Prosím o kontrolu logu HJT

Příspěvekod **jerabina** » 13 kvě 2015 13:37

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Vlož nový log z HJT + informuj o problémech.

Reklama

akiller · Příspěvekod **akiller** » 13 kvě 2015 14:12

Problémy neeviduji, PC je rychlejší, Mozilla taky :bigups:

Zde je log z aswMBR:

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-05-13 14:03:57
-----------------------------
14:03:57.186 OS Version: Windows 6.1.7601 Service Pack 1
14:03:57.186 Number of processors: 2 586 0x1706
14:03:57.186 ComputerName: INTEL UserName: Petr
14:04:25.017 Initialize success
14:04:25.110 VM: initialized successfully
14:04:25.110 VM: Intel CPU supported
14:04:35.712 VM: disk I/O atapi.sys
14:04:54.022 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
14:04:54.022 Disk 0 Vendor: ST1000DL002-9TT153 CC32 Size: 953868MB BusType: 3
14:04:54.022 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-4
14:04:54.038 Disk 1 Vendor: ST3320620AS 3.AAG Size: 305244MB BusType: 3
14:04:54.038 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP5T0L0-7
14:04:54.038 Disk 2 Vendor: KINGSTON_SHFS37A120G 580ABBF0 Size: 114473MB BusType: 3
14:04:54.085 Disk 1 MBR read successfully
14:04:54.100 Disk 1 MBR scan
14:04:54.100 Disk 1 Windows 7 default MBR code
14:04:54.132 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 149997 MB offset 63
14:04:54.147 Disk 1 default boot code
14:04:54.178 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 155245 MB offset 307195904
14:04:54.194 Disk 1 scanning sectors +625137664
14:04:54.288 Disk 1 scanning C:\Windows\system32\drivers
14:05:25.722 Service scanning
14:05:42.913 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
14:05:46.875 Modules scanning
14:05:46.875 Disk 1 trace - called modules:
14:05:46.906 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x8652c1e8]<<
14:05:46.906 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x87366ac8]
14:05:46.922 3 CLASSPNP.SYS[8d2e259e] -> nt!IofCallDriver -> [0x8655d918]
14:05:46.922 5 ACPI.sys[8cb483d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-4[0x87284908]
14:05:46.922 \Driver\atapi[0x87254030] -> IRP_MJ_CREATE -> 0x8652c1e8
14:05:46.938 Disk 1 statistics 82747/0/0 @ 1,90 MB/s
14:05:46.938 Scan finished successfully
14:05:58.544 Disk 1 MBR has been saved successfully to "C:\Users\Petr\Desktop\MBR.dat"
14:05:58.560 The log file has been saved successfully to "C:\Users\Petr\Desktop\aswMBR.txt"

akiller · Příspěvekod **akiller** » 13 kvě 2015 14:13

Zde je nový log z HiJackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:07:40, on 13.05.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
G:\Instalačky\Správa počítače\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{C6846616-3E73-45D0-840E-DAE156DADA32}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 5439 bytes

akiller · Příspěvekod **akiller** » 13 kvě 2015 14:41

Ještě mám dotaz: V disku F:/ se mi v jedné složce s excelovskými tabulkami objevují soubory. Jsou prázdné a nic v nich není (otevřel jsem je v txt.
3DB77000
50A7C100
54BD3000
AC8B1000
B0C77000
EFB3D100

a nemají žádnou koncovku. Už jsem jich pár smazal, ale objevují se další. Mám podezření, že se objevují po každém otevření Excelu. Co s tím?

Příspěvekod **jerabina** » 13 kvě 2015 14:59

Máš tam 2 antiviry, AVG a Comodo. AVG můžeš odstranit, nejlépe pomoci oficiálního removeru, který můžeš stáhnout zde: http://www.avg.com/cz-cs/utilities

Zbytky tich složek jak jsi se ptal odstranit můžeš.

Na Virustotal otestuj tento soubor prosím:
C:\Windows\system32\wuauclt.exe

S tima souborama, to co jsi sem postnul tak jsou jejich názvy? Zabal je do archivu, nahraj je na leteckaposta.cz a dej sem odkaz, podívám se na ně.

akiller · Příspěvekod **akiller** » 13 kvě 2015 15:25

File name: wuauclt.exe
Detection ratio: 0 / 56
Analysis date: 2015-05-13 13:20:51 UTC ( 2 minuty ago )

Ano, jsou to jejich názvy - http://leteckaposta.cz/367976464

Příspěvekod **jerabina** » 13 kvě 2015 20:09

Ahoj, nejsem si jistý, co to znamená. Uděláme další sken:

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

akiller · Příspěvekod **akiller** » 14 kvě 2015 14:42

Zde je první log z OTL:

OTL Extras logfile created on: 14.05.2015 14:31:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petr\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17801)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy

3,25 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 73,57% Memory free
6,50 Gb Paging File | 5,29 Gb Available in Paging File | 81,48% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151,61 Gb Total Space | 74,39 Gb Free Space | 49,07% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 123,48 Gb Free Space | 84,30% Space Free | Partition Type: NTFS
Drive E: | 643,34 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 244,14 Gb Total Space | 216,83 Gb Free Space | 88,81% Space Free | Partition Type: NTFS
Drive G: | 687,37 Gb Total Space | 100,69 Gb Free Space | 14,65% Space Free | Partition Type: NTFS
Drive H: | 111,79 Gb Total Space | 74,04 Gb Free Space | 66,24% Space Free | Partition Type: NTFS

Computer Name: INTEL | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{052A406B-71A4-43B9-B14E-1B435DF0E6C7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{09B538E2-95AD-4653-BD50-D97EF968083F}" = lport=445 | protocol=6 | dir=in | app=system |
"{20739F45-5F6C-4494-A148-716B42CE6E85}" = lport=47995 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{215658CD-B348-4DDE-AF55-5AF891DFEFFC}" = lport=138 | protocol=17 | dir=in | app=system |
"{226C9D0C-939E-44BC-850C-935B902A2754}" = rport=138 | protocol=17 | dir=out | app=system |
"{26667109-0099-40E5-8A55-C905D37D2D33}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2733C1FF-3AAF-4B17-A8E7-8E69D6D683A2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2D41154F-56C3-4E91-81BC-342C7809B6E3}" = rport=139 | protocol=6 | dir=out | app=system |
"{3BF84D45-E3AA-4E42-9E7C-14CC015C2D8B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{429E5DFA-C6A2-4E76-A202-5A84993A1B3A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{50C07B3D-21D6-411A-9725-C8AD1084BF0E}" = rport=137 | protocol=17 | dir=out | app=system |
"{6217E36F-9B59-490A-8107-9ABBF7CF71F0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7DEB36B4-50B5-45BC-BE60-FF7A6C0D84AE}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{7EDD22DE-AC79-49F2-9A1F-4E383DBE2840}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{8306552A-8FBE-4EF5-8BA0-5AF54097CDE9}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{85E52573-577B-468F-A63C-C71DC243ED1E}" = lport=137 | protocol=17 | dir=in | app=system |
"{9B9542D4-2989-4CC8-9DC3-C56855B3F9E1}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{9E03DE79-7DF4-41C0-B6AD-55108A9118AD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9F2A88CD-6499-463D-9B28-4036DE450BA1}" = rport=445 | protocol=6 | dir=out | app=system |
"{AA7B0F55-351F-40A4-A8A4-5B1343A7C504}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AAC060F8-694B-4B2A-9E43-BAB13831EFDC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B203DAF3-E33C-4AFB-9F74-5C781DF98FBD}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{B4D586C1-5073-4220-81B9-CC7210596B8F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BE2214CD-0E55-45FA-B4EB-B6EAA2EEC48E}" = lport=139 | protocol=6 | dir=in | app=system |
"{C5AA59B3-9738-4021-A34C-54F26D8FE2C6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C7ED5C59-C36C-46AD-B8EF-288B768B0EEA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DBDE4B50-109D-4958-87D6-E4663DC9D0D5}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{E52ADED3-337E-4934-9D86-D1C5026467FA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E7C09582-D0C4-4997-9F77-B4550C1E6B5B}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{F957E1FA-36FE-4129-8FF8-E6ABB396E883}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07FED6A6-4DE9-4F1B-9F72-0786DEE926CC}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{1AB41BD1-4A1E-4250-A568-E684C331E676}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{26E61C84-5983-44FB-A807-4CC165C470E5}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{294FBAA5-9056-427D-963C-CD583B95A30F}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{2BB0AEB9-295E-4DC6-8976-204095560EA3}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{322E4B0D-84AE-4D5E-B662-46E77B775100}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{4963BA7E-33BE-4116-925E-D69DF4305011}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4BA1566F-18F5-44F5-8E06-1FE2E18AA1F2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5431E2B5-A6BA-4326-9102-46CFBA334093}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{594A00D1-EC04-4D21-95B9-7A546FA1351C}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{5A5BF3CD-6504-4111-ABC0-52565B2298AF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{62ADCCCE-6A2F-458C-B19C-38E1FAD5F3E5}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{64E0B41F-6650-4645-9C1E-036186E2BDE0}" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"{65C884DF-9814-4905-83CF-0498F603CEBC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6D89690A-2DEB-44CC-ACF0-16B7FC4A277F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{832B01F7-9248-4E7D-804D-3642EBA6E6FE}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{83BAFAC2-B9C1-431B-BA69-C9D1737C85F7}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{92F75522-3947-452E-BB63-D1E44606963D}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{94698A97-887D-4002-8200-C406B29588EB}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{96DCB48A-B211-4963-96C4-27BA263339AA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9C27501F-0A96-424D-9382-9D74DEFDFA1E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9FE83B2B-BCCA-4C9C-85EF-93CFEDF2EB99}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A1A810B8-952D-4553-BCBB-D62176D9BF7A}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{A609B5A3-D660-4102-BD57-D5E5A31DBEC6}" = protocol=6 | dir=out | app=system |
"{A86F8C71-CF29-4B91-9247-584263C6F9E5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AE61675C-8A3C-484E-956C-8D2E999413E0}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B5EFEC89-5AED-4D3D-BDA9-747CD85AA79F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B7AEB36F-4914-438E-97B9-88DAB127E0DF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BB2C718E-E654-472B-B8DB-B93AF8309818}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CD1EDB1B-3BB7-4F3D-A51E-B04063ACC31C}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{D7F1F9D7-D27F-4957-830C-36199BC688CD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EA0F2585-66BB-4B51-9B7B-CDB6C7412531}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EA4A3B86-0532-441C-B39D-737AC2DABFFC}" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"{F16D717A-429C-47FC-8762-4539CF93F82D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F769B642-6D1B-4937-A85F-D9681161D5FE}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{F76A4799-68AB-4717-81A6-F86C1547CC52}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{F90587F1-C6AF-45D8-B504-04963DD3DC49}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FEFE34A7-5E16-496F-B57B-10B9613A91A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{13758209-EC29-4385-B776-4B0090426886}C:\users\petr\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\petr\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{33CB591A-DAAE-4329-B273-D61BA7C587C3}C:\users\petr\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\petr\appdata\roaming\spotify\spotify.exe |
"TCP Query User{355772AB-2CCA-478C-926F-190A25E8D97C}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"TCP Query User{4E591382-6A78-41FB-A1E0-353513242C54}G:\instalačky\vypalování, winzip, stahování dat, apod\bittorrent (7.5).exe" = protocol=6 | dir=in | app=g:\instalačky\vypalování, winzip, stahování dat, apod\bittorrent (7.5).exe |
"TCP Query User{892043FB-C949-4528-ADAB-BD0A2ACAC92A}C:\users\petr\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\petr\appdata\roaming\spotify\spotify.exe |
"TCP Query User{908A9E04-C667-4E6B-80E3-A0933BB93BE1}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{9A45832F-924C-43E8-BA2C-5757A0483163}C:\program files\tapinradio\tapinradio.exe" = protocol=6 | dir=in | app=c:\program files\tapinradio\tapinradio.exe |
"TCP Query User{AF9D5409-291D-44E7-A426-6B1EE187EE87}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{B9FDF405-BD9C-4B05-AB5F-3A3BB484B0DE}C:\users\petr\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\petr\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{C3D7AB9F-9CDF-40DB-8676-757A326FFE81}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{F38ECB3E-7F48-49EC-B646-46E0EBD07A78}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{0DD80B20-5040-43CF-A2B7-95EFAA84C98A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{139EC371-4B05-41A6-B684-8BFA7B4279EB}C:\program files\tapinradio\tapinradio.exe" = protocol=17 | dir=in | app=c:\program files\tapinradio\tapinradio.exe |
"UDP Query User{3E5DE00E-F0CF-4A13-9C31-255DD8976F2D}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{5C5D834A-3FB6-4950-8FFB-595C41B5D282}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{67E061F1-7FD9-4D70-B5AD-39CB6A952F3D}C:\users\petr\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\petr\appdata\roaming\spotify\spotify.exe |
"UDP Query User{6FAA17A2-F798-4A88-80BA-1DC16865D208}C:\users\petr\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\petr\appdata\roaming\spotify\spotify.exe |
"UDP Query User{9A1AC8A3-11A0-4E5C-A37E-ABF0F625158F}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{B367FDF1-6D97-46FD-BBAF-E02ED1FB99F2}C:\users\petr\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\petr\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{B68D9FC7-FE51-40E0-9B7B-8CBCC080054D}G:\instalačky\vypalování, winzip, stahování dat, apod\bittorrent (7.5).exe" = protocol=17 | dir=in | app=g:\instalačky\vypalování, winzip, stahování dat, apod\bittorrent (7.5).exe |
"UDP Query User{E4B921E9-F946-496E-B264-D10F4E775572}C:\users\petr\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\petr\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{E4F926A8-B972-4D4D-97E7-37704D0A4CBC}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{088A4B09-8FB2-48D0-932A-7F90BE050543}" = MAGIX Music Maker 2014 Premium
"{095A41CD-2500-4783-AE28-87E05653CDE7}" = MAGIX Music Maker 2014 Premium Soundpools
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A778892-7A3E-4516-832D-83E1F43E3D9F}" = AVG 2011
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}" = Microsoft .NET Framework 4.5.1 (CSY)
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.3
"{25CFEF55-A945-41FC-86ED-76469F31DF37}" = Nokia Connectivity Cable Driver
"{25F61E72-AAA4-4607-95D2-1E5139C98FFB}" = Nokia_Multimedia_Common_Components_2_5
"{26A24AE4-039D-4CA4-87B4-2F83218045F0}" = Java 8 Update 45
"{32A3A4F4-B792-11D6-A78A-00B0D0160050}" = Java(TM) SE Development Kit 6 Update 5
"{32A3A4F4-B792-11D6-A78A-00B0D0170150}" = Java SE Development Kit 7 Update 15
"{32A3A4F4-B792-11D6-A78A-00B0D0180110}" = Java SE Development Kit 8 Update 11
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}" = Firebird SQL Server - MAGIX Edition
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3CAD92B3-6BA0-44A4-A546-162520A80BB3}" = Vita Pop Brass
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B28C077-9958-45F1-8BB4-CBF90A69AD4E}" = PC Connectivity Solution
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{4BA5297E-60A6-4F18-9AAC-25A878C4E38C}" = MAGIX Music Maker 2014 Premium (Introductory videos)
"{4F6B2EA9-4598-4653-B13A-E27AA387DC9B}" = Vita Vintage Organ
"{4FCB1267-7380-4EBA-9A6C-69809C6E8227}" = Nokia Music Player
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{58DDFC02-3E05-472E-ABF0-5A3DC500FFB1}" = MAGIX Music Maker 2014 Premium Update
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5C375A31-ED71-4CA0-91E0-8FA47E72D56D}" = MAGIX Speed burnR (MSI)
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65444C65-5D63-4D20-82EC-F182656B0786}" = Vita Drum Engine
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6F1F7E62-A579-434C-9610-F6FE2930C02E}" = MAGIX Music Maker 2014 Soundpools
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72945A77-20ED-4507-B267-4771EDE4EE58}" = MAGIX Burn routines
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{773A4DDC-3B52-42C7-8B7A-52369B9A390B}" = MAGIX Music Maker 2014 Premium (Synthesizer and effects)
"{77C4AF18-19ED-489E-84D3-203E3862F6BC}" = Vita 2 add-on content
"{789495D8-AF08-4B7C-9022-5F624F3CFB0B}" = PowerArchiver 2010
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A22C523-501D-4FD2-B9AD-BBEE8AFAED44}" = Vita Jazz Drums
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80074966-5231-428D-9AE7-B7D5D2DC3246}" = Readon TV Movie Radio Player 7.6.0.0
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A6A5590A-0FF9-4FD9-AD8D-17B5BCBE06F5}" = MAGIX Music Maker 2014 Premium (Visuals)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC65361C-7AD1-4811-834A-6AEF497F9927}" = Microsoft WorldWide Telescope
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 350.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 350.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 350.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.4.3.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 349.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.15.0324
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 2.4.3.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.33.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.4.3.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.27
"{B4477203-41E1-40CE-9B31-1EA0E22E7084}" = Vita 2
"{B5145D63-8F03-40B0-A337-43C005438B5B}" = Vita Power Guitar
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B807FEBE-E253-4B7E-B23F-364873478065}" = MAGIX Music Maker 2014 Premium (Demo songs)
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BF307EDA-A176-4D83-9775-D337810CF7A7}" = Cookienator
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD49361E-3FE6-457E-90A1-9C59E29B5D02}" = Java DB 10.3.1.4
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA28DEC6-ECC8-4787-B551-93F0C2778579}" = Vita Electric Piano
"{FB2DFE2E-9213-4816-B72E-8098A5953D15}" = AVG 2011
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 17 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 17 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"AudioCS" = Creative Audio Control Panel
"AVG" = AVG 2011
"Avidemux 2.6" = Avidemux 2.6 (32-bit)
"CCleaner" = CCleaner
"CloneSpy" = CloneSpy 2.63
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties" = Creative Sound Blaster Properties
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"Ear Test_is1" = Ear Test 1.00
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fences" = Fences
"File Shredder_is1" = File Shredder 2.5
"FormatFactory" = FormatFactory 3.3.5.0
"Freemake Video Converter_is1" = Freemake Video Converter verze 4.1.3
"Freemake Video Downloader_is1" = Freemake Video Downloader
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"Logitech Vid" = Logitech Vid HD
"Magic FLAC to MP3 Converter_is1" = Magic FLAC to MP3 Converter 3.71
"MAGIX_{5C375A31-ED71-4CA0-91E0-8FA47E72D56D}" = MAGIX Speed burnR (MSI)
"MAGIX_GlobalContent" = MAGIX Content and Soundpools
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.4.1028
"MediaInfo" = MediaInfo 0.7.73
"Mozilla Firefox 37.0.2 (x86 cs)" = Mozilla Firefox 37.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Music NFO Builder_is1" = Music NFO Builder v1.20
"MX.{088A4B09-8FB2-48D0-932A-7F90BE050543}" = MAGIX Music Maker 2014 Premium
"MX.{4BA5297E-60A6-4F18-9AAC-25A878C4E38C}" = MAGIX Music Maker 2014 Premium (Introductory videos)
"MX.{773A4DDC-3B52-42C7-8B7A-52369B9A390B}" = MAGIX Music Maker 2014 Premium (Synthesizer and effects)
"MX.{A6A5590A-0FF9-4FD9-AD8D-17B5BCBE06F5}" = MAGIX Music Maker 2014 Premium (Visuals)
"MX.{B807FEBE-E253-4B7E-B23F-364873478065}" = MAGIX Music Maker 2014 Premium (Demo songs)
"nbi-nb-base-7.3.0.0.201302132200" = NetBeans IDE 7.3
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PatchBeam_is1" = PatchBeam v1.10
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"Ramdisk" = Ramdisk
"Recuva" = Recuva
"Scorpions WinCheater 2.07 (s databází 165)_is1" = Scorpions WinCheater
"Sigil_is1" = Sigil 0.7.4
"Smart Tests" = Smart Tests
"SQLite3 manager LITE_is1" = SQLite3 manager 5.1 lite, release 280207
"Stellarium_is1" = Stellarium 0.11.4
"TapinRadio_is1" = TapinRadio 1.18
"Totalcmd" = Total Commander (Remove or Repair)
"TS Dějepis" = TS Dějepis
"TS Dějepis (plná instalace)" = TS Dějepis (plná instalace)
"TVUPlayer" = TVUPlayer 2.5.3.1
"VisiPics_is1" = VisiPics V1.30
"VLC media player" = VLC media player
"Winamp" = Winamp
"WinDjView" = WinDjView 2.1
"WinPcapInst" = WinPcap 4.1.2
"Word Manager" = Word Manager
"yBook_is1" = yBook
"YeaChess" = Yea Chess
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9ead8755c3c1fd40" = Ucitilek
"BitTorrent" = BitTorrent
"ChromePlus" = ChromePlus
"Spotify" = Spotify
"Thumbnail me 3.0" = Thumbnail me 3.0

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10.05.2015 14:40:54 | Computer Name = intel | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary SASDIFSV.

System
Error: Systém nemůže nalézt uvedený soubor. .

Error - 10.05.2015 14:40:54 | Computer Name = intel | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.

System
Error: Systém nemůže nalézt uvedený soubor. .

Error - 11.05.2015 07:51:32 | Computer Name = intel | Source = Application Hang | ID = 1002
Description = Program Explorer.EXE verze 6.1.7601.17567 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 788 Čas spuštění: 01d08bb6cb24df64 Čas ukončení: 6059 Cesta k aplikaci: C:\Windows\Explorer.EXE

ID
hlášení: e7709a96-f7d3-11e4-9eb1-001d7daf29d4

Error - 11.05.2015 13:21:41 | Computer Name = intel | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku 3. Hodnota
MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version
v prvku assemblyIdentity je neplatná.

Error - 11.05.2015 14:08:39 | Computer Name = intel | Source = Application Hang | ID = 1002
Description = Program Explorer.EXE verze 6.1.7601.17567 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 3e0 Čas spuštění: 01d08c076c35baf9 Čas ukončení: 0 Cesta k aplikaci: C:\Windows\Explorer.EXE

ID
hlášení: aea97123-f808-11e4-870b-001d7daf29d4

Error - 11.05.2015 14:36:35 | Computer Name = intel | Source = Application Hang | ID = 1002
Description = Program explorer.exe verze 6.1.7601.17567 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 165c Čas spuštění: 01d08c1581a092a8 Čas ukončení: 514 Cesta k aplikaci: C:\Windows\explorer.exe

ID
hlášení: a098ac12-f80c-11e4-870b-001d7daf29d4

Error - 11.05.2015 15:13:31 | Computer Name = intel | Source = VSS | ID = 8194
Description =

Error - 12.05.2015 13:33:40 | Computer Name = intel | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku 3. Hodnota
MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version
v prvku assemblyIdentity je neplatná.

Error - 13.05.2015 03:10:02 | Computer Name = intel | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku 3. Hodnota
MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version
v prvku assemblyIdentity je neplatná.

Error - 13.05.2015 05:21:51 | Computer Name = intel | Source = Application Hang | ID = 1002
Description = Program avgui.exe verze 10.0.0.1433 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
177c Čas spuštění: 01d08d5e2afc8213 Čas ukončení: 16 Cesta k aplikaci: C:\Program
Files\AVG\AVG10\avgui.exe ID hlášení: 74a097f5-f951-11e4-9be1-001d7daf29d4

[ System Events ]
Error - 10.05.2015 14:40:53 | Computer Name = intel | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error - 10.05.2015 14:41:23 | Computer Name = intel | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující
chybě: %%1056

Error - 12.05.2015 05:24:47 | Computer Name = intel | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 12.05.2015 05:29:34 | Computer Name = intel | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 12.05.2015 05:35:38 | Computer Name = intel | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (11:33:26, ?12.?5.?2015) bylo neočekávané.

Error - 13.05.2015 05:05:01 | Computer Name = intel | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 13.05.2015 05:11:26 | Computer Name = intel | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 13.05.2015 05:17:14 | Computer Name = intel | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (11:15:49, ?13.?5.?2015) bylo neočekávané.

Error - 13.05.2015 17:11:17 | Computer Name = intel | Source = DCOM | ID = 10010
Description =

Error - 13.05.2015 17:11:17 | Computer Name = intel | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x80080005): Aktualizace zabezpečení systému Windows 7 (KB3046002).

< End of report >

akiller · Příspěvekod **akiller** » 14 kvě 2015 14:43

A zde je druhý log, jeho první část:

OTL logfile created on: 14.05.2015 14:31:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petr\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17801)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy

3,25 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 73,57% Memory free
6,50 Gb Paging File | 5,29 Gb Available in Paging File | 81,48% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151,61 Gb Total Space | 74,39 Gb Free Space | 49,07% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 123,48 Gb Free Space | 84,30% Space Free | Partition Type: NTFS
Drive E: | 643,34 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 244,14 Gb Total Space | 216,83 Gb Free Space | 88,81% Space Free | Partition Type: NTFS
Drive G: | 687,37 Gb Total Space | 100,69 Gb Free Space | 14,65% Space Free | Partition Type: NTFS
Drive H: | 111,79 Gb Total Space | 74,04 Gb Free Space | 66,24% Space Free | Partition Type: NTFS

Computer Name: INTEL | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Petr\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe ()
PRC - C:\Program Files\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cis.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (COMODO)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe ()
MOD - C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll ()
MOD - C:\Program Files\CCleaner\Lang\lang-1029.dll ()

========== Services (SafeList) ==========

SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV - (NvNetworkService) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (GfExperienceService) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation)
SRV - (DiagTrack) -- C:\Windows\System32\diagtrack.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (cmdvirth) -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (COMODO)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Freemake Improver) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Freemake)
SRV - (FreemakeVideoCapture) -- C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe (Ellora Assets Corp.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (ServiceLayer) -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)

========== Driver Services (SafeList) ==========

DRV - (VBoxNetFlt) -- system32\DRIVERS\VBoxNetFlt.sys File not found
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSEH) -- C:\Windows\System32\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (inspect) -- C:\Windows\System32\drivers\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\Windows\System32\drivers\cmdhlp.sys (COMODO)
DRV - (cmdGuard) -- C:\Windows\System32\drivers\cmdGuard.sys (COMODO)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (nvvad_WaveExtensible) -- C:\Windows\System32\drivers\nvvad32v.sys (NVIDIA Corporation)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (Disc Soft Ltd)
DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project)
DRV - (VBoxNetAdp) -- C:\Windows\System32\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (HWiNFO32) -- D:\Program Files\HWiNFO32\HWiNFO32.SYS (REALiX(tm))
DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (P17) -- C:\Windows\System32\drivers\P17.sys (Creative Technology Ltd.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\Windows\System32\drivers\lv302af.sys (Logitech Inc.)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "about:home"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmdownloader@gmail.com: C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ [2014.02.07 10:31:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ytfmdownloader@gmail.com: C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ [2014.02.07 10:31:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2015.05.10 13:58:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014.02.06 19:59:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Extensions
[2012.11.21 21:09:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Extensions-BackupByFirefoxPortable
[2015.05.10 20:41:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2015.05.06 16:05:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\0khh5aex.default-1427958703254\extensions
[2015.05.10 18:27:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\0khh5aex.default-1427958703254\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
[2015.05.12 19:05:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions
[2015.05.06 16:40:15 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2015.05.10 21:10:27 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2015.05.06 16:54:43 | 000,000,000 | ---D | M] (ÄŚeskĂ˝ slovnĂk pro kontrolu pravopisu) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\cs@dictionaries.addons.mozilla.org
[2015.05.10 16:40:49 | 000,000,000 | ---D | M] (Pocket) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\isreaditlater@ideashower.com
[2015.05.06 16:40:15 | 000,133,000 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\adblockpopups@jessehakanen.net.xpi
[2015.05.06 16:07:27 | 000,488,459 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi
[2015.05.10 19:01:46 | 001,449,164 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\firefox@ghostery.com.xpi
[2015.05.06 16:39:50 | 000,105,399 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\ich@maltegoetz.de.xpi
[2015.05.10 19:04:37 | 000,201,102 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\thumbnailZoom@dadler.github.com.xpi
[2015.05.12 19:05:41 | 000,741,338 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi
[2015.05.06 16:40:15 | 000,546,981 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2015.05.06 16:35:57 | 000,970,672 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015.05.06 16:07:26 | 000,811,281 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2015.05.10 19:52:59 | 000,134,309 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi
[2015.04.22 21:47:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015.04.22 21:47:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2015.05.13 11:18:40 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Java Plug-in 11.45.2)
O16 - DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Java Plug-in 1.8.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Java Plug-in 11.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.37 213.46.172.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C6846616-3E73-45D0-840E-DAE156DADA32}: DhcpNameServer = 213.46.172.37 213.46.172.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C6846616-3E73-45D0-840E-DAE156DADA32}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.11.07 12:52:56 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2000.03.29 22:41:36 | 000,000,053 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

akiller · Příspěvekod **akiller** » 14 kvě 2015 14:43

Druhá část:

========== Files/Folders - Created Within 30 Days ==========

[2015.05.14 14:25:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2015.05.13 23:15:45 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2015.05.13 15:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\ConeXware
[2015.05.13 14:03:24 | 005,200,384 | ---- | C] (AVAST Software) -- C:\Users\Petr\Desktop\aswmbr.exe
[2015.05.13 13:42:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2015.05.13 11:40:41 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\TuneUp Software
[2015.05.13 11:25:17 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2015.05.13 08:07:33 | 003,989,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015.05.13 08:07:33 | 000,851,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagtrack.dll
[2015.05.13 08:07:33 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UtcResources.dll
[2015.05.13 08:07:32 | 003,934,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015.05.13 08:07:32 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2015.05.13 08:07:32 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2015.05.13 08:07:31 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2015.05.13 08:07:31 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2015.05.13 08:07:31 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015.05.13 08:07:31 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2015.05.13 08:07:31 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015.05.13 08:07:31 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\typeperf.exe
[2015.05.13 08:07:31 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015.05.13 08:07:31 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2015.05.13 08:07:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskperf.exe
[2015.05.13 08:07:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015.05.13 08:07:30 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015.05.13 08:07:30 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015.05.13 08:07:30 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015.05.13 08:07:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2015.05.13 08:07:14 | 002,382,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015.05.13 08:07:14 | 001,250,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2015.05.13 08:06:54 | 000,685,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2015.05.13 08:06:54 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2015.05.13 08:06:54 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2015.05.13 08:06:54 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2015.05.13 08:06:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2015.05.13 08:06:53 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2015.05.13 08:06:53 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2015.05.13 08:06:53 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2015.05.13 08:06:53 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015.05.13 08:06:53 | 000,342,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015.05.13 08:06:53 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015.05.13 08:06:53 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015.05.13 08:06:52 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015.05.13 08:06:52 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015.05.13 08:06:51 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015.05.13 08:06:51 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2015.05.13 08:06:51 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2015.05.13 08:06:51 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2015.05.13 08:06:49 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015.05.13 08:06:49 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015.05.13 08:06:47 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015.05.13 08:06:46 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2015.05.13 08:06:45 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2015.05.13 08:06:41 | 004,305,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015.05.13 08:06:35 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdbinst.exe
[2015.05.13 08:06:29 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2015.05.10 18:52:58 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Local\Temp
[2015.05.10 17:25:23 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Local\Apps
[2015.05.10 13:59:38 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\AVG10
[2015.05.10 13:58:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011
[2015.05.10 13:57:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2015.05.10 13:57:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2015.05.10 13:56:55 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2015.05.10 13:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2015.05.09 11:26:01 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2015.05.06 12:02:50 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\Comodo
[2015.05.06 10:00:11 | 000,560,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe
[2015.05.06 09:56:39 | 001,048,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3235012.dll
[2015.05.06 09:56:39 | 000,912,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco3235012.dll
[2015.05.06 09:56:37 | 008,590,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2015.05.06 09:56:36 | 025,374,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2015.05.06 09:56:36 | 024,053,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2015.05.06 09:56:36 | 012,852,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2015.05.06 09:56:36 | 011,380,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2015.05.06 09:56:36 | 002,573,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2015.05.06 09:56:36 | 000,970,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvIFR.dll
[2015.05.06 09:56:36 | 000,962,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvFBC.dll
[2015.05.06 09:56:36 | 000,927,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvumdshim.dll
[2015.05.06 09:56:36 | 000,402,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvEncodeAPI.dll
[2015.05.06 09:56:36 | 000,346,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvIFROpenGL.dll
[2015.05.06 09:56:36 | 000,154,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll
[2015.05.06 09:56:36 | 000,128,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglshim32.dll
[2015.04.25 14:20:11 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\BSplayer Pro
[2015.04.25 14:20:11 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\BSplayer
[2015.04.24 11:09:21 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Local\Thumbnail me
[2015.04.24 11:09:19 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\Thumbnail me
[2015.04.24 11:09:14 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Thumbnail me 3.0
[2015.04.24 11:09:10 | 000,000,000 | ---D | C] -- C:\Program Files\Thumbnail me 3.0
[2015.04.24 10:50:17 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\MediaInfo
[2015.04.24 10:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\MediaInfo
[2015.04.22 21:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015.04.22 08:17:47 | 002,744,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2015.04.22 08:17:47 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2015.04.22 08:17:47 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2015.04.21 08:52:05 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2015.04.21 08:52:05 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2015.04.21 08:51:48 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2015.04.19 20:10:17 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2015.04.19 20:10:17 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll
[2015.04.19 20:10:17 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2015.04.19 20:10:17 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll
[2015.04.19 20:10:17 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2015.04.19 20:10:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll
[2015.04.19 20:10:17 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2015.04.19 20:10:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2015.04.19 20:10:17 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2015.04.15 12:15:05 | 000,000,000 | ---D | C] -- C:\Program Files\Ear Test
[2015.04.15 08:53:43 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2015.04.15 08:53:42 | 000,896,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2015.04.15 08:53:42 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2015.04.15 08:53:42 | 000,576,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2015.04.15 08:53:42 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2015.04.15 08:53:42 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2015.04.15 08:53:42 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2015.04.15 08:53:41 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2015.04.15 08:53:39 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
[2015.04.15 08:52:46 | 003,088,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2015.04.15 08:52:46 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2015.04.15 08:52:46 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2015.04.15 08:52:46 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wu.upgrade.ps.dll
[2015.04.15 08:52:45 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2015.04.15 08:52:45 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2015.04.15 08:52:45 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2015.04.15 08:52:45 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSetupUI.dll
[2015.04.15 08:52:45 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2015.04.15 08:52:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll

========== Files - Modified Within 30 Days ==========

[2015.05.14 14:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2015.05.14 11:41:28 | 000,022,272 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.05.14 11:41:28 | 000,022,272 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.05.14 08:09:05 | 178,857,089 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2015.05.14 07:29:53 | 000,771,532 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2015.05.14 07:29:53 | 000,662,688 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015.05.14 07:29:53 | 000,198,380 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2015.05.14 07:29:53 | 000,125,640 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015.05.14 07:24:22 | 002,301,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015.05.14 07:22:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.05.14 07:22:28 | 2616,057,856 | -HS- | M] () -- C:\hiberfil.sys
[2015.05.13 14:05:58 | 000,000,512 | ---- | M] () -- C:\Users\Petr\Desktop\MBR.dat
[2015.05.13 14:03:26 | 005,200,384 | ---- | M] (AVAST Software) -- C:\Users\Petr\Desktop\aswmbr.exe
[2015.05.13 11:18:40 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2015.05.12 18:52:48 | 000,058,374 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2015.05.10 17:50:31 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2015.05.10 17:36:42 | 000,035,064 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2015.05.10 16:43:32 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015.05.10 14:04:21 | 000,002,659 | ---- | M] () -- C:\Users\Public\Desktop\WWT ¦ Mars.lnk
[2015.05.10 14:04:21 | 000,002,647 | ---- | M] () -- C:\Users\Public\Desktop\WorldWide Telescope.lnk
[2015.05.10 13:58:27 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSDriver.sys
[2015.05.10 13:58:26 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSFilter.sys
[2015.05.10 13:58:25 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSEH.sys
[2015.05.10 13:58:24 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\System32\drivers\AVGIDSShim.sys
[2015.05.10 13:58:20 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2015.05.10 13:58:17 | 000,255,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2015.05.10 13:58:16 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgrkx86.sys
[2015.05.10 13:57:34 | 000,299,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2015.05.10 13:35:48 | 000,002,122 | ---- | M] () -- C:\Windows\epplauncher.mif
[2015.05.10 06:15:03 | 000,246,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2015.05.07 07:55:17 | 000,003,758 | ---- | M] () -- C:\Windows\System32\drivers\fvstore.dat
[2015.05.07 07:54:55 | 000,002,250 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2015.05.01 18:51:27 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvspcap.dll
[2015.05.01 18:51:27 | 001,316,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvspbridge.dll
[2015.05.01 15:16:41 | 000,102,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2015.04.27 21:11:55 | 003,934,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015.04.27 21:11:54 | 003,989,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015.04.27 21:05:39 | 000,851,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\diagtrack.dll
[2015.04.27 21:05:34 | 000,635,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2015.04.27 21:05:33 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015.04.27 21:05:32 | 000,400,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2015.04.27 21:05:17 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015.04.27 21:04:37 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015.04.27 21:04:24 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2015.04.27 21:04:24 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\typeperf.exe
[2015.04.27 21:04:14 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2015.04.27 21:04:12 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2015.04.27 21:04:04 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2015.04.27 21:03:58 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\diskperf.exe
[2015.04.27 21:03:52 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015.04.27 21:01:33 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015.04.27 21:01:22 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015.04.27 20:59:41 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2015.04.27 20:59:36 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015.04.27 20:00:30 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UtcResources.dll
[2015.04.26 10:18:45 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015.04.26 10:18:45 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015.04.26 09:20:35 | 000,096,680 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2015.04.22 03:48:29 | 000,342,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015.04.21 18:25:34 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015.04.21 18:25:20 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2015.04.21 18:11:07 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2015.04.21 18:10:12 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2015.04.21 18:09:57 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015.04.21 18:08:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2015.04.21 18:03:16 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015.04.21 18:02:29 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2015.04.21 18:00:06 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015.04.21 17:58:45 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015.04.21 17:58:44 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2015.04.21 17:57:57 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2015.04.21 17:51:54 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2015.04.21 17:48:45 | 000,418,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015.04.21 17:43:28 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2015.04.21 17:39:32 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2015.04.21 17:36:40 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015.04.21 17:31:13 | 004,305,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015.04.21 17:26:27 | 000,688,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015.04.21 17:26:01 | 000,685,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2015.04.21 17:25:45 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015.04.21 17:24:48 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2015.04.21 16:56:39 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2015.04.20 04:56:29 | 001,250,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2015.04.20 04:03:22 | 002,382,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015.04.19 20:10:17 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2015.04.19 20:10:17 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll
[2015.04.19 20:10:17 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2015.04.19 20:10:17 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll
[2015.04.19 20:10:17 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2015.04.19 20:10:17 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll
[2015.04.19 20:10:17 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2015.04.19 20:10:17 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2015.04.19 20:10:17 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2015.04.19 20:10:17 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
[2015.04.19 13:36:06 | 000,498,250 | ---- | M] () -- C:\Users\Petr\Desktop\044.jpg

========== Files Created - No Company Name ==========

[2015.05.14 08:09:05 | 178,857,089 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2015.05.13 14:05:58 | 000,000,512 | ---- | C] () -- C:\Users\Petr\Desktop\MBR.dat
[2015.05.12 18:52:48 | 000,058,374 | ---- | C] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2015.05.10 18:52:59 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2015.05.10 12:15:07 | 002,301,792 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2015.05.06 13:49:03 | 000,003,758 | ---- | C] () -- C:\Windows\System32\drivers\fvstore.dat
[2015.04.26 10:04:32 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015.04.24 10:49:13 | 000,001,068 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
[2015.04.17 19:45:17 | 000,498,250 | ---- | C] () -- C:\Users\Petr\Desktop\044.jpg
[2015.04.15 08:53:04 | 000,016,303 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2015.04.01 19:52:02 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-INTEL-Windows-7-Home-Premium-(32-bit).dat
[2014.09.28 12:20:20 | 000,344,064 | ---- | C] () -- C:\Windows\System32\fgkey10.exe
[2014.09.28 12:05:37 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2014.07.21 17:26:31 | 004,336,074 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2014.06.08 21:01:59 | 000,035,064 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2014.04.16 19:26:01 | 000,149,504 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2014.04.16 19:26:01 | 000,006,067 | ---- | C] () -- C:\Windows\UNWISE.INI
[2012.08.06 18:24:33 | 000,138,904 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\PnkBstrK.sys
[2012.07.28 17:27:29 | 000,021,976 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\UserTile.png
[2011.12.18 15:32:49 | 000,069,120 | ---- | C] () -- C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.07.09 21:51:26 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Ashampoo
[2014.01.31 12:44:26 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Audacity
[2015.03.29 11:27:02 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\AVG
[2015.05.10 13:59:38 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\AVG10
[2014.11.24 20:47:04 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\avidemux
[2012.04.09 16:14:15 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Azureus
[2015.05.09 11:41:45 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\BitTorrent
[2014.12.10 02:57:43 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\BlackBean
[2015.04.25 15:15:26 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\BSplayer
[2015.04.25 14:20:11 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\BSplayer Pro
[2011.11.09 11:38:53 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Canneverbe Limited
[2012.11.13 21:10:21 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\ChromePlus
[2012.10.29 21:17:51 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\CloneSpy
[2015.01.14 08:37:32 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
[2013.04.06 15:10:19 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\DVDVideoSoft
[2011.11.08 16:13:57 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\GHISLER
[2014.07.22 23:02:39 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Hulubulu
[2014.03.02 12:38:03 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\ICQ
[2015.04.19 19:50:47 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\IObit
[2011.11.11 07:04:41 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Leadertech
[2012.09.19 23:21:31 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\LEGO Company
[2015.04.24 10:52:19 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\MediaInfo
[2013.03.03 22:18:01 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\NetBeans
[2012.04.30 20:13:49 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Nokia
[2015.01.16 08:18:11 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\QuickScan
[2012.04.08 16:27:38 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Raptr
[2012.10.10 18:43:22 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\RigNRoll_usa_ws
[2013.10.31 20:00:30 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Seznam.cz
[2013.02.20 22:04:35 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Sony Online Entertainment
[2015.03.31 11:58:18 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Spotify
[2012.10.01 20:00:05 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Stardock
[2013.08.30 13:25:02 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Steganos
[2013.08.30 13:22:58 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Steganos VPN
[2015.05.09 11:41:47 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Stellarium
[2015.04.24 11:09:19 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Thumbnail me
[2015.05.13 11:40:41 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\TuneUp Software
[2015.05.09 11:41:47 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\uTorrent
[2011.12.02 16:06:39 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\VirtuaWin
[2013.07.01 21:01:19 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Zoner

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Windows\System32\MpSigStub.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\avgtdix.sys:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\avgrkx86.sys:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\avgmfx86.sys:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\avgldx86.sys:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\AVGIDSShim.sys:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\AVGIDSFilter.sys:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\AVGIDSEH.sys:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\System32\drivers\AVGIDSDriver.sys:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Users\Petr\Desktop\OTL.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Users\Petr\Desktop\aswmbr.exe:$CmdTcID
@Alternate Data Stream - 26 bytes -> C:\Users\Petr\Desktop\OTL.exe:$CmdZnID
@Alternate Data Stream - 26 bytes -> C:\Users\Petr\Desktop\aswmbr.exe:$CmdZnID

< End of report >

Příspěvekod **jerabina** » 15 kvě 2015 14:47

Poklepej na ikonu OTL na ploše. Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
FF - user.js - File not found
[2014.02.06 19:59:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Extensions
[2012.11.21 21:09:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Extensions-BackupByFirefoxPortable
[2015.05.10 20:41:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2015.05.06 16:05:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\0khh5aex.default-1427958703254\extensions
[2015.05.10 18:27:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\0khh5aex.default-1427958703254\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
[2015.05.12 19:05:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions
[2015.05.10 21:10:27 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2015.05.06 16:54:43 | 000,000,000 | ---D | M] (ÄŚeskĂ˝ slovnĂk pro kontrolu pravopisu) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\cs@dictionaries.addons.mozilla.org
[2015.05.06 16:40:15 | 000,133,000 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\adblockpopups@jessehakanen.net.xpi
[2015.05.06 16:07:27 | 000,488,459 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi
[2015.05.10 19:01:46 | 001,449,164 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\firefox@ghostery.com.xpi
[2015.05.06 16:39:50 | 000,105,399 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\ich@maltegoetz.de.xpi
[2015.05.10 19:04:37 | 000,201,102 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\thumbnailZoom@dadler.github.com.xpi
[2015.05.12 19:05:41 | 000,741,338 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi
[2015.05.06 16:40:15 | 000,546,981 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2015.05.06 16:35:57 | 000,970,672 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015.05.06 16:07:26 | 000,811,281 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2015.05.10 19:52:59 | 000,134,309 | ---- | M] () (No name found) -- C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi
[2015.04.22 21:47:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Program Files (x86)\*.tmp
C:\Users\Petr\AppData\Roaming\TuneUp Software

:commands
[Purity]
[Emptytemp]
[Emptyjava] 
[Emptyflash] 
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

akiller · Příspěvekod **akiller** » 15 kvě 2015 20:22

Zde je požadovaný log:

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{CFBFAE00-17A6-11D0-99CB-00C04FD64497} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\ not found.
File move failed. C:\Windows\System32\ieframe.dll scheduled to be moved on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
C:\Users\Petr\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Extensions-BackupByFirefoxPortable folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\extensions folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\0khh5aex.default-1427958703254\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\defaults folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\0khh5aex.default-1427958703254\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B} folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\0khh5aex.default-1427958703254\extensions folder moved successfully.
Folder C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\0khh5aex.default-1427958703254\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\ not found.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\JAK folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses\email folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\classes folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\chrome folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\skin folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\zh-TW folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\zh-CN folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\tr-TR folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\sv-SE folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\ru-RU folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\pt-PT folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\pt-BR folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\pl-PL folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\nl-NL folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\lt-LT folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\ja-JP folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\it-IT folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\hu-HU folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\he-IL folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\fr-FR folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\fi-FI folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\es-ES folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\eo folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\en-US folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\el-GR folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\de-DE folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\da-DK folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale\ca folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\locale folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\defaults\preferences folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\defaults folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\content\prefs folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}\content folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\staged folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\isreaditlater@ideashower.com\defaults\preferences folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\isreaditlater@ideashower.com\defaults folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\isreaditlater@ideashower.com\components folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\isreaditlater@ideashower.com\chrome folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\isreaditlater@ideashower.com folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\cs@dictionaries.addons.mozilla.org\dictionaries folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\cs@dictionaries.addons.mozilla.org folder moved successfully.
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions folder moved successfully.
Folder C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\ not found.
Folder C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\cs@dictionaries.addons.mozilla.org\ not found.
File C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\adblockpopups@jessehakanen.net.xpi not found.
File C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi not found.
File C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\firefox@ghostery.com.xpi not found.
File C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\ich@maltegoetz.de.xpi not found.
File C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\thumbnailZoom@dadler.github.com.xpi not found.
File C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi not found.
File C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi not found.
File C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
File C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi not found.
File C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\g82kcs7k.default-1430921114877\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi not found.
C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\browser\extensions folder moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring deleted successfully.
C:\Program Files\CCleaner\CCleaner.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
C:\Users\Petr\AppData\Roaming\TuneUp Software\TU2012\Backups folder moved successfully.
C:\Users\Petr\AppData\Roaming\TuneUp Software\TU2012 folder moved successfully.
C:\Users\Petr\AppData\Roaming\TuneUp Software folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Petr
->Temp folder emptied: 3046797 bytes
->Temporary Internet Files folder emptied: 1541980 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 103197548 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1454 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9288678 bytes
RecycleBin emptied: 876012 bytes

Total Files Cleaned = 112,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Petr
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Petr
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 05152015_201023

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\ieframe.dll scheduled to be moved on reboot.
File move failed. C:\Users\Petr\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\84253e574d0bdc4321086929e7e39f5c_fce8395f8fd8a9b8_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\Petr\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\84253e574d0bdc4321086929e7e39f5c_fce8395f8fd8a9b8_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Prosím o kontrolu logu HJT Vyřešeno

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Re: Prosím o kontrolu logu HJT

Kdo je online