prosim o kontrolu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

ransik
Level 1.5
Level 1.5
Příspěvky: 133
Registrován: leden 16
Pohlaví: Muž

Re: prosim o kontrolu

Příspěvekod ransik » 23 kvě 2017 20:27

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\
CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\

O1 HOSTS File: ([2017.05.14 13:39:04 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4:64bit: - HKLM..\Run: [ZAM] C:\programy\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
O4 - HKLM..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe (iSkySoft)
O4 - HKLM..\Run: [Raptr] C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe (Raptr, Inc)
O4 - HKLM..\Run: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [XPE] C:\Program Files (x86)\XPE Windows 10 DPI Fix\XPEWindows10_DPI.exe (XPExplorer.com - 2016)
O4 - HKCU..\Run: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\programy\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleNetIDList = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ab658422-083b-4799-8f6d-44ca0c7b0831}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\WINDOWS\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015.07.29 17:10:07 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2017.05.23 19:21:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe
[2017.05.15 20:55:36 | 000,000,000 | ---D | C] -- C:\Soubory Laďa
[2017.05.15 20:48:11 | 000,000,000 | ---D | C] -- C:\FRST
[2017.05.15 20:47:27 | 002,429,952 | ---- | C] (Farbar) -- C:\Users\Asus\Desktop\FRST64.exe
[2017.05.14 14:11:14 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2017.05.14 14:01:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2017.05.14 13:59:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2017.05.14 13:59:01 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\Temp
[2017.05.14 13:38:19 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zamguard64.sys
[2017.05.14 13:38:19 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zam64.sys
[2017.05.14 13:38:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
[2017.05.14 13:37:59 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\Zemana
[2017.05.14 10:00:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\catroot2
[2017.05.13 15:19:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2017.05.13 15:19:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Application Data
[2017.05.13 14:45:23 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamicsoft
[2017.05.13 14:44:31 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Roaming\Yamicsoft
[2017.05.13 09:42:42 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Asus\Desktop\HijackThis.exe
[2017.04.30 07:41:26 | 000,000,000 | ---D | C] -- C:\Users\Asus\AppData\Local\AMD
[2017.04.29 17:05:10 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2017.04.29 16:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2017.04.29 16:56:54 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2017.04.28 15:28:11 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2017.04.28 15:27:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2017.04.28 11:08:40 | 000,000,000 | ---D | C] -- C:\Users\Asus\Desktop\call of duty 2 cz
[1 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2017.05.23 19:32:12 | 003,083,149 | ---- | M] () -- C:\WINDOWS\ZAM.krnl.trace
[2017.05.23 19:32:11 | 003,164,118 | ---- | M] () -- C:\WINDOWS\ZAM_Guard.krnl.trace
[2017.05.23 19:22:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asus\Desktop\OTL.exe
[2017.05.23 06:35:47 | 536,219,647 | -HS- | M] () -- C:\hiberfil.sys
[2017.05.23 06:35:45 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017.05.16 19:40:29 | 000,002,220 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2017.05.16 09:33:19 | 002,036,902 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017.05.16 09:33:19 | 000,842,644 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2017.05.16 09:33:19 | 000,826,832 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2017.05.16 09:33:19 | 000,192,218 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2017.05.16 09:33:19 | 000,171,820 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2017.05.16 09:26:52 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2017.05.16 09:25:26 | 002,429,952 | ---- | M] (Farbar) -- C:\Users\Asus\Desktop\FRST64.exe
[2017.05.14 13:39:04 | 000,000,753 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2017.05.14 13:38:19 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zamguard64.sys
[2017.05.14 13:38:19 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zam64.sys
[2017.05.14 13:38:18 | 000,001,691 | ---- | M] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2017.05.14 13:37:07 | 000,024,064 | ---- | M] () -- C:\WINDOWS\zoek-delete.exe
[2017.05.14 13:36:28 | 001,309,184 | ---- | M] () -- C:\Users\Asus\Desktop\zoek.exe
[2017.05.14 09:22:36 | 000,028,272 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2017.05.13 15:55:18 | 004,970,688 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017.05.13 14:45:27 | 000,000,890 | ---- | M] () -- C:\Users\Asus\Desktop\Windows 10 Manager.lnk
[2017.05.13 14:45:27 | 000,000,880 | ---- | M] () -- C:\Users\Asus\Desktop\1-Click Cleaner.lnk
[2017.05.13 14:42:02 | 000,001,743 | ---- | M] () -- C:\Users\Asus\Desktop\CrystalDiskInfo.lnk
[2017.05.13 13:31:07 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2017.05.13 09:44:29 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Asus\Desktop\HijackThis.exe
[2017.04.28 15:28:02 | 000,001,561 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 2 Singleplayer.lnk
[2017.04.28 15:28:02 | 000,001,561 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 2 Multiplayer.lnk
[2017.04.28 15:27:31 | 000,000,282 | ---- | M] () -- C:\WINDOWS\game.ini
[2017.04.28 00:15:36 | 000,097,542 | ---- | M] () -- C:\Users\Asus\Desktop\i_love_russia_by_ariyan_iran-d9c15s6.jpg
[1 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2017.05.14 13:59:01 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2017.05.14 13:38:24 | 003,161,267 | ---- | C] () -- C:\WINDOWS\ZAM_Guard.krnl.trace
[2017.05.14 13:38:24 | 003,080,430 | ---- | C] () -- C:\WINDOWS\ZAM.krnl.trace
[2017.05.14 13:38:18 | 000,001,691 | ---- | C] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2017.05.14 13:36:26 | 001,309,184 | ---- | C] () -- C:\Users\Asus\Desktop\zoek.exe
[2017.05.13 15:55:07 | 004,970,688 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017.05.13 14:45:26 | 000,000,890 | ---- | C] () -- C:\Users\Asus\Desktop\Windows 10 Manager.lnk
[2017.05.13 14:45:25 | 000,000,880 | ---- | C] () -- C:\Users\Asus\Desktop\1-Click Cleaner.lnk
[2017.05.13 14:42:02 | 000,001,743 | ---- | C] () -- C:\Users\Asus\Desktop\CrystalDiskInfo.lnk
[2017.04.28 15:28:02 | 000,001,561 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 2 Singleplayer.lnk
[2017.04.28 15:28:02 | 000,001,561 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 2 Multiplayer.lnk
[2017.04.28 15:27:31 | 000,000,282 | ---- | C] () -- C:\WINDOWS\game.ini
[2017.04.28 00:15:35 | 000,097,542 | ---- | C] () -- C:\Users\Asus\Desktop\i_love_russia_by_ariyan_iran-d9c15s6.jpg
[2016.11.25 18:52:18 | 000,221,184 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\ServiceHelp.dll
[2016.11.25 17:34:20 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2016.11.25 17:31:21 | 000,015,232 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AsIO.sys
[2016.11.25 17:31:21 | 000,011,832 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AsInsHelp64.sys
[2016.11.25 17:31:21 | 000,010,216 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AsInsHelp32.sys
[2016.11.16 00:37:16 | 000,638,976 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll
[2016.11.16 00:37:16 | 000,235,520 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll
[2016.09.18 20:59:37 | 001,862,000 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016.05.31 23:25:51 | 000,162,816 | ---- | C] () -- C:\WINDOWS\SysWow64\MTF.dll
[2016.03.13 14:16:38 | 000,707,354 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2016.03.13 14:10:10 | 000,002,576 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2016.02.10 17:19:32 | 000,014,464 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AsUpIO.sys
[2015.12.30 17:47:10 | 000,000,024 | ---- | C] () -- C:\WINDOWS\SetupTemp.ini
[2015.12.16 21:26:37 | 001,949,904 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2015.12.16 21:23:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2015.12.16 21:21:28 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2015.12.16 21:07:40 | 000,152,560 | ---- | C] () -- C:\WINDOWS\SysWow64\atieah32.exe
[2015.12.16 21:07:40 | 000,111,088 | ---- | C] () -- C:\WINDOWS\SysWow64\hsa-thunk.dll
[2015.12.16 21:07:38 | 001,004,032 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2015.12.16 21:07:36 | 000,807,424 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2015.12.16 21:07:34 | 000,198,640 | ---- | C] () -- C:\WINDOWS\SysWow64\amdgfxinfo32.dll
[2015.12.16 21:07:34 | 000,132,080 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2015.10.30 09:24:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2015.10.30 09:24:43 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2015.10.30 09:18:39 | 000,164,224 | ---- | C] () -- C:\WINDOWS\SysWow64\weretw.dll
[2015.10.30 09:18:36 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2015.10.30 09:18:36 | 000,047,104 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2015.10.30 09:18:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2015.10.30 09:18:31 | 000,252,928 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2015.10.30 09:18:31 | 000,029,184 | ---- | C] () -- C:\WINDOWS\SysWow64\dtdump.exe
[2015.10.30 09:18:29 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2015.10.30 09:18:29 | 000,293,376 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2015.10.30 09:18:26 | 000,022,528 | ---- | C] () -- C:\WINDOWS\SysWow64\efsext.dll
[2015.10.30 09:18:25 | 000,002,269 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2015.10.30 09:18:23 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2015.10.30 09:17:40 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2015.08.22 02:54:10 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2015.08.22 02:54:10 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2015.07.05 00:07:05 | 000,000,424 | ---- | C] () -- C:\Users\Asus\AppData\Local\UserProducts.xml

========== ZeroAccess Check ==========

[2016.01.14 19:38:28 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016.09.07 07:23:32 | 006,605,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016.09.07 07:21:01 | 005,240,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015.10.30 09:17:43 | 000,987,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2015.10.30 09:18:21 | 000,765,440 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016.09.07 06:35:09 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.11.09 00:06:36 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\.huntedcowcache
[2014.12.25 16:37:11 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\AMD
[2017.05.13 15:35:48 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Anvsoft
[2017.03.01 21:13:46 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\avidemux
[2015.01.23 17:22:47 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\BANDISOFT
[2017.02.06 10:53:32 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Canneverbe Limited
[2016.04.06 17:13:36 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\DAEMON Tools Lite
[2015.10.26 12:22:57 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Dropbox
[2017.01.06 13:34:07 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\EncryptStick
[2016.11.25 12:49:25 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\freepicturesolutions
[2016.04.06 17:17:03 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\InfraRecorder
[2017.04.02 15:25:27 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\IObit
[2014.12.19 18:04:53 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\library_dir
[2016.07.10 21:05:22 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Mp3tag
[2017.05.06 20:48:27 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\MPC-HC
[2017.02.27 11:50:52 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Octoshape
[2016.12.18 23:21:21 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\PlaysTV
[2017.04.29 16:41:59 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Raptr
[2015.04.25 11:35:00 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Samsung
[2016.07.10 21:13:14 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Seznam.cz
[2016.07.10 21:05:22 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Sony
[2016.07.10 21:05:22 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Spotify
[2017.05.13 15:23:19 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TeamViewer
[2017.05.23 19:29:22 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\TS3Client
[2016.07.10 21:05:22 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\vibranceGUI
[2017.05.13 14:44:31 | 000,000,000 | ---D | M] -- C:\Users\Asus\AppData\Roaming\Yamicsoft

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\OpenCL.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\NlsLexicons0009.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\NlsData0009.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\MSMPEG2ENC.DLL:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\mshtmlmedia.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\mfreadwrite.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\MFPlay.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\mantleaxl32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\mantle32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\hsa-thunk.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\dns-sd.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\detoured.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\BackgroundTransferHost.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atiuxpag.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atiumdva.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atiumdag.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atiu9pag.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atioglxx.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atimpc32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atiglpxx.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atigktxx.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atieah32.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atidxx32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\aticfx32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\aticalrt.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\aticaldd.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\aticalcl.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atiadlxy.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atiadlxx.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdxc32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdpcom32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdocl12cl.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdocl_ld32.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdocl_as32.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdocl.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdmmcl.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdmantle32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdlvr32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdhdl32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdgfxinfo32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\difxapi.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\programy\CCleaner\CCleaner64.exe:$CmdTcID

< End of report >



Reklama
ransik
Level 1.5
Level 1.5
Příspěvky: 133
Registrován: leden 16
Pohlaví: Muž

Re: prosim o kontrolu

Příspěvekod ransik » 23 kvě 2017 20:34

OTL Extras logfile created on: 23.5.2017 19:23:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Asus\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

6,00 Gb Total Physical Memory | 1,33 Gb Available Physical Memory | 22,12% Memory free
9,44 Gb Paging File | 4,23 Gb Available in Paging File | 44,79% Paging File free
Paging file location(s): c:\pagefile.sys 3526 3526 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 930,97 Gb Total Space | 669,37 Gb Free Space | 71,90% Space Free | Partition Type: NTFS

Computer Name: ASUS-PC | User Name: Asus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\programy\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\programy\Adobe Photoshop cs6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc64.enqueue] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc64.play] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" (MPC-HC Team)
Directory [PlayWithVLC] -- "C:\programy\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\programy\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\programy\Adobe Photoshop cs6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc64.enqueue] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc64.play] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" (MPC-HC Team)
Directory [PlayWithVLC] -- "C:\programy\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = B7 BA 44 3C 3A 38 D1 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== System Restore Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2B3179C0-4536-4731-8B87-D74B010D26DD}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{3733C92E-EC05-4014-B40F-9E9C9CEC76FE}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{740197B5-9B91-43DC-9448-5F2FAA99E4ED}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{8C4C9F01-E6ED-4EE4-A861-ED9D6069E637}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B5260BDB-C768-48AB-9FB4-BF882CC63983}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{DC5FA52D-2EA4-4A63-8CD3-CE3CF4B3D717}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

ransik
Level 1.5
Level 1.5
Příspěvky: 133
Registrován: leden 16
Pohlaví: Muž

Re: prosim o kontrolu

Příspěvekod ransik » 23 kvě 2017 20:35

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00002074-2C9F-4984-B1D5-59B5517CCE0D}" = dir=out | name=xbox |
"{0089193B-A7ED-402F-814F-AC969620C031}" = dir=out | name=blockuse |
"{00A5F06A-5171-4FD9-B25F-8F6CD154F0EB}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{010854F8-9DA9-4F87-B038-B3A7641180E3}" = dir=out | name=asus welcome |
"{02AE4DE3-55E1-4828-83C8-C6F09DD1C636}" = dir=in | app=c:\programy\itunes\itunes.exe |
"{03F8B1C1-7527-4EB4-8703-3A0A41E1DD4A}" = dir=out | name=windowsdvdplayer |
"{04703B40-7ABF-48E3-8799-DA1ADBAD8954}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{065F3F36-56A2-4E7B-924F-38E480177DE9}" = dir=out | name=@{microsoft.commsphone_2.12.14001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{0852BE4A-ED56-436F-98E1-352403FBC7CE}" = dir=out | name=@{microsoft.3dbuilder_10.10.38.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{096D498C-51EB-4D6B-8994-DC2EAADB5E3D}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{09D532EE-27F9-4F08-9F66-590DDC467BDD}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.6525.42271.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{0A0432B8-D6C1-4B4D-B7E5-DFC95A573C55}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{0C7FBEAE-1D34-4650-AE8F-1C13B2EE6709}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{0CFC7911-98F1-4C27-96BF-BFC9F2C05C99}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{10A28171-163D-4F30-B4B2-2F4FEF2DB663}" = dir=out | name=@{microsoft.microsoftofficehub_17.6605.23751.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{11F4E3AC-DF97-433F-B9A1-3250C2D2F6C6}" = dir=in | name=@{microsoft.windows.photos_15.1208.10480.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{127B355D-7680-45D1-8346-785D31E0300A}" = dir=out | name=onenote |
"{12A0888F-5D7B-4A5A-AC66-3637D92E0547}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{12EA1FF1-F28F-40B1-95B3-07AB57F5490F}" = dir=out | name=@{microsoft.messaging_2.12.15004.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{13BD204E-1E22-4AE4-9602-8E84DD500672}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{1403209F-08A9-4BC2-82CE-3A3981DB3D95}" = dir=out | name=@{microsoft.3dbuilder_10.10.38.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{148C6FE3-5B2C-428B-9DE0-C0110B015AF6}" = protocol=17 | dir=in | app=c:\hry\steam\steam.exe |
"{14BA166A-F4C8-4240-AFFC-92018AB51B0E}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{1737841B-E9AB-4978-9066-BBEE5D3726ED}" = dir=out | name=blockjapan |
"{17803F5D-15F1-4602-9E0E-A062BE93C652}" = dir=out | name=@{microsoft.zunemusic_3.6.15131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{192ED938-7700-4000-9608-31614C9CD8CD}" = dir=out | name=microsoft solitaire collection |
"{1B61DD92-C957-471A-A35E-5A55FDE4F450}" = dir=out | name=blockdxb |
"{1BAD3C8C-DCEA-4686-AB9E-458AE31E257B}" = dir=out | name=@{microsoft.zunevideo_3.6.15731.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{1C5B84AF-2DD8-4288-BEED-0634A4F5F70E}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{1C768810-C46B-467B-A806-368341466AEA}" = dir=out | name=twitter |
"{1CA23A57-2ED8-4226-A1A2-5EC1D473BFDE}" = dir=out | name=@{microsoft.bingweather_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{1CF79228-A57E-454A-8AC1-7A513207324E}" = dir=out | name=blockuss |
"{1D6A4B45-52F2-4253-85A1-62BE8113EE93}" = dir=in | name=@{microsoft.windowsstore_2015.25.15.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{1DBF5497-7A59-4D13-8352-84231ADE6660}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\eldevin\eldevin.exe |
"{1DC2B315-5B57-4FFD-8C73-F9A370A3E1E6}" = dir=out | name=@{microsoft.bingsports_4.7.130.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{1DD273CE-F579-4B35-92FB-1708831B8307}" = dir=in | name=@{microsoft.bingweather_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{1DE5D060-2040-4665-A2AE-4F2BE4306351}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr inc\playstv\playstv.exe |
"{1E746323-BB98-4A3D-90F8-CEA881ECA2BF}" = dir=in | name=@{microsoft.bingfinance_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{1E8849F5-7F69-42CD-BE13-AE6DD5C57D9A}" = dir=out | name=@{microsoft.windowsstore_2015.25.15.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{2048261D-F7F2-4731-91BF-0BC2657C3B6C}" = dir=out | name=twitter |
"{21525281-0F5E-42AC-92A5-56DE9EB80E21}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.6525.42271.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{2258F562-D156-40AA-8FEF-4E7BEA308971}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.6525.42271.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{23E4E6FC-BB8B-43AF-8277-EB3BDA0FA9C9}" = dir=in | name=sway |
"{29514E77-602C-4934-A9A1-213BD524291C}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{2A560725-6F5F-43DB-984A-D106E93DF389}" = dir=out | name=blockeuw |
"{2B7522BB-7C84-48DD-990C-69107122B11D}" = dir=out | name=@{microsoft.windowsphone_10.1511.18010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{2CC3AAE7-27E4-4187-93B7-D91285290762}" = dir=out | name=@{microsoft.windows.photos_15.1208.10480.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{2D12C35E-D624-496D-A6A8-09FB5667F58D}" = dir=in | name=@{microsoft.bingfinance_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{2D2C05EA-2FB4-4104-ABB8-A5818449D069}" = dir=in | name=@{microsoft.bingsports_4.7.130.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{2D5B3ABD-915A-4307-99DD-9CCD85C01B45}" = dir=out | name=windowsdvdplayer |
"{2DC75F55-9003-4AAE-8E4B-ADEF02C054FE}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{2EDF15E0-FAB0-4E52-8F58-3311AFD70B2A}" = dir=in | name=@{microsoft.windowsstore_2015.25.15.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{301F3697-6FF2-40E0-9C7A-77E6B6775DD3}" = dir=out | name=@{microsoft.3dbuilder_10.10.38.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{30BD15B7-D0E5-4225-AEEE-AB07DB2F0FDA}" = dir=out | name=@{microsoft.bingweather_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{322B644F-9B90-4D5D-82B4-452F503B50A8}" = dir=out | name=blockeun |
"{32891331-017C-4160-B357-57B76C465988}" = dir=out | name=@{microsoft.connectivitystore_1.1511.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{32E8E8A5-1DD9-48A1-8376-D19D6D87FE6F}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{34321EC5-7DCA-456A-A4F6-EE7BECBBECF3}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{3484EF9F-9F1D-43A9-891B-50427BF5EEF3}" = dir=out | name=@{microsoft.people_10.0.3450.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{36A1E089-5A76-493C-B51D-B4568F457069}" = dir=out | name=blockind |
"{37E3F20F-DE20-4516-B208-CC46191BDD72}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{38CB69D2-40F4-4DD1-B5CC-C148DA163C48}" = dir=out | name=blockusw |
"{38F26254-692C-4ECA-89CF-C0783BCDB415}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.6525.42271.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{3CE15A35-185F-4DE2-AEE4-1EEE2C52B082}" = dir=out | name=sway |
"{3DBC85AF-1327-43C2-8255-3B9B7A7409E5}" = dir=out | name=twitter |
"{422E4113-CD8A-4680-8B19-21002AEAA497}" = dir=out | name=@{microsoft.connectivitystore_1.1511.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{429DDA1A-FF04-418C-98B4-93966BC145D2}" = dir=out | name=@{microsoft.bingnews_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{43242527-6D27-4DD9-B28E-82F85FC4A73C}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{444B9436-D8AF-41AD-A618-FA32E731B87D}" = dir=out | name=@{microsoft.bingnews_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{476BF36F-37B6-4A2D-BFF5-9905175945BF}" = dir=out | name=@{microsoft.messaging_2.12.15004.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{49261C9F-641A-4939-95D6-60718CF0026C}" = dir=out | name=@{microsoft.zunemusic_3.6.15131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{492A8C12-6E4F-4E68-9337-FDF02CF65CE8}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{4BFCBBE4-0DEA-469C-B5D3-F5B7E4CCF64E}" = dir=in | name=@{microsoft.bingnews_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{4C39E49C-A44D-4569-AF5A-B2DED7BF3864}" = dir=in | name=@{microsoft.bingsports_4.7.130.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{4CD4C766-D41E-4370-8891-D53E84D4946B}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr inc\raptr\raptr_im.exe |
"{4DCA050B-FF43-4845-82D8-0B5463BBB0C4}" = dir=in | name=xbox |
"{51848022-206D-4A1D-BEA4-6F6B21C818C1}" = dir=out | name=blockbrz |
"{52C7CF2E-D8DD-4BA8-BE26-DA185BE336D8}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{52D95BC9-3D59-44E6-B9BA-848153C4237C}" = protocol=6 | dir=in | app=c:\hry\steam\steam.exe |
"{5397FE78-6133-44C6-80D9-ABD009C17E87}" = dir=in | name=@{microsoft.bingsports_4.7.130.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{543C2B22-A0BD-4903-9B06-5ECD2A81240F}" = dir=in | name=@{microsoft.windowsstore_2015.25.15.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{54C9054E-9208-403F-BF5D-9B649023A2EF}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{55D4AA45-1509-456E-9CA2-7E00D68F6F9C}" = dir=out | name=@{microsoft.windows.photos_15.1208.10480.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{585B0A29-8B29-4C78-A655-77DF100E11A8}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{5A7BE6C1-B8CD-4B01-85C4-E040773802BC}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{5ACF248D-0B9A-4EC1-AE9B-2D66C76DF96D}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{61792B35-746F-4B80-AEEE-4A85232FBAB0}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{62C72E24-B3B7-4625-933B-12E05B77E3A0}" = dir=out | name=@{microsoft.windowsmaps_4.1512.3450.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{644D40F9-0480-40F5-9B6A-9D87BF24EFF8}" = protocol=6 | dir=in | app=c:\programy\utorrent\utorrent.exe |
"{6621AF5E-8842-48AE-95C1-C6F468CFF3C0}" = dir=in | name=onenote |
"{66913AD7-C4F4-4CF7-9A19-393C59FB4AAC}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\half-life\hl.exe |
"{6758461E-7829-4EEB-BB79-E66D7E693C7A}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{695AA8C6-4618-4F4A-A092-5E85893CAE77}" = dir=out | name=@{microsoft.bingfinance_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{6A5477F2-0960-4454-83D9-4A53EA255C85}" = dir=in | name=microsoft solitaire collection |
"{6B835218-188E-4DF4-9D3D-AADBCCABCEF0}" = dir=out | name=windowsdvdplayer |
"{6BCFC525-F32F-4452-B075-D970DD0C30D3}" = dir=out | name=@{microsoft.commsphone_2.12.14001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{70CCEE0C-B27D-48AB-B467-F4039B2417E1}" = protocol=17 | dir=in | app=c:\hry\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{71250B65-8C91-4240-B78C-F4E1D807BD0F}" = protocol=6 | dir=in | app=c:\hry\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{712F9450-3467-47C3-9770-E63F731294F4}" = dir=out | name=blocksgp2 |
"{71F7F647-1344-48CD-A2C2-5B4DA0DD77B2}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{73C5B3B6-8F5A-4BED-B4B5-C5CE78D11A0F}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{741BB7FE-7A81-4D31-8C30-84AB82167EAB}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{757F3A01-24B5-42E0-9681-D16D0251966D}" = dir=out | name=@{microsoft.zunevideo_3.6.15731.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{7831351D-13BE-454D-9F35-B5EAA492AB4B}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr inc\raptr\raptr.exe |
"{783EBC0F-16DC-43F0-8FD3-9BC357994277}" = dir=out | name=@{microsoft.messaging_2.12.15004.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{7A04991E-AA86-4DA7-AB14-3CE2E66B225C}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{7A4E6C04-4A8F-4C16-8BA4-C9D2A80AA370}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{7B6A0753-FD56-41D1-A2F8-BD4E2C96D00C}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.6525.42271.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{7CF9E342-B405-4639-97B1-27405DD1164F}" = dir=out | name=@{microsoft.windowsphone_10.1511.18010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{7E299045-116D-45E5-8601-AC1BC1A315B2}" = dir=out | name=@{microsoft.bingsports_4.7.130.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{7EEC252F-DF41-44D7-8440-156185F5B249}" = dir=in | name=xbox |
"{7EF66194-B250-4197-8222-15A9B9D2471B}" = dir=in | name=@{microsoft.microsoftofficehub_17.6605.23751.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{808E7A37-B4EC-4054-9B07-C1183A3E08D6}" = dir=out | name=sway |
"{80ACBE73-77C9-4098-88ED-CE61BBE662CF}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{8272972E-2E0C-4327-A4EF-AE0F450C3F9D}" = dir=out | name=@{microsoft.getstarted_2.6.12.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{830F0E37-3CAA-44BD-86B2-FBF93C7D6A18}" = dir=in | name=microsoft solitaire collection |
"{8535F402-CBB3-4A6D-B6ED-9322DCEA0B9C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{853997E4-47D2-4EB6-9A27-3EF14A7122E3}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr inc\raptr\raptr_im.exe |
"{861D6F13-321E-41EB-A339-597B71D81CA2}" = dir=out | name=@{microsoft.bingfinance_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{87DAF9CC-E6BC-4A01-8096-5C973EEE29FA}" = dir=out | name=@{microsoft.connectivitystore_1.1511.2.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{88FE5AD0-4842-45E9-AE12-32654C27360C}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\eldevin\eldevin.exe |
"{891F0BE2-3CF9-4272-A070-3027565FE02A}" = protocol=17 | dir=in | app=c:\programy\utorrent\utorrent.exe |
"{8935603F-C0A0-4C98-97CF-BCB2726A2E40}" = dir=in | name=@{microsoft.zunevideo_3.6.15731.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{8A2DC0D8-678D-423C-89C5-F9C9A7BADE76}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{8A3AD84F-11CA-447D-9F3A-3DB7EB5E0727}" = dir=in | name=@{microsoft.messaging_2.12.15004.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{8EBEDA40-175B-4642-A850-6E74D0C256CE}" = dir=out | name=@{microsoft.windowsmaps_4.1512.3450.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{92507799-B41B-4991-A6C4-35D7EFCB132D}" = dir=in | name=@{microsoft.zunevideo_3.6.15731.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{94796B32-D80E-4D1B-A322-7312D0A98B29}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{95890050-84C3-4B43-A632-A0148E07241A}" = dir=out | name=blocksgp |
"{9631407B-802D-494F-8F39-CB028F431060}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{96C9CB08-A5B4-4E4A-B5B9-5235443EEE2B}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{974026B8-6A37-40CF-9BBD-F5443A450C45}" = dir=in | name=@{microsoft.microsoftofficehub_17.6605.23751.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{98C3B25B-F576-45F0-890D-5056145BAB56}" = dir=out | name=@{microsoft.windowsstore_2015.25.15.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{9BA7C78E-8878-4AEB-B798-1449A52C3BFE}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{9CD5E2F0-4A7E-415D-8BD3-4B6EF15FB417}" = dir=out | name=blockcpt |
"{9E21F94D-CED4-4889-88A7-B613E1F41E20}" = dir=out | name=windows_ie_ac_001 |
"{9F6D5819-77F1-44C2-BEC0-BA515DB92017}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{9F8BA017-EA6A-4C33-80B2-09499ADFE1A3}" = dir=in | name=@{microsoft.bingfinance_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{9FB02888-C06D-41E4-9FC6-7E9E4AAB8900}" = dir=out | name=@{microsoft.microsoftofficehub_17.6605.23751.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{A0224268-6CB0-450F-AE4E-9C8FD90B4745}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{A0A0D864-E237-46FC-9067-4BC6971C5967}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{A10DCE1D-638D-47AC-A7C4-A1ADABBC4A88}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{A1F6207F-85B9-487F-A9AD-8437A67A331C}" = dir=out | name=xbox |
"{A2F8AA81-D204-41E7-8E0A-E953B4D73D01}" = dir=out | name=@{microsoft.microsoftofficehub_17.6605.23751.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{A729F9C1-72D5-48B7-A94A-ABC3AE1DD70C}" = dir=out | name=candy crush soda saga |
"{A7511A3B-37FE-4D3D-A160-9FD6779BE933}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{A7DFBED0-9432-4142-AAC7-4443E7F97AF3}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{A8AD8497-0471-46E4-9028-6C233A1F38A0}" = protocol=17 | dir=in | app=c:\hry\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{A9506F44-9C95-4C0E-96F9-DA29F6CEA763}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{AA24547B-45D7-404D-9BEE-173EE18FB498}" = dir=out | name=@{microsoft.bingfinance_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{AAA08DD3-DC60-41EC-96AE-5EF80A08732C}" = dir=out | name=onenote |
"{AC1DED21-16EE-42C8-A582-561AAD5D2DD0}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{AD4481A3-304C-4FEE-878F-DF9E66329B71}" = dir=in | name=@{microsoft.messaging_2.12.15004.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{AD713EB4-8599-4C21-A04E-BEF50A42B854}" = dir=out | name=@{microsoft.getstarted_2.6.12.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{ADA6934F-BB23-402B-AE3F-D69009D5CB9E}" = dir=out | name=@{microsoft.windowsphone_10.1511.18010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{AFF9E9C0-399C-4467-9D86-3FE3A6601784}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{B2E19CEB-A118-4577-9F99-1A0877E20A19}" = dir=in | name=@{microsoft.microsoftofficehub_17.6605.23751.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{B4088A31-D0BC-4697-9F68-C2CBC4FFEC48}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{B50C8914-0943-491A-944A-E3972ECF670A}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{B59B372F-0BFA-470F-857F-AF078220E1F9}" = dir=out | name=blockhk |
"{B59E18D5-183E-4C0D-B0CA-E76EE429D3E9}" = dir=out | name=@{microsoft.people_10.0.3450.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{B5AFFE7C-D54C-4590-8815-30513DF1D638}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{B5FF62E5-B2B5-4242-B479-806FC6C1814B}" = dir=in | name=onenote |
"{B68FAE7B-8621-467A-821E-8F8B5750F7D6}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{B6ECE1B6-BEB6-4D04-8A68-FF3541527169}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{B6FA4F12-030B-4841-A083-540EF7560997}" = dir=out | name=sway |
"{B77D5752-DAAA-43AE-8EB7-44A4E3D1F766}" = dir=out | name=@{microsoft.bingsports_4.7.130.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{BA8A6696-CED6-4980-A427-10F2F530F494}" = dir=out | name=asus welcome |
"{BB673DBD-4461-432C-AC38-D0025C1C4C46}" = dir=out | name=onenote |
"{BC4C0D4E-88EF-4433-8C55-99334A176D8F}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{BFEADBA1-37B4-460E-9BB0-6FEB716377D0}" = dir=out | name=@{microsoft.bingnews_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{C0B62E10-2B11-4F67-87DD-E40949073EA1}" = dir=in | name=microsoft solitaire collection |
"{C1E1FFC0-11F8-4289-97ED-3F51EC17A11C}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{C29006DA-CDE5-4FC1-A2FF-73BC998F8F03}" = protocol=6 | dir=in | app=c:\hry\steam\steamapps\common\half-life\hl.exe |
"{C2F822AE-42EE-4A26-82AC-0DE3F22CE66F}" = dir=out | name=@{microsoft.people_10.0.3450.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{C48B2366-7352-459B-BBC0-FFD2F4BF0934}" = dir=in | name=@{microsoft.messaging_2.12.15004.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{C5C98C33-A933-4752-ACAD-B8F8F61F3F80}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{C5E532E0-3C93-44E5-8C4B-BC41029D3919}" = dir=in | name=xbox |
"{C5F8830D-441E-485F-86F2-6AA4E23945FD}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{C7CA8DA6-AA2A-4137-B27A-31C95CF12234}" = dir=in | name=sway |
"{C8CD469D-B373-4809-9887-82D052CD8F4E}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{C958B8DD-0A3A-45C6-916F-0C0963FA896D}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr inc\playstv\playstv.exe |
"{C9E854EF-B911-4BD5-A39C-A0455458D36D}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr inc\raptr\raptr.exe |
"{CA738FFC-206F-44D6-BB2A-4D309D953818}" = dir=out | name=@{microsoft.commsphone_2.12.14001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{CA82A367-01E8-4644-921F-11A2C60E7D25}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{CAA34CF2-B2B3-4DA3-A621-14CD73E3A08D}" = dir=in | name=@{microsoft.zunevideo_3.6.15731.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{CABFF9AE-3625-4BD6-95EE-2CED0326A5AC}" = dir=in | name=@{microsoft.bingnews_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{CBE5A479-DD93-4DE1-BCEE-4899CEE5BDD9}" = dir=out | name=blockpoland |
"{CC921546-DA0C-4D4A-8AA8-EE59BF543877}" = dir=out | name=blockaus |
"{CCF07555-3527-451F-8824-CA84921C15EF}" = protocol=17 | dir=in | app=c:\programy\mozilla firefox\firefox.exe |
"{CD1D2E60-E855-49AD-BABE-491B44BF745E}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{D31F2EF0-E301-41C7-839B-D92B32852278}" = dir=out | name=@{microsoft.bingweather_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{D33A0528-20E9-4DCB-945D-A805F1EBDDA6}" = dir=out | name=xbox |
"{D45BA19C-E167-40E9-8589-813087E3A622}" = dir=out | name=blockusse |
"{D50706AB-4D15-4722-8B62-416E23B55D99}" = dir=in | name=sway |
"{D5E1307F-C7F5-45A2-83B7-69BDBF05DB10}" = dir=in | name=@{microsoft.windows.photos_15.1208.10480.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{D6B29C5E-B0A6-47F0-B831-48326B89F38E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DA8D4FEC-61FF-435E-A468-453C6DABE878}" = dir=out | name=@{microsoft.windowsstore_2015.25.15.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{DA8E3E65-DC70-4218-AB45-A68FEE1079F7}" = dir=in | name=@{microsoft.bingnews_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{DAB6A1B0-C636-41FD-AB81-601BB5285444}" = dir=out | name=@{microsoft.windowsmaps_4.1512.3450.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{DCD71A02-DC75-418A-9033-D76DD8B5B1A6}" = dir=in | name=@{microsoft.bingweather_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{DE4DD9DA-627E-4A9D-BE98-CE1717D339D1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DEC25191-1903-4D39-AC50-57A3569E5E52}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E3EA32CF-59FA-47F2-8A4E-FB3660C768D3}" = dir=in | name=@{microsoft.bingweather_4.7.118.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{E73DBB08-5A09-4255-A7C4-8EB1F50F8479}" = dir=in | name=@{microsoft.windows.photos_15.1208.10480.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{EA512439-EB50-42B5-8631-EC812D65670C}" = dir=out | name=microsoft solitaire collection |
"{EE70645A-FFFF-4295-9CD4-ABD1F59705AB}" = dir=in | name=onenote |
"{EFE0FAB1-1813-4E42-A714-ADEC0BBE0A1D}" = dir=out | name=@{microsoft.zunevideo_3.6.15731.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{F1E10E72-9200-489B-9E82-023954B4F3B7}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{F25A1518-BB86-459C-9B32-7AF643AAA978}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{F368727B-36AA-4925-A666-A0EC971AC42C}" = dir=in | name=@{microsoft.commsphone_2.12.14001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{F3DC0929-D5D9-4111-A084-EE4E5C8D76BD}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.6525.42271.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{F3DEEA9F-1AD5-45BF-B674-408546AE3068}" = dir=out | name=candy crush soda saga |
"{F451BAA2-241C-4DC8-9EF5-DC07DF5FE5C1}" = dir=in | name=@{microsoft.commsphone_2.12.14001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{F469D1E5-BA7C-4969-A7FB-18B1B6875E73}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{F4B8A1F7-C4CF-4E90-A813-806605D87BD5}" = dir=out | name=asus welcome |
"{F4F6C57E-8B4D-403E-8E3D-7961E68FB11B}" = protocol=6 | dir=in | app=c:\programy\mozilla firefox\firefox.exe |
"{F5A63D11-68BC-4A54-AB20-74A8E7FAB138}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{F6AB892F-22E0-4C8B-88F5-474F0513CA75}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{F6FC497B-385F-48B8-95B8-03D9F82F0A14}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

ransik
Level 1.5
Level 1.5
Příspěvky: 133
Registrován: leden 16
Pohlaví: Muž

Re: prosim o kontrolu

Příspěvekod ransik » 23 kvě 2017 20:38

"{F6FC497B-385F-48B8-95B8-03D9F82F0A14}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F8FFB54A-0750-41E4-8483-9A587A8A0FD4}" = dir=out | name=microsoft solitaire collection |
"{FBF15416-5CA8-478A-9161-769076946867}" = dir=out | name=@{microsoft.zunemusic_3.6.15131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{FC4FF8DB-7A24-4284-9EA7-843A68266419}" = dir=in | name=@{microsoft.commsphone_2.12.14001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{FD5531F9-1506-4E4E-B4D0-65D0AAAC8C2D}" = dir=out | name=@{microsoft.getstarted_2.6.12.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{FED765F4-80E7-4723-A0E5-A5539D727EFD}" = dir=out | name=@{microsoft.windows.photos_15.1208.10480.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"TCP Query User{3F6AF134-ADE0-4456-9F9F-4B2A64E9AB49}C:\programy\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\programy\utorrent\utorrent.exe |
"TCP Query User{67A8C7DA-236B-4DEF-82CC-25D3920C6372}C:\programy\teamspeak 3 client\ts3client_win64.exe" = protocol=6 | dir=in | app=c:\programy\teamspeak 3 client\ts3client_win64.exe |
"TCP Query User{67C86162-38EC-4253-88D4-E17072409405}C:\programy\teamspeak 3 client\ts3client_win64.exe" = protocol=6 | dir=in | app=c:\programy\teamspeak 3 client\ts3client_win64.exe |
"TCP Query User{70438B31-1DDB-40CB-B867-5FC965B0377F}C:\hry\steam\steam.exe" = protocol=6 | dir=in | app=c:\hry\steam\steam.exe |
"TCP Query User{70519BCB-4C30-4C0D-BE03-96A3297A463C}C:\users\asus\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\asus\appdata\roaming\spotify\spotify.exe |
"UDP Query User{0BCD50DC-ECA0-49EF-A7E3-6C008DA300F2}C:\programy\teamspeak 3 client\ts3client_win64.exe" = protocol=17 | dir=in | app=c:\programy\teamspeak 3 client\ts3client_win64.exe |
"UDP Query User{206A240B-88E1-4D72-94D2-E19A596FDF72}C:\programy\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\programy\utorrent\utorrent.exe |
"UDP Query User{B87BD4F1-D7F9-4FFB-8CFE-B18A2C2585C0}C:\programy\teamspeak 3 client\ts3client_win64.exe" = protocol=17 | dir=in | app=c:\programy\teamspeak 3 client\ts3client_win64.exe |
"UDP Query User{C8EC5E25-843E-4015-8E03-CFD8F179E58B}C:\hry\steam\steam.exe" = protocol=17 | dir=in | app=c:\hry\steam\steam.exe |
"UDP Query User{D72F5E6D-1887-4CFB-BEDE-785FD7757CC3}C:\users\asus\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\asus\appdata\roaming\spotify\spotify.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0207A930-0EDB-84F5-9B2B-60D34BE3896D}" = AMD Install Manager
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E1DAEF8-267A-4836-BC9B-FACFDD0CF59B}" = Windows 10 Manager
"{25E80DAA-FD87-DCE5-202C-CC02F6673002}" = Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{26A24AE4-039D-4CA4-87B4-2F86418077F0}" = Java 8 Update 77 (64-bit)
"{36FAF585-3D08-3D84-8330-4D048F4B6CE6}" = AMD Fuel
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{426582A8-202F-D13C-8BD5-F00551BAFC93}" = AMD Wireless Display v3.0
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}" = Bonjour
"{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}" = Podpora aplikací Apple (64bitová)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{630E5EF7-72F8-9E5D-BEF5-ED85B698E160}" = AMD Wireless Display v3.0
"{678F0819-823E-D737-3FD1-13EF6D9AE2EC}" = AMD Wireless Display v3.0
"{819CA3BC-2FF8-4811-B42F-421F7BFD3559}" = HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F2415FA-72F2-F029-0450-4EB2FAE484C5}" = AMD Accelerated Video Transcoding
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}" = iTunes
"{A1C31BA5-5438-3A07-9EEE-A5FB2D0FDE36}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23506
"{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1" = Revo Uninstaller 2.0.3
"{A2AC0D43-9788-B1BD-B2A8-EFC758916BB1}" = AMD Drag and Drop Transcoding
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AA20E9E6-96D0-C201-E44D-F7D921F595FD}" = AMD Fuel
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0B194F8-E0CE-33FE-AA11-636428A4B73D}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23506
"{BD422D00-5232-11E3-A6F3-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{C16CD4C0-48EE-0F40-C9FD-0778EAF73FBD}" = AMD Wireless Display v3.0
"{C270821D-2479-D0F4-1BD1-7BBAF6762A98}" = AMD Wireless Display v3.0
"{C2B8CBDE-5232-11E3-B494-F04DA23A5C58}" = MSVCRT Redists
"{C3463F9A-E635-02E0-C351-41D16074E202}" = ccc-utility64
"{C48AF3CF-C632-3C19-838E-7DAB7283D46A}" = Microsoft .NET Framework 4.5.2 (CSY)
"{CE29BC77-C5AE-49D8-A8C0-FDAF6ACF74DF}" = iCloud
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D4D86CB2-2370-4691-8272-3869EDED6C64}" = Apple Mobile Device Support
"{D9C2E250-17A1-0D68-CB41-83232EC31C2C}" = ccc-utility64
"8B3D7924-ED89-486B-8322-E8594065D5CB_is1" = RogueKiller verze 12
"AMD Catalyst Install Manager" = AMD Install Manager
"Defraggler" = Defraggler
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HWiNFO64_is1" = HWiNFO64 Version 5.44
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1" = gpedt.msc 1.0
"{11087D24-567D-7D88-69C6-D7A08B5F4C47}" = Catalyst Control Center - Branding
"{110E4EE7-85A9-B76B-B943-C0C1CF0C2F74}" = CCC Help Spanish
"{11BC8F83-7260-65EB-3E0A-FA7AC894B42D}" = CCC Help Hungarian
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{1E93452B-BA3E-7375-958C-EBC5E8672A5E}" = CCC Help Danish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20AE3A4E-38CA-C6F8-4E60-5DF41A2CC0AC}" = AMD Catalyst Control Center
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29DB9165-5FC1-48F0-9188-26123F526848}" = Podpora aplikací Apple (32bitová)
"{2B642F70-BA82-5E78-41CE-BDFFD5C37530}" = CCC Help Swedish
"{2EA40F3D-0D93-A391-F383-6F1C708B80BF}" = CCC Help Turkish
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1" = Lightshot-5.4.0.1
"{315D9E6B-98B1-1E2B-9E93-B36A0B104224}" = Catalyst Control Center Localization All
"{31BC0B51-0676-A531-3940-1818B609EEA7}" = CCC Help Thai
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{3310DD5A-3695-3390-6F38-2B93D862FE02}" = CCC Help German
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{37B55901-995A-3650-80B1-BBFD047E2911}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24212
"{37DBC990-C514-3821-D6FB-12E0745AA990}" = CCC Help Korean
"{3C7B5C75-FD82-BC1F-F148-89A3189EF385}" = AMD Catalyst Control Center
"{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506
"{41545533-2D54-5347-00A7-A758B70C2D02}" = Teoma Shopping App
"{42A97797-A255-49F9-4250-D58A9CEA2904}" = CCC Help Swedish
"{462f63a8-6347-4894-a1b3-dbfe3a4c981d}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212
"{489E5436-B101-CAD9-5571-14746675ECE3}" = CCC Help Chinese Traditional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF95DE2-B54D-4C3F-9494-FD3B558E2C2D}" = AI Manager
"{4D72F94C-95A5-AA85-E75B-A1A1CB8FCE7A}" = CCC Help Greek
"{504819D1-3C0A-2695-0007-BBDFA5936D68}" = CCC Help Dutch
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5546F4E9-B0F4-4F54-B949-2AB006C9284F}" = DJ_AIO_06_F2400_SW_Min
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5644668B-04A5-68F6-0AA9-03255877C58F}" = Catalyst Control Center Localization All
"{56EC47AA-5813-4FF6-8E75-544026FBEA83}" = Apple Software Update
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{5DA870C0-BC5C-BE96-5045-BD429959C0D3}" = CCC Help Korean
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5F3182EE-2532-3B96-2BBB-03B87F574E76}" = CCC Help Portuguese
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6953ECF8-0B1B-FBD7-0DDB-84C82FBBC2F4}" = CCC Help Japanese
"{69DF4822-9B16-CE04-7587-22E09FB5FD1D}" = CCC Help German
"{6C495748-5F03-0B97-568B-76D0368FB460}" = CCC Help English
"{6D7A146A-BD56-8EE1-FCC7-BE02013ACE36}" = CCC Help Chinese Standard
"{6DBB66CD-38C7-472C-BBB9-06BFDA182A29}" = F2400
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{703F229F-573E-10E7-3B44-341DB59AD86B}" = CCC Help Chinese Standard
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71971AE8-C8F3-3C62-FB89-AC41A96761AB}" = CCC Help Italian
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{79E3071B-8A0C-C105-6442-CF611732601E}" = CCC Help Norwegian
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7D94356D-48E0-DE1A-423C-67A363C13771}" = CCC Help English
"{7DE27D8A-1D73-61EB-86F1-079AF7E55C3A}" = CCC Help Thai
"{7E0B1563-7607-00D7-21CE-7DAFA6FF009C}" = CCC Help Czech
"{7F8B68A2-0CD0-7DAF-8955-1419C60886D3}" = CCC Help Spanish
"{844ECB74-9B63-3D5C-958C-30BD23F19EE4}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24212
"{87006B27-A5A6-9EF1-BA04-CD7284462419}" = CCC Help Norwegian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1" = Zemana AntiMalware
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9114BDDB-A6A6-152D-060A-E99307057AD1}" = Catalyst Control Center Graphics Previews Common
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{947E1256-258E-60A2-7331-44D09E61CF99}" = CCC Help Russian
"{968C0E92-6DA9-5784-9A0B-1061D0CB2C14}" = CCC Help Greek
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1" = iSkysoft Helper Compact 2.5.2
"{9DB45EC2-90E7-642D-7CF9-5AC2FBDC14F7}" = CCC Help Turkish
"{A03E4302-F387-47F3-8136-6D9D9286CD3B}" = SteelSeries Kinzu Optical Mouse
"{A12E8E1A-A77D-94E5-72F8-E83D6256AF11}" = CCC Help Polish
"{A3168DE0-479A-D5EC-59C4-0278C7DEC11C}" = CCC Help Hungarian
"{AA0E1433-8F16-AA01-E8E9-E6408579D0D8}" = CCC Help Danish
"{AAAE97DA-1E8B-C0E9-F0E3-5481A09F97C8}" = CCC Help French
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-0804-1033-1959-001824166751}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{AD5E3969-F0C0-ECBF-45E5-C36B84904281}" = CCC Help Portuguese
"{AFDFBED8-CC9A-8E00-015D-845F0BF9D1E1}" = CCC Help Chinese Traditional
"{B03A580A-5D67-DAC5-59A1-7AD7C513381C}" = CCC Help French
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BBA1614E-6470-7841-8A42-ABD5BA7B3FFE}" = CCC Help Czech
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BF44ADDF-E927-4B66-E829-4AF27BF6A58B}" = CCC Help Polish
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C28E8D4A-C424-71CF-DFBE-597810641712}" = Catalyst Control Center InstallProxy
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C3EAC1D2-A492-7B08-A9D5-15EDD5EA1A89}" = CCC Help Dutch
"{C9353DBC-A47C-2C9B-AF32-5E2C8B4E3D3A}" = CCC Help Japanese
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CFA2067C-AE90-3BF9-06AF-E7E65E679B3D}" = CCC Help Russian
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D247B605-F874-E998-D599-8855A40B6825}" = Application Profiles
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1" = aTube Catcher verze 3.8
"{D5C69738-B486-402E-85AC-2456D98A64E4}" = Pomocník při upgradu na Windows 10
"{D7D20EB4-BD89-05C0-05C6-33E5B762989E}" = Catalyst Control Center InstallProxy
"{D9CBA021-DB41-9736-923F-52E3E426912D}" = CCC Help Finnish
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E7AA854E-6756-424E-84C2-4E47D5729AFF}" = ASUS Easy Update 2
"{EDA2F047-79B6-46E2-8323-28086E1BA51D}" = Free Webcam Recorder
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F6860530-9733-0BB2-9C09-F25101076E78}" = CCC Help Finnish
"{F6C18D35-D3EB-4AEA-B266-C2F11B6DB723}" = Skype Web Plugin
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FC3C2B77-6800-48C6-A15D-9D1031130C16}" = HP Support Solutions Framework
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.28
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FE4DC915-D724-E72C-EF86-DC5B89961ACF}" = CCC Help Italian
"Adobe Flash Player NPAPI" = Adobe Flash Player 23 NPAPI
"Adobe Flash Player PPAPI" = Adobe Flash Player 23 PPAPI
"Any Video Converter Ultimate_is1" = Any Video Converter Ultimate 5.8.3
"Avidemux 2.6 - 32 bits" = Avidemux 2.6 - 32 bits (32-bit)
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BlueStacks" = BlueStacks App Player
"CoD 2 čeština_is1" = CoD 2 čeština
"CrystalDiskInfo_is1" = CrystalDiskInfo 7.0.5
"dBpoweramp" = dBpoweramp
"dBpoweramp DSP Effects" = dBpoweramp DSP Effects
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.46.923
"Freemake Video Converter_is1" = Freemake Video Converter verze 4.1.9
"Google Chrome" = Google Chrome
"InfraRecorder" = InfraRecorder
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"KLiteCodecPack_is1" = K-Lite Codec Pack 12.5.5 Standard
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.1.1043
"Mozilla Firefox 44.0.2 (x86 cs)" = Mozilla Firefox 44.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.73
"PlaysTV" = PlaysTV
"Raptr" = Raptr
"Secunia PSI" = Secunia PSI (3.0.0.11003)
"Steam" = Steam
"Steam App 10" = Counter-Strike
"Steam App 298160" = Eldevin
"Steam App 550" = Left 4 Dead 2
"Steam App 570" = Dota 2
"Steam App 730" = Counter-Strike: Global Offensive
"VLC media player" = VLC media player
"WinRAR archiver" = WinRAR 5.11 (32-bit)
"WUCCCApp" = AMD Catalyst Control Center
"Xvid Video Codec 1.3.4" = Xvid Video Codec

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software
"StartIsBack" = StartIsBack++
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Windows 10 Manager 2.0.0" = Windows 10 Manager

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 23.5.2017 12:12:40 | Computer Name = Asus-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2147024891. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 23.5.2017 12:57:39 | Computer Name = Asus-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2147024891. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 23.5.2017 12:57:40 | Computer Name = Asus-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2147024891. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 23.5.2017 12:57:40 | Computer Name = Asus-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 23.5.2017 12:59:41 | Computer Name = Asus-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 23.5.2017 13:18:32 | Computer Name = Asus-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed

Error - 23.5.2017 13:18:32 | Computer Name = Asus-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed

Error - 23.5.2017 13:18:34 | Computer Name = Asus-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed

Error - 23.5.2017 13:18:46 | Computer Name = Asus-PC | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed

Error - 23.5.2017 13:27:51 | Computer Name = Asus-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci Microsoft.BingWeather_8wekyb3d8bbwe!App se nepovedlo aktivovat,
protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

[ System Events ]
Error - 23.5.2017 12:57:39 | Computer Name = Asus-PC | Source = DCOM | ID = 10016
Description =

Error - 23.5.2017 12:57:39 | Computer Name = Asus-PC | Source = DCOM | ID = 10016
Description =

Error - 23.5.2017 12:57:40 | Computer Name = Asus-PC | Source = DCOM | ID = 10016
Description =

Error - 23.5.2017 12:57:40 | Computer Name = Asus-PC | Source = DCOM | ID = 10016
Description =

Error - 23.5.2017 12:59:40 | Computer Name = Asus-PC | Source = DCOM | ID = 10010
Description =

Error - 23.5.2017 13:12:39 | Computer Name = Asus-PC | Source = DCOM | ID = 10016
Description =

Error - 23.5.2017 13:12:39 | Computer Name = Asus-PC | Source = DCOM | ID = 10016
Description =

Error - 23.5.2017 13:18:28 | Computer Name = Asus-PC | Source = Service Control Manager | ID = 7031
Description = Služba Hostitel synchronizace_7012a8bc byla nečekaně ukončena. Stalo
se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat
službu.

Error - 23.5.2017 13:27:54 | Computer Name = Asus-PC | Source = DCOM | ID = 10016
Description =

Error - 23.5.2017 13:33:11 | Computer Name = Asus-PC | Source = DCOM | ID = 10016
Description =


< End of report >

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 37257
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosim o kontrolu

Příspěvekod jaro3 » 23 kvě 2017 22:52

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:53.0.2
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll File not found
[2016.02.10 21:51:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\Mozilla\Extensions
[2017.04.04 16:06:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default\extensions
[2017.04.04 16:06:29 | 000,007,704 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default\features\{45c1291f-4ad5-46ec-9aa8-e87b0cc743da}\aushelper@mozilla.org.xpi
[2017.04.04 16:06:29 | 000,005,527 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default\features\{45c1291f-4ad5-46ec-9aa8-e87b0cc743da}\diagnostics@mozilla.org.xpi
[2017.04.04 16:06:29 | 000,008,857 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default\features\{45c1291f-4ad5-46ec-9aa8-e87b0cc743da}\disableSHA1rollout@mozilla.org.xpi
[2017.04.04 16:06:29 | 000,007,195 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default\features\{45c1291f-4ad5-46ec-9aa8-e87b0cc743da}\e10srollout@mozilla.org.xpi
[2017.04.04 16:06:29 | 000,005,336 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default\features\{45c1291f-4ad5-46ec-9aa8-e87b0cc743da}\hsts-priming@mozilla.org.xpi
[2017.05.11 14:52:25 | 000,044,954 | ---- | M] () (No name found) -- C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default\features\{fe53c36c-1e63-4e4f-b47c-7bf38ba3227f}\shield-recipe-client@mozilla.org.xpi
CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\
CHR - Extension: No name found = C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleNetIDList = 1
[2016.01.14 19:38:28 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016.09.07 07:23:32 | 006,605,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016.09.07 07:21:01 | 005,240,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015.10.30 09:17:43 | 000,987,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2015.10.30 09:18:21 | 000,765,440 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016.09.07 06:35:09 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\OpenCL.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\NlsLexicons0009.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\NlsData0009.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\MSMPEG2ENC.DLL:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\mshtmlmedia.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\mfreadwrite.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\MFPlay.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\mantleaxl32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\mantle32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\hsa-thunk.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\dns-sd.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\detoured.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\BackgroundTransferHost.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atiuxpag.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atiumdva.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atiumdag.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atiu9pag.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atioglxx.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atimpc32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atiglpxx.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atigktxx.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atieah32.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atidxx32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\aticfx32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\aticalrt.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\aticaldd.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\aticalcl.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atiadlxy.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\atiadlxx.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdxc32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdpcom32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdocl12cl.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdocl_ld32.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdocl_as32.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdocl.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdmmcl.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdmantle32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdlvr32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdhdl32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\SysWow64\amdgfxinfo32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\WINDOWS\difxapi.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\programy\CCleaner\CCleaner64.exe:$CmdTcID

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Program Files (x86)\*.tmp

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

ransik
Level 1.5
Level 1.5
Příspěvky: 133
Registrován: leden 16
Pohlaví: Muž

Re: prosim o kontrolu

Příspěvekod ransik » 24 kvě 2017 01:18

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:53.0.2 removed from extensions.enabledAddons
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
C:\Users\Asus\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default\extensions folder moved successfully.
C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default\features\{45c1291f-4ad5-46ec-9aa8-e87b0cc743da}\aushelper@mozilla.org.xpi moved successfully.
C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default\features\{45c1291f-4ad5-46ec-9aa8-e87b0cc743da}\diagnostics@mozilla.org.xpi moved successfully.
C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default\features\{45c1291f-4ad5-46ec-9aa8-e87b0cc743da}\disableSHA1rollout@mozilla.org.xpi moved successfully.
C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default\features\{45c1291f-4ad5-46ec-9aa8-e87b0cc743da}\e10srollout@mozilla.org.xpi moved successfully.
C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default\features\{45c1291f-4ad5-46ec-9aa8-e87b0cc743da}\hsts-priming@mozilla.org.xpi moved successfully.
C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\zwheh4dl.default\features\{fe53c36c-1e63-4e4f-b47c-7bf38ba3227f}\shield-recipe-client@mozilla.org.xpi moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_metadata folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\zh_TW folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\zh_CN folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\vi folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\uk folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\tr folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\th folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\sv folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\sr folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\sl folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\sk folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\ru folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\ro folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\pt_PT folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\pt_BR folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\pl folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\nl folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\nb folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\lv folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\lt folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\ko folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\ja folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\it folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\id folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\hu folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\hr folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\hi folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\fr folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\fil folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\fi folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\et folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\es_419 folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\es folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\en_GB folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\en folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\el folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\de folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\da folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\cs folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\ca folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales\bg folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\_locales folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\images folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\html folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\css folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1 folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_metadata folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\zh_TW folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\zh folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\vi folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\uk folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\tr folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\th folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\te folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ta folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\sw folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\sv folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\sr folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\sl folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\sk folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ru folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ro folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\pt_PT folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\pt_BR folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\pt folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\pl folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\nl folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\nb folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ms folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\mr folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ml folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\lv folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\lt folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ko folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\kn folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ja folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\iw folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\it folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\id folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\hu folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\hr folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\hi folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\gu folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\fr folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\fil folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\fi folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\fa folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\et folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\es folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\en folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\el folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\de folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\da folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\cs folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ca folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\bn folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\bg folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ar folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\am folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cloud_route_details folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup folder moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0 folder moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoSimpleNetIDList deleted successfully.
C:\WINDOWS\assembly\Desktop.ini moved successfully.
File EY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.
File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
File EY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 not found.
File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] not found.
File EY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.
File EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64\ not found.
Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]\ not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64\ not found.
Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]\ not found.
ADS C:\WINDOWS\SysWow64\OpenCL.dll:$CmdTcID deleted successfully.
Unable to delete ADS C:\WINDOWS\SysWow64\NlsLexicons0009.dll:$CmdTcID .
Unable to delete ADS C:\WINDOWS\SysWow64\NlsData0009.dll:$CmdTcID .
Unable to delete ADS C:\WINDOWS\SysWow64\MSMPEG2ENC.DLL:$CmdTcID .
Unable to delete ADS C:\WINDOWS\SysWow64\mshtmlmedia.dll:$CmdTcID .
Unable to delete ADS C:\WINDOWS\SysWow64\mfreadwrite.dll:$CmdTcID .
Unable to delete ADS C:\WINDOWS\SysWow64\MFPlay.dll:$CmdTcID .
ADS C:\WINDOWS\SysWow64\mantleaxl32.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\mantle32.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\hsa-thunk.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\dns-sd.exe:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\detoured.dll:$CmdTcID deleted successfully.
Unable to delete ADS C:\WINDOWS\SysWow64\BackgroundTransferHost.exe:$CmdTcID .
ADS C:\WINDOWS\SysWow64\atiuxpag.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\atiumdva.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\atiumdag.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\atiu9pag.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\atioglxx.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\atimpc32.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\atiglpxx.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\atigktxx.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\atieah32.exe:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\atidxx32.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\aticfx32.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\aticalrt.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\aticaldd.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\aticalcl.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\atiadlxy.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\atiadlxx.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\amdxc32.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\amdpcom32.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\amdocl12cl.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\amdocl_ld32.exe:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\amdocl_as32.exe:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\amdocl.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\amdmmcl.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\amdmantle32.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\amdlvr32.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\amdhdl32.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\SysWow64\amdgfxinfo32.dll:$CmdTcID deleted successfully.
ADS C:\WINDOWS\difxapi.dll:$CmdTcID deleted successfully.
ADS C:\programy\CCleaner\CCleaner64.exe:$CmdTcID deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\LastGood.Tmp\SysWOW64 folder moved successfully.
C:\WINDOWS\LastGood.Tmp\system32\DRIVERS folder moved successfully.
C:\WINDOWS\LastGood.Tmp\system32 folder moved successfully.
C:\WINDOWS\LastGood.Tmp folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job moved successfully.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Windows\SysNative\drivers\SETF880.tmp moved successfully.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Asus
->Temp folder emptied: 38634 bytes
->Temporary Internet Files folder emptied: 14063 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 411257598 bytes
->Flash cache emptied: 492 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default.migrated

User: DefaultAppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: mamka
->Temp folder emptied: 17596 bytes
->Temporary Internet Files folder emptied: 85319 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 187172962 bytes
->Google Chrome cache emptied: 406248640 bytes
->Flash cache emptied: 0 bytes

User: Public

User: tonda
->Temp folder emptied: 25132 bytes
->Temporary Internet Files folder emptied: 3026927 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 414168338 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1847860 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 60355 bytes

Total Files Cleaned = 1 358,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 05242017_010849

Files\Folders moved on Reboot...
File\Folder C:\Users\Asus\AppData\Local\Temp\etilqs_Kf8gfyd9uvDpeK8 not found!
File\Folder C:\Users\Asus\AppData\Local\Temp\etilqs_Q4MLgfFA3AgggGL not found!
File\Folder C:\Users\Asus\AppData\Local\Temp\etilqs_w6mV93dhxdUnzaR not found!
C:\Users\Asus\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 37257
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosim o kontrolu

Příspěvekod jaro3 » 24 kvě 2017 19:54

Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

ransik
Level 1.5
Level 1.5
Příspěvky: 133
Registrován: leden 16
Pohlaví: Muž

Re: prosim o kontrolu

Příspěvekod ransik » 02 čer 2017 12:07

Hezký den problém stále přetrvává

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 37257
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosim o kontrolu

Příspěvekod jaro3 » 02 čer 2017 18:49

Stáhni Kaspersky VRT
na svojí plochu.
Spusť program Kaspersky VRT, .Program se nainstaluje.
Potvrď licenci a klikni na „Start“ . Pokud program nabídne aktualizaci , klikni dole na na „Download Now“.
- Klikni na ozubené kolečko v pravém horním rohu. V okně vyber kromě již zatržených , svojí jednotku disku , pokud jich máš víc , můžeš zatrhnout všechny.
- zvol „Automatic Scan“ nahoře vlevo. a stiskni tlačítko „Start Scanning
- Program začne skenovat zatržené jednotky

Zaškrtnuté :
Hidden startup objects
System Memory
Disk boot sectors

Počítač
Místní disk C

Nezašrkrtnuté:
Dokumenty
My email
Místní disk D
Jednotka DVD-Rom (E)
Jednotka BD-ROM (G)
Disketová jednotka

A jiné , např. Flash disky , které máš připojeny.

- povol programu Virus Removal Tool odstranit všechny nalezené infekce
- jakmile sken skončí ,zvol záložku „Report“ , vpravo nahoře (vedle ozubeného kolečka)
- klikni na „Detected Threads“ a klikni na obrázek diskety („Save“)
- ulož do počítače zprávu a vložit ji sem do příspěvku
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

ransik
Level 1.5
Level 1.5
Příspěvky: 133
Registrován: leden 16
Pohlaví: Muž

Re: prosim o kontrolu

Příspěvekod ransik » 03 čer 2017 19:02

Nevim jak to sem vlozit z toho reportu nejde to ani skopirovat tak aspon takhle
Nemáte oprávnění prohlížet přiložené soubory.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 37257
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: prosim o kontrolu

Příspěvekod jaro3 » 03 čer 2017 19:21

Vše kromě asi toho downloads\foto (?) dej do karantény.

Pak napiš co problémy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

ransik
Level 1.5
Level 1.5
Příspěvky: 133
Registrován: leden 16
Pohlaví: Muž

Re: prosim o kontrolu

Příspěvekod ransik » 17 čer 2017 17:13

tak pořád žádná změna


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 3 hosti