x64)
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D7C2687D-924E-4485-B367-C7D95CBF8DDD}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64)
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DDE82E3D-20C4-48E1-AE1D-B1F10E42CA44}" = CorelDRAW Graphics Suite X6 - Writing Tools (x64)
"{E699230D-4B5E-411E-9F45-FF50789B18DD}" = CorelDRAW Graphics Suite X6 - Filters (x64)
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}" = Corel Graphics - Windows Shell Extension
"B96C1D4A95ACD188E351BBECB7D9F4E663F44BC2" = Windows Driver Package - Ross-Tech USB Driver Package (06/16/2010 2.06.02)
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.30
"Elantech" = ETDWare PS/2-X64 8.0.5.3_WHQL
"ProInst" = Intel PROSet Wireless

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{0CD05078-D4F3-4006-8726-B01E10A89B28}" = Movie Maker
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15BFD731-A10E-43E9-9D18-0F682BC0480F}" = Photo Common
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2F3E0052-438D-4D42-873C-94223F25FF7A}" = Windows Live UX Platform Language Pack
"{300578F9-9EFF-4B93-9AB1-C0E5707EF463}" = ACDSee Photo Manager 2009
"{3D2CF65C-B544-4308-B996-700D3E5F6C4C}" = Movie Maker
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{47AC83D4-C2CE-4F1F-8494-FB08066B38E3}" = Windows Live Essentials
"{5B87607E-E781-49C5-9891-80990E45BCA1}" = Fotogaléria
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{616CD10B-1EC7-41D2-8C14-3ECE93E7AEE9}_is1" = Pinnale Systems Software Keys
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}" = Skype Click to Call
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1051}" = Nero 8
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{3C3813E1-C370-4F32-9639-8B43C7C780CD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROPLUS_{685D17E5-D868-4A77-B58E-255DEBA78262}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{F67648A4-713E-4298-BBAD-A83D8283B0F3}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{00C5525B-3CB3-467D-8100-2E6FB306CD86}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002A-041B-1000-0000000FF1CE}_PROPLUS_{FE295FA2-72FC-4859-85B3-0E6685DB13A4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROPLUS_{FE295FA2-72FC-4859-85B3-0E6685DB13A4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}" = Windows Live Essentials
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{BC66852F-0928-494F-B3C1-5FF5DB4F88BC}" = Free DWG Viewer 7.3
"{BFF23267-1D19-444E-93E2-E5059BE805EA}" = Dazzle Video Capture DVC100 X64 Driver 1.06
"{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}" = Metric Collection SDK 35
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D18F29F4-3609-4FBD-8A76-57B6AC3404F3}" = Photo Common
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{DE7A4697-02F4-4D1E-828C-FC9048C7A794}_is1" = VCDS-Release-11.11.3 version 11.11.3
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}" = Windows Live UX Platform Language Pack
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F37D360D-9308-4BB1-8515-DC6B637B9486}" = Fotogalerie
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.29
"AC3Filter_is1" = AC3Filter 2.6.0b
"ACDSee 2009 Photo Manager Build 85" = Čeština do ACDSee 2009 Photo Manager Build 85
"Adobe Flash Player ActiveX" = Adobe Flash Player 26 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 26 NPAPI
"Comodo Dragon" = Comodo Dragon
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.59.505
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"ImgBurn" = ImgBurn
"MProg 3.0a" = MProg 3.0a
"ProInst" = Intel PROSet Wireless
"PROPLUS" = Microsoft Office Professional Plus 2007
"Supertintin Skype Video Call Recorder_is1" = Supertintin 1.2.0.4
"TSR Watermark Image_is1" = TSR Watermark Image software version 3.5.7.1
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-782316400-2823983723-2572573682-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"icq.desktop" = ICQ (version 10.0.12091)
"SeznamInstall" = Seznam Software

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 25. 7. 2017 14:58:29 | Computer Name = Juraj-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

Error - 25. 7. 2017 14:59:24 | Computer Name = Juraj-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Zlyhala extrakcia zoznamu koreňových certifikátov nezávislých vydavateľov
z kabinetu automatickej aktualizácie v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
s chybou: Pri overovaní s aktuálnymi systémovými hodinami alebo časovou pečiatkou
podpísaného súboru sa zistilo, že požadovaný certifikát je mimo dobu platnosti.
.

[ System Events ]
Error - 25. 7. 2017 13:07:46 | Computer Name = Juraj-PC | Source = Service Control Manager | ID = 7031
Description = Služba Rýchle načítanie sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.

Error - 25. 7. 2017 13:07:46 | Computer Name = Juraj-PC | Source = Service Control Manager | ID = 7031
Description = Služba Distributed Link Tracking Client sa neočakávane ukončila. Služba
sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná
akcia: Reštartovať službu.

Error - 25. 7. 2017 13:07:46 | Computer Name = Juraj-PC | Source = Service Control Manager | ID = 7031
Description = Služba Správca relácie Správcu okien na pracovnej ploche sa neočakávane
ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná
nasledujúca opravná akcia: Reštartovať službu.

Error - 25. 7. 2017 13:07:46 | Computer Name = Juraj-PC | Source = Service Control Manager | ID = 7034
Description = Služba Diagnostic System Host sa neočakávane ukončila. Služba sa týmto
spôsobom ukončila už 1-krát.

Error - 25. 7. 2017 13:07:46 | Computer Name = Juraj-PC | Source = Service Control Manager | ID = 7031
Description = Služba WLAN AutoConfig sa neočakávane ukončila. Služba sa týmto spôsobom
ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať
službu.

Error - 25. 7. 2017 13:07:46 | Computer Name = Juraj-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Driver Foundation - User-mode Driver Framework sa neočakávane
ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná
nasledujúca opravná akcia: Reštartovať službu.

Error - 25. 7. 2017 13:10:30 | Computer Name = Juraj-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 19:08:50 on ?25. ?7. ?2017 was unexpected.

Error - 25. 7. 2017 13:10:34 | Computer Name = JURAJ-PC | Source = BugCheck | ID = 1001
Description =

Error - 25. 7. 2017 13:11:41 | Computer Name = Juraj-PC | Source = Service Control Manager | ID = 7034
Description = Služba Bluetooth OBEX Service sa neočakávane ukončila. Služba sa týmto
spôsobom ukončila už 1-krát.

Error - 25. 7. 2017 14:13:00 | Computer Name = Juraj-PC | Source = DCOM | ID = 10001
Description =

< End of report >

Spusťte znovu OTL jako správce.
Do spodniho okna vlozte nasledujici text:

:OTL
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-782316400-2823983723-2572573682-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1000..\Run: [BingSvc] C:\Users\Juraj\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-782316400-2823983723-2572573682-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{7d3ccceb-7256-11e4-bca4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7d3ccceb-7256-11e4-bca4-806e6f6e6963}\Shell\AutoRun\command - "" = G:\InstAll.exe
O33 - MountPoints2\{f3c50061-897c-11e5-8047-ac72891e9a7d}\Shell - "" = AutoRun
O33 - MountPoints2\{f3c50061-897c-11e5-8047-ac72891e9a7d}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
Drivers32:64bit: VIDC.ACDV - File not found
Drivers32: VIDC.ACDV - ACDV.dll File not found

:files
C:\Users\Juraj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Juraj\AppData\Local\Microsoft\BingSvc
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-782316400-2823983723-2572573682-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-782316400-2823983723-2572573682-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc deleted successfully.
C:\Users\Juraj\AppData\Local\Microsoft\BingSvc\BingSvc.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-782316400-2823983723-2572573682-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d3ccceb-7256-11e4-bca4-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7d3ccceb-7256-11e4-bca4-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d3ccceb-7256-11e4-bca4-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7d3ccceb-7256-11e4-bca4-806e6f6e6963}\ not found.
File G:\InstAll.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3c50061-897c-11e5-8047-ac72891e9a7d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f3c50061-897c-11e5-8047-ac72891e9a7d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3c50061-897c-11e5-8047-ac72891e9a7d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f3c50061-897c-11e5-8047-ac72891e9a7d}\ not found.
File H:\setup_vmc_lite.exe /checkApplicationPresence not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\Drivers32 VIDC.ACDV not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.ACDV deleted successfully.
========== FILES ==========
C:\Users\Juraj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Users\Juraj\AppData\Local\Microsoft\BingSvc folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Juraj
->Temp folder emptied: 404540 bytes
->Temporary Internet Files folder emptied: 6250692 bytes
->Google Chrome cache emptied: 140120628 bytes
->Flash cache emptied: 506 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 156232 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 18899940 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 158,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Juraj
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 07252017_220711

Files\Folders moved on Reboot...
C:\Users\Juraj\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Smazáno. Nastala nějaká změna?

zial upload je stale vysoky... ked vypinem par krat po sebe wifi tak to klesne na normal ale po nejako case zas upload vystupi na vysoke hodnoty

Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Malwarebytes
www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 26.07.17
Čas skenovania: 19:31
Súbor denníka: aaa.txt
Správca: Áno

-Údaje o softvéri-
Verzia: 3.1.2.1733
Verzia súčastí: 1.0.160
Aktualizovať verziu balíka: 1.0.2443
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 7
Procesor: x64
Systém súborov: NTFS
Používateľ: Juraj-PC\Juraj

-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Výsledok: Dokončené
Preskenované objekty: 365465
Zistené hrozby: 17
Hrozby umiestnené do karantény: 0
(Nezistili sa nijaké škodlivé položky)
Uplynulý čas: 8 min, 1 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Povolené
PUM: Povolené

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Hodnota databázy Registry: 1
CrackTool.Agent.Keygen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|AutoKMS, Bez zásahu používateľa, [351], [89405],1.0.2443

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 8
PUP.Optional.IHlpr, C:\USERS\JURAJ\APPDATA\ROAMING\IHlpr\96ED02A2F3184D94885C9B9D1732FED1, Bez zásahu používateľa, [12480], [177732],1.0.2443
PUP.Optional.IHlpr, C:\USERS\JURAJ\APPDATA\ROAMING\IHlpr\9CD2F909D418455A84D48D8A0FFFAF79, Bez zásahu používateľa, [12480], [177732],1.0.2443
PUP.Optional.OpenCandy, C:\Users\Juraj\AppData\Roaming\OpenCandy\6208B6FB20F24BE8B56ACEF852B3B4F9, Bez zásahu používateľa, [546], [173202],1.0.2443
PUP.Optional.OpenCandy, C:\Users\Juraj\AppData\Roaming\OpenCandy\72973B7378BD49B0B0F5EA45096622C4, Bez zásahu používateľa, [546], [173202],1.0.2443
PUP.Optional.OpenCandy, C:\Users\Juraj\AppData\Roaming\OpenCandy\96ED02A2F3184D94885C9B9D1732FED1, Bez zásahu používateľa, [546], [173202],1.0.2443
PUP.Optional.OpenCandy, C:\Users\Juraj\AppData\Roaming\OpenCandy\9CD2F909D418455A84D48D8A0FFFAF79, Bez zásahu používateľa, [546], [173202],1.0.2443
PUP.Optional.OpenCandy, C:\Users\Juraj\AppData\Roaming\OpenCandy\F9BF19443D5C42F5A632FADE617470F2, Bez zásahu používateľa, [546], [173202],1.0.2443
PUP.Optional.OpenCandy, C:\USERS\JURAJ\APPDATA\ROAMING\OpenCandy, Bez zásahu používateľa, [546], [173202],1.0.2443

Súbor: 8
PUP.Optional.IHlpr, C:\Users\Juraj\AppData\Roaming\IHlpr\96ED02A2F3184D94885C9B9D1732FED1\SettingsManagerSetup.exe, Bez zásahu používateľa, [12480], [177732],1.0.2443
PUP.Optional.IHlpr, C:\Users\Juraj\AppData\Roaming\IHlpr\9CD2F909D418455A84D48D8A0FFFAF79\TuneUpUtilities2014WORLDW15D_en-US.exe, Bez zásahu používateľa, [12480], [177732],1.0.2443
PUP.Optional.OpenCandy, C:\Users\Juraj\AppData\Roaming\OpenCandy\6208B6FB20F24BE8B56ACEF852B3B4F9\Opera_NI_stable.exe, Bez zásahu používateľa, [546], [173202],1.0.2443
PUP.Optional.OpenCandy, C:\Users\Juraj\AppData\Roaming\OpenCandy\72973B7378BD49B0B0F5EA45096622C4\TuneUpUtilities2014WORLDW1D_en-US.exe, Bez zásahu používateľa, [546], [173202],1.0.2443
PUP.Optional.OpenCandy, C:\Users\Juraj\AppData\Roaming\OpenCandy\F9BF19443D5C42F5A632FADE617470F2\TuneUpUtilities2014WORLDW1D_en-US.exe, Bez zásahu používateľa, [546], [173202],1.0.2443
CrackTool.Agent.Keygen, C:\WINDOWS\AUTOKMS.EXE, Bez zásahu používateľa, [351], [89405],1.0.2443
Trojan.Agent, C:\USERS\JURAJ\DESKTOP\VAGCOM11.11-FRENCH.ZIP, Bez zásahu používateľa, [24], [269851],1.0.2443
RiskWare.Tool.HCK, C:\USERS\JURAJ\DOWNLOADS\CRACK.ZIP, Bez zásahu používateľa, [2283], [65610],1.0.2443

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)

(end)

Všechny nalezené položky smažte.

VIRY.CZ

vysoky upload

vysoky upload

Re: vysoky upload

Re: vysoky upload

Re: vysoky upload

Re: vysoky upload

Re: vysoky upload

Re: vysoky upload

Re: vysoky upload

Re: vysoky upload

Re: vysoky upload

Re: vysoky upload

Re: vysoky upload

Re: vysoky upload

Re: vysoky upload

Re: vysoky upload