Prosim o kontrolu logu

[jaro3]

Spusť OTC , Combofix by měl zmizet.

[Reklama]

[Vozik_]

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\mswficwSrv deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\MSStp deleted successfully.
========== FILES ==========
c:\windows\system32\mswficw.vbe moved successfully.
c:\windows\system32\msstp.vbe moved successfully.
File/Folder C:\WINDOWS\System32\*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job moved successfully.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
File/Folder C:\*.tmp not found.
File/Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File/Folder C:\Program Files\*.tmp not found.
File/Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File/Folder C:\Windows\SysNative\drivers\*.tmp not found.
File/Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File/Folder C:\Program Files (x86)\*.tmp not found.
File/Folder C:\Windows\SysWow64\*.tmp not found.
File/Folder C:\Windows\SysNative\*.tmp not found.
File/Folder C:\Program Files (x86)\*.tmp not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes

User: HomeGroupUser$
->Temp folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: V clav
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes

User: Václav
->Temp folder emptied: 44333 bytes
->Temporary Internet Files folder emptied: 462994 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Vßclav
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: V�clav
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 211 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 08242015_130712

Files moved on Reboot...
C:\Users\Václav\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

[jaro3]

Spusť OTM a klikni na Clean Up!

Co problémy?

[Vozik_]

To je vše..?

[Orcus]

Jsou nějaké problémy nebo ne?

[Vozik_]

Nemohu zapnout bránu Windows Firewall https://gyazo.com/e04feda3aac32edc08d1589c6d0e31ef a nemohu si prohledat počítač Windows Security Essentials kvůli tomu, že mi to nechce stáhnout aktualizaci a ani nejde odinstalovat...

[jaro3]

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[Vozik_]

OTL Extras logfile created on: 25.8.2015 12:09:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Václav\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17843)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,98 Gb Total Physical Memory | 5,96 Gb Available Physical Memory | 74,72% Memory free
15,96 Gb Paging File | 13,80 Gb Available in Paging File | 86,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,13 Gb Total Space | 171,64 Gb Free Space | 38,73% Space Free | Partition Type: NTFS
Drive D: | 488,28 Gb Total Space | 405,06 Gb Free Space | 82,96% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Václav | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13DBB754-BDF9-41F9-8DF8-F67784121D59}" = rport=445 | protocol=6 | dir=out | app=system |
"{285F25D1-F58B-4FF4-8FD8-412AF5C42BDC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{3B3A130B-5F27-4505-96DD-C76FAFCEF7C1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3CD05C3F-1E23-4B56-951C-4BA700ECA666}" = lport=139 | protocol=6 | dir=in | app=system |
"{41B397F9-F822-41FF-884C-4E428271393B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4BF86BBE-3312-4BE9-894A-62040FC25C77}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{53A3699F-FB6A-4EDE-8BA1-14DBE8569D9E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6615665E-CE1D-457B-8ECD-CCFEF596CE91}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6A36E7DE-249E-48FB-AA65-9B4EAB083139}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{6C9C36A6-87EE-46DC-B9E7-E9CC0BD365D6}" = rport=139 | protocol=6 | dir=out | app=system |
"{857A2226-E0A7-46BE-8886-69604477E594}" = rport=138 | protocol=17 | dir=out | app=system |
"{99BC707E-CCD9-425C-8506-E1AF51345DB9}" = rport=137 | protocol=17 | dir=out | app=system |
"{99F2E3C1-9277-4B69-9C38-24FC975454E8}" = lport=138 | protocol=17 | dir=in | app=system |
"{9CBDC606-5151-41BE-BF9F-8F7FEF1F6D2E}" = lport=137 | protocol=17 | dir=in | app=system |
"{ABAA9DE5-DC05-474D-A650-B5C81377F473}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B6A76278-5E5B-403A-8ECF-FDE238D53728}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BB385CC8-630F-4F19-8688-EFA0F7F8A000}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C15CED38-D5B7-4694-80B7-74E99455692C}" = lport=445 | protocol=6 | dir=in | app=system |
"{C23C01C4-2605-44E1-91B6-C55D8C9082C4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C70F1E14-F669-42B2-9CBA-35C09759A76A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{DBB99FC4-CFAF-4725-B676-181B3F78A472}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E4C7C67D-7FE3-49E8-BB80-6F842A04CD00}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E9064270-2A32-4F8A-8053-01540FF943C6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EBD401FA-9997-4AFB-926E-4DDA88E96161}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FD631504-CD36-4A0D-BD37-8B3C511C385A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FE871558-44EC-4006-84C4-9666AC0DB2CC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CD2C42A-9880-4B9C-8E3A-D0EA5B7E48DE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0E96614A-23F7-4B4F-8AE3-C516BAD729D4}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{1110C695-FCD9-4A22-9D6B-6A90614A6423}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{13778056-C5BC-4C14-8429-EACF71624C52}" = protocol=17 | dir=in | app=c:\users\václav\appdata\roaming\utorrent\utorrent.exe |
"{16C9FB2A-6EDE-41C3-B30D-8F0991B55BC0}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{16FB4700-1AC4-4C6D-9CFB-BD0B0F9E262F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mafia ii\pc\mafia2.exe |
"{1DDFA20D-7858-49D8-8F71-77F6DF7E962B}" = protocol=6 | dir=in | app=c:\users\václav\appdata\roaming\utorrent\utorrent.exe |
"{22635FED-1D37-4818-B334-234B60AD5D12}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3286\agent.exe |
"{27884EDE-7C5C-454B-B6D1-D14288F7286B}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{27EB36DC-B981-4D7D-B7A7-DBDCA365B54D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\unturned\unturned.exe |
"{282652D1-7A87-44EB-81ED-EEF5F5BEB0FA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{28FD2855-E445-42C5-A61D-9DDBF11EE052}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{333ECB9F-3E1D-4BA3-A0B6-C754F6555455}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{34392DF9-9024-4FC9-B5BE-05CE4944FD05}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{41D8767A-245D-40FE-B778-55C998DFAAF5}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{42C535B0-2454-475D-B860-CCB246C230AC}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{43A1E219-3999-4192-AA91-CC263B645DAE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{465A356F-72F9-4451-A3AA-4C0D28F403B1}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{469A6D1C-1B67-49A4-B963-29CE09089C1F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mafia ii\pc\mafia2.exe |
"{46CE73C8-E6BC-4375-B6AA-AF321AF69EA0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{46FF2484-BE3C-44ED-9952-FC82674F446D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{4ED58D3A-89BD-4B09-A49A-861BE8B023DB}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{59DBC71C-12BE-4BF0-BB62-8DFDD1ADCDEB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\unturned\unturned.exe |
"{5CF6D13D-7B33-496A-B7F1-32B05848BCE2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6A152E15-9868-495F-94A8-B69F44C51FAF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6E8A6611-FB3A-407F-89A0-203FB791B6FE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{73C2A011-E657-4B5C-9DAC-CF14EB0A080D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{749AD804-FA69-4370-8CC4-082E3C08FBF8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{7B7AA161-C5D6-4A24-84AD-2F5E8123CC08}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{7E3F7C37-BC35-48ED-B2F0-C47114BDEA62}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{8987B052-E76F-498F-8D31-2E3E21938A85}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{945DDF72-E452-4522-9605-DF05C7658ED1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{97C9E1E6-6C00-44C9-A683-E72E24BFB12F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{99BECC67-2E1F-4CEB-B897-7D75A189E37F}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{A04BF66A-CA59-4ECE-A0B9-0A15CF4AE4F0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A1239CB5-6356-490B-9D8B-1A3D9D1362BD}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3286\agent.exe |
"{A20E3E93-5386-4B78-BDE1-3711F34BD30F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A394E5DF-482D-4760-BD83-6F36EE63AD5A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A91319E8-544B-44BD-88C9-94358FA88006}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{AB71D8E2-FD18-461B-AAA4-7E5F86538219}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{B397B798-C314-4139-BAF5-93C66785614B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{BE374BEF-E7B5-4D42-88AE-6B2BF5A37CF9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C05DAAF6-D585-47BB-8C22-14D2B98A611F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C45D0A43-122B-4134-9FF8-0EFAB63694B7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{C6E43E58-9D1B-4BB3-ABB7-3E6D15B4AAD9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{C7C6794A-1228-46D3-B3CC-3E4353D0AB93}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{C9B64C55-9C4E-4ABC-B6F1-544DEB17363C}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{D0AE3C58-F3A2-49E8-8C81-7EE467872A2E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D98309B2-6F40-4430-A8A7-084EFE45F08C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E3AC8479-990A-4BEB-8F6F-6A72C0F753C5}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{EA497C08-0A01-446C-9AEF-46E3C69BDB61}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EC360CFD-79A4-4380-8947-41D007482675}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{ED6584B6-3E48-459E-A03E-DF6B767324D9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{EFCF5B4A-C8C8-4771-9475-B67BA2B69C13}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F120B831-6021-4070-B6FA-6113DE457396}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F4EA76DD-9F8A-4AA6-BB2C-A1BF7DEBF8D8}" = dir=in | app=c:\program files\echobit\evolve\evosvc.exe |
"{F78ECE79-5B21-453A-9D10-472D1148BA5C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F994A8E1-171A-4C9A-87C0-A8C30F65FAC6}" = protocol=6 | dir=out | app=system |
"{FB3CCAB9-0A71-4DA4-A6A3-CA9E86553CE4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{FB4DDD54-9B4C-449C-9D2D-117F7D7CCE31}" = dir=in | app=c:\users\václav\appdata\local\microsoft\skydrive\skydrive.exe |
"{FE7EFA19-7EBF-48C1-8AC2-AAB88869D003}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{FFF3B977-95FE-40E1-AAF8-A59863F452A5}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{0DAF656F-9AF4-4B8F-ADFD-208E42E57DD4}C:\program files (x86)\warcraft iii reign of chaos & the frozen throne\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii reign of chaos & the frozen throne\war3.exe |
"TCP Query User{15457D3B-08C1-4968-9287-AA211C7A12B2}C:\program files (x86)\libreoffice 4\program\soffice.bin" = protocol=6 | dir=in | app=c:\program files (x86)\libreoffice 4\program\soffice.bin |
"TCP Query User{525225E7-DD0B-4A67-8810-6FC2C2426573}C:\program files (x86)\call of duty 2\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\call of duty 2\call of duty 2\cod2mp_s.exe |
"TCP Query User{5593D64E-AB32-47A9-98F0-27AA8FACA661}C:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe |
"TCP Query User{6E371A5C-285B-4423-A5F7-60F77ADC53DF}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{8F8EC753-41A3-4FB5-B3E0-890DF11CAE68}C:\program files (x86)\far cry 3\far cry 3\bin\farcry3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\far cry 3\far cry 3\bin\farcry3.exe |
"TCP Query User{9D3EF033-6644-41B3-B9EF-2BAD7D3AC206}C:\program files (x86)\libreoffice 4\program\soffice.bin" = protocol=6 | dir=in | app=c:\program files (x86)\libreoffice 4\program\soffice.bin |
"TCP Query User{A327E161-AB23-4091-A9C6-4D97FE58AD0E}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{EA411F8E-AC46-4743-A574-DDA450C6AA30}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{FF9387CF-8B03-48E1-B771-EA3AF94D678A}C:\program files (x86)\call of duty 4 modern warfare\call of duty modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\call of duty 4 modern warfare\call of duty modern warfare\iw3mp.exe |
"UDP Query User{20123EF3-1A08-4DEC-9C5E-5812EA3AEBD3}C:\program files (x86)\far cry 3\far cry 3\bin\farcry3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\far cry 3\far cry 3\bin\farcry3.exe |
"UDP Query User{260D2591-C8E8-4214-AA19-363A2AE784FD}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{2FEDA1CA-0E56-434F-A6C7-1FA3C1F61B63}C:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe |
"UDP Query User{4DE0AC1A-021D-4885-AE2E-5BC0EC46A298}C:\program files (x86)\warcraft iii reign of chaos & the frozen throne\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii reign of chaos & the frozen throne\war3.exe |
"UDP Query User{5F0864F9-42BE-4941-A10F-A5F026322648}C:\program files (x86)\libreoffice 4\program\soffice.bin" = protocol=17 | dir=in | app=c:\program files (x86)\libreoffice 4\program\soffice.bin |
"UDP Query User{90C90A2D-924F-4F52-90AF-A21071F02AEE}C:\program files (x86)\call of duty 4 modern warfare\call of duty modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\call of duty 4 modern warfare\call of duty modern warfare\iw3mp.exe |
"UDP Query User{98750184-E151-4AD7-963D-6558933BC2B1}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{A656ABE5-24DD-464E-B16C-D9FDFA5753E0}C:\program files (x86)\libreoffice 4\program\soffice.bin" = protocol=17 | dir=in | app=c:\program files (x86)\libreoffice 4\program\soffice.bin |
"UDP Query User{B354299E-B38F-4077-B95F-BB1A1025BD44}C:\program files (x86)\call of duty 2\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\call of duty 2\call of duty 2\cod2mp_s.exe |
"UDP Query User{F2214601-6A27-4FDA-AF8A-37904721895A}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{26A24AE4-039D-4CA4-87B4-2F86417051FF}" = Java 7 Update 51 (64-bit)
"{2B1C6CB4-4470-4D57-91E0-83986DCEB5DA}" = Windows Live Family Safety
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4420E725-6083-6899-9E30-D3C80B8764D1}" = AMD Accelerated Video Transcoding
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{5C05E208-456E-34D3-21E2-5E38737A3EDF}" = AMD Drag and Drop Transcoding
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE280888-6A74-5862-5033-56EDF1A28479}" = AMD Media Foundation Decoders
"{C6E57DC0-5699-47D4-9263-CEE00A4BB1FC}" = Windows Live MIME IFilter
"{C9585D98-D6EA-FFBD-1B15-425AFEB9071C}" = ccc-utility64
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D10D0851-CCC6-11E3-9ED2-F04DA23A5C58}" = MSVCRT Redists
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D4BD27CF-BFBC-11E3-9B8F-F04DA23A5C58}" = MSVCRT Redists
"{D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}" = Microsoft Security Client
"{DC3E5166-2CDA-8B3F-B157-D86DFC14771B}" = AMD Fuel
"{E1602881-1D30-3AD1-719E-256841D63DAE}" = AMD Wireless Display v3.0
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EDC0E654-60C7-758D-6B81-C8D3ACCEDEE5}" = AMD Catalyst Install Manager
"CCleaner" = CCleaner
"Microsoft Security Client" = Microsoft Security Essentials
"WinRAR archiver" = WinRAR 5.21 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00916718-A200-75A2-E5A2-7A9930300A70}" = CCC Help Portuguese
"{01BD4FC9-2F86-4706-A62E-774BB7E9D308}" = AVG PC TuneUp 2014
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B213659-97EF-2094-0C8F-6A8BC7E3D788}" = CCC Help Italian
"{0C0D528A-0D1D-94CF-1CE3-E6446C56BE36}" = CCC Help Polish
"{114B2F94-A581-56E3-07CA-423FA5AEA836}" = Catalyst Control Center InstallProxy
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1633CAA5-000A-DEF5-DFF8-291BF256A4D3}" = CCC Help Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{24758B1D-9345-4538-A69A-05660F63A296}" = Junk Mail filter update
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.7
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{26CB37AD-1EC1-3A9D-47A2-2EB3CBE18F4A}" = CCC Help Korean
"{2C01080F-AAD8-40A7-AF6B-725DCCC802DB}" = Windows Live Mail
"{2F62B244-3106-D2E6-C146-722E60AEF4B1}" = CCC Help Chinese Traditional
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B12.1025.1
"{4260CAAE-D108-4223-A1C5-96B67062FE86}" = Windows Live Installer
"{4377286A-7040-4CEA-E8C4-CA90AC6343DE}" = CCC Help French
"{47E808C7-0C07-4DF8-877F-7FD653DCDE7B}_is1" = The Wolf Among Us čeština verze 5.0
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{59307833-CB98-4440-B644-0CD352F61907}" = Windows Live PIMT Platform
"{5AD7E7A1-5402-9C67-0DA7-133EB77A78BA}" = CCC Help Greek
"{5C1D9C2A-B542-4A21-94A4-783C5A4681DF}" = Photo Common
"{5FDED311-B6BA-4FE7-83C1-7D2F10A5AAE0}" = Windows Live Essentials
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{6093CCDD-5CC8-4C0D-A349-8807B58D19EE}" = Windows Live UX Platform Language Pack
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6617D6C3-6904-478C-81D1-1EC8336F7F49}" = Windows Live Writer Resources
"{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1" = Gyazo 3.1.6
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{715BB51F-DC9D-EFD6-6372-FDB0EBCF2518}" = CCC Help English
"{72D9236D-C6EA-4DA6-A18C-CC24521A70D4}" = Windows Live Mail
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{77C14E08-79D1-1986-8F3F-47113D755D33}" = CCC Help Dutch
"{7A8B5F7D-6736-4DC4-A7A5-223BE131EB34}" = AVG PC TuneUp 2014 (cs-CZ)
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{820D8513-4CF4-1C0E-D2B7-DB6DC0C184F8}" = CCC Help Hungarian
"{83579AA6-5C04-4687-9551-8778683C2F95}" = KA15
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C22A294-DBBA-445F-B55C-E26817CCFE69}" = Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E66B81E-B1AC-4346-9975-4CDA283E0209}" = Windows Live Family Safety
"{8F66BFDE-B213-48E2-93EF-7151277A2916}" = Windows Live SOXE Definitions
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9303DE78-E872-7F2E-8358-18FABB4E2FA8}" = CCC Help Finnish
"{94532CD5-C66D-49E3-9131-5FB04D7647A1}" = Windows Live UX Platform
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{962BBD96-CD9E-4FB5-8E1D-27A2EDCCB86D}" = PowerArchiver Outlook Plug-in
"{9797D7BA-A333-4DF1-AF55-AC745D216EDB}" = Windows Live Writer
"{983FA94A-A7DD-40B1-B7F9-F45D2B4FD1DE}" = Windows Live Photo Common
"{9A0C0A74-8AC8-4216-8E1F-B9AD2E14C950}" = Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C15DDDA-2225-470B-0918-AEEE294AB60E}" = Catalyst Control Center Localization All
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A59A15E8-2B9B-490D-916E-D608A9D0D295}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9FFEC6C-9C44-4597-8E23-EDD78BF5D0B2}" = Windows Live Communications Platform
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.12) - Czech
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2E3DD10-2A63-07A7-2E80-1A957AD0903C}" = CCC Help Russian
"{B4299C72-D4BF-4F29-A5A6-63294B1C0368}" = Fotogalerie
"{B7C61ABD-EA41-BA15-F072-58FA83BB6F72}" = CCC Help Danish
"{B9A82C41-4F48-3C15-8A84-1A84582BE03E}" = Google Chrome
"{BA289EB6-331F-40EB-A31E-52F5B39EBA61}" = Windows Live Messenger
"{BBB3C5A5-6B8E-9211-59C6-FBA953DD99A3}" = CCC Help Turkish
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BEC7BC94-791D-2513-6537-DF43B8EF7BB1}" = Catalyst Control Center Graphics Previews Common
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{c68941b2-ca16-4731-97e5-0acafa5dec5e}" = osu!
"{C72D7008-266D-4DD8-BF3C-296B736127F6}" = Mafia
"{C87DF7BB-4F5C-4BBE-B041-A59FFF4A1D07}" = Windows Live SOXE
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{DA178EC8-DA8B-561D-6275-C1B5E4F68944}" = CCC Help Chinese Standard
"{DADFC67D-64DD-AE87-939D-C3B79C72ED90}" = CCC Help Thai
"{DD220ECF-FAD6-DF11-CF7B-BD5E6F02B063}" = CCC Help Japanese
"{DF7DC45D-8A3C-490C-A70F-8C6A6189EDF9}" = Photo Gallery
"{E043231F-34F2-4AF5-9400-0961CC15AAAE}" = LibreOffice 4.2.0.4
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1D17027-DA39-4F3F-904C-0E35CDECF40C}" = Windows Live Writer
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5E83E00-1144-4821-B6B6-7A16C41EFC39}" = Windows Live Messenger
"{E62E3529-3315-9FA1-6268-37CD977BB8ED}" = CCC Help Czech
"{E8A4EDB6-90AD-BF82-514E-3FE3034F4650}" = AMD Catalyst Control Center
"{EB3BEA83-ED6F-00B8-B7AC-A865A933379D}" = CCC Help German
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219
"{F12000FE-0001-0000-0000-074957833700}" = ABBYY FineReader 12 Professional
"{F3FCB08B-E752-444D-86A0-0634A4F3B23D}" = System Requirements Lab CYRI
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FAE04C2B-091A-07BF-1CC2-1F4BD9A2567B}" = CCC Help Swedish
"{FEEEC731-91C0-3ACE-8DF8-DEAF126AB09A}" = CCC Help Norwegian
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player PPAPI" = Adobe Flash Player 18 PPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Fraps" = Fraps (remove only)
"GTA San Andreas" = GTA San Andreas
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"Maple 16" = Maple 16
"Open Broadcaster Software" = Open Broadcaster Software
"OpenAL" = OpenAL
"Opera 31.0.1889.174" = Opera Stable 31.0.1889.174
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"QuickTime" = QuickTime
"Razer Comms" = Razer Comms
"Steam" = Steam
"Steam App 304930" = Unturned
"Steam App 50130" = Mafia II
"Steam App 550" = Left 4 Dead 2
"Steam App 730" = Counter-Strike: Global Offensive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 9" = TeamViewer 9
"The Sims 4_R.G. Mechanics_is1" = The Sims 4
"Tunngle_is1" = Tunngle version Tunngle
"VLC media player" = VLC media player 2.1.3
"Warcraft III Reign of Chaos & The Frozen Throne" = Warcraft III Reign of Chaos & The Frozen Throne
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"ee485056d1c5a354" = PČS SmartClient
"OneDriveSetup.exe" = Microsoft OneDrive
"SeznamInstall" = Seznam Software
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 23.8.2015 11:50:39 | Computer Name = pc | Source = WinMgmt | ID = 10
Description =

Error - 24.8.2015 0:13:37 | Computer Name = pc | Source = WinMgmt | ID = 10
Description =

Error - 24.8.2015 2:02:25 | Computer Name = pc | Source = WinMgmt | ID = 10
Description =

Error - 24.8.2015 7:06:18 | Computer Name = pc | Source = WinMgmt | ID = 10
Description =

Error - 24.8.2015 7:09:50 | Computer Name = pc | Source = WinMgmt | ID = 10
Description =

Error - 24.8.2015 9:10:32 | Computer Name = pc | Source = WinMgmt | ID = 10
Description =

Error - 24.8.2015 15:04:29 | Computer Name = pc | Source = WinMgmt | ID = 10
Description =

Error - 24.8.2015 19:08:51 | Computer Name = pc | Source = WinMgmt | ID = 10
Description =

Error - 25.8.2015 1:17:51 | Computer Name = pc | Source = WinMgmt | ID = 10
Description =

Error - 25.8.2015 5:49:55 | Computer Name = pc | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 24.8.2015 15:07:25 | Computer Name = pc | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 0.0.0.0 Zdroj aktualizace: %%859 Fáze aktualizace: %%852

Zdrojová
cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace: %%803 Uživatel:
NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu: 0.0.0.0 Kód chyby:
0x8024002e Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím.
Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a
podpoře.

Error - 24.8.2015 16:03:49 | Computer Name = pc | Source = bowser | ID = 8003
Description =

Error - 24.8.2015 16:35:10 | Computer Name = pc | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.205.391.0 Zdroj aktualizace: %%859 Fáze aktualizace: %%852

Zdrojová
cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace: %%803 Uživatel:
NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu: 1.1.12002.0 Kód
chyby: 0x8024002e Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím.
Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a
podpoře.

Error - 24.8.2015 16:35:20 | Computer Name = pc | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.205.391.0 Zdroj aktualizace: %%859 Fáze aktualizace: %%852

Zdrojová
cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace: %%803 Uživatel:
NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu: 1.1.12002.0 Kód
chyby: 0x8024002e Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím.
Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a
podpoře.

Error - 24.8.2015 16:36:31 | Computer Name = pc | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.205.391.0 Zdroj aktualizace: %%859 Fáze aktualizace: %%852

Zdrojová
cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace: %%803 Uživatel:
NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu: 1.1.12002.0 Kód
chyby: 0x8024002e Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím.
Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a
podpoře.

Error - 24.8.2015 19:07:22 | Computer Name = pc | Source = Service Control Manager | ID = 7023
Description = Služba WinDefend byla ukončena s následující chybou: %%126

Error - 25.8.2015 1:16:25 | Computer Name = pc | Source = Service Control Manager | ID = 7023
Description = Služba WinDefend byla ukončena s následující chybou: %%126

Error - 25.8.2015 1:26:19 | Computer Name = pc | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro Start s touto chybou:
%%5

Error - 25.8.2015 1:26:22 | Computer Name = pc | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureCommand s touto
chybou: %%5

Error - 25.8.2015 5:48:26 | Computer Name = pc | Source = Service Control Manager | ID = 7023
Description = Služba WinDefend byla ukončena s následující chybou: %%126


< End of report >

[Vozik_]

OTL logfile created on: 25.8.2015 12:09:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Václav\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17843)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,98 Gb Total Physical Memory | 5,96 Gb Available Physical Memory | 74,72% Memory free
15,96 Gb Paging File | 13,80 Gb Available in Paging File | 86,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 443,13 Gb Total Space | 171,64 Gb Free Space | 38,73% Space Free | Partition Type: NTFS
Drive D: | 488,28 Gb Total Space | 405,06 Gb Free Space | 82,96% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Václav | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Václav\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Gyazo\GyStation.exe (Nota Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\Václav\AppData\Roaming\Seznam.cz\bin\szndesktop.exe ()
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe (ABBYY Production LLC)
PRC - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe ()
PRC - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Steam\video.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files (x86)\Steam\bin\openvr_api.dll ()
MOD - C:\Program Files (x86)\Steam\v8.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\icui18n.dll ()
MOD - C:\Program Files (x86)\Steam\icuuc.dll ()
MOD - C:\Program Files (x86)\Steam\SDL2.dll ()
MOD - C:\Users\Václav\AppData\Roaming\Seznam.cz\bin\szndesktop.exe ()
MOD - C:\Users\Václav\AppData\Roaming\Seznam.cz\bin\lightspeed.dll ()
MOD - C:\Users\Václav\AppData\Roaming\Seznam.cz\bin\15879libfoxloader.dll ()
MOD - C:\Program Files (x86)\Steam\libavcodec-56.dll ()
MOD - C:\Program Files (x86)\Steam\libswscale-3.dll ()
MOD - C:\Program Files (x86)\Steam\libavformat-56.dll ()
MOD - C:\Program Files (x86)\Steam\libavutil-54.dll ()
MOD - C:\Program Files (x86)\Steam\libavresample-2.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (VIAKaraokeService) -- C:\Windows\SysNative\ViakaraokeSrv.exe (VIA Technologies, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (AppleChargerSrv) -- C:\Windows\SysNative\AppleChargerSrv.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Origin Client Service) -- C:\Program Files (x86)\Origin\OriginClientService.exe (Electronic Arts)
SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (ABBYY.Licensing.FineReader.Professional.12.0) -- C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe (ABBYY Production LLC)
SRV - (Razer Game Scanner Service) -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)


========== Driver Services (SafeList) ==========

DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (EvolveVirtualAdapter) -- C:\Windows\SysNative\drivers\evolve.sys (Echobit, LLC)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (rzpmgrk) -- C:\Windows\SysNative\drivers\rzpmgrk.sys (Razer, Inc.)
DRV:64bit: - (rzpnk) -- C:\Windows\SysNative\drivers\rzpnk.sys (Razer, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (CMUAC) -- C:\Windows\SysNative\drivers\Headset6400x1.SYS (A4Tech Inc.)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\drivers\epfwwfp.sys (ESET)
DRV:64bit: - (xhcdrv) -- C:\Windows\SysNative\drivers\xhcdrv.sys (VIA Technologies, Inc.)
DRV:64bit: - (VUSB3HUB) -- C:\Windows\SysNative\drivers\ViaHub3.sys (VIA Technologies, Inc.)
DRV:64bit: - (AppleCharger) -- C:\Windows\SysNative\drivers\AppleCharger.sys ()
DRV:64bit: - (AODDriver4.2) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (tap0901t) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = [String data over 1000 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {012E1000-F331-11DB-8314-0800200C9A66}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: widazpntixylzmfdsr%40n_vyzodyfjjeejh.com:3.21
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0.5
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3522.0110: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2014.03.17 15:25:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014.03.17 15:25:38 | 000,000,000 | ---D | M]

[2014.03.03 18:01:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Václav\AppData\Roaming\Mozilla\Extensions
[2015.08.21 12:59:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Václav\AppData\Roaming\Mozilla\Firefox\Profiles\9hp5wy2d.default\extensions
[2015.07.14 21:27:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
File not found (No name found) -- C:\USERS\VáCLAV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9HP5WY2D.DEFAULT\EXTENSIONS\WIDAZPNTIXYLZMFDSR@N_VYZODYFJJEEJH.COM

========== Chrome ==========

CHR - plugin: Error reading preferences file

O1 HOSTS File: ([2015.08.22 13:48:28 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Bonus.SSR.FR12] C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe (ABBYY Production LLC.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [cz.seznam.software.autoupdate] C:\Users\Václav\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKCU..\Run: [cz.seznam.software.szndesktop] C:\Users\Václav\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKCU..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe (Nota Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.255.255.10 10.255.255.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{218D4E43-A83A-4909-9370-5C1A11BCC96B}: DhcpNameServer = 10.255.255.10 10.255.255.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{414BE8E7-0FCA-4DE8-819B-BEC46718080D}: DhcpNameServer = 192.168.33.254
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015.05.20 17:26:51 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2015.08.25 12:07:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Václav\Desktop\OTL.exe
[2015.08.24 21:06:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2015.08.24 21:06:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2015.08.23 17:47:32 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2015.08.23 17:47:30 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2015.08.22 12:26:12 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2015.08.21 20:50:14 | 000,000,000 | ---D | C] -- C:\Users\Václav\AppData\Local\Temp
[2015.08.21 20:33:32 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2015.08.21 13:13:33 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2015.08.20 21:53:23 | 001,798,576 | ---- | C] (Malwarebytes Corporation) -- C:\Users\Václav\Desktop\JRT.exe
[2015.08.17 13:18:00 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015.08.13 10:53:51 | 000,778,440 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.08.13 10:53:51 | 000,142,536 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.08.12 19:57:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2015.08.12 01:57:11 | 019,284,168 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2015.08.09 09:02:01 | 000,000,000 | ---D | C] -- C:\Users\Václav\Desktop\Nová složka
[2015.03.23 20:39:13 | 001,681,520 | ---- | C] (Mozilla Foundation) -- C:\Users\Václav\AppData\Roaming\nss3.dll
[2015.03.23 20:39:13 | 000,970,912 | ---- | C] (Microsoft Corporation) -- C:\Users\Václav\AppData\Roaming\msvcr120.dll
[2015.03.23 20:39:13 | 000,455,328 | ---- | C] (Microsoft Corporation) -- C:\Users\Václav\AppData\Roaming\msvcp120.dll
[2014.03.01 14:51:46 | 000,077,824 | ---- | C] (Apple Computer, Inc.) -- C:\Program Files\qttask.exe
[2014.03.01 14:51:45 | 000,327,736 | ---- | C] (Apple Computer, Inc.) -- C:\Program Files\QTPlugin.ocx

========== Files - Modified Within 30 Days ==========

[2015.08.25 12:07:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Václav\Desktop\OTL.exe
[2015.08.25 12:03:34 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.08.25 12:03:34 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.08.25 11:48:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.08.25 11:48:04 | 2132,975,615 | -HS- | M] () -- C:\hiberfil.sys
[2015.08.24 21:06:34 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2015.08.24 21:06:25 | 000,002,117 | ---- | M] () -- C:\Users\Václav\Desktop\Microsoft Security Essentials.lnk
[2015.08.24 13:06:04 | 000,015,478 | ---- | M] () -- C:\Users\Václav\rgmnr
[2015.08.22 14:18:05 | 000,000,512 | ---- | M] () -- C:\Users\Václav\Desktop\MBR.dat
[2015.08.22 13:48:28 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2015.08.21 20:52:45 | 000,000,008 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2015.08.21 20:33:32 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2015.08.21 20:29:26 | 001,308,672 | ---- | M] () -- C:\Users\Václav\Desktop\zoek.exe
[2015.08.21 20:08:30 | 000,037,624 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015.08.21 13:11:12 | 022,702,152 | ---- | M] () -- C:\Users\Václav\Desktop\RogueKillerX64.exe
[2015.08.20 21:53:32 | 001,798,576 | ---- | M] (Malwarebytes Corporation) -- C:\Users\Václav\Desktop\JRT.exe
[2015.08.20 17:17:58 | 001,585,664 | ---- | M] () -- C:\Users\Václav\Desktop\adwcleaner_5.002.exe
[2015.08.20 07:58:46 | 000,000,030 | ---- | M] () -- C:\Users\Václav\AppData\Roaming\msgnam.dat
[2015.08.19 22:48:50 | 000,007,590 | ---- | M] () -- C:\Users\Václav\AppData\Local\Resmon.ResmonCfg
[2015.08.17 13:22:07 | 000,365,202 | ---- | M] () -- C:\Users\Václav\Desktop\Václav\Documents\cc_20150817_132159.reg
[2015.08.17 13:18:01 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015.08.17 13:09:05 | 000,023,010 | ---- | M] () -- C:\Windows\SysNative\--traceoff
[2015.08.14 19:24:38 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015.08.13 15:20:06 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2015.08.13 15:20:06 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2015.08.13 15:16:25 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2015.08.13 11:04:26 | 000,778,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.08.13 11:04:26 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.08.12 20:15:13 | 000,001,437 | ---- | M] () -- C:\Users\Václav\Desktop\Opera.lnk
[2015.08.12 10:57:32 | 019,284,168 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2015.08.11 13:25:26 | 000,028,344 | ---- | M] () -- C:\photo.jpg
[2015.08.10 08:11:20 | 000,009,206 | ---- | M] () -- C:\Users\Václav\AppData\Roaming\msdefr.dat
[2015.08.09 15:42:21 | 000,000,025 | ---- | M] () -- C:\Windows\SIERRA.INI
[2015.08.09 12:26:27 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2015.07.27 19:21:50 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI

========== Files Created - No Company Name ==========

[2015.08.24 21:06:25 | 000,002,117 | ---- | C] () -- C:\Users\Václav\Desktop\Microsoft Security Essentials.lnk
[2015.08.22 14:18:05 | 000,000,512 | ---- | C] () -- C:\Users\Václav\Desktop\MBR.dat
[2015.08.21 20:52:45 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2015.08.21 20:50:15 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2015.08.21 20:29:24 | 001,308,672 | ---- | C] () -- C:\Users\Václav\Desktop\zoek.exe
[2015.08.21 13:13:35 | 000,037,624 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015.08.21 13:10:12 | 022,702,152 | ---- | C] () -- C:\Users\Václav\Desktop\RogueKillerX64.exe
[2015.08.20 17:17:57 | 001,585,664 | ---- | C] () -- C:\Users\Václav\Desktop\adwcleaner_5.002.exe
[2015.08.17 13:22:03 | 000,365,202 | ---- | C] () -- C:\Users\Václav\Desktop\Václav\Documents\cc_20150817_132159.reg
[2015.08.17 13:18:01 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015.08.13 21:22:49 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015.08.12 20:15:13 | 000,001,437 | ---- | C] () -- C:\Users\Václav\Desktop\Opera.lnk
[2015.08.11 13:25:28 | 000,028,344 | ---- | C] () -- C:\photo.jpg
[2015.06.02 10:45:09 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2015.04.15 12:49:22 | 000,000,079 | ---- | C] () -- C:\Program Files (x86)\prefs.js
[2015.03.09 23:30:14 | 000,005,487 | ---- | C] () -- C:\Users\Václav\AppData\Roaming\BYAIAMUF
[2015.01.25 18:12:14 | 000,002,086 | ---- | C] () -- C:\Users\Václav\AppData\Roaming\GNOK
[2015.01.20 09:56:09 | 000,009,206 | ---- | C] () -- C:\Users\Václav\AppData\Roaming\msdefr.dat
[2015.01.06 13:35:08 | 000,322,448 | ---- | C] () -- C:\Users\Václav\untitled8_MAS.bak
[2014.12.16 08:00:01 | 000,015,478 | ---- | C] () -- C:\Users\Václav\rgmnr
[2014.11.07 00:23:29 | 000,000,030 | ---- | C] () -- C:\Users\Václav\AppData\Roaming\msgnam.dat
[2014.09.12 20:50:12 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2014.09.12 20:05:59 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI
[2014.09.12 20:05:22 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2014.09.12 20:05:22 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2014.09.12 20:05:22 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2014.08.22 21:40:51 | 000,233,472 | ---- | C] () -- C:\Windows\SysWow64\MafiaSetup.exe
[2014.08.22 21:40:26 | 000,233,472 | ---- | C] () -- C:\Users\Václav\AppData\Roaming\MafiaSetup.exe
[2014.07.21 12:45:22 | 000,003,153 | ---- | C] () -- C:\Program Files (x86)\visit-www.nosteam.ro.html
[2014.07.21 12:45:22 | 000,000,224 | ---- | C] () -- C:\Program Files (x86)\update-WolfAmongUs.bat
[2014.06.21 22:18:34 | 000,000,132 | ---- | C] () -- C:\Users\Václav\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2014.06.21 16:52:35 | 000,034,816 | ---- | C] () -- C:\Users\Václav\AppData\Roaming\RZR_006070374249b15483189a91015c.db
[2014.03.03 17:18:39 | 000,007,590 | ---- | C] () -- C:\Users\Václav\AppData\Local\Resmon.ResmonCfg
[2014.03.01 16:37:50 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014.03.01 16:37:47 | 000,076,152 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014.02.10 15:02:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014.02.10 13:50:38 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014.02.10 13:50:38 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014.02.10 13:50:38 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014.02.10 13:50:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014.02.10 13:50:38 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2014.02.10 13:16:08 | 001,558,328 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.02.10 13:12:05 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.02.13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.09.24 17:39:13 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\.minecraft
[2014.12.19 21:00:41 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\.technic
[2014.06.01 20:39:13 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\AVG
[2014.07.10 09:43:10 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\BANDISOFT
[2014.08.29 10:40:50 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Battle.net
[2014.02.10 14:07:40 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Canneverbe Limited
[2015.02.01 19:16:04 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Cubic
[2015.08.17 13:21:22 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\DAEMON Tools Lite
[2014.12.14 18:25:21 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\DAEMON Tools Pro
[2014.06.01 20:10:30 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\DAEMON Tools Ultra
[2014.03.03 17:54:40 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\DesktopIconGoodgame
[2014.03.26 15:30:15 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\DVDVideoSoft
[2014.03.17 16:05:48 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\ESET
[2015.06.03 20:17:32 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Gyazo
[2015.03.24 21:44:31 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\HeroesAndGeneralsDesktop
[2015.05.05 13:18:51 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\hypocalc
[2015.08.21 12:58:50 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\IObit
[2015.04.14 03:04:41 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\KA10
[2014.05.29 20:30:39 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\L.A.Noire
[2014.05.16 19:25:14 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Leadertech
[2014.02.10 15:04:03 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\LibreOffice
[2014.03.21 23:31:35 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\LolClient
[2014.03.27 19:40:56 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Mirillis
[2015.05.05 13:52:08 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\ModelovaHypoteka
[2015.08.20 08:12:02 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\msct
[2015.07.19 23:23:17 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\OBS
[2015.08.09 12:20:51 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Octoshape
[2014.08.23 12:46:36 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Opera Software
[2014.03.14 15:54:37 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Origin
[2014.06.01 20:47:01 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\PowerISO
[2014.06.18 20:24:06 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Publish Providers
[2014.10.03 23:00:14 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Riot Games
[2015.01.26 21:23:14 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\RunningWithScissors
[2015.08.25 11:53:30 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Seznam.cz
[2015.08.17 11:41:28 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Sony
[2014.07.11 10:02:22 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Sony Creative Software Inc
[2014.06.22 11:50:22 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2015.02.01 17:39:05 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\steam.transformice.com
[2014.03.17 15:00:27 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\TeamViewer
[2015.01.19 20:00:42 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\The Creative Assembly
[2015.02.27 17:41:54 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\The Sims 4
[2014.06.04 17:51:27 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Theta
[2015.08.24 23:41:46 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\TS3Client
[2014.11.05 18:07:22 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Tunngle
[2015.08.18 13:26:28 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\uTorrent
[2015.03.29 15:49:28 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\wargaming.net
[2014.07.22 09:15:50 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Warsow 1.5
[2014.03.30 10:46:12 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Windows Live Writer
[2015.08.19 21:59:03 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\wld
[2014.03.07 16:58:19 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\Zoner

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 40 bytes -> C:\ProgramData\MTA San Andreas All:NT
@Alternate Data Stream - 40 bytes -> C:\ProgramData:NT
@Alternate Data Stream - 160 bytes -> C:\ProgramData\MTA San Andreas All:NT2
@Alternate Data Stream - 160 bytes -> C:\ProgramData:NT2

< End of report >

[Orcus]

1) Máš tam ESET Smart Security, takže používání Microsoft Security Essentials je zbytečně. Krom toho MSE neposkytuje víceméně žádnou ochranu, spíš si to na antivir jen hraje.

2) Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {012E1000-F331-11DB-8314-0800200C9A66}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
File not found (No name found) -- C:\USERS\VáCLAV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9HP5WY2D.DEFAULT\EXTENSIONS\WIDAZPNTIXYLZMFDSR@N_VYZODYFJJEEJH.COM
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2014.06.01 20:39:13 | 000,000,000 | ---D | M] -- C:\Users\Václav\AppData\Roaming\AVG


:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Users\Václav\AppData\*.tmp

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[Vozik_]

A k tomu ESETU, tak ten nemám doinstalovaný, nebot' při jeho instalaci mi zamrzl počítač a už chápete.
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Václav\AppData\Roaming\AVG\AWL2014\TuningIndex folder moved successfully.
C:\Users\Václav\AppData\Roaming\AVG\AWL2014\StartUp Manager folder moved successfully.
C:\Users\Václav\AppData\Roaming\AVG\AWL2014\Speed Optimizer folder moved successfully.
C:\Users\Václav\AppData\Roaming\AVG\AWL2014\Dashboard folder moved successfully.
C:\Users\Václav\AppData\Roaming\AVG\AWL2014\Backups folder moved successfully.
C:\Users\Václav\AppData\Roaming\AVG\AWL2014 folder moved successfully.
C:\Users\Václav\AppData\Roaming\AVG folder moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Users\Václav\AppData\*.tmp not found.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes

User: HomeGroupUser$
->Temp folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: V clav
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes

User: Václav
->Temp folder emptied: 130787077 bytes
->Temporary Internet Files folder emptied: 2311773 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Vßclav
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: V�clav
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17126 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 267490 bytes

Total Files Cleaned = 127,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: Guest

User: HomeGroupUser$

User: Public

User: V clav

User: Václav
->Flash cache emptied: 0 bytes

User: Vßclav

User: V�clav

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 08252015_154951

Files\Folders moved on Reboot...
C:\Users\Václav\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Václav\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[jaro3]

Tak dej nový sken OTL.