Prosím o kontrolu logu

Příspěvekod **jaro3** » 14 lis 2016 21:20

Podívej se zda tam ještě ten soubor nemáš:
c:\windows\TEMP\SafeZone Installer\installer.exe

co problémy?

Reklama

peacer42 · Příspěvekod **peacer42** » 14 lis 2016 22:00

No, ten soubor je tam pořád...

Zlepšilo se to, to každopádně děkuji.

Příspěvekod **jaro3** » 15 lis 2016 09:24

c:\windows\TEMP\SafeZone Installer\installer.exe smažeme pak pomocí OTL:

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

peacer42 · Příspěvekod **peacer42** » 15 lis 2016 17:15

OTL logfile created on: 15.11.2016 16:52:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\lukeh\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 42,72% Memory free
4,22 Gb Paging File | 2,26 Gb Available in Paging File | 53,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,37 Gb Total Space | 3,96 Gb Free Space | 5,33% Space Free | Partition Type: NTFS
Drive E: | 73,21 Gb Total Space | 38,52 Gb Free Space | 52,61% Space Free | Partition Type: NTFS

Computer Name: LUKEH-PC | User Name: lukeh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\lukeh\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Windows\System32\DbxSvc.exe (Dropbox, Inc.)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\PDF Architect\HelperService.exe (pdfforge GmbH)
PRC - C:\Program Files\PDF Architect\ConversionService.exe (pdfforge GmbH)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe (Vodafone)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
PRC - C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.)
PRC - C:\Program Files\Bluetooth Suite\BtvStack.exe (Atheros Communications)
PRC - C:\Program Files\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
PRC - C:\Program Files\Bluetooth Suite\AdminService.exe (Atheros Commnucations)
PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()
PRC - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe (TOSHIBA Corporation)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
PRC - C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Acronis)
PRC - C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
PRC - C:\Program Files\TOSHIBA\Tilt Mouse Software\1.1\ACQTMAPP.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd ()
MOD - C:\Program Files\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd ()
MOD - C:\Program Files\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd ()
MOD - C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd ()
MOD - C:\Program Files\Dropbox\Client\winffi.wininet._winffi_wininet.pyd ()
MOD - C:\Program Files\Dropbox\Client\winffi.user32._winffi_user32.pyd ()
MOD - C:\Program Files\Dropbox\Client\winffi.winerror._winffi_winerror.pyd ()
MOD - C:\Program Files\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd ()
MOD - C:\Program Files\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd ()
MOD - C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd ()
MOD - C:\Program Files\Dropbox\Client\tornado.speedups.pyd ()
MOD - C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd ()
MOD - C:\Program Files\Dropbox\Client\PyQt5.QtQml.pyd ()
MOD - C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd ()
MOD - C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd ()
MOD - C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd ()
MOD - C:\Program Files\Dropbox\Client\PyQt5.QtWebChannel.pyd ()
MOD - C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd ()
MOD - C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd ()
MOD - C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd ()
MOD - C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd ()
MOD - C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd ()
MOD - C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd ()
MOD - C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.dll ()
MOD - C:\Program Files\Dropbox\Client\fastpath.pyd ()
MOD - C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd ()
MOD - C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd ()
MOD - C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd ()
MOD - C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd ()
MOD - C:\Program Files\Dropbox\Client\breakpad.client.windows.handler.pyd ()
MOD - C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd ()
MOD - C:\Program Files\Dropbox\Client\libGLESv2.dll ()
MOD - C:\Program Files\Dropbox\Client\libEGL.dll ()
MOD - C:\Program Files\Dropbox\Client\winxpgui.pyd ()
MOD - C:\Program Files\Dropbox\Client\win32security.pyd ()
MOD - C:\Program Files\Dropbox\Client\win32service.pyd ()
MOD - C:\Program Files\Dropbox\Client\win32process.pyd ()
MOD - C:\Program Files\Dropbox\Client\win32ts.pyd ()
MOD - C:\Program Files\Dropbox\Client\win32profile.pyd ()
MOD - C:\Program Files\Dropbox\Client\win32gui.pyd ()
MOD - C:\Program Files\Dropbox\Client\win32file.pyd ()
MOD - C:\Program Files\Dropbox\Client\win32api.pyd ()
MOD - C:\Program Files\Dropbox\Client\win32print.pyd ()
MOD - C:\Program Files\Dropbox\Client\win32evtlog.pyd ()
MOD - C:\Program Files\Dropbox\Client\win32pipe.pyd ()
MOD - C:\Program Files\Dropbox\Client\win32event.pyd ()
MOD - C:\Program Files\Dropbox\Client\win32clipboard.pyd ()
MOD - C:\Program Files\Dropbox\Client\mmapfile.pyd ()
MOD - C:\Program Files\Dropbox\Client\_jpegtran.pyd ()
MOD - C:\Program Files\Dropbox\Client\_cffi_backend.pyd ()
MOD - C:\Program Files\Dropbox\Client\sip.pyd ()
MOD - C:\Program Files\Dropbox\Client\faulthandler.pyd ()
MOD - C:\Program Files\Dropbox\Client\_multiprocessing.pyd ()
MOD - C:\Program Files\Dropbox\Client\unicodedata.pyd ()
MOD - C:\Program Files\Dropbox\Client\pyexpat.pyd ()
MOD - C:\Program Files\Dropbox\Client\pywintypes27.dll ()
MOD - C:\Program Files\Dropbox\Client\_ctypes.pyd ()
MOD - C:\Program Files\Dropbox\Client\select.pyd ()
MOD - C:\Program Files\Dropbox\Client\pythoncom27.dll ()
MOD - C:\Program Files\Dropbox\Client\librsync.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\dd34f651ae472f80fa4d45d615b170e7\Vodafone.Contracts.View.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Shared\31064ca60697072da8b6b33e9547468d\Vodafone.View.Shared.ni.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\AVAST Software\Avast\ffl2.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.UpdateMana#\1ad0d07c88a685c8ca5a8d38d0040991\Vodafone.UpdateManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Model.Conn#\66863f65d05b8d325481398dace6d0d1\Vodafone.Model.Connection.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Remot#\f6a6a28e74a505780de8dbf7047a50e8\Vodafone.Core.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Vpn\94ad44526c30a29fcabe0b78ccaba6be\Vodafone.Vpn.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Inter#\30a3baed38a1d8541a2dc240b3027dab\Vodafone.Base.Internals.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Facto#\73d643cb3023f1e4028f54496fc84869\Vodafone.Base.Factory.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\1ee8ba5efe5245eea4fd46e4d17b4079\Vodafone.DeviceAccess.Internals.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.BusinessLo#\eab83732a26eff9aa8295147f9e1320e\Vodafone.BusinessLogic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\40248feaf95b2e0f6c9dbcd3b5906935\Vodafone.DeviceAccess.Factory.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.CoreI#\4659a18a55da52bc46ffc73d99dd227a\Vodafone.Core.CoreInstanceProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Secon#\3e18a31e06c80945ac69be5c56261e88\Vodafone.View.SecondaryWindows.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\2c1b614eebb50dfec7f84a23d76df003\Vodafone.Contracts.Adapter.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Applicatio#\2be8da4b99de0847eb8549aa02f5e8d6\Vodafone.ApplicationHost.Impl.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SettingsMa#\1fc53ba40513ba3a5e7d70d85bbf50d8\Vodafone.SettingsManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.ReportingM#\0a831772689bd22a8ca35d10504ba8ef\Vodafone.ReportingManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.OutlookCon#\2efbc19ea15329f782dd7747cf757974\Vodafone.OutlookConnector.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsContact#\d9e48de49c63736fb632751237f49ae7\Vodafone.SmsContactManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.CommonDial#\3811817e0c333a0af3374072e9ee93bc\Vodafone.CommonDialogs.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DataAccess#\f0d28fec6ebee8d984572880f39c027d\Vodafone.DataAccessor.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Manag#\1d9e7f5f19c6c2788cf8e9e307e900f5\Vodafone.View.ManagedToolTip.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Spring.Core\af958004d4ee59a4f047f260ecb48463\Spring.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Common.Logging\b9b08b4911c7479fefdbc2a288b59b76\Common.Logging.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.InstancePr#\66a5456596f866ce67bb6f5294cd3967\Vodafone.InstanceProvider.Impl.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\5eedb99154a14ae503e2994242d7ca58\Vodafone.Contracts.Presenter.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\ce796b206ccc709452230a7046381939\Infragistics2.Win.UltraWinEditors.v9.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.v#\6dd4845f65e96467af5b9039e8107e74\Infragistics2.Win.v9.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Share#\101135bf5193f6a6ef4d537c94a37c50\Infragistics2.Shared.v9.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\a52ceaade613fa11ccb5e03fcae4d5fa\Infragistics2.Win.UltraWinToolbars.v9.2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Contr#\d125ed9c3d6c668f3b3a0658b4a414df\Vodafone.Core.Contracts.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\4076c2d036209f8eff58e719b482e882\Vodafone.Contracts.Model.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\MobileBroadbandReso#\d31ced3d823bab686abfef781582106a\MobileBroadbandResources.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Mondrian\789f7176222e36cfbc44ab5239c0f84d\Vodafone.Mondrian.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\a73a982941373e413e86f29fea049918\Vodafone.DeviceAccess.Contracts.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Platform\c053236e63a51176807c5caf6ddbd9cc\Vodafone.Platform.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Win32\a2334f76240d8f746336ab735719a804\Vodafone.Base.Win32.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Common\28d03ae5bc63b8a50c7f4bce21d91e37\Vodafone.Common.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\8a6bfed4d68c3e47b00eb30318638848\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Contr#\e815ade11b6a95c0380b7358f26255f7\Vodafone.Base.Contracts.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.LogEngine\90ed1e52e648743c1d5d756c94eb2f81\Vodafone.LogEngine.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Data\6370a98940cff7b12ca476aef9a14978\Vodafone.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\517c02cd0e30626fa8b698d2c7b0f63f\Vodafone.Contracts.Common.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\MobileBroadband\6ff5bd74d2e40b37223fc1cbd9f8e6ff\MobileBroadband.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\982d3d9137b89e6f12d8a4fd6e1b9ad3\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\6f8c93182c5dc848119816eac7f883a4\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\a1a23fe34b7e569fdca408e6eaa10385\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\b6d3c2ec3bc0553275359385bcfd140e\System.Security.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\94c451a84ec1cfa0f50621db841e73e3\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\80420e37b71e7d2638e36730beb33a9d\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a3b38be91af85ee2e958fbd0f8caaa76\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f9c2795edd0e5e7e10885b9c4379ac26\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\74879a98951ba77baf31278bdb4039fd\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\14a08a0f05665398dc5b56b4cba69b76\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsProfile#\a0f768afea90d76f4838400fd9944b8f\Vodafone.SmsProfileManager.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.NETWORKLIST\746c91b4cfa23bb27cc533e9cfc7a78f\Interop.NETWORKLIST.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.VpnApiLib\176580f9eb49b353c16cc3ee5d34b0c2\Interop.VpnApiLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.FCCOMINTDLL#\1cb09ba415f89703035bcbe26bb6ac4e\Interop.FCCOMINTDLLLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.INSTALLERCO#\909dab46fb18803c17b57300c7205cee\Interop.INSTALLERCONTROLLib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Inter#\8cf10cb0674f72883a187b1b24359742\Vodafone.Base.Interfaces.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\1fdefec38eb3fe36e4e75d6943eb2e7f\Vodafone.DeviceAccess.Interfaces.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Inter#\58970922592b04bebbc61b551ec4a04d\Vodafone.Core.Interfaces.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.Shell32\6e1e109c874ec6ef66e601ae625eec58\Interop.Shell32.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.VmbApi.Con#\4eae61f071754476713bb95c9ff497a6\Vodafone.VmbApi.Contracts.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Vodafone.MobileBroa#\3a06fbcb76ef0a78979266c64541136a\Vodafone.MobileBroadband.CallbackHandler.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\6ccc2f167855025c161a81628c49f88f\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3444fbefcbd532181c499150ace644a4\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\Program Files\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax ()
MOD - C:\Windows\System32\msjetoledb40.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_cs_b77a5c561934e089\System.Xml.resources.dll ()
MOD - C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()
MOD - C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll ()
MOD - C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll ()
MOD - C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll ()
MOD - C:\Windows\System32\igfxTMM.dll ()
MOD - C:\Program Files\TOSHIBA\Tilt Mouse Software\1.1\ACQDEVCL.dll ()
MOD - C:\Program Files\TOSHIBA\Tilt Mouse Software\1.1\ACQTMAPP.exe ()
MOD - C:\Program Files\TOSHIBA\Tilt Mouse Software\1.1\ACQTMDLL.DLL ()
MOD - C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll ()
MOD - c:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll ()

========== Services (SafeList) ==========

SRV - (AvastVBoxSvc) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (DbxSvc) -- C:\Windows\System32\DbxSvc.exe (Dropbox, Inc.)
SRV - (dbupdatem) -- C:\Program Files\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
SRV - (dbupdate) -- C:\Program Files\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (PDF Architect Helper Service) -- C:\Program Files\PDF Architect\HelperService.exe (pdfforge GmbH)
SRV - (PDF Architect Service) -- C:\Program Files\PDF Architect\ConversionService.exe (pdfforge GmbH)
SRV - (VmbService) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (nlsX86cc) -- C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.)
SRV - (AtherosSvc) -- C:\Program Files\Bluetooth Suite\AdminService.exe (Atheros Commnucations)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TosCoSrv) -- c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (ConfigFree Service) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (TOSHIBA SMART Log Service) -- c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe (TOSHIBA Corporation)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (Acronis)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)

========== Driver Services (SafeList) ==========

DRV - (VBoxAswDrv) -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys File not found
DRV - (PCASp50) -- System32\Drivers\PCASp50.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (huawei_enumerator) -- system32\DRIVERS\ew_jubusenum.sys File not found
DRV - (huawei_cdcacm) -- system32\DRIVERS\ew_jucdcacm.sys File not found
DRV - (ew_hwusbdev) -- system32\DRIVERS\ew_hwusbdev.sys File not found
DRV - (dbx) -- system32\DRIVERS\dbx.sys File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (adusbser) -- system32\DRIVERS\adusbser.sys File not found
DRV - (aswVmm) -- C:\Windows\System32\drivers\aswvmm.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswsp.sys (AVAST Software)
DRV - (aswStmXP) -- C:\Windows\System32\drivers\aswStmXP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswHwid) -- C:\Windows\System32\drivers\aswHwid.sys (AVAST Software)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (BtFilter) -- C:\Windows\System32\drivers\btfilter.sys (Atheros)
DRV - (BTATH_RCP) -- C:\Windows\System32\drivers\btath_rcp.sys (Atheros)
DRV - (BTATH_A2DP) -- C:\Windows\System32\drivers\btath_a2dp.sys (Atheros)
DRV - (BTATH_HCRP) -- C:\Windows\System32\drivers\btath_hcrp.sys (Atheros)
DRV - (btath_avdt) -- C:\Windows\System32\drivers\btath_avdt.sys (Atheros)
DRV - (BTATH_LWFLT) -- C:\Windows\System32\drivers\btath_lwflt.sys (Atheros)
DRV - (ATHDFU) -- C:\Windows\System32\drivers\AthDfu.sys (Windows (R) Win 7 DDK provider)
DRV - (AthBTPort) -- C:\Windows\System32\drivers\btath_flt.sys (Atheros)
DRV - (BTATH_BUS) -- C:\Windows\System32\drivers\btath_bus.sys (Atheros)
DRV - (tos_sps32) -- C:\Windows\System32\drivers\tos_sps32.sys (TOSHIBA Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (RTL8187B) -- C:\Windows\System32\drivers\rtl8187B.sys (Realtek Semiconductor Corporation )
DRV - (UVCFTR) -- C:\Windows\System32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)
DRV - (TVALZ) -- C:\Windows\System32\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (RtlProt) -- C:\Windows\System32\drivers\RtlProt.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (FwLnk) -- C:\Windows\System32\drivers\FwLnk.sys (TOSHIBA Corporation)
DRV - (NETw3v32) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (ASPI32) -- C:\Windows\System32\drivers\ASPI32.SYS (Adaptec)

peacer42 · Příspěvekod **peacer42** » 15 lis 2016 17:15

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{20769AE4-8DD1-4552-A57F-65983C189980}: "URL" = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {20769AE4-8DD1-4552-A57F-65983C189980}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{20769AE4-8DD1-4552-A57F-65983C189980}: "URL" = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;&rlz=
IE - HKCU\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:49.0.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll ()
FF - HKLM\Software\MozillaPlugins\@cuminas.jp/DjVuPlugin: C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll (Cuminas Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.111.2: C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2: C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nullsoft.com/winampDetector;version=1: C:\Program Files\Winamp Detect\npwachk.dll File not found
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2015.01.21 21:43:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.05 14:05:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016.07.10 09:51:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 49.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 49.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2016.10.21 08:49:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.09.05 14:05:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 49.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 49.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2016.10.21 08:49:03 | 000,000,000 | ---D | M]

[2010.04.09 17:11:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukeh\AppData\Roaming\Mozilla\Extensions
[2012.01.04 19:39:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukeh\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2016.11.12 17:48:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukeh\AppData\Roaming\Mozilla\Firefox\Profiles\um0cmndl.default-1441031397869\extensions
[2014.10.13 10:41:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukeh\AppData\Roaming\Mozilla\Firefox\Profilesuiswrfdo.default\extensions
[2014.10.13 10:41:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukeh\AppData\Roaming\Mozilla\Firefox\Profilesuiswrfdo.default\extensions\staged
[2016.11.12 17:48:02 | 000,005,389 | ---- | M] () (No name found) -- C:\Users\lukeh\AppData\Roaming\Mozilla\Firefox\Profiles\um0cmndl.default-1441031397869\features\{59ab1795-2285-4999-ac56-8ded8a906d72}\asyncrendering@mozilla.org.xpi
[2016.10.21 08:49:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2007.04.10 16:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2015.09.24 16:40:32 | 000,188,304 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll

O1 HOSTS File: ([2016.11.14 18:31:18 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ACQTMOUSE] C:\Program Files\TOSHIBA\Tilt Mouse Software\1.1\ACQTMAPP.exe ()
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AthBtTray] C:\Program Files\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4 - HKLM..\Run: [AtherosBtStack] C:\Program Files\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [Dropbox] C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [VmbNotifier] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe (Vodafone)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Java Plug-in 1.8.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Java Plug-in 11.111.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.9.1 192.168.9.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED20955E-1D1E-4A9E-89FE-F06460D27A54}: DhcpNameServer = 192.168.9.1 192.168.9.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\lukeh\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\lukeh\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2016.11.15 16:50:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\lukeh\Desktop\OTL.exe
[2016.11.14 18:31:20 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2016.11.14 18:28:13 | 000,000,000 | ---D | C] -- C:\Users\lukeh\AppData\Local\temp
[2016.11.12 14:03:58 | 005,200,384 | ---- | C] (AVAST Software) -- C:\Users\lukeh\Desktop\aswmbr.exe
[2016.11.12 08:14:44 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2016.11.12 08:14:44 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2016.11.12 08:14:44 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2016.11.12 08:14:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2016.11.12 08:12:08 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2016.11.12 08:11:15 | 005,659,834 | R--- | C] (Swearware) -- C:\Users\lukeh\Desktop\ComboFix.exe
[2016.11.12 05:25:48 | 000,000,000 | ---D | C] -- C:\zoek
[2016.11.12 05:11:44 | 000,000,000 | ---D | C] -- C:\Users\lukeh\AppData\Local\Apple
[2016.11.11 20:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
[2016.11.11 18:54:47 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2016.11.10 18:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2016.11.10 18:42:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2016.11.10 18:42:26 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2016.11.10 17:56:40 | 001,631,928 | ---- | C] (Malwarebytes) -- C:\Users\lukeh\Desktop\JRT.exe
[2016.11.09 20:28:46 | 000,000,000 | ---D | C] -- C:\Users\lukeh\AppData\Local\CEF
[2016.11.09 20:25:50 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016.11.09 20:17:00 | 000,000,000 | ---D | C] -- C:\Users\lukeh\AppData\Local\Adobe
[2016.11.07 23:49:08 | 000,063,600 | ---- | C] (Dropbox, Inc.) -- C:\Windows\System32\drivers\dbx-stable.sys
[2016.11.07 23:49:08 | 000,063,600 | ---- | C] (Dropbox, Inc.) -- C:\Windows\System32\drivers\dbx-dev.sys
[2016.11.07 23:49:08 | 000,063,600 | ---- | C] (Dropbox, Inc.) -- C:\Windows\System32\drivers\dbx-canary.sys
[2016.11.07 23:49:04 | 000,035,440 | ---- | C] (Dropbox, Inc.) -- C:\Windows\System32\DbxSvc.exe
[2016.11.07 12:40:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.2
[2016.11.07 12:37:30 | 000,000,000 | ---D | C] -- C:\Program Files\LibreOffice 5
[2016.10.29 02:12:00 | 000,970,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr120.dll
[2016.10.29 02:12:00 | 000,455,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp120.dll
[2016.10.21 08:48:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2016.10.19 19:13:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2008.09.26 08:19:23 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\lukeh\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2016.11.15 16:55:42 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskMachineUA.job
[2016.11.15 16:51:01 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016.11.15 16:50:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\lukeh\Desktop\OTL.exe
[2016.11.15 16:49:43 | 009,479,020 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2016.11.15 16:49:43 | 003,885,550 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016.11.15 16:49:43 | 003,244,972 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016.11.15 16:49:38 | 003,331,986 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2016.11.15 16:10:03 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\DropboxUpdateTaskMachineCore.job
[2016.11.15 16:01:29 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2016.11.15 16:01:29 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2016.11.15 16:01:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016.11.15 00:30:43 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2016.11.14 18:31:18 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2016.11.13 17:31:41 | 000,002,619 | ---- | M] () -- C:\Users\lukeh\Desktop\Microsoft Word 2010.lnk
[2016.11.12 14:04:01 | 005,200,384 | ---- | M] (AVAST Software) -- C:\Users\lukeh\Desktop\aswmbr.exe
[2016.11.12 08:11:16 | 005,659,834 | R--- | M] (Swearware) -- C:\Users\lukeh\Desktop\ComboFix.exe
[2016.11.11 18:53:46 | 001,309,184 | ---- | M] () -- C:\Users\lukeh\Desktop\zoek.exe
[2016.11.11 17:51:30 | 000,024,688 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2016.11.10 18:42:51 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2016.11.10 18:11:22 | 000,170,200 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2016.11.10 17:56:40 | 001,631,928 | ---- | M] (Malwarebytes) -- C:\Users\lukeh\Desktop\JRT.exe
[2016.11.09 20:40:24 | 000,000,864 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2016.11.09 20:25:03 | 003,910,208 | ---- | M] () -- C:\Users\lukeh\Desktop\AdwCleaner.exe
[2016.11.08 15:51:28 | 000,796,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2016.11.08 15:51:28 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2016.11.07 23:49:08 | 000,063,600 | ---- | M] (Dropbox, Inc.) -- C:\Windows\System32\drivers\dbx-stable.sys
[2016.11.07 23:49:08 | 000,063,600 | ---- | M] (Dropbox, Inc.) -- C:\Windows\System32\drivers\dbx-dev.sys
[2016.11.07 23:49:08 | 000,063,600 | ---- | M] (Dropbox, Inc.) -- C:\Windows\System32\drivers\dbx-canary.sys
[2016.11.07 23:49:04 | 000,035,440 | ---- | M] (Dropbox, Inc.) -- C:\Windows\System32\DbxSvc.exe
[2016.11.07 15:28:06 | 003,875,496 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2016.11.07 12:40:19 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\LibreOffice 5.2.lnk
[2016.10.29 02:12:00 | 000,970,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr120.dll
[2016.10.29 02:12:00 | 000,455,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp120.dll
[2016.10.19 19:09:00 | 000,095,808 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

========== Files Created - No Company Name ==========

[2016.11.12 08:14:44 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2016.11.12 08:14:44 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2016.11.12 08:14:44 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2016.11.12 08:14:44 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2016.11.12 08:14:44 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2016.11.11 18:53:45 | 001,309,184 | ---- | C] () -- C:\Users\lukeh\Desktop\zoek.exe
[2016.11.10 18:42:51 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2016.11.09 20:23:58 | 003,910,208 | ---- | C] () -- C:\Users\lukeh\Desktop\AdwCleaner.exe
[2016.11.07 12:40:19 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\LibreOffice 5.2.lnk
[2015.08.05 16:57:13 | 000,024,688 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2015.05.20 18:10:27 | 000,000,031 | ---- | C] () -- C:\Windows\System32\wocsodsini.dll
[2015.02.25 16:58:23 | 000,082,064 | ---- | C] () -- C:\Windows\cadkasdeinst01cz.exe
[2015.02.12 13:17:45 | 014,374,980 | ---- | C] () -- C:\Users\lukeh\AppData\Local\WER216B.tmp.secure.hdmp
[2014.12.23 00:05:09 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2014.12.23 00:05:09 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2014.12.06 19:09:06 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2013.07.04 19:43:42 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2013.07.04 19:42:28 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2013.07.04 19:42:28 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2013.07.04 19:41:36 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLeo.DAT
[2008.09.26 08:19:23 | 000,081,920 | ---- | C] () -- C:\Users\lukeh\AppData\Roaming\ezpinst.exe
[2008.09.26 08:19:23 | 000,007,176 | ---- | C] () -- C:\Users\lukeh\AppData\Roaming\pcouffin.cat
[2008.09.26 08:19:23 | 000,001,144 | ---- | C] () -- C:\Users\lukeh\AppData\Roaming\pcouffin.inf
[2008.09.25 14:51:47 | 000,200,192 | ---- | C] () -- C:\Users\lukeh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.07.29 01:46:08 | 011,588,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.09.20 14:08:39 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\Aegisub
[2014.11.18 17:47:37 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\Artweaver Free
[2015.11.05 10:44:41 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\Audacity
[2015.03.09 11:03:05 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\AVAST Software
[2016.05.11 19:43:37 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\avidemux
[2016.04.06 19:43:54 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\BSplayer
[2009.02.25 22:35:11 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\BSplayer Pro
[2009.02.25 22:43:11 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\Bullzip
[2011.04.10 19:14:05 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\CAD-KAS
[2013.04.18 16:05:15 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2015.07.26 10:52:58 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\DAEMON Tools Lite
[2009.02.25 22:52:03 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\deskPDF
[2015.07.01 20:38:43 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\Docx2Rtf
[2013.07.11 08:10:54 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\Downloaded Installations
[2015.06.22 17:32:03 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\Dropbox
[2016.11.07 16:51:03 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\foobar2000
[2011.04.19 17:48:01 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\FreeBurner
[2013.04.26 18:39:00 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\GHISLER
[2015.07.25 18:21:00 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\HD Tune Pro
[2011.12.21 19:15:05 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\IrfanView
[2014.03.30 19:12:04 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\LibreOffice
[2013.07.04 19:50:54 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\Nikon
[2013.07.11 08:18:11 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\Nitro PDF
[2014.12.06 20:24:20 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\Nokia
[2015.07.01 20:38:26 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\NwDocx
[2014.03.30 19:39:45 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\OpenOffice
[2010.03.23 09:19:57 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\OpenOffice.org
[2014.05.07 14:22:07 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\Oracle
[2014.12.06 20:22:42 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\PC Suite
[2013.11.25 13:48:41 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\PDF Architect
[2009.04.15 19:55:42 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\PDF reDirect
[2008.10.20 12:47:09 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\PEERNET
[2008.09.26 07:54:23 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\RipIt4Me
[2008.10.20 12:43:54 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\SolidDocuments
[2013.08.12 21:09:34 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\T-Mobile
[2009.02.03 20:08:19 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\Toshiba
[2015.04.11 22:16:58 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\Tracker Software
[2013.04.21 17:40:35 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\TuneUp Software
[2011.04.19 21:14:51 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\Ulead Systems
[2014.08.15 16:34:54 | 000,000,000 | ---D | M] -- C:\Users\lukeh\AppData\Roaming\Vodafone

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:B9AB561D

< End of report >

peacer42 · Příspěvekod **peacer42** » 15 lis 2016 17:15

OTL Extras logfile created on: 15.11.2016 16:52:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\lukeh\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 42,72% Memory free
4,22 Gb Paging File | 2,26 Gb Available in Paging File | 53,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,37 Gb Total Space | 3,96 Gb Free Space | 5,33% Space Free | Partition Type: NTFS
Drive E: | 73,21 Gb Total Space | 38,52 Gb Free Space | 52,61% Space Free | Partition Type: NTFS

Computer Name: LUKEH-PC | User Name: lukeh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.txt [@ = Word Reader-TXT] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C6BF28A-EE82-472A-8F3E-D07DEC8D3951}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{126B19BC-5347-40CB-AB26-2A47480858F0}" = lport=137 | protocol=17 | dir=in | app=system |
"{4A3EC1F8-4A21-4221-8FC0-979DCC2D2A76}" = rport=445 | protocol=6 | dir=out | app=system |
"{4BB596CF-0B0D-48DE-AD09-9D2B16A0E02C}" = rport=138 | protocol=17 | dir=out | app=system |
"{578EF63E-EC9F-4C51-9261-23EE7DFF6E93}" = lport=445 | protocol=6 | dir=in | app=system |
"{6D4227BD-7AA6-43AD-93EF-D32E7FB44437}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7F206385-581F-4655-8E6F-8B3771162901}" = lport=138 | protocol=17 | dir=in | app=system |
"{8F9E2311-F37C-4A6D-966B-39C84B496328}" = lport=2869 | protocol=6 | dir=in | app=system |
"{95DC96CC-DCC9-4D8D-9993-516FCB925729}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{95E960A8-2A02-48BD-9DE3-3DF0B9AC17D6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{9F0EDC1A-DC5B-4436-B17F-DBF1D1BD8151}" = rport=139 | protocol=6 | dir=out | app=system |
"{B30147A4-5BCE-4A18-9809-673431055C3D}" = lport=139 | protocol=6 | dir=in | app=system |
"{CDADE789-157F-4373-A819-B9A595497ACA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{F333E675-E593-476C-A3E6-AA7CBB90CF2C}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07CFBE14-8739-4020-86EA-1C66F93E68D0}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{0B7651CF-A8FA-4979-B8E7-F6EF426321C5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{1228FEBD-443A-4330-A02C-E5B21CD0A32D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{198D314C-F778-4F03-9B11-CFB2572E2453}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{47A07149-921A-4553-B7B7-979485389429}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{50B3EF4C-78F9-46B6-8FB4-5112B2C480E2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{66D31195-E548-46EB-AED7-C53A947DC677}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{6722491A-B967-4DB0-B116-7EE20F9144E9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{688F4B8B-1126-4113-9438-17B52997168B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{6B16C8FB-A6BA-405C-91D5-681D87F9FA8C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{6CFB4C5F-8FF0-4CFF-B2FA-8960A3FA7F85}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{713D3848-3D2B-4E92-9A08-D51D78F60F67}" = protocol=6 | dir=out | app=system |
"{7435808C-0C99-4017-90EE-FEBA5009131B}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{7766EFE4-F5A8-4EFC-8FAA-05214114BC84}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7852C75F-002A-4F9E-994B-26A65E23B95A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{79077D80-EA28-4A54-A5AE-E45F9A0C22D4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{9648DCDE-1D88-4D63-B6DD-6DF8B9A4DF44}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{972B87D6-C023-484A-BAA0-C474860EE649}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9B9E5496-C68E-41B6-A0CD-E212ED2AA943}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{ABFAEBA2-5889-4FA6-BEAA-18C5B5CCD4CE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{BC863B97-86F8-4BCE-9D95-AEC7DEDBAA34}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{C4FBC928-F079-4A5F-8A53-09096C2F23D2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{CA0BC8CE-B3E4-4476-A875-50096909B37E}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{E4A14BB2-4A44-45C3-9099-D596F8C692A1}" = dir=in | app=c:\program files\dropbox\client\dropbox.exe |
"{ECDAE77B-6332-4C49-978E-0C60EC72005A}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{EE7F4994-22E6-4F58-BD7C-7BCEDBCC2143}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{EEE108B2-3737-4C72-8DCD-6BB572724DDF}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{F20F22C2-095C-4BB9-9961-4909472A138A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{F35928B9-6F3D-44E5-A815-45A86ECB87A4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{FC610248-755E-4ACB-AA5E-443A6B8FBB9D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{00F3B81C-E58E-4461-9384-1B6A906EFE13}C:\program files\libreoffice 4\program\soffice.bin" = protocol=6 | dir=in | app=c:\program files\libreoffice 4\program\soffice.bin |
"TCP Query User{555BCAEA-9097-4614-9B87-16C47B7C42A5}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{5FD0852C-EF94-4EFB-AA74-4E075C613755}C:\program files\libreoffice 4\program\soffice.bin" = protocol=6 | dir=in | app=c:\program files\libreoffice 4\program\soffice.bin |
"TCP Query User{BFDA098A-115B-480C-9954-961B42AD4874}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{FC609C0B-A567-4F9B-A3E6-2459D803E488}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{044369A2-6759-4997-A0FA-167FE839DCB0}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{20F85629-382E-445E-ABF9-78B68C256B25}C:\program files\libreoffice 4\program\soffice.bin" = protocol=17 | dir=in | app=c:\program files\libreoffice 4\program\soffice.bin |
"UDP Query User{30A9D34D-DDEC-41A6-B534-FA2C0D0FF8A1}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{665D9769-D7A1-4973-BF0E-84BFAEE2891F}C:\program files\libreoffice 4\program\soffice.bin" = protocol=17 | dir=in | app=c:\program files\libreoffice 4\program\soffice.bin |
"UDP Query User{FDB0E91E-06D5-46DD-B25C-7C8DA628103A}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{65094424-9351-40B8-939B-3676D67E48E0}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02CA24DD-C8B0-4280-BE53-7862869C2EB1}" = Realtek WiFi Protected Setup Library
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{05D18A0F-ED9D-4FBD-9BF5-AF632EB09CB3}" = CGS15_IPM_T2
"{064A929A-4DE8-40CF-A901-BD40C14E4D25}" = PDF Architect
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{099218A5-A723-43DC-8DB5-6173656A1E94}" = Dropbox Update Helper
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F4F4815-76AD-4B26-8763-72F3344041C2}" = Návody TOSHIBA
"{101A497C-7EF6-4001-834D-E5FA1C70FEFA}" = Bluetooth Vista Suite
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1" = Aegisub 2.1.9
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F32180111F0}" = Java 8 Update 111
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{30605C95-A3A0-4A08-AD58-9AE7ABA47B70}" = LibreOffice 5.2.3.3
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{356658C7-8C60-4A43-AF50-75CA8E642934}" = CorelDRAW Graphics Suite X5 - CZ
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3911CF56-9EF2-39BA-846A-C27BD3CD0685}" = Microsoft .NET Framework 4.5.2
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{4DC59BF3-0D72-3CE8-BFEF-1E8FAF689EB0}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{50298931-8B2F-4E55-887D-CEF26C769CFC}" = Document Express DjVu Plug-in
"{505522F8-9BAF-4CB4-8767-EE074BB0ECE1}" = PS_AIO_07_B010_SW_Min
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{65094424-9351-40B8-939B-3676D67E48E0}" = Corel Graphics - Windows Shell Extension
"{69EDC871-8A8A-34A8-B511-FF7CE3C4B0B7}" = Microsoft .NET Framework 4.5.2 (CSY)
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{81830FEF-866C-4DC0-9435-B6287B1EDD8A}" = HP Photosmart B010 All-In-One Driver Software 14.0 Rel. 7
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BF46E02-3A99-4469-AE99-EAAE51FE8F9F}" = B010
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.2 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{951FF461-42BC-48C3-B299-C58EC507CA38}" = PDF-XChange Editor
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Ztlumení jednotky CD/DVD
"{A0BCF90F-B4E4-435C-A48D-8FAAE10554F9}" = Pixia
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-0804-1033-1959-001824166751}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.16) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BBEC10F9-AC15-41EE-A271-0B1077F53740}" = Adobe AIR
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{C91B24F6-1629-11E2-B696-21676188709B}" = PDF Split And Merge Basic
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1" = aTube Catcher verze 3.8
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}" = QuickTime 7
"{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}" = Apple Software Update
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"7-Zip" = 7-Zip 16.02
"83FFB914-6FA7-4F1F-807E-E0FFBA2E49E1_is1" = Infix PDF Editor verze 6.3.5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 23 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 23 NPAPI
"aTube Catcher" = aTube Catcher
"Audacity_is1" = Audacity 2.0.6
"Avast" = Avast Free Antivirus
"AVI Movie Player" = AVI Movie Player
"AVI ReComp" = AVI ReComp 1.5.6
"AviSynth" = AviSynth 2.5
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Dropbox" = Dropbox
"foobar2000" = foobar2000 v1.2.3
"FormatFactory" = FormatFactory 2.70
"GPL Ghostscript_is1" = Docudesk GPL Ghostscript 8.15
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.2.0 (Basic)
"LAME_is1" = LAME v3.99.3 (for Windows)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.1.1043
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Mozilla Firefox 49.0.2 (x86 cs)" = Mozilla Firefox 49.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PDF Editor 4" = PDF Editor 4
"PEKI dictionary" = PEKI dictionary 1.21
"PhotoScape" = PhotoScape
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Sudden Strike II" = Sudden Strike II
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tilt Mouse Software_is1" = Tilt Mouse Software 1.1
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Totalcmd" = Total Commander (Remove or Repair)
"VobSub" = VobSub 2.23
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR
"Xvid Video Codec 1.3.2" = Xvid Video Codec

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 14.11.2016 7:43:22 | Computer Name = lukeh-PC | Source = LoadPerf | ID = 3012
Description =

Error - 14.11.2016 7:43:22 | Computer Name = lukeh-PC | Source = LoadPerf | ID = 3012
Description =

Error - 14.11.2016 7:43:22 | Computer Name = lukeh-PC | Source = LoadPerf | ID = 3011
Description =

Error - 14.11.2016 13:30:52 | Computer Name = lukeh-PC | Source = DbxSvc | ID = 131392
Description = Failed to connect to the driver: (-2147024894) Systém nemůže nalézt
uvedený soubor.

Error - 14.11.2016 14:09:23 | Computer Name = lukeh-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 14.11.2016 14:09:23 | Computer Name = lukeh-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 15.11.2016 11:01:37 | Computer Name = lukeh-PC | Source = DbxSvc | ID = 131392
Description = Failed to connect to the driver: (-2147024894) Systém nemůže nalézt
uvedený soubor.

Error - 15.11.2016 11:49:33 | Computer Name = lukeh-PC | Source = LoadPerf | ID = 3012
Description =

Error - 15.11.2016 11:49:33 | Computer Name = lukeh-PC | Source = LoadPerf | ID = 3012
Description =

Error - 15.11.2016 11:49:33 | Computer Name = lukeh-PC | Source = LoadPerf | ID = 3011
Description =

[ System Events ]
Error - 14.11.2016 13:14:47 | Computer Name = lukeh-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 14.11.2016 13:14:48 | Computer Name = lukeh-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 14.11.2016 13:14:50 | Computer Name = lukeh-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 14.11.2016 13:14:50 | Computer Name = lukeh-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 14.11.2016 13:14:51 | Computer Name = lukeh-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 14.11.2016 13:15:32 | Computer Name = lukeh-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 14.11.2016 13:22:16 | Computer Name = lukeh-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 14.11.2016 13:28:20 | Computer Name = lukeh-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 14.11.2016 14:07:23 | Computer Name = lukeh-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 14.11.2016 19:29:25 | Computer Name = lukeh-PC | Source = DCOM | ID = 10010
Description =

< End of report >

Příspěvekod **jaro3** » 15 lis 2016 19:13

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (AvastVBoxSvc) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe File not found
DRV - (VBoxAswDrv) -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys File not found
DRV - (PCASp50) -- System32\Drivers\PCASp50.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (huawei_enumerator) -- system32\DRIVERS\ew_jubusenum.sys File not found
DRV - (huawei_cdcacm) -- system32\DRIVERS\ew_jucdcacm.sys File not found
DRV - (ew_hwusbdev) -- system32\DRIVERS\ew_hwusbdev.sys File not found
DRV - (dbx) -- system32\DRIVERS\dbx.sys File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (adusbser) -- system32\DRIVERS\adusbser.sys File not found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{20769AE4-8DD1-4552-A57F-65983C189980}: "URL" = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=
IE - HKCU\..\SearchScopes,DefaultScope = {20769AE4-8DD1-4552-A57F-65983C189980}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{20769AE4-8DD1-4552-A57F-65983C189980}: "URL" = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;&rlz=
IE - HKCU\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:49.0.2
[2010.04.09 17:11:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukeh\AppData\Roaming\Mozilla\Extensions
[2012.01.04 19:39:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukeh\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2016.11.12 17:48:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukeh\AppData\Roaming\Mozilla\Firefox\Profiles\um0cmndl.default-1441031397869\extensions
[2014.10.13 10:41:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukeh\AppData\Roaming\Mozilla\Firefox\Profilesuiswrfdo.default\extensions
[2014.10.13 10:41:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lukeh\AppData\Roaming\Mozilla\Firefox\Profilesuiswrfdo.default\extensions\staged
[2016.11.12 17:48:02 | 000,005,389 | ---- | M] () (No name found) -- C:\Users\lukeh\AppData\Roaming\Mozilla\Firefox\Profiles\um0cmndl.default-1441031397869\features\{59ab1795-2285-4999-ac56-8ded8a906d72}\asyncrendering@mozilla.org.xpi
[2016.10.21 08:49:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Java Plug-in 1.8.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Java Plug-in 11.111.2)
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:B9AB561D

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Program Files (x86)\*.tmp
C:\Users\lukeh\AppData\Local\WER216B.tmp.secure.hdmp
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLev.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLeo.DAT
c:\windows\TEMP\SafeZone Installer\installer.exe

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Aktualizuj javu:
http://www.oracle.com/technetwork/java/ ... 33155.html
Java SE Runtime Environment 8

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-8-windows-i586-p.exe nebo
jre-8-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

Drive C: | 74,37 Gb Total Space | 3,96 Gb Free Space | 5,33% Space Free | Partition Type: NTFS
Totální nedostatek volného místa na disku!! Něco odinstaluj , smaž. Máš mít nejméně 15-20% volného místa na syst. disku , pro zajištění bezproblémového chodu windows!!

peacer42 · Příspěvekod **peacer42** » 15 lis 2016 21:44

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Error: No service named AvastVBoxSvc was found to stop!
Unable to delete service\driver key AvastVBoxSvc.
File C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe File not found not found.
Error: No service named VBoxAswDrv was found to stop!
Unable to delete service\driver key VBoxAswDrv.
File C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys File not found not found.
Service PCASp50 stopped successfully!
Service PCASp50 deleted successfully!
File System32\Drivers\PCASp50.sys File not found not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File system32\DRIVERS\nwlnkfwd.sys File not found not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File system32\DRIVERS\nwlnkflt.sys File not found not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File system32\DRIVERS\ipinip.sys File not found not found.
Service huawei_enumerator stopped successfully!
Service huawei_enumerator deleted successfully!
File system32\DRIVERS\ew_jubusenum.sys File not found not found.
Service huawei_cdcacm stopped successfully!
Service huawei_cdcacm deleted successfully!
File system32\DRIVERS\ew_jucdcacm.sys File not found not found.
Service ew_hwusbdev stopped successfully!
Service ew_hwusbdev deleted successfully!
File system32\DRIVERS\ew_hwusbdev.sys File not found not found.
Service dbx stopped successfully!
Service dbx deleted successfully!
File system32\DRIVERS\dbx.sys File not found not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys File not found not found.
Service blbdrive stopped successfully!
Service blbdrive deleted successfully!
File C:\Windows\system32\drivers\blbdrive.sys File not found not found.
Service adusbser stopped successfully!
Service adusbser deleted successfully!
File system32\DRIVERS\adusbser.sys File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{20769AE4-8DD1-4552-A57F-65983C189980}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20769AE4-8DD1-4552-A57F-65983C189980}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{20769AE4-8DD1-4552-A57F-65983C189980}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20769AE4-8DD1-4552-A57F-65983C189980}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:49.0.2 removed from extensions.enabledAddons
C:\Users\lukeh\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@themediadownloader.com\chrome\content folder moved successfully.
C:\Users\lukeh\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@themediadownloader.com\chrome folder moved successfully.
C:\Users\lukeh\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@themediadownloader.com folder moved successfully.
C:\Users\lukeh\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Users\lukeh\AppData\Roaming\Mozilla\Extensions folder moved successfully.
Folder C:\Users\lukeh\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\ not found.
C:\Users\lukeh\AppData\Roaming\Mozilla\Firefox\Profiles\um0cmndl.default-1441031397869\extensions folder moved successfully.
C:\Users\lukeh\AppData\Roaming\Mozilla\Firefox\Profilesuiswrfdo.default\extensions\staged\{536296fd-0562-4b56-8f95-1a25c5ffc83f} folder moved successfully.
C:\Users\lukeh\AppData\Roaming\Mozilla\Firefox\Profilesuiswrfdo.default\extensions\staged folder moved successfully.
C:\Users\lukeh\AppData\Roaming\Mozilla\Firefox\Profilesuiswrfdo.default\extensions folder moved successfully.
Folder C:\Users\lukeh\AppData\Roaming\Mozilla\Firefox\Profilesuiswrfdo.default\extensions\staged\ not found.
C:\Users\lukeh\AppData\Roaming\Mozilla\Firefox\Profiles\um0cmndl.default-1441031397869\features\{59ab1795-2285-4999-ac56-8ded8a906d72}\asyncrendering@mozilla.org.xpi moved successfully.
C:\Program Files\Mozilla Firefox\browser\extensions folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NDSTray.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
ADS C:\ProgramData\TEMP:B9AB561D deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\DropboxUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\DropboxUpdateTaskMachineUA.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
C:\Users\lukeh\AppData\Local\WER216B.tmp.secure.hdmp moved successfully.
C:\ProgramData\PKP_DLes.DAT moved successfully.
C:\ProgramData\PKP_DLev.DAT moved successfully.
C:\ProgramData\PKP_DLet.DAT moved successfully.
C:\ProgramData\PKP_DLeo.DAT moved successfully.
File move failed. c:\windows\TEMP\SafeZone Installer\installer.exe scheduled to be moved on reboot.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: lukeh
->Temp folder emptied: 241033 bytes
->Temporary Internet Files folder emptied: 49554 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 12457862 bytes
->Flash cache emptied: 506 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1962548 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 14,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 11152016_201232

Files\Folders moved on Reboot...
File move failed. c:\windows\TEMP\SafeZone Installer\installer.exe scheduled to be moved on reboot.
C:\Users\lukeh\AppData\Local\Temp\wmsetup.log moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160330171324.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\opera_installer_20160330171352.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20160330175724.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20160330175732.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Příspěvekod **jaro3** » 16 lis 2016 09:46

c:\windows\TEMP\SafeZone Installer\installer.exe -- podívej se , zda je ten soubor už smazaný.

Co problémy?

peacer42 · Příspěvekod **peacer42** » 16 lis 2016 16:04

Děkuju, všechno je v pořádku.

Jediný problém snad je, že ten soubor je tam pořád, ale jestli to není nic zásadního, tak...

Příspěvekod **jaro3** » 16 lis 2016 18:50

Zkus ten soubor smazat ručně v nouz. režimu.

peacer42 · Příspěvekod **peacer42** » 16 lis 2016 19:51

Tak v nouzovém režimu SMAZÁNO! Díky za radu.

Prosím o kontrolu logu Vyřešeno

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online