Prosím o kontrolu- zlobí myš, klávesnice. Vyřešeno

[karbi02]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-12-2015
Ran by Libor (2015-12-23 08:18:00)
Running from C:\Users\Libor\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-10-30 22:37:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-43297863-2672691824-2558519543-500 - Administrator - Disabled)
Guest (S-1-5-21-43297863-2672691824-2558519543-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-43297863-2672691824-2558519543-1004 - Limited - Enabled)
Libor (S-1-5-21-43297863-2672691824-2558519543-1000 - Administrator - Enabled) => C:\Users\Libor

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.5.15.54 (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 5.0 - MOJOSOFT)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
EPSON BX635FWD Series Printer Uninstall (HKLM\...\EPSON BX635FWD Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
ESET Smart Security (HKLM\...\{4D8E383E-0AB7-482D-9327-BB92D53312B4}) (Version: 8.0.319.1 - ESET, spol s r. o.)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.14.2 - SCS Software)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.88.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.88.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1168 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Lumia UEFI Blue Driver (HKLM-x32\...\{9D2A75FE-8CE1-4297-AEC1-A097D47BACE9}) (Version: 1.1.10.1526 - Microsoft)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 cs)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 cs)) (Version: 38.3.0 - Mozilla)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Opera Stable 34.0.2036.41 (HKLM-x32\...\Opera 34.0.2036.41) (Version: 34.0.2036.41 - Opera Software)
Ovládací panel NVIDIA 358.50 (Version: 358.50 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7084 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Ski Challenge 16 (HKU\S-1-5-21-43297863-2672691824-2558519543-1000\...\sc16-GAMETWIST_MAIN) (Version: - )
Ski Challenge 16 (HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\sc16-GAMETWIST_MAIN) (Version: - )
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
TmUnitedForever Update 2010-03-15 (HKLM-x32\...\TmUnitedForever_is1) (Version: - Nadeo)
USB Serial Port Driver (HKLM-x32\...\{FE11883D-EA67-473C-BDD1-8D6B6DFCBEAC}) (Version: 1.1.8.1526 - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

22-12-2015 20:19:05 End of disinfection
22-12-2015 20:59:13 Removed Skype™ 7.17

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-12-22 16:45 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0136F3C9-8D42-4F46-9105-8415FD859A57} - System32\Tasks\{B3E86B91-E798-4117-9D79-03F43AF91F76} => pcalua.exe -a "C:\Users\Libor\Desktop\Call of duty\Setup.EXE" -d "C:\Users\Libor\Desktop\Call of duty"
Task: {1550DB55-CC0C-4A9A-A930-927F5B41EBF3} - System32\Tasks\{18838483-6C95-4E0E-8CC2-55F80783DC84} => C:\Users\Libor\Desktop\Sygic Rupi Convertor\RUPI Convertor.exe
Task: {2AB84AAE-C790-455B-9351-FF2BEB4A0109} - System32\Tasks\{C3E3C64F-A52D-4A77-B721-DF0DD8984E44} => pcalua.exe -a C:\Users\Libor\Downloads\uTorrent221.exe -d C:\Users\Libor\Downloads
Task: {2C20779D-705A-4BB9-A796-BA1CF9484945} - System32\Tasks\{B2D0B7BC-2BAA-4FFA-AA9E-10A44EBB5ED6} => C:\Users\Libor\Desktop\Sygic Rupi Convertor\RUPI Convertor.exe
Task: {3E722C8D-982C-4E7F-B4AD-3C21713EBB19} - System32\Tasks\Opera scheduled Autoupdate 1450770291 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-15] (Opera Software)
Task: {951011FB-2125-4486-BA37-6B4FD807AEE7} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe [2015-12-21] (Adobe Systems Incorporated)
Task: {B7B4F6B1-1647-447D-A639-4DBB96196986} - System32\Tasks\{1EAA0F60-20EC-459B-A6EE-914550D6C29C} => C:\Users\Libor\Desktop\Sygic Rupi Convertor\RUPI Convertor.exe
Task: {BF449C7A-E8EA-4FBA-B3B3-5F73B2B15925} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {D8716452-D5C6-4801-844B-E613F9DD78E8} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {D9B45C5C-92F5-4E94-BCE0-7938742C3578} - System32\Tasks\{905D650A-7879-4F0A-8761-C741E9DD1B50} => C:\Users\Libor\Desktop\Sygic Rupi Convertor\RUPI Convertor.exe
Task: {EA738B54-BB07-481B-B609-A5B7A63A70B4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-31 12:35 - 2015-10-03 03:49 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-08 20:25 - 2015-12-08 20:25 - 00047616 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-09-12 01:01 - 2015-09-12 01:01 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-43297863-2672691824-2558519543-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{78900667-2DC3-45DC-87F2-6C78195C7EC1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D08603C1-1DFB-4F82-93BD-7068E48184ED}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3C12D068-7618-4301-A45C-7E9C8ADE8BBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E332AF8D-B207-4C64-8B73-BFC2D899BE6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{17206DF0-62AE-4044-B173-9D4407D75F22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{8586D5A8-932D-4CBD-8730-4BB5B076FE2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7EA402E3-1E04-4292-96A1-27E5B2F66104}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{29A0F9CC-0F86-4D15-8C68-EB0003DAA7B8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{873C5A87-91B0-41D5-A9BB-C907805D5C85}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{20209758-E7A2-4467-9ED2-8107506B51A4}C:\users\libor\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\libor\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{B38C62DD-9763-4CA2-AA45-A23A4876F094}C:\users\libor\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\libor\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{515A70C4-46EE-43BB-81B1-A132732C6294}] => (Allow) C:\users\libor\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{EA94A0CF-AAC8-4B9D-90EB-E3607C3B8494}] => (Allow) C:\users\libor\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{F8D2B7B3-F1FF-4B10-A382-8DE1437E1835}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{9303E524-EF82-4EB8-9E9C-3DA100D5F206}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1100B480-4CDC-4E65-8CE9-264AF55C41FA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/22/2015 08:16:09 PM) (Source: ESENT) (EventID: 485) (User: )
Description: taskhost (1812) WebCacheLocal: Pokus o odstranění složky C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.chk se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace odstranění složky se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (12/22/2015 08:15:59 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.chk pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (12/22/2015 08:15:33 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (12/22/2015 08:15:23 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.chk pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (12/22/2015 08:15:13 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (12/22/2015 08:15:03 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.chk pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (12/22/2015 08:14:52 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (12/22/2015 08:14:42 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.chk pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (12/22/2015 08:14:32 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (12/22/2015 08:14:22 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.chk pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (12/23/2015 08:12:52 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)

Error: (12/23/2015 08:12:30 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (12/23/2015 08:11:32 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: Ovladač ACPI vrátil neplatné číslo ID pro podřízené zařízení (5).

Error: (12/22/2015 04:57:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)

Error: (12/22/2015 04:57:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (12/22/2015 04:56:27 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: Ovladač ACPI vrátil neplatné číslo ID pro podřízené zařízení (5).

Error: (12/22/2015 04:46:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)

Error: (12/22/2015 04:45:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (12/22/2015 04:44:42 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: Ovladač ACPI vrátil neplatné číslo ID pro podřízené zařízení (5).

Error: (12/22/2015 04:44:04 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


CodeIntegrity:
===================================
Date: 2015-12-22 16:43:40.365
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-12-22 16:43:40.349
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-12-22 16:43:40.303
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-12-22 16:43:40.287
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-12-22 16:40:02.090
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-12-22 16:40:02.074
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 35%
Total physical RAM: 8135.86 MB
Available physical RAM: 5235.65 MB
Total Virtual: 16269.93 MB
Available Virtual: 13295.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:247.82 GB) (Free:145.74 GB) NTFS
Drive d: (Data) (Fixed) (Total:683.59 GB) (Free:364.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 931.5 GB) (Disk ID: 6F08E6BD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=247.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Reklama]

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-43297863-2672691824-2558519543-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-43297863-2672691824-2558519543-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Toolbar: HKU\S-1-5-21-43297863-2672691824-2558519543-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-10-31] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-10-31] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\F:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\F:\NTIOLib_X64.sys [X]
2015-12-09 20:45 - 2015-12-09 20:45 - 00002990 _____ C:\Windows\System32\Tasks\{B2D0B7BC-2BAA-4FFA-AA9E-10A44EBB5ED6}
2015-12-09 20:44 - 2015-12-09 20:44 - 00002990 _____ C:\Windows\System32\Tasks\{905D650A-7879-4F0A-8761-C741E9DD1B50}
2015-12-09 20:44 - 2015-12-09 20:44 - 00002990 _____ C:\Windows\System32\Tasks\{1EAA0F60-20EC-459B-A6EE-914550D6C29C}
2015-12-09 20:44 - 2015-12-09 20:44 - 00002990 _____ C:\Windows\System32\Tasks\{18838483-6C95-4E0E-8CC2-55F80783DC84}
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Doporučuji odinstalovat uTorrent.

[karbi02]

uTorrent jdu odinstalovat. Složky po ploše už posunovat jdou. Skype píše "Oprávnění složky Skypu brání správnému fungování. Zkontrolujte, jestli nejsou pro datovou složku Skypu nastavená nějaká zvláštní oprávnění. Pokud ano, odeberte je." Vše ostatní beze změny.

Fix result of Farbar Recovery Scan Tool (x64) Version:20-12-2015
Ran by Libor (2015-12-23 10:07:16) Run:1
Running from C:\Users\Libor\Desktop
Loaded Profiles: Libor (Available Profiles: Libor)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-43297863-2672691824-2558519543-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-43297863-2672691824-2558519543-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Toolbar: HKU\S-1-5-21-43297863-2672691824-2558519543-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-10-31] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [155456 2015-10-31] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\F:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\F:\NTIOLib_X64.sys [X]
2015-12-09 20:45 - 2015-12-09 20:45 - 00002990 _____ C:\Windows\System32\Tasks\{B2D0B7BC-2BAA-4FFA-AA9E-10A44EBB5ED6}
2015-12-09 20:44 - 2015-12-09 20:44 - 00002990 _____ C:\Windows\System32\Tasks\{905D650A-7879-4F0A-8761-C741E9DD1B50}
2015-12-09 20:44 - 2015-12-09 20:44 - 00002990 _____ C:\Windows\System32\Tasks\{1EAA0F60-20EC-459B-A6EE-914550D6C29C}
2015-12-09 20:44 - 2015-12-09 20:44 - 00002990 _____ C:\Windows\System32\Tasks\{18838483-6C95-4E0E-8CC2-55F80783DC84}
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-43297863-2672691824-2558519543-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
"HKU\S-1-5-21-43297863-2672691824-2558519543-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKU\S-1-5-21-43297863-2672691824-2558519543-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => key removed successfully
HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\Toolbar: HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value not found.
HKCR\CLSID\Toolbar: HKU\S-1-5-21-43297863-2672691824-2558519543-1000-{{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater" => key removed successfully
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => key removed successfully
eeCtrl => service removed successfully
EraserUtilRebootDrv => service removed successfully
catchme => service removed successfully
MSICDSetup => service removed successfully
NTIOLib_1_0_C => service removed successfully
C:\Windows\System32\Tasks\{B2D0B7BC-2BAA-4FFA-AA9E-10A44EBB5ED6} => moved successfully
C:\Windows\System32\Tasks\{905D650A-7879-4F0A-8761-C741E9DD1B50} => moved successfully
C:\Windows\System32\Tasks\{1EAA0F60-20EC-459B-A6EE-914550D6C29C} => moved successfully
C:\Windows\System32\Tasks\{18838483-6C95-4E0E-8CC2-55F80783DC84} => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
EmptyTemp: => 466 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 10:07:19 ====

[jerabina]

Skype přeinstaluj.

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

[karbi02]

Skype jsem přeinstaloval, ale musel jsem smazat C:/users/Libor/AppData/Roaming složku Skype. Firefox jsem rozchodil, musel jsem v tom samém adresáři vytvořit nový účet, bohužel se mi neukládá historie ani záložky, záložky nejdou ani mazat. Dále thunderbird, předělán účet, maily za dva měsíce zmizely. Vše se týká výše zmińovaného adresáře C:/users/Libor/AppData.....
Ty dvě hry trackmania tahaj z adresáře users/Libor/Documents/atd.
Ještě dodám, že jsem odinstaloval spořič, mám pocit že se to jmenovalo 3D Planesoft. Ale spořiče v nabídce stále mám, nevím jak to vymazat, nastavit ale jako spořič nejdou...




# DelFix v1.011 - Logfile created 23/12/2015 at 18:23:44
# Updated 18/08/2015 by Xplode
# Username : Libor - LIBOR-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\Users\Libor\Desktop\Addition.txt
Deleted : C:\Users\Libor\Desktop\Fixlog.txt
Deleted : C:\Users\Libor\Desktop\FRST.txt
Deleted : C:\Users\Libor\Desktop\FRST64.exe

~ Cleaning system restore ...

Deleted : RP #49 [End of disinfection | 12/22/2015 19:19:05]
Deleted : RP #50 [Removed Skype™ 7.17 | 12/22/2015 19:59:13]

New restore point created !

########## - EOF - ##########

[jaro3]

3D Planesoft tedy vymazat?

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[karbi02]

3D Planesoft vymazat.

OTL logfile created on: 24.12.2015 9:57:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Libor\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18124)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,95 Gb Total Physical Memory | 6,13 Gb Available Physical Memory | 77,18% Memory free
15,89 Gb Paging File | 14,00 Gb Available in Paging File | 88,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 247,82 Gb Total Space | 146,33 Gb Free Space | 59,04% Space Free | Partition Type: NTFS
Drive D: | 683,59 Gb Total Space | 364,39 Gb Free Space | 53,30% Space Free | Partition Type: NTFS

Computer Name: LIBOR-PC | User Name: Libor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Libor\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (GfExperienceService) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
SRV:64bit: - (Disc Soft Lite Bus Service) -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Disc Soft Ltd)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (EPSON_PM_RPCV4_05) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE (SEIKO EPSON CORPORATION)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (dtlitescsibus) -- C:\Windows\SysNative\drivers\dtlitescsibus.sys (Disc Soft Ltd)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\drivers\epfwwfp.sys (ESET)
DRV:64bit: - (EpfwLWF) -- C:\Windows\SysNative\drivers\EpfwLWF.sys (ESET)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (GPCIDrv) -- C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=69157
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 38.3.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 38.3.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2015.10.31 13:00:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Extensions
[2015.12.23 22:07:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\lthub4ul.Libor1\extensions
[2015.12.23 16:08:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\mfsozcu9.Libor\extensions
[2015.12.23 22:07:40 | 000,989,188 | ---- | M] () (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\lthub4ul.Libor1\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015.12.23 15:58:21 | 000,337,933 | ---- | M] () (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\mfsozcu9.Libor\extensions\s3google@translator.xpi
[2015.12.23 15:57:59 | 000,989,188 | ---- | M] () (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\mfsozcu9.Libor\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015.12.22 20:24:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015.12.22 20:24:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2015.12.22 16:45:19 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [DAEMON Tools Lite Automount] C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE /EPT "EPLTarget\P0000000000000001" /M "Epson Stylus Office BX635FWD" File not found
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4631885D-673B-4C36-8284-FA03D9245D67}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2015.12.24 09:55:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Libor\Desktop\OTL.exe
[2015.12.23 15:03:47 | 000,000,000 | ---D | C] -- C:\Users\Libor\AppData\Roaming\Skype
[2015.12.22 21:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015.12.22 21:00:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2015.12.22 21:00:32 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2015.12.22 20:24:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015.12.22 20:15:33 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2015.12.22 20:11:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015.12.22 20:11:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015.12.22 16:48:11 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2015.12.22 11:28:09 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2015.12.22 11:07:15 | 000,000,000 | ---D | C] -- C:\Users\Libor\AppData\Local\Temp
[2015.12.21 22:41:11 | 000,000,000 | ---D | C] -- C:\Users\Libor\AppData\Local\Google
[2015.12.21 22:41:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2015.12.21 20:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2015.12.21 20:26:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2015.12.21 20:18:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2015.12.21 19:43:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015.12.21 18:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015.12.20 12:25:27 | 000,000,000 | ---D | C] -- C:\Users\Libor\Desktop\Původní data aplikace Firefox
[2015.12.20 10:17:43 | 000,000,000 | ---D | C] -- C:\Users\Libor\Documents\My Games
[2015.12.19 10:45:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2015.12.19 09:33:06 | 000,000,000 | ---D | C] -- C:\Hry
[2015.12.18 14:22:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2015.12.18 14:21:29 | 000,057,856 | ---- | C] (Nokia) -- C:\Windows\SysNative\nmwcdclsX64.dll
[2015.12.18 13:49:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft
[2015.12.18 13:33:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Applications
[2015.12.16 22:00:12 | 000,000,000 | ---D | C] -- C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BusinessCards MX
[2015.12.16 21:59:56 | 000,000,000 | ---D | C] -- C:\Users\Libor\Documents\BusinessCardsMX templates
[2015.12.16 21:59:55 | 000,000,000 | ---D | C] -- C:\Users\Libor\AppData\Roaming\mojosoft
[2015.12.16 21:59:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mojosoft
[2015.12.09 13:42:13 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2015.12.09 13:42:12 | 000,709,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.12.09 13:42:12 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.12.09 13:42:11 | 003,170,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.12.09 13:42:10 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.12.09 13:42:10 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.12.09 13:42:10 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.12.09 13:42:10 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.12.09 13:42:10 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.12.09 13:42:10 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.12.09 13:42:10 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.12.09 13:42:10 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.12.09 13:42:10 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.12.09 13:42:10 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.12.09 13:42:10 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.12.09 13:42:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.12.09 13:42:08 | 001,648,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2015.12.09 13:42:07 | 001,008,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2015.12.09 13:42:04 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlsbres.dll
[2015.12.09 13:42:04 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlsbres.dll
[2015.12.09 13:42:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdgeoqw.dll
[2015.12.09 13:42:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDAZEL.DLL
[2015.12.09 13:42:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDAZE.DLL
[2015.12.09 13:42:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDAZE.DLL
[2015.12.09 13:42:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdgeoqw.dll
[2015.12.09 13:42:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDAZEL.DLL
[2015.12.09 13:42:03 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2015.12.09 13:42:03 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshrm.dll
[2015.12.09 13:42:03 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshrm.dll
[2015.12.09 13:42:02 | 001,735,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2015.12.09 13:42:02 | 001,242,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2015.12.09 13:42:02 | 000,525,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\catsrvut.dll
[2015.12.09 13:42:02 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\catsrvut.dll
[2015.12.09 13:41:59 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.12.09 13:41:59 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.12.09 13:41:59 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.12.09 13:41:59 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.12.09 13:41:59 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.12.09 13:41:58 | 000,718,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.12.09 13:41:58 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2015.12.09 13:41:58 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.12.09 13:41:58 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.12.09 13:41:57 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.12.09 13:41:57 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.12.09 13:41:56 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.12.09 13:41:56 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.12.09 13:41:56 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.12.09 13:41:56 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.12.09 13:41:56 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015.12.09 13:41:56 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.12.09 13:41:56 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.12.09 13:41:56 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.12.09 13:41:56 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2015.12.09 13:41:56 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.12.09 13:41:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.12.09 13:41:55 | 002,123,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.12.09 13:41:55 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.12.09 13:41:55 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.12.09 13:41:55 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.12.09 13:41:54 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.12.09 13:41:54 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.12.09 13:41:54 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.12.09 13:41:54 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015.12.09 13:41:54 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.12.09 13:41:54 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.12.09 13:41:53 | 005,923,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.12.09 13:41:53 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.12.09 13:41:53 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015.12.09 13:41:53 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.12.09 13:41:53 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.12.09 13:41:53 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.12.09 13:41:52 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015.12.09 13:41:52 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.12.09 13:41:52 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.12.09 13:41:34 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\els.dll
[2015.12.09 13:41:34 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\els.dll
[2015.12.07 12:54:28 | 000,000,000 | ---D | C] -- C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ski Challenge 16
[2015.12.07 12:53:35 | 000,000,000 | ---D | C] -- C:\Games
[2015.11.28 22:20:45 | 000,000,000 | ---D | C] -- C:\Users\Libor\Desktop\Anglie - listopad

[karbi02]

[2015.11.24 15:37:44 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2015.11.24 15:37:44 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2015.11.24 15:37:44 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2015.11.24 15:37:44 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2015.11.24 15:37:44 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2015.11.24 15:37:44 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2015.11.24 15:37:44 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2015.11.24 15:37:43 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2015.11.24 15:37:43 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2015.11.24 15:37:40 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2015.11.24 15:37:40 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2015.11.24 15:37:40 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2015.11.24 15:37:40 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2015.11.24 15:37:40 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2015.11.24 15:37:40 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2015.11.24 15:37:40 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2015.11.24 15:37:40 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2015.11.24 15:37:39 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2015.11.24 15:37:39 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2015.11.24 15:37:38 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2015.11.24 15:37:38 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2015.11.24 15:37:38 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2015.11.24 15:37:38 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2015.11.24 15:37:37 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2015.11.24 15:37:37 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2015.11.24 15:37:37 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2015.11.24 15:37:37 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2015.11.24 15:37:37 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2015.11.24 15:37:37 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2015.11.24 15:37:36 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2015.11.24 15:37:36 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2015.11.24 15:37:36 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2015.11.24 15:37:36 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2015.11.24 15:37:36 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2015.11.24 15:37:36 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2015.11.24 15:37:35 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2015.11.24 15:37:35 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2015.11.24 15:37:34 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2015.11.24 15:37:34 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2015.11.24 15:37:34 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2015.11.24 15:37:34 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2015.11.24 15:37:34 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2015.11.24 15:37:34 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2015.11.24 15:37:34 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2015.11.24 15:37:34 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2015.11.24 15:37:34 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2015.11.24 15:37:34 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2015.11.24 15:37:33 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2015.11.24 15:37:33 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2015.11.24 15:37:33 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2015.11.24 15:37:33 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2015.11.24 15:37:33 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2015.11.24 15:37:33 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2015.11.24 15:37:33 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2015.11.24 15:37:33 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2015.11.24 15:37:32 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2015.11.24 15:37:32 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2015.11.24 15:37:32 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2015.11.24 15:37:32 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2015.11.24 15:37:31 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2015.11.24 15:37:31 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2015.11.24 15:37:31 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2015.11.24 15:37:31 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2015.11.24 15:37:31 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2015.11.24 15:37:31 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2015.11.24 15:37:30 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2015.11.24 15:37:30 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2015.11.24 15:37:30 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2015.11.24 15:37:30 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2015.11.24 15:37:30 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2015.11.24 15:37:30 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2015.11.24 15:37:29 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2015.11.24 15:37:29 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2015.11.24 15:37:29 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2015.11.24 15:37:29 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2015.11.24 15:37:29 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2015.11.24 15:37:29 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2015.11.24 15:37:28 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2015.11.24 15:37:28 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2015.11.24 15:37:28 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2015.11.24 15:37:28 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2015.11.24 15:37:28 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2015.11.24 15:37:28 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2015.11.24 15:37:28 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2015.11.24 15:37:28 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2015.11.24 15:37:27 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2015.11.24 15:37:27 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2015.11.24 15:37:27 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2015.11.24 15:37:27 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2015.11.24 15:37:27 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2015.11.24 15:37:27 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2015.11.24 15:37:27 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2015.11.24 15:37:27 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2015.11.24 15:37:27 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2015.11.24 15:37:27 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2015.11.24 15:37:26 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2015.11.24 15:37:26 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2015.11.24 15:37:25 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2015.11.24 15:37:25 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2015.11.24 15:37:24 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2015.11.24 15:37:24 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2015.11.24 15:37:24 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2015.11.24 15:37:24 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2015.11.24 15:37:24 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2015.11.24 15:37:24 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2015.11.24 15:37:23 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2015.11.24 15:37:23 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2015.11.24 15:37:23 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2015.11.24 15:37:23 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2015.11.24 15:37:23 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2015.11.24 15:37:23 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2015.11.24 15:37:22 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2015.11.24 15:37:22 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2015.11.24 15:37:21 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2015.11.24 15:37:21 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2015.11.24 15:37:21 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2015.11.24 15:37:21 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2015.11.24 15:37:21 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2015.11.24 15:37:21 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2015.11.24 15:37:21 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2015.11.24 15:37:21 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2015.11.24 15:37:21 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2015.11.24 15:37:21 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2015.11.24 15:37:21 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2015.11.24 15:37:21 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2015.11.24 15:37:20 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2015.11.24 15:37:20 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2015.11.24 15:37:20 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2015.11.24 15:37:20 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2015.11.24 15:37:20 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2015.11.24 15:37:20 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2015.11.24 15:37:19 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2015.11.24 15:37:19 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2015.11.24 15:37:19 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2015.11.24 15:37:19 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2015.11.24 15:37:18 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2015.11.24 15:37:18 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2015.11.24 15:37:18 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2015.11.24 15:37:18 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2015.11.24 15:37:18 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2015.11.24 15:37:18 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2015.11.24 15:37:17 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2015.11.24 15:37:17 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2015.11.24 15:37:17 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2015.11.24 15:37:17 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2015.11.24 15:37:17 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2015.11.24 15:37:17 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2015.11.24 15:37:16 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2015.11.24 15:37:16 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2015.11.24 15:37:16 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2015.11.24 15:37:16 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2015.11.24 15:36:30 | 002,519,576 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Zodiac_Clock_3D_Screensaver.scr
[2015.11.24 15:36:30 | 000,000,000 | ---D | C] -- C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3Planesoft 3D Screensavers All in One
[2015.11.24 15:36:29 | 002,535,968 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Winter_Wonderland_3D_Screensaver.scr
[2015.11.24 15:36:27 | 002,551,832 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Wildflowers_3D_Screensaver.scr
[2015.11.24 15:36:23 | 002,621,984 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\White_Christmas_3D_Screensaver.scr
[2015.11.24 15:36:20 | 000,981,024 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Western_Railway_3D_Screensaver.scr
[2015.11.24 15:36:17 | 002,509,328 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Watermill_3D_Screensaver.scr
[2015.11.24 15:36:16 | 002,530,328 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Water_Clock_3D_Screensaver.scr
[2015.11.24 15:36:14 | 000,953,896 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Voyage_of_Columbus_3D_Screensaver.scr
[2015.11.24 15:36:12 | 002,525,728 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Vintage_Aircraft_3D_Screensaver.scr
[2015.11.24 15:36:08 | 002,653,728 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Venice_Carnival_3D_Screensaver.scr
[2015.11.24 15:36:00 | 002,678,312 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Valentine_Musicbox_3D_Screensaver.scr
[2015.11.24 15:35:57 | 002,526,736 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Valentine_3D_Screensaver.scr
[2015.11.24 15:35:56 | 002,528,800 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Tyrannosaurus_Rex_3D_Screensaver.scr
[2015.11.24 15:35:52 | 002,511,384 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Tropical_Fish_3D_Screensaver.scr
[2015.11.24 15:35:50 | 002,635,296 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Titanic_Memories_3D_Screensaver.scr
[2015.11.24 15:35:45 | 002,729,528 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Tiger_Sharks_3D_Screensaver.scr
[2015.11.24 15:35:43 | 000,825,368 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\The_One_Ring_3D_Screensaver.scr
[2015.11.24 15:35:42 | 000,981,536 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\The_Lost_Watch_II_3D_Screensaver.scr
[2015.11.24 15:35:41 | 002,827,296 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\The_Lost_Watch_3D_Screensaver.scr
[2015.11.24 15:35:39 | 002,689,568 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Thanksgiving_Day_3D_Screensaver.scr
[2015.11.24 15:35:35 | 002,532,376 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Sweethearts_3D_Screensaver.scr
[2015.11.24 15:35:34 | 002,535,448 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Sun_Village_3D_Screensaver.scr
[2015.11.24 15:35:31 | 002,653,208 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Sunny_Patio_3D_Screensaver.scr
[2015.11.24 15:35:28 | 002,765,336 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Summer_Forest_3D_Screensaver.scr
[2015.11.24 15:35:25 | 002,660,888 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Stonehenge_3D_Screensaver.scr
[2015.11.24 15:35:23 | 002,527,776 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Stock_Car_Racing_3D_Screensaver.scr
[2015.11.24 15:35:17 | 002,540,056 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Steam_Clock_3D_Screensaver.scr
[2015.11.24 15:35:15 | 002,591,256 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Starry_Night_3D_Screensaver.scr
[2015.11.24 15:35:12 | 002,532,888 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Springtime_3D_Screensaver.scr
[2015.11.24 15:35:10 | 000,956,960 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Spirit_of_Fire_3D_Screensaver.scr
[2015.11.24 15:35:09 | 002,532,376 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Snow_Village_3D_Screensaver.scr
[2015.11.24 15:35:06 | 002,828,344 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Sky_Citadel_3D_Screensaver.scr
[2015.11.24 15:35:00 | 004,640,288 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Skeleton_Clock_3D_Screensaver.scr
[2015.11.24 15:34:57 | 002,723,344 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Sharks_3D_Screensaver.scr
[2015.11.24 15:34:54 | 002,658,376 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Sharks_-_Great_White_3D_Screensaver.scr
[2015.11.24 15:34:51 | 002,541,592 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Santa_Claus_3D_Screensaver.scr
[2015.11.24 15:34:48 | 002,644,504 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Sandy_Beach_3D_Screensaver.scr
[2015.11.24 15:34:44 | 002,638,368 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Orbital_Sunset_3D_Screensaver.scr
[2015.11.24 15:34:42 | 000,946,704 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Nautilus_3D_Screensaver.scr
[2015.11.24 15:34:41 | 000,956,944 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Nature_3D_Screensaver.scr
[2015.11.24 15:34:39 | 002,531,880 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Mountain_Waterfall_3D_Screensaver.scr
[2015.11.24 15:34:38 | 002,535,968 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Medieval_Castle_3D_Screensaver.scr
[2015.11.24 15:34:34 | 002,531,872 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Mechanical_Clock_3D_Screensaver.scr
[2015.11.24 15:34:33 | 000,973,856 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Mayan_Waterfall_3D_Screensaver.scr
[2015.11.24 15:34:31 | 000,972,832 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Lighthouse_Point_3D_Screensaver.scr
[2015.11.24 15:34:29 | 000,817,168 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Lantern_3D_Screensaver.scr
[2015.11.24 15:34:28 | 002,668,560 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Lake_Tree_3D_Screensaver.scr
[2015.11.24 15:34:27 | 000,951,824 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Lagoon_3D_Screensaver.scr
[2015.11.24 15:34:25 | 002,545,680 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Koi_Fish_3D_Screensaver.scr
[2015.11.24 15:34:24 | 002,516,496 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Ice_Clock_3D_Screensaver.scr
[2015.11.24 15:34:23 | 002,534,936 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Haunted_House_3D_Screensaver.scr
[2015.11.24 15:34:19 | 000,942,608 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Halloween_3D_Screensaver.scr
[2015.11.24 15:34:18 | 002,679,840 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Great_Pyramids_3D_Screensaver.scr
[2015.11.24 15:34:11 | 002,534,928 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Grassland_3D_Screensaver.scr
[2015.11.24 15:34:09 | 002,664,472 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Grand_Canyon_3D_Screensaver.scr
[2015.11.24 15:34:03 | 000,970,256 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Galleon_3D_Screensaver.scr
[2015.11.24 15:34:00 | 002,634,272 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Futuristic_City_3D_Screensaver.scr
[2015.11.24 15:33:53 | 002,522,632 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Fog_Lake_Screensaver.scr
[2015.11.24 15:33:51 | 002,775,576 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Fog_Horses_3D_Screensaver.scr
[2015.11.24 15:33:49 | 000,991,752 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Flag_3D_Screensaver.scr
[2015.11.24 15:33:48 | 002,519,080 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Fireside_Christmas_3D_Screensaver.scr
[2015.11.24 15:33:46 | 002,671,120 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Fireplace_3D_Screensaver.scr
[2015.11.24 15:33:44 | 002,525,216 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Faraway_Planet_3D_Screensaver.scr
[2015.11.24 15:33:41 | 000,954,392 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Fantasy_Moon_3D_Screensaver.scr
[2015.11.24 15:33:40 | 002,637,320 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Earth_3D_Screensaver.scr
[2015.11.24 15:33:37 | 000,973,344 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Dutch_Windmills_3D_Screensaver.scr
[2015.11.24 15:33:35 | 002,693,648 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Dolphins_3D_Screensaver.scr
[2015.11.24 15:33:32 | 000,957,968 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Discovery_3D_Screensaver.scr
[2015.11.24 15:33:31 | 002,559,000 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Digital_Clock_3D_Screensaver.scr
[2015.11.24 15:33:29 | 002,527,256 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Deep_Space_3D_Screensaver.scr
[2015.11.24 15:33:27 | 002,532,368 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Cyberfish_3D_Screensaver.scr
[2015.11.24 15:33:25 | 000,947,736 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Cuckoo_Clock_3D_Screensaver.scr
[2015.11.24 15:33:23 | 000,980,000 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Crystal_Fireplace_3D_Screensaver.scr
[2015.11.24 15:33:20 | 002,504,216 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Coral_Reef_3D_Screensaver.scr
[2015.11.24 15:33:19 | 002,510,872 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Coral_Clock_3D_Screensaver.scr
[2015.11.24 15:33:17 | 000,953,368 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Clock_Tower_3D_Screensaver.scr
[2015.11.24 15:33:14 | 002,646,048 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Christmas_Evening_3D_Screensaver.scr
[2015.11.24 15:33:11 | 002,526,240 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Christmas_Bells_3D_Screensaver.scr
[2015.11.24 15:33:09 | 000,951,312 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Christmas_3D_Screensaver.scr
[2015.11.24 15:33:08 | 002,536,992 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Caribbean_Islands_3D_Screensaver.scr
[2015.11.24 15:33:05 | 002,610,208 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Blooming_Sakura_3D_Screensaver.scr
[2015.11.24 15:33:02 | 000,971,304 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Battleship_Missouri_3D_Screensaver.scr
[2015.11.24 15:32:59 | 002,541,600 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Autumn_Wonderland_3D_Screensaver.scr
[2015.11.24 15:32:57 | 002,656,792 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Autumn_Forest_3D_Screensaver.scr
[2015.11.24 15:32:54 | 002,512,928 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Ancient_Castle_3D_Screensaver.scr
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015.12.24 09:55:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Libor\Desktop\OTL.exe
[2015.12.24 09:08:56 | 000,015,008 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.12.24 09:08:56 | 000,015,008 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.12.24 08:18:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.12.24 08:18:34 | 2103,332,863 | -HS- | M] () -- C:\hiberfil.sys
[2015.12.22 21:00:33 | 000,002,731 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2015.12.22 20:24:16 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015.12.22 20:11:40 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015.12.22 16:45:19 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2015.12.22 10:53:11 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2015.12.22 10:27:27 | 000,036,608 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015.12.22 08:44:52 | 000,001,135 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2015.12.22 08:35:48 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job
[2015.12.21 22:43:50 | 000,796,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.12.21 22:43:50 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.12.21 20:21:19 | 001,584,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.12.21 20:21:19 | 000,668,866 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015.12.21 20:21:19 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.12.21 20:21:19 | 000,141,526 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015.12.21 20:21:19 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.12.18 22:31:47 | 000,413,224 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.12.18 14:13:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2015.12.16 22:28:01 | 000,517,125 | R--- | M] () -- C:\Users\Libor\Desktop\50015.bcw
[2015.12.16 22:02:59 | 000,001,222 | ---- | M] () -- C:\Users\Libor\Desktop\BusinessCardsMX.lnk
[2015.12.16 19:33:57 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2015.12.07 12:54:28 | 000,001,619 | ---- | M] () -- C:\Users\Libor\Desktop\Run Ski Challenge 16.lnk
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015.12.22 21:00:33 | 000,002,731 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2015.12.22 20:24:16 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015.12.22 20:24:16 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015.12.22 20:11:40 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015.12.22 11:07:15 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2015.12.22 08:44:53 | 000,001,135 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2015.12.22 08:44:53 | 000,001,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2015.12.21 22:40:54 | 000,000,958 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job
[2015.12.21 20:47:46 | 000,036,608 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015.12.18 14:13:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2015.12.16 22:28:01 | 000,517,125 | R--- | C] () -- C:\Users\Libor\Desktop\50015.bcw
[2015.12.16 22:00:12 | 000,001,222 | ---- | C] () -- C:\Users\Libor\Desktop\BusinessCardsMX.lnk
[2015.12.07 12:54:28 | 000,001,619 | ---- | C] () -- C:\Users\Libor\Desktop\Run Ski Challenge 16.lnk
[2015.11.24 15:33:15 | 001,289,216 | ---- | C] () -- C:\Windows\SysWow64\Christmas Tree 3D Screensaver.exe
[2015.11.24 15:33:15 | 000,187,904 | ---- | C] () -- C:\Windows\SysWow64\Christmas Tree 3D Screensaver.scr
[2015.11.11 10:53:00 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2015.10.31 12:34:57 | 037,882,488 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2015.10.31 12:18:21 | 001,559,268 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.08.06 19:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.08.06 18:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015.12.22 20:15:36 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\DAEMON Tools Lite
[2015.11.08 17:40:49 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\EPSON
[2015.11.01 18:11:57 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\ESET
[2015.11.11 11:21:06 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\MAGIX
[2015.12.21 20:07:48 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\mojosoft
[2015.12.22 08:45:05 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Opera Software
[2015.12.21 20:11:26 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Shortcut
[2015.11.12 17:41:17 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\SYSTEMAX Software Development
[2015.12.21 20:11:26 | 000,000,000 | ---D | M] -- C:\Users\Libor\AppData\Roaming\Thunderbird

========== Purity Check ==========



< End of report >

[karbi02]

OTL Extras logfile created on: 24.12.2015 9:57:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Libor\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18124)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,95 Gb Total Physical Memory | 6,13 Gb Available Physical Memory | 77,18% Memory free
15,89 Gb Paging File | 14,00 Gb Available in Paging File | 88,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 247,82 Gb Total Space | 146,33 Gb Free Space | 59,04% Space Free | Partition Type: NTFS
Drive D: | 683,59 Gb Total Space | 364,39 Gb Free Space | 53,30% Space Free | Partition Type: NTFS

Computer Name: LIBOR-PC | User Name: Libor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02257327-651D-4D2C-AE73-E2336F7BF251}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{17206DF0-62AE-4044-B173-9D4407D75F22}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{17ADD304-BACA-4029-9233-6EE2715EB6BA}" = rport=137 | protocol=17 | dir=out | app=system |
"{1B60DE58-576E-436F-AA4F-2EEFC7E487DC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1FE14DC2-91BE-4492-9ACF-3C365617A99D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{204DCD97-0075-43C7-91FF-8424988EF718}" = lport=137 | protocol=17 | dir=in | app=system |
"{2651C2C4-8C68-4F07-B1AD-1C958808DF8B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{37B888FF-A1DA-47C9-8D91-20039266630B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{396A5817-6920-4839-85E2-42DAFAD268AA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3C12D068-7618-4301-A45C-7E9C8ADE8BBE}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{6024A166-EEF0-499C-AF8B-33D38EFDB288}" = lport=2869 | protocol=6 | dir=in | app=system |
"{616ECB6A-0EF0-4E66-B569-7FC90C8B328F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{69AB5863-DD32-44F8-8847-D1384168B2C3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{74C2A32C-9319-40F4-8A7D-A4065F76C1A3}" = lport=445 | protocol=6 | dir=in | app=system |
"{75137AC2-BF71-45AE-97EA-0CA5E27E7EB0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{78900667-2DC3-45DC-87F2-6C78195C7EC1}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{78C4EB2E-7C8C-4057-9351-EE70B6819A38}" = rport=138 | protocol=17 | dir=out | app=system |
"{7EA402E3-1E04-4292-96A1-27E5B2F66104}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{80D31A9F-E59A-4AF3-A603-153F3BC1F60A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{80FB3D4F-D797-4A17-A01B-9709EC643641}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8139AF7B-9F62-402B-B843-5F252F4BDAA6}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8586D5A8-932D-4CBD-8730-4BB5B076FE2F}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{AECD7E4E-F1A3-453F-A38B-002F92A27925}" = rport=139 | protocol=6 | dir=out | app=system |
"{CD43F452-DD23-4E71-8F09-42E151F735D1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{CD4F6085-E698-423E-A417-9E5D47A5B10E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CE95CA21-9CB9-4663-B97B-66D817BF8546}" = lport=139 | protocol=6 | dir=in | app=system |
"{D08603C1-1DFB-4F82-93BD-7068E48184ED}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{E332AF8D-B207-4C64-8B73-BFC2D899BE6F}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{E384DFFB-8379-44CF-9968-071CC7B1A051}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FCB9CF1D-370B-4936-815B-FDFC2A4C49B7}" = lport=138 | protocol=17 | dir=in | app=system |
"{FFFB4C1F-DD58-4875-B796-796602FF84C6}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10C971D0-8117-4542-82DD-405B791E8F56}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1100B480-4CDC-4E65-8CE9-264AF55C41FA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{22325787-76A4-4838-83A8-F62259CFFBDB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{29EE0E42-CD87-425E-AB37-6A8CA7D79635}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{30D460EC-4877-49D8-89A9-F4D9B5033B2A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3C4EBF7F-A6FA-4D28-A5E0-2E098F96C429}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5994F185-4F90-45AA-8F6D-6F4B12BCAAD7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6179C198-B020-41B1-8F87-849A2FD4CB1D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{674A680C-6D29-4FC9-A078-434F9897A14B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6CF2C4F5-C833-48A7-A97B-36F00D06A9AF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7FE58AD5-0783-42EB-AAFE-D9853A2482A8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{80130A52-1E2B-439A-9B7A-69CCE3B6936E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{87B91A16-DF05-4461-8383-2A3CAC241ED9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E6913E2-0D59-48E7-9E3D-341C7E0829C4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{92986203-CC89-4B40-BDF2-1B2B40B1EC78}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{9CFCD243-C79E-47EE-A990-F66D37C5396B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{A469964B-81E4-4EE1-8705-DD89A16355CE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B2629DB4-D83C-410B-8F18-A80C7A6F18A2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B71957A2-1C1A-41D8-A417-23A2AE6BFFCF}" = protocol=6 | dir=out | app=system |
"{C45CFE2D-0D2D-43F4-9280-2E218C837CE7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C905E49F-AFA2-42FF-83C2-C9D28385E1E4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DE4B5EBD-4A1E-4416-9EAC-9AEF82BD777F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EC985FAA-49A4-414D-ADD1-E3D4AC0F87A6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F84F1BD2-2327-42BB-8544-A7DE1715C151}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{29A0F9CC-0F86-4D15-8C68-EB0003DAA7B8}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{F8D2B7B3-F1FF-4B10-A382-8DE1437E1835}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{873C5A87-91B0-41D5-A9BB-C907805D5C85}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{9303E524-EF82-4EB8-9E9C-3DA100D5F206}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{17C348F0-3ECF-44AA-80D9-35D3482D7848}" = Intel(R) ME UninstallLegacy
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{4D8E383E-0AB7-482D-9327-BB92D53312B4}" = ESET Smart Security
"{5085D15B-A8F6-415C-9C4B-11BC1389BBD7}" = Intel(R) Management Engine Components
"{55398EAC-F58E-4F19-B553-BDF8B9EFD839}" = Intel(R) Chipset Device Software
"{7D84E343-A23D-451C-B123-0195B2D903A6}" = Intel® Trusted Connect Service Client
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 358.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 358.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 358.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.5.15.54
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 352.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 2.5.11.45
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 2.5.15.54
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.34.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.5.15.54
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.31
"{C9A3B1C3-CE26-4114-A431-C95B04794EA5}" = Intel(R) Management Engine Components
"{EF54B5D2-8350-4A6C-901F-212BD0ABBA82}" = Intel(R) Management Engine Components
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"EPSON BX635FWD Series" = EPSON BX635FWD Series Printer Uninstall
"WinRAR archiver" = WinRAR 5.21 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1" = BusinessCards MX
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}" = WinUSB Drivers ext
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}" = Emergency Download Driver
"{4fcf070a-daac-45e9-a8b0-6850941f7ed8}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9755918A-CDF8-4F1E-8453-6359CF1A330A}" = WinUsb CoInstallers
"{9D2A75FE-8CE1-4297-AEC1-A097D47BACE9}" = Lumia UEFI Blue Driver
"{A4A0B236-6046-4CAB-8177-1EAF61112C75}" = WinUSB Compatible ID Drivers
"{c7f54569-0018-439c-809a-48046a4d4ebc}" = Intel® Chipset Device Software
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}" = GIGABYTE OC_GURU II
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.17
"{FE11883D-EA67-473C-BDD1-8D6B6DFCBEAC}" = USB Serial Port Driver
"Adobe Flash Player NPAPI" = Adobe Flash Player 20 NPAPI
"Adobe Flash Player PPAPI" = Adobe Flash Player 20 PPAPI
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}" = GIGABYTE OC_GURU II
"ManiaPlanet_is1" = ManiaPlanet
"Mozilla Firefox 43.0.1 (x86 cs)" = Mozilla Firefox 43.0.1 (x86 cs)
"Mozilla Thunderbird 38.3.0 (x86 cs)" = Mozilla Thunderbird 38.3.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 34.0.2036.41" = Opera Stable 34.0.2036.41
"TmUnitedForever_is1" = TmUnitedForever Update 2010-03-15
"VLC media player" = VLC media player

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"sc16-GAMETWIST_MAIN" = Ski Challenge 16

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 22.12.2015 15:14:22 | Computer Name = Libor-PC | Source = ESENT | ID = 490
Description = taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.chk
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup
byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 22.12.2015 15:14:32 | Computer Name = Libor-PC | Source = ESENT | ID = 490
Description = taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.log
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup
byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 22.12.2015 15:14:42 | Computer Name = Libor-PC | Source = ESENT | ID = 490
Description = taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.chk
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup
byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 22.12.2015 15:14:52 | Computer Name = Libor-PC | Source = ESENT | ID = 490
Description = taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.log
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup
byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 22.12.2015 15:15:03 | Computer Name = Libor-PC | Source = ESENT | ID = 490
Description = taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.chk
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup
byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 22.12.2015 15:15:13 | Computer Name = Libor-PC | Source = ESENT | ID = 490
Description = taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.log
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup
byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 22.12.2015 15:15:23 | Computer Name = Libor-PC | Source = ESENT | ID = 490
Description = taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.chk
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup
byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 22.12.2015 15:15:33 | Computer Name = Libor-PC | Source = ESENT | ID = 490
Description = taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.log
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup
byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 22.12.2015 15:15:59 | Computer Name = Libor-PC | Source = ESENT | ID = 490
Description = taskhost (1812) WebCacheLocal: Pokus o otevření souboru C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.chk
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup
byl odepřen. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 22.12.2015 15:16:09 | Computer Name = Libor-PC | Source = ESENT | ID = 485
Description = taskhost (1812) WebCacheLocal: Pokus o odstranění složky C:\Users\Libor\AppData\Local\Microsoft\Windows\WebCache\V01.chk
se nezdařil. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace
odstranění složky se nezdaří a dojde k chybě -1032 (0xfffffbf8).

[ System Events ]
Error - 23.12.2015 9:58:09 | Computer Name = Libor-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom

Error - 23.12.2015 9:58:52 | Computer Name = Libor-PC | Source = DCOM | ID = 10016
Description =

Error - 23.12.2015 16:48:07 | Computer Name = Libor-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo
časového limitu (30000 ms).

Error - 23.12.2015 17:04:36 | Computer Name = Libor-PC | Source = DCOM | ID = 10010
Description =

Error - 23.12.2015 17:05:09 | Computer Name = Libor-PC | Source = Application Popup | ID = 262200
Description = Ovladač ACPI vrátil neplatné číslo ID pro podřízené zařízení (5).

Error - 23.12.2015 17:05:38 | Computer Name = Libor-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom

Error - 23.12.2015 17:06:25 | Computer Name = Libor-PC | Source = DCOM | ID = 10016
Description =

Error - 24.12.2015 3:18:29 | Computer Name = Libor-PC | Source = Application Popup | ID = 262200
Description = Ovladač ACPI vrátil neplatné číslo ID pro podřízené zařízení (5).

Error - 24.12.2015 3:18:59 | Computer Name = Libor-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom

Error - 24.12.2015 3:19:48 | Computer Name = Libor-PC | Source = DCOM | ID = 10016
Description =


< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
[2015.10.31 13:00:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Extensions
[2015.12.23 22:07:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\lthub4ul.Libor1\extensions
[2015.12.23 16:08:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\mfsozcu9.Libor\extensions
[2015.12.23 22:07:40 | 000,989,188 | ---- | M] () (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\lthub4ul.Libor1\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015.12.23 15:58:21 | 000,337,933 | ---- | M] () (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\mfsozcu9.Libor\extensions\s3google@translator.xpi
[2015.12.23 15:57:59 | 000,989,188 | ---- | M] () (No name found) -- C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\mfsozcu9.Libor\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015.12.22 20:24:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2015.11.24 15:36:30 | 002,519,576 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Zodiac_Clock_3D_Screensaver.scr
[2015.11.24 15:36:30 | 000,000,000 | ---D | C] -- C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3Planesoft 3D Screensavers All in One
[2015.11.24 15:36:29 | 002,535,968 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Winter_Wonderland_3D_Screensaver.scr
[2015.11.24 15:36:27 | 002,551,832 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Wildflowers_3D_Screensaver.scr
[2015.11.24 15:36:23 | 002,621,984 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\White_Christmas_3D_Screensaver.scr
[2015.11.24 15:36:20 | 000,981,024 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Western_Railway_3D_Screensaver.scr
[2015.11.24 15:36:17 | 002,509,328 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Watermill_3D_Screensaver.scr
[2015.11.24 15:36:16 | 002,530,328 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Water_Clock_3D_Screensaver.scr
[2015.11.24 15:36:14 | 000,953,896 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Voyage_of_Columbus_3D_Screensaver.scr
[2015.11.24 15:36:12 | 002,525,728 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Vintage_Aircraft_3D_Screensaver.scr
[2015.11.24 15:36:08 | 002,653,728 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Venice_Carnival_3D_Screensaver.scr
[2015.11.24 15:36:00 | 002,678,312 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Valentine_Musicbox_3D_Screensaver.scr
[2015.11.24 15:35:57 | 002,526,736 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Valentine_3D_Screensaver.scr
[2015.11.24 15:35:56 | 002,528,800 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Tyrannosaurus_Rex_3D_Screensaver.scr
[2015.11.24 15:35:52 | 002,511,384 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Tropical_Fish_3D_Screensaver.scr
[2015.11.24 15:35:50 | 002,635,296 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Titanic_Memories_3D_Screensaver.scr
[2015.11.24 15:35:45 | 002,729,528 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Tiger_Sharks_3D_Screensaver.scr
[2015.11.24 15:35:43 | 000,825,368 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\The_One_Ring_3D_Screensaver.scr
[2015.11.24 15:35:42 | 000,981,536 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\The_Lost_Watch_II_3D_Screensaver.scr
[2015.11.24 15:35:41 | 002,827,296 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\The_Lost_Watch_3D_Screensaver.scr
[2015.11.24 15:35:39 | 002,689,568 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Thanksgiving_Day_3D_Screensaver.scr
[2015.11.24 15:35:35 | 002,532,376 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Sweethearts_3D_Screensaver.scr
[2015.11.24 15:35:34 | 002,535,448 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Sun_Village_3D_Screensaver.scr
[2015.11.24 15:35:31 | 002,653,208 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Sunny_Patio_3D_Screensaver.scr
[2015.11.24 15:35:28 | 002,765,336 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Summer_Forest_3D_Screensaver.scr
[2015.11.24 15:35:25 | 002,660,888 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Stonehenge_3D_Screensaver.scr
[2015.11.24 15:35:23 | 002,527,776 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Stock_Car_Racing_3D_Screensaver.scr
[2015.11.24 15:35:17 | 002,540,056 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Steam_Clock_3D_Screensaver.scr
[2015.11.24 15:35:15 | 002,591,256 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Starry_Night_3D_Screensaver.scr
[2015.11.24 15:35:12 | 002,532,888 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Springtime_3D_Screensaver.scr
[2015.11.24 15:35:10 | 000,956,960 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Spirit_of_Fire_3D_Screensaver.scr
[2015.11.24 15:35:09 | 002,532,376 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Snow_Village_3D_Screensaver.scr
[2015.11.24 15:35:06 | 002,828,344 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Sky_Citadel_3D_Screensaver.scr
[2015.11.24 15:35:00 | 004,640,288 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Skeleton_Clock_3D_Screensaver.scr
[2015.11.24 15:34:57 | 002,723,344 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Sharks_3D_Screensaver.scr
[2015.11.24 15:34:54 | 002,658,376 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Sharks_-_Great_White_3D_Screensaver.scr
[2015.11.24 15:34:51 | 002,541,592 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Santa_Claus_3D_Screensaver.scr
[2015.11.24 15:34:48 | 002,644,504 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Sandy_Beach_3D_Screensaver.scr
[2015.11.24 15:34:44 | 002,638,368 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Orbital_Sunset_3D_Screensaver.scr
[2015.11.24 15:34:42 | 000,946,704 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Nautilus_3D_Screensaver.scr
[2015.11.24 15:34:41 | 000,956,944 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Nature_3D_Screensaver.scr
[2015.11.24 15:34:39 | 002,531,880 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Mountain_Waterfall_3D_Screensaver.scr
[2015.11.24 15:34:38 | 002,535,968 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Medieval_Castle_3D_Screensaver.scr
[2015.11.24 15:34:34 | 002,531,872 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Mechanical_Clock_3D_Screensaver.scr
[2015.11.24 15:34:33 | 000,973,856 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Mayan_Waterfall_3D_Screensaver.scr
[2015.11.24 15:34:31 | 000,972,832 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Lighthouse_Point_3D_Screensaver.scr
[2015.11.24 15:34:29 | 000,817,168 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Lantern_3D_Screensaver.scr
[2015.11.24 15:34:28 | 002,668,560 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Lake_Tree_3D_Screensaver.scr
[2015.11.24 15:34:27 | 000,951,824 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Lagoon_3D_Screensaver.scr
[2015.11.24 15:34:25 | 002,545,680 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Koi_Fish_3D_Screensaver.scr
[2015.11.24 15:34:24 | 002,516,496 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Ice_Clock_3D_Screensaver.scr
[2015.11.24 15:34:23 | 002,534,936 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Haunted_House_3D_Screensaver.scr
[2015.11.24 15:34:19 | 000,942,608 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Halloween_3D_Screensaver.scr
[2015.11.24 15:34:18 | 002,679,840 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Great_Pyramids_3D_Screensaver.scr
[2015.11.24 15:34:11 | 002,534,928 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Grassland_3D_Screensaver.scr
[2015.11.24 15:34:09 | 002,664,472 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Grand_Canyon_3D_Screensaver.scr
[2015.11.24 15:34:03 | 000,970,256 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Galleon_3D_Screensaver.scr
[2015.11.24 15:34:00 | 002,634,272 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Futuristic_City_3D_Screensaver.scr
[2015.11.24 15:33:53 | 002,522,632 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Fog_Lake_Screensaver.scr
[2015.11.24 15:33:51 | 002,775,576 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Fog_Horses_3D_Screensaver.scr
[2015.11.24 15:33:49 | 000,991,752 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Flag_3D_Screensaver.scr
[2015.11.24 15:33:48 | 002,519,080 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Fireside_Christmas_3D_Screensaver.scr
[2015.11.24 15:33:46 | 002,671,120 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Fireplace_3D_Screensaver.scr
[2015.11.24 15:33:44 | 002,525,216 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Faraway_Planet_3D_Screensaver.scr
[2015.11.24 15:33:41 | 000,954,392 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Fantasy_Moon_3D_Screensaver.scr
[2015.11.24 15:33:40 | 002,637,320 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Earth_3D_Screensaver.scr
[2015.11.24 15:33:37 | 000,973,344 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Dutch_Windmills_3D_Screensaver.scr
[2015.11.24 15:33:35 | 002,693,648 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Dolphins_3D_Screensaver.scr
[2015.11.24 15:33:32 | 000,957,968 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Discovery_3D_Screensaver.scr
[2015.11.24 15:33:31 | 002,559,000 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Digital_Clock_3D_Screensaver.scr
[2015.11.24 15:33:29 | 002,527,256 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Deep_Space_3D_Screensaver.scr
[2015.11.24 15:33:27 | 002,532,368 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Cyberfish_3D_Screensaver.scr
[2015.11.24 15:33:25 | 000,947,736 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Cuckoo_Clock_3D_Screensaver.scr
[2015.11.24 15:33:23 | 000,980,000 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Crystal_Fireplace_3D_Screensaver.scr
[2015.11.24 15:33:20 | 002,504,216 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Coral_Reef_3D_Screensaver.scr
[2015.11.24 15:33:19 | 002,510,872 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Coral_Clock_3D_Screensaver.scr
[2015.11.24 15:33:17 | 000,953,368 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Clock_Tower_3D_Screensaver.scr
[2015.11.24 15:33:14 | 002,646,048 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Christmas_Evening_3D_Screensaver.scr
[2015.11.24 15:33:11 | 002,526,240 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Christmas_Bells_3D_Screensaver.scr
[2015.11.24 15:33:09 | 000,951,312 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Christmas_3D_Screensaver.scr
[2015.11.24 15:33:08 | 002,536,992 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Caribbean_Islands_3D_Screensaver.scr
[2015.11.24 15:33:05 | 002,610,208 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Blooming_Sakura_3D_Screensaver.scr
[2015.11.24 15:33:02 | 000,971,304 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Battleship_Missouri_3D_Screensaver.scr
[2015.11.24 15:32:59 | 002,541,600 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Autumn_Wonderland_3D_Screensaver.scr
[2015.11.24 15:32:57 | 002,656,792 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Autumn_Forest_3D_Screensaver.scr
[2015.11.24 15:32:54 | 002,512,928 | ---- | C] (3Planesoft) -- C:\Windows\SysWow64\Ancient_Castle_3D_Screensaver.scr
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Program Files (x86)\*.tmp

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[karbi02]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Process firefox.exe killed successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\Libor\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\lthub4ul.Libor1\extensions folder moved successfully.
C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\mfsozcu9.Libor\extensions folder moved successfully.
File C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\lthub4ul.Libor1\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
File C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\mfsozcu9.Libor\extensions\s3google@translator.xpi not found.
File C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\mfsozcu9.Libor\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\SysWOW64\Zodiac_Clock_3D_Screensaver.scr moved successfully.
C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3Planesoft 3D Screensavers All in One folder moved successfully.
C:\Windows\SysWOW64\Winter_Wonderland_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Wildflowers_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\White_Christmas_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Western_Railway_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Watermill_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Water_Clock_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Voyage_of_Columbus_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Vintage_Aircraft_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Venice_Carnival_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Valentine_Musicbox_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Valentine_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Tyrannosaurus_Rex_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Tropical_Fish_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Titanic_Memories_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Tiger_Sharks_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\The_One_Ring_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\The_Lost_Watch_II_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\The_Lost_Watch_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Thanksgiving_Day_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Sweethearts_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Sun_Village_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Sunny_Patio_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Summer_Forest_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Stonehenge_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Stock_Car_Racing_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Steam_Clock_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Starry_Night_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Springtime_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Spirit_of_Fire_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Snow_Village_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Sky_Citadel_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Skeleton_Clock_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Sharks_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Sharks_-_Great_White_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Santa_Claus_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Sandy_Beach_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Orbital_Sunset_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Nautilus_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Nature_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Mountain_Waterfall_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Medieval_Castle_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Mechanical_Clock_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Mayan_Waterfall_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Lighthouse_Point_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Lantern_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Lake_Tree_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Lagoon_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Koi_Fish_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Ice_Clock_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Haunted_House_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Halloween_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Great_Pyramids_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Grassland_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Grand_Canyon_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Galleon_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Futuristic_City_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Fog_Lake_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Fog_Horses_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Flag_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Fireside_Christmas_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Fireplace_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Faraway_Planet_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Fantasy_Moon_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Earth_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Dutch_Windmills_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Dolphins_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Discovery_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Digital_Clock_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Deep_Space_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Cyberfish_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Cuckoo_Clock_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Crystal_Fireplace_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Coral_Reef_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Coral_Clock_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Clock_Tower_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Christmas_Evening_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Christmas_Bells_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Christmas_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Caribbean_Islands_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Blooming_Sakura_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Battleship_Missouri_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Autumn_Wonderland_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Autumn_Forest_3D_Screensaver.scr moved successfully.
C:\Windows\SysWOW64\Ancient_Castle_3D_Screensaver.scr moved successfully.
C:\Windows\assembly\Desktop.ini moved successfully.
File EY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.
File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
File EY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 not found.
File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
C:\Windows\SysNative\SETC949.tmp moved successfully.
File\Folder C:\Program Files (x86)\*.tmp not found.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Libor
->Temp folder emptied: 327105461 bytes
->Temporary Internet Files folder emptied: 4577889 bytes
->FireFox cache emptied: 356299075 bytes
->Flash cache emptied: 1193 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 76400403 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 76400322 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 802,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12252015_101117

Files\Folders moved on Reboot...
C:\Users\Libor\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Libor\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[jaro3]

Co problémy?