Trojský kun

Zpráva

AlohaAnty · #1 Příspěvek od **AlohaAnty** » 21 říj 2013 18:31

Cau, včera mi NB napadl Trojský kun, zkontroloval jsem pc přes Spyware Terminator 2012 a napsalo, že Trosjký kun byl odstraněn, pak jsem dělal ještě test přes Avast, a po dokončení testu zde bylo napsaná "chyba soubor není dostupný(je offline)".
Takže jsem si myslel, že už je odstraněn, ale stále se mi nehorázně seká NB co stím?

#2 Příspěvek od **vyosek** » 21 říj 2013 18:45

Zdravim a pekny vecer preji

Jelikoz nevime o Vasem PC nic a z kristalove koule se spatne vesti, navic je vecer a tma a tak neni nic videt

Ale dosti legracek, kouknem na to

Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=24&t=130784 - navod Vas povede...

AlohaAnty · #3 Příspěvek od **AlohaAnty** » 21 říj 2013 18:56

Doufám, že to je ono

Logfile of random's system information tool 1.09 (written by random/random)
Run by Dominik at 2013-10-21 19:52:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 271 GB (57%) free of 477 GB
Total RAM: 4061 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:52:38, on 21.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files\My Lockbox\mylbx.exe
C:\Users\Dominik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Overwolf\Overwolf.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
C:\Windows\SysWOW64\jmdp\stij.exe
C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Dominik\Downloads\RSIT.exe
C:\Program Files\trend micro\Dominik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.audio4fun.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?p2=%5EB72%5E ... 10-07&psv=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - {77b06cda-2360-4ce2-871a-553d933e0554} - (no file)
R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
R3 - URLSearchHook: uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IMPI Helper - {17E113E6-CD0E-4045-B154-65F0E57959EF} - C:\Program Files\IMPI\Extension32.dll
O2 - BHO: (no name) - {230b9a15-0695-4130-93b8-a93d4f5df8ae} - (no file)
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (file missing)
O2 - BHO: Oovoo Toolbar BHO - {4F564F32-5637-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport.dll" (file missing)
O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: uTorrentControl_v6 - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll
O2 - BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: (no name) - {db0cf5d9-13eb-435e-9db3-4a8aaf4c75ce} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: Rich Media Player - {FEB703F7-E7B2-4AB0-9566-87658AC70095} - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - (no file)
O3 - Toolbar: (no name) - {17f24f6d-0284-4a62-a3b7-fca9f2084af4} - (no file)
O3 - Toolbar: StartSearchToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll
O3 - Toolbar: Mp3Tube Toolbar - {46897C77-E7A6-4c33-BFFB-E9C2E2718942} - "C:\Program Files (x86)\Mp3Tube Toolbar\mp3tubetb.DLL" (file missing)
O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll
O3 - Toolbar: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (file missing)
O3 - Toolbar: Oovoo Toolbar - {4F564F32-5637-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport.dll" (file missing)
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [msdnfjSrv] C:\Windows\inf\msdnfj.vbe
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
O4 - HKLM\..\RunOnce: [removeiLividdatamngr] cmd.exe /c RD /S /Q "C:\Program Files (x86)\Movies Toolbar"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Dominik\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [SDP] C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto
O4 - HKCU\..\Run: [Google Update] "C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Clownfish] "C:\Program Files (x86)\Clownfish\Clownfish.exe"
O4 - HKCU\..\Run: [Tiny download manager] "C:\Users\Dominik\AppData\Local\DM\TinyDM.exe" /M
O4 - HKCU\..\Run: [SpeedUpMyComputer] C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Dominik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Dominik\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (file missing)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\movies~1\datamngr\mgrldr.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMPI Updater - Unknown owner - C:\Program Files\IMPI\ExtensionUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 15955 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2f4
"C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\My Lockbox\mylbx.exe" /a
"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
C:\Windows\system32\dmwu.exe
szndesktop.exe default start
"C:\Program Files\IMPI\ExtensionUpdaterService.exe"
"C:\Users\Dominik\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "-279410091191223211-9262924601320710082-683120825510451862399720954-1153129638
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\Overwolf\Overwolf.exe" -silent
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
WLIDSvcM.exe 640
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe" /TUStart /pid:968
"C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe"
"C:\Windows\SysWOW64\jmdp\stij.exe"
"C:\Windows\System32\ljkb\stij.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe" "path=C:\Program Files (x86)\Overwolf"
"C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe" "path=C:\Program Files (x86)\Overwolf\x64\OWExplorerLauncher.dll
C:\Windows\System32\svchost.exe -k secsvcs
C:\Users\Dominik\Music\lst.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4572.0.341789143\417793991" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,18,24,26 --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2302 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_53/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --enable-experimental-extension-apis --disable-accelerated-2d-canvas --channel="4572.1.507976221\2066550173" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_53/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --enable-experimental-extension-apis --disable-accelerated-2d-canvas --channel="4572.4.1398029025\339027002" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4572.5.819426059\878317926" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOn/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group5 pct:10d stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_53/UMA-Uniformity-Trial-10-Percent/group_06/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --enable-experimental-extension-apis --disable-accelerated-2d-canvas --channel="4572.16.1734204342\29696137" /prefetch:673131151
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2fd0d4c5-30d0-4507-b762-066d66cd132d -SystemEventPortName:HostProcess-ec2f5b2a-c239-4756-b17f-7d9da30b876e -IoCancelEventPortName:HostProcess-2b0c173b-b862-4528-9d2f-6e2bd29f28bd -NonStateChangingEventPortName:HostProcess-21a637c5-411a-4063-ab73-f012f8aadad9 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a9d4c0ea-89af-4c28-acc0-c042e53d6dc6 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k SDRSVC
taskeng.exe {F2C015E3-458C-4A23-9B69-5ED7B4E22F96}
C:\Windows\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
"C:\Users\Dominik\Downloads\RSIT.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Dominik\Downloads\RSITx64.exe"
"C:\Windows\System32\osk.exe"

======Scheduled tasks folder======

C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job
C:\Windows\tasks\PC SpeedUp Service Deactivator.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.searchgol.com/?babsrc=HP_ss& ... l&tsp=5023"
prefs.js - "browser.startup.homepage" - "http://www2.delta-search.com/?babsrc=HP ... 3&tsp=5005"

"{17E113E6-CD0E-4045-B154-65F0E57959EF}"=C:\Program Files\IMPI\Firefox

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@DotSpot_2k.com/Plugin]
"Description"=DotSpot Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@richmediaplayer.com/nppluginrichmediaplayer]
"Description"=
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\nppluginrichmediaplayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
mp3tubetoolbar@mp3tubetoolbar.com
{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
flashplayer.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
nppluginrichmediaplayer.dll
npvsharetvplg.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
Ask.xml
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
Mp3Tube.xml
Search_Results.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\extensions\
2kffxtbr@DotSpot_2k.com
5088229c8fdbc@5088229c8fdee.com
battlefieldheroespatcher@ea.com
ffxtlbr@babylon.com
ffxtlbr@incredibar.com
{687578b9-7132-4a7a-80e4-30ee31099e03}
{800b5000-a755-47e1-992b-48a1c1357f07}
{96f454ea-9d38-474f-b504-56193e00c1a5}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\
Ask.xml
askcom.xml
babylon.xml
BrowserProtect.xml
DotSpot_2k.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin.xml
MyStart Search.xml
privitize.xml
search.xml
Search_Results.xml
startsear.xml
sweetim.xml
utorrentcontrolv6-customized-web-search.xml
WebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}]
IMPI - C:\Program Files\IMPI\Extension64.dll [2013-02-05 211456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F564F32-5637-006A-76A7-7A786E7484D7}]
Oovoo Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport_x64.dll [2013-10-15 13776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-08-21 537576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-08-21 193512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}]
IMPI - C:\Program Files\IMPI\Extension32.dll [2013-02-05 167424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{230b9a15-0695-4130-93b8-a93d4f5df8ae}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll [2011-05-20 1144784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377e5d4d-77e5-476a-8716-7e70a9272da0}]
Search-Results Toolbar - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F564F32-5637-006A-76A7-7A786E7484D7}]
Oovoo Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport.dll [2013-10-15 12240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}]
Incredibar.com Helper Object - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll [2012-01-22 261632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-08-21 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}]
IE5BarLauncherBHO Class - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll [2011-11-24 178048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96f454ea-9d38-474f-b504-56193e00c1a5}]
uTorrentControl_v6 Toolbar - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll [2012-11-06 183112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
Rich Media Downloader - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll [2013-07-03 155928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{db0cf5d9-13eb-435e-9db3-4a8aaf4c75ce}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-08-21 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]
Rich Media Player - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll [2013-03-12 120600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
{4F564F32-5637-006A-76A7-7A786E7484D7} - Oovoo Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport_x64.dll [2013-10-15 13776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046}
{17f24f6d-0284-4a62-a3b7-fca9f2084af4}
{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - StartSearchToolBar - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll [2011-11-24 178048]
{46897C77-E7A6-4c33-BFFB-E9C2E2718942} - Mp3Tube Toolbar - C:\Program Files (x86)\Mp3Tube Toolbar\mp3tubetb.DLL [2011-04-29 1070592]
{F9639E4A-801B-4843-AEE3-03D9DA199E77} - Incredibar Toolbar - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll [2012-01-22 270336]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
{96f454ea-9d38-474f-b504-56193e00c1a5} - uTorrentControl_v6 Toolbar - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll [2012-11-06 183112]
{377e5d4d-77e5-476a-8716-7e70a9272da0} - Search-Results Toolbar - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll []
{4F564F32-5637-006A-76A7-7A786E7484D7} - Oovoo Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport.dll [2013-10-15 12240]
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll [2011-05-20 1144784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]
"mylbx"=C:\Program Files\My Lockbox\mylbx.exe [2011-02-03 1898208]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13 472984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 911040]
"PCSpeedUp"=C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe [2013-03-07 256808]
"cz.seznam.software.autoupdate"=C:\Users\Dominik\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"SDP"=C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe [2013-01-31 201808]
"Google Update"=C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-11 136176]
"Clownfish"=C:\Program Files (x86)\Clownfish\Clownfish.exe []
"Tiny download manager"=C:\Users\Dominik\AppData\Local\DM\TinyDM.exe /M []
"SpeedUpMyComputer"=C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe [2013-07-22 2054776]
"cz.seznam.software.szndesktop"=C:\Users\Dominik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2013-09-15 1052496]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-07-25 20684656]
"ooVoo.exe"=C:\Program Files (x86)\ooVoo\oovoo.exe [2013-09-10 35253312]
"Facebook Update"=C:\Users\Dominik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-07 138096]
"Overwolf"=C:\Program Files (x86)\Overwolf\Overwolf.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
C:\Program Files (x86)\Clownfish\Clownfish.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [2009-04-29 3338240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-11 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
~C:\Program Files (x86)\ICQ7.6\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Optimizer Pro]
C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-09-07 3673808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun]
C:\Program Files (x86)\WebcamMax\wcmmon.exe [2011-07-17 1038848]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2013-10-01 2345296]
"msdnfjSrv"=C:\Windows\inf\msdnfj.vbe [2013-08-27 1558]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-10-15 1673680]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true []
"PCTools FGuard"=C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe [2011-05-20 247760]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"removeiLividdatamngr"=cmd.exe /c RD /S /Q C:\Program Files (x86)\Movies Toolbar []

C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~2\movies~1\datamngr\x64\mgrldr.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-21 19:52:35 ----D---- C:\Program Files\trend micro
2013-10-21 19:48:46 ----D---- C:\Program Files (x86)\trend micro
2013-10-21 19:48:45 ----D---- C:\rsit
2013-10-21 18:58:45 ----A---- C:\Windows\_MSRSTRT.EXE
2013-10-21 05:54:33 ----D---- C:\Program Files (x86)\Google
2013-10-20 21:23:50 ----D---- C:\ProgramData\Simply Super Software
2013-10-20 21:10:16 ----A---- C:\Windows\BDTSupport.dll
2013-10-20 21:10:15 ----A---- C:\Windows\SGDetectionTool.dll
2013-10-20 21:10:15 ----A---- C:\Windows\PCTBDRes.dll
2013-10-20 21:10:15 ----A---- C:\Windows\PCTBDCore.dll
2013-10-20 21:07:47 ----A---- C:\Windows\system32\drivers\Cat.DB
2013-10-20 21:06:26 ----D---- C:\Program Files (x86)\PC Tools Security
2013-10-20 15:16:17 ----D---- C:\Windows\system32\ljkb
2013-10-20 15:16:16 ----D---- C:\Windows\SYSWOW64\jmdp
2013-10-19 15:32:09 ----D---- C:\Program Files (x86)\Adobe
2013-10-19 15:24:12 ----D---- C:\Program Files (x86)\Half-Life Model Viewer
2013-10-19 10:40:09 ----D---- C:\Program Files (x86)\Counter-Strike 1.6 Non-Steam
2013-10-10 07:50:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-10 07:50:56 ----A---- C:\Windows\system32\ieui.dll
2013-10-10 07:50:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-10 07:50:53 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-10 07:50:53 ----A---- C:\Windows\system32\iesetup.dll
2013-10-10 07:50:53 ----A---- C:\Windows\system32\iernonce.dll
2013-10-10 07:50:52 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-10 07:50:52 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-10 07:50:52 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-10 07:50:51 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-10 07:50:50 ----A---- C:\Windows\system32\iertutil.dll
2013-10-10 07:50:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-10 07:50:47 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-10 07:50:46 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-10 07:50:46 ----A---- C:\Windows\system32\jscript.dll
2013-10-10 07:50:45 ----A---- C:\Windows\system32\jscript9.dll
2013-10-10 07:50:44 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-10 07:50:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-10 07:50:42 ----A---- C:\Windows\system32\urlmon.dll
2013-10-10 07:50:39 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-10 07:50:39 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-10 07:50:38 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-10 07:50:37 ----A---- C:\Windows\system32\wininet.dll
2013-10-10 07:50:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-10 07:50:34 ----A---- C:\Windows\system32\ieframe.dll
2013-10-10 07:50:30 ----A---- C:\Windows\system32\mshtml.dll
2013-10-10 07:50:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-10 06:06:55 ----A---- C:\Windows\system32\comctl32.dll
2013-10-10 06:06:54 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-10 06:06:52 ----A---- C:\Windows\system32\atmfd.dll
2013-10-10 06:06:51 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-10 06:06:51 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-10 06:06:51 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-10 06:06:51 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-10 06:06:51 ----A---- C:\Windows\system32\lpk.dll
2013-10-10 06:06:51 ----A---- C:\Windows\system32\fontsub.dll
2013-10-10 06:06:51 ----A---- C:\Windows\system32\dciman32.dll
2013-10-10 06:06:51 ----A---- C:\Windows\system32\atmlib.dll
2013-10-10 06:06:50 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-10 06:06:49 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-10 06:06:49 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-10 06:06:48 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-10 06:06:48 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-10 06:06:46 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-10 06:06:44 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-10 06:06:44 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-10 06:06:44 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-10 06:06:44 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-10 06:06:44 ----A---- C:\Windows\system32\davclnt.dll
2013-10-10 06:06:41 ----A---- C:\Windows\system32\mswsock.dll
2013-10-10 06:06:41 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-10 06:06:41 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-10 06:06:40 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-10 06:06:37 ----A---- C:\Windows\system32\win32k.sys
2013-10-10 06:06:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-10 06:06:30 ----A---- C:\Windows\system32\advapi32.dll
2013-10-10 06:06:28 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-10 06:06:27 ----A---- C:\Windows\system32\tdh.dll
2013-10-10 06:06:26 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-10-10 06:06:26 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-10 06:06:24 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-10-10 06:06:24 ----A---- C:\Windows\system32\ntdll.dll
2013-10-10 06:06:23 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-10 06:06:21 ----A---- C:\Windows\system32\wow64.dll
2013-10-10 06:06:17 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-10 06:06:16 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-10 06:06:16 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-10 06:06:16 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-10 06:06:16 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-10 06:06:10 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 06:06:10 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 06:06:08 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-10 06:05:45 ----A---- C:\Windows\system32\scavengeui.dll
2013-10-07 14:09:39 ----D---- C:\ProgramData\AskPartnerNetwork
2013-10-07 14:09:39 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2013-10-07 14:09:13 ----D---- C:\Program Files (x86)\Comodo
2013-10-07 14:09:08 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2013-10-07 14:09:08 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2013-10-07 14:09:04 ----D---- C:\ProgramData\APN
2013-10-07 14:08:58 ----D---- C:\Program Files (x86)\ooVoo
2013-10-07 13:54:21 ----RD---- C:\Program Files (x86)\Skype
2013-10-05 19:57:10 ----A---- C:\Windows\Counter-Strike 1.6 Standalone Uninstaller.exe
2013-10-05 19:55:55 ----D---- C:\Program Files (x86)\Counter-Strike 1.6 Standalone
2013-10-05 15:46:13 ----D---- C:\Program Files\TeamSpeak 3 Client
2013-10-03 19:41:42 ----D---- C:\Program Files (x86)\hrajcs
2013-10-03 05:48:57 ----SHD---- C:\Config.Msi
2013-10-02 20:42:02 ----D---- C:\Users\Dominik\AppData\Roaming\SpeedAnalysis2
2013-10-02 20:41:45 ----D---- C:\Program Files (x86)\Haali
2013-10-02 20:41:18 ----D---- C:\Users\Dominik\AppData\Roaming\zulagames
2013-09-30 14:31:15 ----D---- C:\Users\Dominik\AppData\Roaming\.minecraft
2013-09-29 12:55:21 ----D---- C:\Program Files (x86)\Music!
2013-09-28 10:23:05 ----D---- C:\Counter-Strike 1.6
2013-09-28 09:54:03 ----D---- C:\Program Files (x86)\WB Games
2013-09-25 06:58:01 ----D---- C:\Program Files (x86)\Movies Toolbar

======List of files/folders modified in the last 1 month======

2013-10-21 19:52:35 ----RD---- C:\Program Files
2013-10-21 19:52:35 ----D---- C:\Windows\Temp
2013-10-21 19:48:46 ----RD---- C:\Program Files (x86)
2013-10-21 19:40:31 ----D---- C:\Windows\System32
2013-10-21 19:40:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-21 19:40:30 ----D---- C:\Windows\inf
2013-10-21 19:38:37 ----SHD---- C:\System Volume Information
2013-10-21 19:35:19 ----SHD---- C:\Windows\Installer
2013-10-21 19:35:15 ----HD---- C:\ProgramData
2013-10-21 19:35:15 ----D---- C:\Program Files (x86)\SweetIM
2013-10-21 19:19:04 ----D---- C:\Users\Dominik\AppData\Roaming\Seznam.cz
2013-10-21 19:18:17 ----D---- C:\Windows\system32\config
2013-10-21 19:16:18 ----D---- C:\ProgramData\Wincert
2013-10-21 19:14:56 ----AD---- C:\ProgramData\TEMP
2013-10-21 19:14:41 ----D---- C:\Program Files (x86)\QuadCoreM2
2013-10-21 19:11:09 ----D---- C:\Windows\system32\Tasks
2013-10-21 19:11:05 ----D---- C:\Windows\Tasks
2013-10-21 19:10:59 ----D---- C:\Users\Dominik\AppData\Roaming\PerformerSoft
2013-10-21 19:06:44 ----D---- C:\Users\Dominik\AppData\Roaming\Skype
2013-10-21 19:06:35 ----D---- C:\Users\Dominik\AppData\Roaming\uTorrent
2013-10-21 19:03:49 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2013-10-21 19:00:34 ----D---- C:\Windows
2013-10-21 18:58:34 ----D---- C:\Windows\SYSWOW64\Macromed
2013-10-21 18:54:44 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-10-21 18:54:11 ----D---- C:\Program Files (x86)\EA Sports
2013-10-21 18:47:10 ----D---- C:\Users\Dominik\AppData\Roaming\TS3Client
2013-10-21 18:47:10 ----D---- C:\Program Files (x86)\Steam
2013-10-21 18:46:19 ----D---- C:\Windows\Panther
2013-10-21 18:46:12 ----D---- C:\Windows\Logs
2013-10-21 18:46:12 ----D---- C:\Windows\debug
2013-10-21 14:38:55 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2
2013-10-21 05:47:18 ----D---- C:\Program Files (x86)\Common Files
2013-10-20 22:12:01 ----D---- C:\Windows\system32\NDF
2013-10-20 22:05:30 ----D---- C:\Windows\SysWOW64
2013-10-20 21:44:10 ----D---- C:\Windows\system32\drivers
2013-10-20 19:49:02 ----D---- C:\Windows\SYSWOW64\WNLT
2013-10-20 15:07:57 ----D---- C:\Windows\system32\catroot
2013-10-20 15:07:56 ----D---- C:\Windows\SYSWOW64\ARFC
2013-10-20 07:16:34 ----D---- C:\ProgramData\Adobe
2013-10-19 15:35:14 ----D---- C:\Users\Dominik\AppData\Roaming\Adobe
2013-10-16 21:58:14 ----D---- C:\Users\Dominik\AppData\Roaming\vlc
2013-10-15 10:43:06 ----A---- C:\Windows\system32\dmwu.exe
2013-10-15 10:37:36 ----A---- C:\Windows\system32\ImHttpComm.dll
2013-10-14 22:18:49 ----D---- C:\Windows\rescache
2013-10-13 17:03:20 ----RSD---- C:\Windows\Fonts
2013-10-12 22:58:43 ----RSD---- C:\Windows\assembly
2013-10-12 22:58:43 ----D---- C:\Windows\Microsoft.NET
2013-10-12 09:10:30 ----D---- C:\Windows\Prefetch
2013-10-12 09:04:46 ----SHD---- C:\$Recycle.Bin
2013-10-12 09:04:40 ----RD---- C:\Users
2013-10-10 22:17:05 ----D---- C:\Windows\system32\catroot2
2013-10-10 12:50:51 ----D---- C:\Windows\winsxs
2013-10-10 12:45:57 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-10 12:45:53 ----D---- C:\Program Files\Internet Explorer
2013-10-10 12:45:44 ----D---- C:\Windows\AppPatch
2013-10-10 12:45:25 ----D---- C:\Windows\system32\DriverStore
2013-10-10 12:42:54 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-10 12:42:53 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 07:53:44 ----D---- C:\ProgramData\Microsoft Help
2013-10-10 07:45:39 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-10-10 07:38:11 ----D---- C:\Windows\system32\MRT
2013-10-10 07:34:14 ----A---- C:\Windows\system32\MRT.exe
2013-10-10 07:26:32 ----D---- C:\Windows\system32\cs-CZ
2013-10-09 06:29:48 ----D---- C:\Users\Dominik\AppData\Roaming\Mozilla
2013-10-09 05:51:53 ----D---- C:\ProgramData\IObit
2013-10-07 14:06:09 ----D---- C:\ProgramData\Skype
2013-10-05 15:49:05 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2013-10-03 05:49:07 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2013-10-02 20:42:18 ----D---- C:\ProgramData\DSearchLink
2013-09-30 15:21:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-09-25 06:57:58 ----D---- C:\Program Files (x86)\Search Results Toolbar
2013-09-22 16:11:45 ----D---- C:\Program Files (x86)\call of

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-03-07 22600]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 FSProFilter;FSPro File Filter; C:\Windows\System32\Drivers\FSPFltd.sys [2010-07-22 54848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2012-10-28 51496]
R2 WCMVCAM;WebcamMax, WDM Video Capture; C:\Windows\system32\DRIVERS\wcmvcam64.sys [2011-06-23 1071032]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-07 283200]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-10 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 bdssmldq;bdssmldq; C:\Windows\system32\drivers\bdssmldq.sys []
S1 fgyglvyd;fgyglvyd; C:\Windows\system32\drivers\fgyglvyd.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-01 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-01 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-01 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-01 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-01 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-01 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-01 158320]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys []
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 68608]
S4 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 7168]
S4 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 89600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-10-15 166352]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2011-05-20 337872]
R2 IBUpdaterService;IBUpdaterService; C:\Windows\system32\dmwu.exe [2013-10-15 1754928]
R2 IMPI Updater;IMPI Updater; C:\Program Files\IMPI\ExtensionUpdaterService.exe [2013-02-05 185856]
R2 PCSUService;PC Speed Up Service; C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe [2013-03-07 341800]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-18 2271608]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-11-02 2365792]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21 116648]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-10-01 2746704]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-07-25 162672]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-10-09 565672]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-13 1255736]
S4 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2013-07-01 32808]
S4 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S4 Mp3Tube Toolbar Service;Mp3Tube Toolbar Updater Service; C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeSvc.exe [2011-04-29 227840]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2012-09-07 1148664]

-----------------EOF-----------------

#4 Příspěvek od **vyosek** » 21 říj 2013 18:58

Jste se dal na chov konicku trojskych nebo co

Cela zoo i s babkou pokladni

Ty nelegalni Office se mi tam ale vubec nelibi, co s nimi hodlate delat? Nase forum se distancuje od SW piratstvi

AlohaAnty · #5 Příspěvek od **AlohaAnty** » 21 říj 2013 19:00

Hned jak mi to pomůžete vyřešit s Officema něco udělám, navíc už dlouho přemýšlím o legálních

Ale ještě jsem se k tomu nedokopal

#6 Příspěvek od **vyosek** » 21 říj 2013 19:12

Fajn, beru Vas za slovo

Tak nevim odkud zacit, ale vrhnem se do toho, ceka nas dost prace

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

AlohaAnty · #7 Příspěvek od **AlohaAnty** » 21 říj 2013 20:06

Tady ComboFix
ComboFix 13-10-21.01 - Dominik 21.10.2013 20:26:06.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4061.2294 [GMT 2:00]
Spuštěný z: c:\users\Dominik\Downloads\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\BasicScan
c:\program files (x86)\BasicScan\uninstall.exe
c:\program files (x86)\Incredibar.com
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\inCRedibar.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
c:\program files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}
c:\program files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\defaults\preferences\prefs.js
c:\program files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\chrome.manifest
c:\program files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\chrome\basicscan.jar
c:\program files (x86)\Mozilla Firefox\extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}\install.rdf
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome.manifest
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\constants.js
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\convertvideo.js
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\convertvideodlg.js
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\convertvideodlg.xul
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\events.js
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\savetomp3popup.js
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\savetomp3popup.xul
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\tbcore.js
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\toolbar.xul
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\weather.js
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\weatherLoc.js
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\weatherLoc.xul
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\arrow-grey.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\arrow_partner.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\arrow_small.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\bg.jpg
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\arrow.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\arrow_big.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\btn_close.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\dailyhotdeals.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\divider.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\facebook.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\games.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\icon-RSS.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\news.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\plainbutton.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\savemp3.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\savemp3_disabled.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\savemp3popup-musicicon.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\savemp3popup.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\saveyoutubevideos.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\screensaver.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\search.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\searchbar-grey-250.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\searchbox.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\separator_line.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\shopping.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\Thumbs.db
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\watermark.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\youtube.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\feeditem.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\logo.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\news_refresh.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\popupSearchMp3.css
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\popupWindow.css
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\SaveMp3_bg_hover.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\SaveMp3_bg_normal.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\savetomp3PopUp.css
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\Thumbs.db
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\toolbar.css
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\cloudy.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\flurries.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\hazy.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\chance_of_rain.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\chance_of_snow.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\chance_of_storm.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\chance_of_tstorm.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\mist.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\mostly_cloudy.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\mostly_sunny.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\rain.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\sleet.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\snow.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\storm.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\sunny.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\Thumbs.db
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\thunderstorm.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\weatherbug.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\windy.png
c:\program files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\install.rdf
c:\program files (x86)\Mp3Tube Toolbar
c:\program files (x86)\Mp3Tube Toolbar\ffmpeg.exe
c:\program files (x86)\Mp3Tube Toolbar\Mp3TubeSvc.exe
c:\program files (x86)\Mp3Tube Toolbar\mp3Tubetb.dll
c:\program files (x86)\Mp3Tube Toolbar\Mp3TubeVideoToMp3.exe
c:\program files (x86)\Mp3Tube Toolbar\ShowMsg.exe
c:\program files (x86)\Mp3Tube Toolbar\uninstall.exe
c:\program files (x86)\Search Results Toolbar\Datamngr
c:\program files (x86)\Search Results Toolbar\Datamngr\del_DM_LL_nscFAE8.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\x64\del_DM_LL_nscFAE8.dll
c:\program files (x86)\StartSearch plugin
c:\program files (x86)\StartSearch plugin\IEhelperActiveX.dll
c:\program files (x86)\StartSearch plugin\ssBarLcher.dll
c:\program files (x86)\StartSearch plugin\StartBar.dll
c:\program files (x86)\StartSearch plugin\uninst.exe
c:\program files (x86)\StartSearch plugin\vshareplg.crx
c:\program files\IMPI\ExTEnsion32.dll
c:\users\Dominik\AppData\Local\TempDIR
c:\users\Dominik\AppData\Local\TempDIR\BetterInstaller.exe
c:\users\Dominik\AppData\Local\TempDIR\GFInstaller\AppName.txt
c:\users\Dominik\AppData\Local\TempDIR\GFInstaller\DownloadURL.txt
c:\users\Dominik\AppData\Local\TempDIR\GFInstaller\GFInstaller.exe
c:\users\Dominik\AppData\Local\TempDIR\GFInstaller\Channel.txt
c:\users\Dominik\AppData\Roaming\7go
c:\users\Dominik\AppData\Roaming\7go\7go.crx
c:\users\Dominik\AppData\Roaming\7go\icon.ico
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\extensions\5088229c8fdbc@5088229c8fdee.com
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\extensions\5088229c8fdbc@5088229c8fdee.com\bootstrap.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\extensions\5088229c8fdbc@5088229c8fdee.com\content\bg.js
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\extensions\5088229c8fdbc@5088229c8fdee.com\content\zy.xul
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\extensions\5088229c8fdbc@5088229c8fdee.com\chrome.manifest
c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\extensions\5088229c8fdbc@5088229c8fdee.com\install.rdf
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\egkcbimocjlaegijlkhcphggjpblepbf
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\egkcbimocjlaegijlkhcphggjpblepbf\2_0\5088229c8fd161351099036.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\egkcbimocjlaegijlkhcphggjpblepbf\2_0\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\egkcbimocjlaegijlkhcphggjpblepbf\2_0\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\egkcbimocjlaegijlkhcphggjpblepbf\2_0\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\egkcbimocjlaegijlkhcphggjpblepbf\2_0\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\egkcbimocjlaegijlkhcphggjpblepbf\2_0\sqlite.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Mp3Tube Toolbar Service
-------\Service_PCSUService
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-21 do 2013-10-21 )))))))))))))))))))))))))))))))
.
.
2013-10-21 18:40 . 2013-10-21 18:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-21 17:52 . 2013-10-21 17:52 -------- d-----w- c:\program files\trend micro
2013-10-21 17:48 . 2013-10-21 17:48 -------- d-----w- c:\program files (x86)\trend micro
2013-10-21 17:48 . 2013-10-21 17:49 -------- d-----w- C:\rsit
2013-10-21 17:14 . 2013-10-21 17:14 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7A7AD41E-76D9-4BE4-B937-B1123B356045}\offreg.dll
2013-10-21 16:58 . 2013-10-21 16:58 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2013-10-21 03:54 . 2013-10-21 03:55 -------- d-----w- c:\program files (x86)\Google
2013-10-20 19:23 . 2013-10-20 19:23 -------- d-----w- c:\programdata\Simply Super Software
2013-10-20 19:10 . 2011-05-20 09:44 767952 ----a-w- c:\windows\BDTSupport.dll
2013-10-20 19:10 . 2011-05-20 09:44 149456 ----a-w- c:\windows\SGDetectionTool.dll
2013-10-20 19:10 . 2011-05-20 09:44 2078672 ----a-w- c:\windows\PCTBDCore.dll
2013-10-20 19:10 . 2011-05-20 09:44 1533904 ----a-w- c:\windows\PCTBDRes.dll
2013-10-20 19:06 . 2013-10-21 03:47 -------- d-----w- c:\program files (x86)\PC Tools Security
2013-10-20 13:16 . 2013-10-20 13:16 -------- d-----w- c:\windows\system32\ljkb
2013-10-20 13:16 . 2013-10-20 13:16 -------- d-----w- c:\windows\SysWow64\jmdp
2013-10-19 13:32 . 2013-10-19 13:33 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-10-19 13:30 . 2013-10-21 03:58 -------- d-----w- c:\users\Dominik\AppData\Local\Adobe
2013-10-19 13:24 . 2013-10-19 13:24 -------- d-----w- c:\program files (x86)\Half-Life Model Viewer
2013-10-19 13:19 . 2013-10-19 13:28 -------- d-----w- c:\users\Dominik\.gimp-2.6
2013-10-19 08:40 . 2013-10-19 08:43 -------- d-----w- c:\program files (x86)\Counter-Strike 1.6 Non-Steam
2013-10-18 11:40 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7A7AD41E-76D9-4BE4-B937-B1123B356045}\mpengine.dll
2013-10-15 16:31 . 2013-10-21 17:10 -------- d-----w- c:\program files (x86)\Common Files\Overwolf
2013-10-15 16:30 . 2013-10-21 17:02 -------- d-----w- c:\users\Dominik\AppData\Local\Overwolf
2013-10-12 07:04 . 2013-10-12 07:05 -------- d-----w- c:\users\Guest
2013-10-10 04:06 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2013-10-10 04:05 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-10-07 12:09 . 2013-10-07 12:09 -------- d-----w- c:\programdata\AskPartnerNetwork
2013-10-07 12:09 . 2013-10-07 12:09 -------- d-----w- c:\program files (x86)\AskPartnerNetwork
2013-10-07 12:09 . 2013-10-07 12:09 -------- d-----w- c:\users\Dominik\AppData\Local\Comodo
2013-10-07 12:09 . 2013-10-20 20:05 -------- d-----w- c:\program files (x86)\Comodo
2013-10-07 12:09 . 2013-10-07 12:09 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2013-10-07 12:09 . 2013-10-07 12:09 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2013-10-07 12:09 . 2013-10-07 12:09 -------- d-----w- c:\programdata\APN
2013-10-07 12:08 . 2013-10-07 12:08 -------- d-----w- c:\program files (x86)\ooVoo
2013-10-07 11:54 . 2013-10-07 12:05 -------- d-----r- c:\program files (x86)\Skype
2013-10-05 17:57 . 2013-10-05 17:57 722880 ----a-w- c:\windows\Counter-Strike 1.6 Standalone Uninstaller.exe
2013-10-05 17:55 . 2013-10-05 17:56 -------- d-----w- c:\program files (x86)\Counter-Strike 1.6 Standalone
2013-10-05 13:46 . 2013-10-15 16:30 -------- d-----w- c:\program files\TeamSpeak 3 Client
2013-10-03 17:41 . 2012-12-15 07:43 -------- d-----w- c:\program files (x86)\hrajcs
2013-10-02 18:42 . 2013-10-02 18:42 -------- d-----w- c:\users\Dominik\AppData\Roaming\SpeedAnalysis2
2013-10-02 18:41 . 2013-10-02 18:41 -------- d-----w- c:\program files (x86)\Haali
2013-10-02 18:41 . 2013-10-02 18:41 -------- d-----w- c:\users\Dominik\AppData\Roaming\zulagames
2013-09-30 12:31 . 2013-10-14 15:13 -------- d-----w- c:\users\Dominik\AppData\Roaming\.minecraft
2013-09-29 10:55 . 2013-09-29 17:34 -------- d-----w- c:\program files (x86)\Music!
2013-09-28 08:23 . 2013-10-21 15:02 -------- d-----w- C:\Counter-Strike 1.6
2013-09-28 07:54 . 2013-09-28 07:54 -------- d-----w- c:\program files (x86)\WB Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-15 08:43 . 2013-03-07 05:06 1754928 ----a-w- c:\windows\system32\dmwu.exe
2013-10-15 08:37 . 2013-03-07 05:06 33792 ----a-w- c:\windows\system32\ImHttpComm.dll
2013-10-10 05:34 . 2012-07-19 16:35 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-09-24 05:03 . 2012-02-05 07:26 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-09-14 12:28 . 2013-09-14 12:28 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-09-09 08:52 . 2012-10-21 12:05 829264 ----a-w- c:\windows\system32\msvcr100.dll
2013-09-09 08:52 . 2012-10-21 12:05 608080 ----a-w- c:\windows\system32\msvcp100.dll
2013-09-03 12:35 . 2011-09-06 18:39 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-10-10 04:06 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-21 15:31 . 2013-08-21 15:31 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-08-21 15:31 . 2013-08-21 15:32 289768 ----a-w- c:\windows\system32\javaws.exe
2013-08-21 15:31 . 2013-08-21 15:31 189416 ----a-w- c:\windows\system32\javaw.exe
2013-08-21 15:31 . 2013-08-21 15:31 188904 ----a-w- c:\windows\system32\java.exe
2013-08-21 15:31 . 2012-06-30 12:22 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-08-21 15:31 . 2012-04-22 14:16 916456 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-21 15:25 . 2013-08-21 15:26 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-21 15:25 . 2012-11-24 09:52 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-08-21 15:25 . 2012-04-14 13:22 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-05 02:25 . 2013-09-13 04:09 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 02:14 . 2013-09-13 04:08 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 02:13 . 2013-09-13 04:08 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 02:13 . 2013-09-13 04:08 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-08-02 02:12 . 2013-09-13 04:08 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-08-02 02:12 . 2013-09-13 04:08 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 6656 ----a-w- c:\windows\system32\apisetschema.dll
2013-08-02 02:12 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:50 . 2013-09-13 04:08 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2013-08-02 01:48 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:09 . 2013-09-13 04:08 338432 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:59 . 2013-09-13 04:08 112640 ----a-w- c:\windows\system32\smss.exe
2013-08-02 00:43 . 2013-09-13 04:08 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 04:08 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-26 02:24 . 2013-09-13 04:08 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-07-26 02:24 . 2013-09-13 04:08 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-07-25 09:25 . 2013-08-14 08:12 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 08:12 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2003-04-30 14:17 . 2012-06-07 19:28 212992 ----a-r- c:\program files (x86)\setup.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{96f454ea-9d38-474f-b504-56193e00c1a5}"= "c:\program files (x86)\uTorrentControl_v6\prxtbuTor.dll" [2012-11-06 183112]
.
[HKEY_CLASSES_ROOT\clsid\{96f454ea-9d38-474f-b504-56193e00c1a5}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4F564F32-5637-006A-76A7-7A786E7484D7}]
2013-10-15 09:14 12240 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{96f454ea-9d38-474f-b504-56193e00c1a5}]
2012-11-06 12:01 183112 ----a-w- c:\program files (x86)\uTorrentControl_v6\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
2013-07-03 11:51 155928 ----a-w- c:\users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-07-04 14:03 1310040 ----a-r- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]
2013-03-12 08:27 120600 ----a-w- c:\users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-07-04 1310040]
"{96f454ea-9d38-474f-b504-56193e00c1a5}"= "c:\program files (x86)\uTorrentControl_v6\prxtbuTor.dll" [2012-11-06 183112]
"{4F564F32-5637-006A-76A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport.dll" [2013-10-15 12240]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{96f454ea-9d38-474f-b504-56193e00c1a5}]
.
[HKEY_CLASSES_ROOT\clsid\{4f564f32-5637-006a-76a7-7a786e7484d7}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1AMPCBOK]
@="{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d}"
[HKEY_CLASSES_ROOT\CLSID\{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d}]
2010-11-04 15:58 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2013-04-22 911040]
"PCSpeedUp"="c:\program files (x86)\Zrychleni Pocitace\PCSUNotifier.exe" [2013-03-07 256808]
"cz.seznam.software.autoupdate"="c:\users\Dominik\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"SDP"="c:\program files (x86)\FilesFrog Update Checker\update_checker.exe" [2013-01-31 201808]
"SpeedUpMyComputer"="c:\program files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe" [2013-07-22 2054776]
"cz.seznam.software.szndesktop"="c:\users\Dominik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-09-15 1052496]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-07-25 20684656]
"ooVoo.exe"="c:\program files (x86)\ooVoo\oovoo.exe" [2013-09-10 35253312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-10-01 2345296]
"msdnfjSrv"="c:\windows\inf\msdnfj.vbe" [2013-08-27 1558]
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-10-15 1673680]
"PCTools FGuard"="c:\program files (x86)\PC Tools Security\BDT\FGuard.exe" [2011-05-20 247760]
.
c:\users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MyPC Backup.lnk - c:\program files (x86)\MyPC Backup\MyPC Backup.exe [2013-7-1 1945128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\persistentroutes]
"62.75.206.182,255.255.255.255,10.0.0.3,1"=""
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~3\SPYWAR~1\st_rsdel.exe \??\c:\programdata\Spyware
.
R1 bdssmldq;bdssmldq; [x]
R1 fgyglvyd;fgyglvyd; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 aswVmm;aswVmm; [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1039unic.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 BackupStack;Computer Backup (MyPC Backup);c:\program files (x86)\MyPC Backup\BackupStack.exe;c:\program files (x86)\MyPC Backup\BackupStack.exe [x]
R4 ICQ Service;ICQ Service; [x]
R4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [x]
R4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S0 aswKbd;aswKbd; [x]
S0 aswRvrt;aswRvrt; [x]
S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys;c:\windows\SYSNATIVE\Drivers\FSPFltd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 APNMCP;Ask Update Service;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools Security\BDT\BDTUpdateService.exe;c:\program files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [x]
S2 IBUpdaterService;IBUpdaterService;c:\windows\system32\dmwu.exe;c:\windows\SYSNATIVE\dmwu.exe [x]
S2 IMPI Updater;IMPI Updater;c:\program files\IMPI\ExtensionUpdaterService.exe;c:\program files\IMPI\ExtensionUpdaterService.exe [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys;c:\windows\SYSNATIVE\DRIVERS\wcmvcam64.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys;c:\windows\SYSNATIVE\DRIVERS\vcsvad.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-21 03:55 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-21 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2011-09-11 09:30]
.
2013-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21 03:54]
.
2013-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21 03:54]
.
2013-10-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job
- c:\users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-11 09:33]
.
2013-10-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job
- c:\users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-11 09:33]
.
2013-10-14 c:\windows\Tasks\PC SpeedUp Service Deactivator.job
- c:\program files (x86)\Zrychleni Pocitace\PCSUSD.exe [2013-02-05 11:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4F564F32-5637-006A-76A7-7A786E7484D7}]
2013-10-15 09:14 13776 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4F564F32-5637-006A-76A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport_x64.dll" [2013-10-15 13776]
.
[HKEY_CLASSES_ROOT\CLSID\{4F564F32-5637-006A-76A7-7A786E7484D7}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-08-30 08:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-08-30 08:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-08-30 08:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1AMPCBOK]
@="{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d}"
[HKEY_CLASSES_ROOT\CLSID\{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d}]
2010-11-04 15:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
"mylbx"="c:\program files\My Lockbox\mylbx.exe" [2011-02-03 1898208]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-13 472984]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\persistentroutes]
"62.75.206.182,255.255.255.255,10.0.0.3,1"=""
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.search.ask.com/?p2=%5EB72%5EYYYYYY% ... 10-07&psv=
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Search the Web
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
IE: {{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - c:\users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId= ... l&tsp=5023
FF - prefs.js: browser.startup.homepage - hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=3C6272F06D29C9A6&affID=119943&tsp=5005
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289075&CUI=UN19882538872423111&UM=1&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyRMeTsoL&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 3c62d8fa00000000000020cf3034591b
FF - user.js: extensions.incredibar_i.instlDay - 15634
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1414:05
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6OyRMeTsoL
FF - user.js: extensions.incredibar_i.upn2n - 92262314060384983
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10674
FF - user.js: extensions.incredibar_i.ppd -
FF - user.js: extensions.privitize.tlbrSrchUrl - hxxp://searchou.com/?id=3c62d8fa00000000000072f06d29c9a6&affilt=5&q=
FF - user.js: extensions.privitize.id - 3c62d8fa00000000000072f06d29c9a6
FF - user.js: extensions.privitize.appId - {301966DF-A84B-4255-AAB9-574B5CE237E4}
FF - user.js: extensions.privitize.instlDay - 15871
FF - user.js: extensions.privitize.vrsn - 1.8.21.6
FF - user.js: extensions.privitize.vrsni - 1.8.21.6
FF - user.js: extensions.privitize.vrsnTs - 1.8.21.617:07
FF - user.js: extensions.privitize.prtnrId - privitize
FF - user.js: extensions.privitize.prdct - privitize
FF - user.js: extensions.privitize.aflt - 5
FF - user.js: extensions.privitize.smplGrp - none
FF - user.js: extensions.privitize.tlbrId - base
FF - user.js: extensions.privitize.instlRef -
FF - user.js: extensions.privitize.dfltLng -
FF - user.js: extensions.privitize.excTlbr - false
FF - user.js: extensions.privitize.ffxUnstlRst - false
FF - user.js: extensions.privitize.admin - false
FF - user.js: extensions.privitize.autoRvrt - false
FF - user.js: extensions.privitize.rvrt - false
FF - user.js: extensions.privitize.hmpg - true
FF - user.js: extensions.privitize.hmpgUrl - hxxp://searchou.com/?id=3c62d8fa00000000000072f06d29c9a6&affilt=5
FF - user.js: extensions.privitize.hpOld0 - hxxp://www.searchnu.com/406?appid=484
FF - user.js: extensions.privitize.dfltSrch - true
FF - user.js: extensions.privitize.srchPrvdr - Search The Web (privitize)
FF - user.js: extensions.privitize.kw_url - hxxp://searchou.com/?q={searchTerms}&id=3c62d8fa00000000000072f06d29c9a6&affilt=5
FF - user.js: extensions.privitize.dnsErr - true
FF - user.js: extensions.privitize.newTab - true
FF - user.js: extensions.privitize.newTabUrl - hxxp://searchou.com/?id=3c62d8fa00000000000072f06d29c9a6&affilt=5
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
BHO-{17E113E6-CD0E-4045-B154-65F0E57959EF} - c:\program files\IMPI\Extension32.dll
BHO-{230b9a15-0695-4130-93b8-a93d4f5df8ae} - (no file)
BHO-{377e5d4d-77e5-476a-8716-7e70a9272da0} - c:\progra~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
BHO-{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
BHO-{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - c:\program files (x86)\StartSearch plugin\ssBarLcher.dll
BHO-{db0cf5d9-13eb-435e-9db3-4a8aaf4c75ce} - (no file)
Toolbar-{17f24f6d-0284-4a62-a3b7-fca9f2084af4} - (no file)
Toolbar-{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - c:\program files (x86)\StartSearch plugin\ssBarLcher.dll
Toolbar-{46897C77-E7A6-4c33-BFFB-E9C2E2718942} - c:\program files (x86)\Mp3Tube Toolbar\mp3tubetb.DLL
Toolbar-10 - (no file)
Toolbar-{F9639E4A-801B-4843-AEE3-03D9DA199E77} - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
Toolbar-{377e5d4d-77e5-476a-8716-7e70a9272da0} - c:\progra~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
ShellIconOverlayIdentifiers-{4d87b7a7-23f1-470c-aa45-96b25b9bd138} - (no file)
Wow6432Node-HKCU-Run-Clownfish - c:\program files (x86)\Clownfish\Clownfish.exe
Wow6432Node-HKCU-Run-Tiny download manager - c:\users\Dominik\AppData\Local\DM\TinyDM.exe
Wow6432Node-HKCU-Run-Overwolf - c:\program files (x86)\Overwolf\Overwolf.exe
Wow6432Node-HKLM-Run-Adobe Creative Cloud - c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
WebBrowser-{96F454EA-9D38-474F-B504-56193E00C1A5} - (no file)
ShellIconOverlayIdentifiers-{4d87b7a7-23f1-470c-aa45-96b25b9bd138} - (no file)
AddRemove-Adobe Creative Cloud - c:\program files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe
AddRemove-AV Voice Changer Software 7.0 - c:\progra~2\AVVCS7~1.0\UNWISE.EXE
AddRemove-Counter Strike 1.6 NonSteam Patch-v28 ZbotMod + ~BDADFDB1_is1 - c:\program files (x86)\Valve\unins000.exe
AddRemove-Delta Chrome Toolbar - c:\users\Dominik\AppData\Roaming\BabSolution\Shared\GUninstaller.exe
AddRemove-Homepage Protection Service - c:\program files (x86)\Mp3Tube Toolbar\uninstall.exe
AddRemove-incredibar - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
AddRemove-IspAssistant-Mp3Tube - c:\program files (x86)\Mp3Tube Toolbar\uninstall.exe
AddRemove-LiveVDO plugin - c:\program files (x86)\StartSearch plugin\uninst.exe
AddRemove-Mp3Tube Toolbar - c:\program files (x86)\Mp3Tube Toolbar\uninstall.exe
AddRemove-WinGimp-2.0_is1 - c:\program files (x86)\GIMP-2.0\setup\unins000.exe
AddRemove-zulagames - c:\program files (x86)\ZulaGames\uninst.exe
AddRemove-{6889EE56-1816-4E89-94DF-9F56E7804039}_is1 - c:\program files (x86)\Valve\unins000.exe
AddRemove-{6F31F376-65E0-4A33-9E91-01218BFCDD6B}_is1 - c:\program files (x86)\Counter-Strike Source\unins000.exe
AddRemove-Counter-Strike 1.6 v42b instalace - c:\users\Dominik\Desktop\Server1\Uninstal.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2071916412-1336065733-774511312-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:96,d2,bc,7c,5c,25,4a,d8,c3,fa,db,fa,42,0f,ad,24,6d,62,26,4f,32,f4,ec,
fc,6f,fb,78,93,80,d7,5e,8a,0d,0e,9d,5c,52,05,81,98,44,2a,f7,67,d8,d9,ee,4b,\
"??"=hex:41,4c,c7,73,4a,a1,b8,12,56,08,27,18,87,e6,75,b2
.
[HKEY_USERS\S-1-5-21-2071916412-1336065733-774511312-1000\Software\SecuROM\License information*]
"datasecu"=hex:1d,c0,37,a7,d0,95,bd,ee,44,ec,54,82,5e,a3,82,00,e1,e9,88,3e,a6,
a5,b7,06,7f,44,b9,c9,3b,66,a8,d0,ee,ea,39,b6,8e,a7,55,ff,1c,7d,6e,b8,81,bd,\
"rkeysecu"=hex:61,bf,47,78,7d,d4,08,74,0b,e3,f5,9f,ec,52,a8,bf
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\jmdp\stij.exe
.
**************************************************************************
.
Celkový čas: 2013-10-21 20:52:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-21 18:52
.
Před spuštěním: Volných bajtů: 282 695 331 840
Po spuštění: Volných bajtů: 285 784 375 296
.
- - End Of File - - 80B0E0F27BE63A239BFE903628E57936
A36C5E4F47E84449FF07ED3517B43A31

Ted vse co otevru tak mi skáče toto: Pokus pouzít operaci na klíč registru, ktery Je oznacen pro odstranení.

Rkill
Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/21/2013 09:04:55 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\system32\dmwu.exe (PID: 1124) [Sweetpacks-Adware]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/21/2013 09:05:50 PM
Execution time: 0 hours(s), 0 minute(s), and 54 seconds(s)

#8 Příspěvek od **vyosek** » 21 říj 2013 20:57

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

AlohaAnty · #9 Příspěvek od **AlohaAnty** » 21 říj 2013 21:48

# AdwCleaner v3.010 - Report created 21/10/2013 at 22:41:47
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Dominik - DOMINIK-PC
# Running from : C:\Users\Dominik\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : APNMCP
[#] Service Deleted : BackupStack
[#] Service Deleted : IBUpdaterService
[#] Service Deleted : ICQ Service

***** [ Files / Folders ] *****

[#] Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\DSearchLink
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Program Files (x86)\Gophoto.it
Folder Deleted : C:\Program Files (x86)\uTorrentControl_v6
Folder Deleted : C:\Windows\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Folder Deleted : C:\Windows\SysWOW64\jmdp
Folder Deleted : C:\Users\Dominik\AppData\Local\PackageAware
Folder Deleted : C:\Users\Dominik\AppData\Local\RavenBleuSA
Folder Deleted : C:\Users\Dominik\AppData\LocalLow\uTorrentControl_v6
Folder Deleted : C:\Users\Dominik\AppData\Roaming\SpeedAnalysis2
Folder Deleted : C:\Users\Dominik\AppData\Roaming\SpeedAnalysis3
Folder Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\ICQToolbarData
Folder Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\SweetIMToolbarData
Folder Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\CT3289075
Folder Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
Folder Deleted : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjajpkikblccgefaibcafkfbanllpefi
File Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\Extensions\gophoto@gophoto.it.xpi
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Dominik\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
File Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Windows\System32\Tasks\LaunchApp

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\boipimhfjpakfgckhbljjengakjhkcbp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gflandjopdloblmlcoiidmncpinmmacn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKCU\Software\5855d8dbe034ba10
Key Deleted : HKLM\SOFTWARE\5855d8dbe034ba10
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{46897C77-E7A6-4C33-BFFB-E9C2E2718942}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ACE0D5AB-50C8-4052-BD02-977569E56291}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD90659F-D5B2-4104-9504-7CA36E6532DF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0771C34F-730F-4535-AD4C-37B74D27188E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CD90659F-D5B2-4104-9504-7CA36E6532DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BED63BEE-904D-4A80-9EDE-8EF890CAF972}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48FED886-FDD9-4645-A5E3-8D2B65DF508F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{46897C77-E7A6-4C33-BFFB-E9C2E2718942}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\vShare.tv
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKCU\Software\AppDataLow\Software\Mp3Tube
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v6
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\incredibar.com
Key Deleted : HKLM\Software\Mp3Tube
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Uniblue\DriverScanner
Key Deleted : HKLM\Software\uTorrentControl_v6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IspAssistant-Mp3Tube
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LiveVDO plugin
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v6 Toolbar
Key Deleted : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v7.0.1 (cs)

[ File : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\prefs.js ]

Line Deleted : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253", "\"a02f3558a706b2ac5a476d5c98d28fd23\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1463702/1459356/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", "\"1336063965\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.8", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"80b45d28468cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253", "\"ccd90dbc0806c30e56e17c4594b38942\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"05d53fb8f8873c61b9e9aad33d992683\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Dominik\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\loc3dukj.default\\conduitCommon\\modules\\3.15.1.0");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId= ... l&tsp=5023");
Line Deleted : user_pref("extensions.basicscan.init", true);
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.defSearchChange", true);
Line Deleted : user_pref("icqtoolbar.engineVerified", true);
Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1361338617);
Line Deleted : user_pref("icqtoolbar.history", "x||Gate%20kalhoty%20modre||%C3%BAzke%20d%C5%BE%C3%ADny%20panske||Jeans%20Blue||%C3%BAzk%C3%A9%20kalhoty||golf||mal%C3%BD%20penis||RecycledCarrey||xteen%20Recycled||xte[...]
Line Deleted : user_pref("icqtoolbar.hpChange", true);
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1346991471");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "7.0.1");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "131818408113181843211318345226759");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1361899730);
Line Deleted : user_pref("icqtoolbar.userEngineApproved", true);
Line Deleted : user_pref("icqtoolbar.userHpApproved", true);
Line Deleted : user_pref("icqtoolbar.version", "1.5.3");
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.newtab.url", "hxxp://www.searchgol.com/?babsrc=NT_ss&mntrId= ... l&tsp=5023");

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [28718 octets] - [21/10/2013 22:40:51]
AdwCleaner[S0].txt - [28556 octets] - [21/10/2013 22:41:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [28617 octets] ##########

......

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:2)
OS: Windows 7 Home Premium x64
Ran by Dominik on po 21.10.2013 at 22:33:02,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.incredibaresrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.incredibaresrvc.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\icq service.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\somoto
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startsearch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wnlt
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2071916412-1336065733-774511312-1000\Software\IB Updater
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2071916412-1336065733-774511312-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\ib updater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wnlt
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\i
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibarapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibarapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\speedupmypc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\mypc backup
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\delta chrome toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\filesfrog update checker
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\homepage protection service
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mp3tube toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\speedupmycomputer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\wnlt
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b49962af-cab9-44de-8729-a4369f44ba0d}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\ib updater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\ilividsrtb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\babylontoolbarsrv_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\babylontoolbarsrv_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\bundlesweetimsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\bundlesweetimsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\datamngrui_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\datamngrui_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\i want this_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\i want this_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ilividsetupv1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ilividsetupv1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iminent_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iminent_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iminentsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iminentsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\incredibartoolbar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\incredibartoolbar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\searchqumediabar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\searchqumediabar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\setupdatamngr_searchqu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\setupdatamngr_searchqu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3289075
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\taskhost_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\taskhost_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNToolbarInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNToolbarInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_hamachi (1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_hamachi (1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_hamachi (2)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_hamachi (2)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_kmplayer_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_kmplayer_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_lego-star-wars-ii_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_lego-star-wars-ii_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{38588697-DF91-49A7-A3C6-20A9424DD35D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3903698E-2508-4113-AFFA-815EF455702D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3f0fe2d9-6c46-496d-8396-d24663fbe260}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{61814745-12EE-40AF-9A80-888435646E6D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7C6F1E3C-EFCB-4186-9EE8-C41E9A6DD969}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7D4926A0-5F1E-4F8B-A8EC-96AA277A553A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{942F05B1-2AFF-4AA9-912D-967DEBF9FCAB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E4ADFCEE-C57F-471A-A1FD-0757C1F751C6}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{3f0fe2d9-6c46-496d-8396-d24663fbe260}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{7C6F1E3C-EFCB-4186-9EE8-C41E9A6DD969}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{9945959c-aad8-4312-8b57-2de11927e770}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{6978f29a-3493-40b2-8cdc-9c13a02f85a4}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{d7949a66-d936-4028-9552-14f7dc50f38d}"

~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\pc speedup service deactivator.job"
Successfully deleted: [File] "C:\Users\Dominik\appdata\locallow\SkwConfig.bin"
Failed to delete: [File] "C:\Windows\system32\dmwu.exe"
Failed to delete: [File] "C:\Windows\system32\ImHttpComm.dll"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\ProgramData\saveas"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Dominik\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Dominik\AppData\Roaming\crmixidjtb"
Successfully deleted: [Folder] "C:\Users\Dominik\AppData\Roaming\delta"
Successfully deleted: [Folder] "C:\Users\Dominik\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\Dominik\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\Dominik\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Dominik\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\Dominik\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Dominik\AppData\Roaming\zulagames"
Successfully deleted: [Folder] "C:\Users\Dominik\appdata\local\apn"
Successfully deleted: [Folder] "C:\Users\Dominik\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Dominik\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Dominik\appdata\local\ilivid"
Successfully deleted: [Folder] "C:\Users\Dominik\appdata\local\ilivid player"
Successfully deleted: [Folder] "C:\Users\Dominik\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\Dominik\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Dominik\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\Dominik\appdata\locallow\mp3tube toolbar"
Successfully deleted: [Folder] "C:\Users\Dominik\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\Dominik\appdata\locallow\saveas"
Successfully deleted: [Folder] "C:\Users\Dominik\appdata\locallow\sweetim"
Successfully deleted: [Folder] "C:\Users\Dominik\appdata\locallow\toolbar4"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\filesfrog update checker"
Successfully deleted: [Folder] "C:\Program Files (x86)\goforfiles"
Successfully deleted: [Folder] "C:\Program Files (x86)\iminent"
Successfully deleted: [Folder] "C:\Program Files (x86)\iminent toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Successfully deleted: [Folder] "C:\Program Files (x86)\perion"
Successfully deleted: [Folder] "C:\Program Files (x86)\search results toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\smarttweak"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\umbrella"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saveas"
Successfully deleted: [Folder] "C:\Users\Dominik\AppData\Roaming\microsoft\windows\start menu\programs\filesfrog update checker"
Successfully deleted: [Folder] "C:\Users\Dominik\AppData\Roaming\microsoft\windows\start menu\programs\mypc backup"
Successfully deleted: [Folder] "C:\Users\Dominik\AppData\Roaming\microsoft\windows\start menu\programs\smarttweak software"
Successfully deleted: [Folder] "C:\Users\Dominik\AppData\Roaming\microsoft\windows\start menu\programs\torntv.com"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Folder] "C:\Windows\syswow64\arfc"
Failed to delete: [Folder] "C:\Windows\syswow64\jmdp"
Successfully deleted: [Folder] "C:\Windows\syswow64\wnlt"
Successfully deleted: [Folder] "C:\Windows\system32\arfc"
Failed to delete: [Folder] "C:\Windows\system32\ljkb"
Successfully deleted: [Folder] "C:\Users\Dominik\documents\pcspeedup"
Successfully deleted: [Empty Folder] C:\Users\Dominik\appdata\local\{38D7AF1A-A70D-4EE0-A54F-CA23B4E669C7}
Successfully deleted: [Folder] "C:\ProgramData\ask"
Successfully deleted: [Folder] "C:\ProgramData\AskPartnerNetwork"
Successfully deleted: [Folder] "C:\Program Files (x86)\ask.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\askpartnernetwork"
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"

~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\ask.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\mp3tube.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search_results.xml"
Successfully deleted: [File] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\user.js
Successfully deleted: [File] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\extensions\{eee6c361-6118-11dc-9c72-001320c79847}.xpi
Successfully deleted: [File] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\searchplugins\ask.xml
Successfully deleted: [File] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\searchplugins\babylon.xml
Successfully deleted: [File] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\searchplugins\browserprotect.xml
Successfully deleted: [File] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\searchplugins\mystart search.xml
Successfully deleted: [File] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\searchplugins\privitize.xml
Successfully deleted: [File] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\searchplugins\search.xml
Successfully deleted: [File] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\searchplugins\search_results.xml
Successfully deleted: [File] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\searchplugins\startsear.xml
Successfully deleted: [File] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\searchplugins\sweetim.xml
Successfully deleted: [File] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\searchplugins\websearch.xml
Successfully deleted: [Folder] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\conduitcommon
Successfully deleted: [Folder] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\smartbar
Successfully deleted: [Folder] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\sweetpackstoolbardata
Successfully deleted: [Folder] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\extensions\ffxtlbr@babylon.com
Successfully deleted: [Folder] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\extensions\ffxtlbr@incredibar.com
Successfully deleted: [Folder] C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions\\webbooster@iminent.com
Successfully deleted the following from C:\Users\Dominik\AppData\Roaming\mozilla\firefox\profiles\loc3dukj.default\prefs.js

user_pref("CT3072253..clientLogIsEnabled", true);
user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
user_pref("CT3072253.BrowserCompStateIsOpen_1359634299000", true);
user_pref("CT3072253.CTID", "CT3072253");
user_pref("CT3072253.CurrentServerDate", "26-2-2013");
user_pref("CT3072253.DSChangedManually", false);
user_pref("CT3072253.DSInstall", true);
user_pref("CT3072253.DSProtectChoice", true);
user_pref("CT3072253.DSProtectCount", 11);
user_pref("CT3072253.DialogsAlignMode", "LTR");
user_pref("CT3072253.DialogsGetterLastCheckTime", "Tue Feb 26 2013 18:28:49 GMT+0100");
user_pref("CT3072253.DownloadReferralCookieData", "");
user_pref("CT3072253.FirstServerDate", "25-5-2012");
user_pref("CT3072253.FirstTime", true);
user_pref("CT3072253.FirstTimeFF3", true);
user_pref("CT3072253.FixPageNotFoundErrors", true);
user_pref("CT3072253.GroupingServerCheckInterval", 1440);
user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT3072253.HPInstall", false);
user_pref("CT3072253.HasUserGlobalKeys", true);
user_pref("CT3072253.HomePageProtectorEnabled", false);
user_pref("CT3072253.HomepageBeforeUnload", "hxxp://search.babylon.com/?babsrc=HP_Prot");
user_pref("CT3072253.Initialize", true);
user_pref("CT3072253.InitializeCommonPrefs", true);
user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
user_pref("CT3072253.InstallationId", "fft8481.tmp.exe");
user_pref("CT3072253.InstallationType", "XPE");
user_pref("CT3072253.InstalledDate", "Fri May 25 2012 15:12:47 GMT+0200");
user_pref("CT3072253.IsAlertDBUpdated", true);
user_pref("CT3072253.IsGrouping", false);
user_pref("CT3072253.IsInitSetupIni", true);
user_pref("CT3072253.IsMulticommunity", false);
user_pref("CT3072253.IsOpenThankYouPage", true);
user_pref("CT3072253.IsOpenUninstallPage", true);
user_pref("CT3072253.IsProtectorsInit", true);
user_pref("CT3072253.LanguagePackLastCheckTime", "Tue Feb 26 2013 18:28:49 GMT+0100");
user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT3072253.LastLogin_3.12.0.7", "Fri May 25 2012 15:12:49 GMT+0200");
user_pref("CT3072253.LastLogin_3.12.0.8", "Mon Jun 04 2012 18:02:21 GMT+0200");
user_pref("CT3072253.LastLogin_3.13.0.6", "Fri Jul 27 2012 19:02:29 GMT+0200");
user_pref("CT3072253.LastLogin_3.15.1.0", "Tue Feb 26 2013 18:28:50 GMT+0100");
user_pref("CT3072253.LatestVersion", "3.18.0.7");
user_pref("CT3072253.Locale", "en");
user_pref("CT3072253.MCDetectTooltipHeight", "83");
user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT3072253.MCDetectTooltipWidth", "295");
user_pref("CT3072253.MyStuffEnabledAtInstallation", true);
user_pref("CT3072253.OriginalFirstVersion", "3.12.0.7");
user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
user_pref("CT3072253.SearchEngineBeforeUnload", "Search the web (Babylon)");
user_pref("CT3072253.SearchFromAddressBarIsInit", true);
user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=");
user_pref("CT3072253.SearchInNewTabEnabled", true);
user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
user_pref("CT3072253.SearchInNewTabLastCheckTime", "Tue Feb 26 2013 18:28:48 GMT+0100");
user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
user_pref("CT3072253.SearchProtectorEnabled", false);
user_pref("CT3072253.SearchProtectorToolbarDisabled", false);
user_pref("CT3072253.SendProtectorDataViaLogin", true);
user_pref("CT3072253.ServiceMapLastCheckTime", "Tue Feb 26 2013 18:28:49 GMT+0100");
user_pref("CT3072253.SettingsLastCheckTime", "Tue Feb 26 2013 18:28:48 GMT+0100");
user_pref("CT3072253.SettingsLastUpdate", "1361889716");
user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Sat Feb 23 2013 12:03:14 GMT+0100");
user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1331805997");
user_pref("CT3072253.ToolbarShrinkedFromSetup", false);
user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253");
user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT3072253.UserID", "UN08382473873624696");
user_pref("CT3072253.alertChannelId", "1463702");
user_pref("CT3072253.autoDisableScopes", -1);
user_pref("CT3072253.backendstorage.bt_stats", "7B226C6173745F6C6F67223A313336313839393735322C2275756964223A3430353639343131363637363532382C227365715F6964223A362C22737362223A3
user_pref("CT3072253.backendstorage.cbcountry_000", "435A");
user_pref("CT3072253.backendstorage.cbcountry_001", "435A");
user_pref("CT3072253.backendstorage.cbfirsttime", "467269204D617920323520323031322031353A31323A353120474D542B30323030");
user_pref("CT3072253.backendstorage.cbopenmamsettings", "30");
user_pref("CT3072253.backendstorage.searchappstate", "33");
user_pref("CT3072253.backendstorage.searchapptracking", "73656E74");
user_pref("CT3072253.backendstorage.url_history0001", "687474703A2F2F7777772E787465656E2E637A2F757A69766174656C2D32333239392D74796772696B3A3A3A636C69636B68616E646C65723A3A3A31
user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Wed Feb 20 2013 06:37:00 GMT+0100");
user_pref("CT3072253.homepageProtectorEnableByLogin", true);
user_pref("CT3072253.initDone", true);
user_pref("CT3072253.isAppTrackingManagerOn", false);
user_pref("CT3072253.myStuffEnabled", true);
user_pref("CT3072253.myStuffPublihserMinWidth", 400);
user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT3072253.navigateToUrlOnSearch", false);
user_pref("CT3072253.oldAppsList", "129295695672325902,129571859753931591,111,129593762370823811,129805375651312503,129749445881800338,129573915102477663,1000080,1000515,1000,
user_pref("CT3072253.revertSettingsEnabled", true);
user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
user_pref("CT3072253.searchProtectorEnableByLogin", true);
user_pref("CT3072253.testingCtid", "");
user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Tue Feb 26 2013 18:28:49 GMT+0100");
user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Wed Feb 20 2013 06:36:59 GMT+0100");
user_pref("CT3072253.usagesFlag", 2);
user_pref("CommunityToolbar.ConduitSearchList", "uTorrentControl2 Customized Web Search");
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253", "\"a02f3558a706b2ac5a476d5c98d28fd23\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1463702/1459356/CZ", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", "\"1336063965\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "G9mW7heT/8xIX1frcduu0A==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "mfQ70fvlD2zuBxSBj8rQqA==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "UgzXjW7BIkfdx+x39Ruv3w==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "FqddrIU7eyJgaaLyHDeVMQ==");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.8", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"80b45d28468cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253", "\"ccd90dbc0806c30e56e17c4594b38942\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"05d53fb8f8873c61b9e9aad33d992683\"");
user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Dominik\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\loc3dukj.default\\conduitCommon\\modules\\3.15.1.0");
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0");
user_pref("CommunityToolbar.ToolbarsList", "CT3072253");
user_pref("CommunityToolbar.ToolbarsList2", "CT3072253");
user_pref("CommunityToolbar.ToolbarsList4", "CT3072253");
user_pref("CommunityToolbar.globalUserId", "ee480f17-4c19-467b-ad04-06826fbd41bc");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Feb 20 2013 06:37:00 GMT+0100");
user_pref("CommunityToolbar.notifications.alertEnabled", true);
user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Feb 26 2013 18:29:03 GMT+0100");
user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Feb 26 2013 18:28:55 GMT+0100");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "5818cc94-230d-4f12-b91e-d4964a9f72b5");
user_pref("CommunityToolbar.originalHomepage", "hxxp://search.babylon.com/?babsrc=HP_Prot");
user_pref("CommunityToolbar.originalSearchEngine", "Ask.com");
user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
user_pref("browser.search.selectedEngine,S", "WebSearch");
user_pref("extensions.5088229c8fe61.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.locatio
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.babTrack", "affID=100489");
user_pref("extensions.BabylonToolbar.bbDpng", 26);
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.dfltSrch", true);
user_pref("extensions.BabylonToolbar.hmpg", true);
user_pref("extensions.BabylonToolbar.id", "3c62d8fa00000000000020cf3034591b");
user_pref("extensions.BabylonToolbar.instlDay", "15246");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3c62d8fa00000000000020cf3034591b&tlver=1.4.35.10&affID=100489
user_pref("extensions.BabylonToolbar.lastDP", 26);
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.35.1019:05:17");
user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "7.0");
user_pref("extensions.BabylonToolbar.newTab", true);
user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_FFUP");
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.propectorlck", 100459734);
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.ptch_0717", true);
user_pref("extensions.BabylonToolbar.smplGrp", "azb");
user_pref("extensions.BabylonToolbar.srcExt", "ss");
user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)");
user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar.vrsn", "1.4.35.10");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.4.35.1019:05:17");
user_pref("extensions.DotSpot_2k.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensearch.jhtml?id=YYman000&ptnrS=YYman000&ptb=126C5E66-FB7D-4B15-8034-B45E325FD2E
user_pref("extensions.crossrider.bic", "13824628e6ccd81429152d2f7f16c297");
user_pref("extensions.incredibar.admin", false);
user_pref("extensions.incredibar.aflt", "orgnl");
user_pref("extensions.incredibar.cntry", "CZ");
user_pref("extensions.incredibar.dfltLng", "");
user_pref("extensions.incredibar.dfltSrch", false);
user_pref("extensions.incredibar.did", "10674");
user_pref("extensions.incredibar.envrmnt", "production");
user_pref("extensions.incredibar.excTlbr", false);
user_pref("extensions.incredibar.hdrMd5", "B016F7EC8C4A24FF05AB631381A4FD50");
user_pref("extensions.incredibar.hmpg", false);
user_pref("extensions.incredibar.id", "3c62d8fa00000000000020cf3034591b");
user_pref("extensions.incredibar.installerproductid", "26");
user_pref("extensions.incredibar.instlDay", "15634");
user_pref("extensions.incredibar.instlRef", "");
user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1414:05:30");
user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
user_pref("extensions.incredibar.newTab", false);
user_pref("extensions.incredibar.noFFXTlbr", false);
user_pref("extensions.incredibar.ppd", "");
user_pref("extensions.incredibar.prdct", "incredibar");
user_pref("extensions.incredibar.productid", "26");
user_pref("extensions.incredibar.prtnrId", "Incredibar");
user_pref("extensions.incredibar.sg", "none");
user_pref("extensions.incredibar.smplGrp", "none");
user_pref("extensions.incredibar.tlbrId", "base");
user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyRMeTsoL&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar.upn2", "6OyRMeTsoL");
user_pref("extensions.incredibar.upn2n", "92262314060384983");
user_pref("extensions.incredibar.vrsn", "1.5.11.14");
user_pref("extensions.incredibar.vrsnTs", "1.5.11.1414:05:30");
user_pref("extensions.incredibar.vrsni", "1.5.11.14");
user_pref("extensions.incredibar_i.aflt", "orgnl");
user_pref("extensions.incredibar_i.dfltLng", "");
user_pref("extensions.incredibar_i.did", "10674");
user_pref("extensions.incredibar_i.excTlbr", false);
user_pref("extensions.incredibar_i.id", "3c62d8fa00000000000020cf3034591b");
user_pref("extensions.incredibar_i.installerproductid", "26");
user_pref("extensions.incredibar_i.instlDay", "15634");
user_pref("extensions.incredibar_i.instlRef", "");
user_pref("extensions.incredibar_i.ms_url_id", "");
user_pref("extensions.incredibar_i.newTab", false);
user_pref("extensions.incredibar_i.ppd", "");
user_pref("extensions.incredibar_i.prdct", "incredibar");
user_pref("extensions.incredibar_i.productid", "26");
user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
user_pref("extensions.incredibar_i.smplGrp", "none");
user_pref("extensions.incredibar_i.tlbrId", "base");
user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6OyRMeTsoL&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar_i.upn2", "6OyRMeTsoL");
user_pref("extensions.incredibar_i.upn2n", "92262314060384983");
user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1414:05:30");
user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
user_pref("sweetim.toolbar.RevertDialog.enable", "false");
user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
user_pref("sweetim.toolbar.Visibility.enable", "true");
user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
user_pref("sweetim.toolbar.cargo", "3.1010000.00000");
user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
user_pref("sweetim.toolbar.dialogs.0.enable", "true");
user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
user_pref("sweetim.toolbar.dialogs.0.height", "335");
user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote ... crg=$cargo;");
user_pref("sweetim.toolbar.dialogs.0.width", "761");
user_pref("sweetim.toolbar.dialogs.1.enable", "true");
user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
user_pref("sweetim.toolbar.dialogs.1.height", "300");
user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
user_pref("sweetim.toolbar.dialogs.1.width", "500");
user_pref("sweetim.toolbar.dialogs.2.enable", "true");
user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
user_pref("sweetim.toolbar.dialogs.2.height", "150");
user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
user_pref("sweetim.toolbar.dialogs.2.width", "530");
user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube
user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.mode.debug", "false");
user_pref("sweetim.toolbar.newtab.created", "true");
user_pref("sweetim.toolbar.newtab.enable", "true");
user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://websearch.mocaflix.com/?l=1&q=");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Ask.com");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://search.iminent.com/?appId=8654D15A-4319-4BB7-A0CE-F792AD72C48F");
user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... crg=$cargo;");
user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.0.enable", "false");
user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.2.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.2.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.2.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.2.enable", "false");
user_pref("sweetim.toolbar.scripts.2.id", "id_script_fb_hxxpS");
user_pref("sweetim.toolbar.scripts.2.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.scripts.3.addcontextdiv", "false");
user_pref("sweetim.toolbar.scripts.3.callback", "");
user_pref("sweetim.toolbar.scripts.3.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
user_pref("sweetim.toolbar.scripts.3.domain-whitelist", "");
user_pref("sweetim.toolbar.scripts.3.elementid", "id_predict_include_script");
user_pref("sweetim.toolbar.scripts.3.enable", "false");
user_pref("sweetim.toolbar.scripts.3.id", "id_script_prad");
user_pref("sweetim.toolbar.scripts.3.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://sear
user_pref("sweetim.toolbar.search.history.capacity", "10");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "0");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "0");
user_pref("sweetim.toolbar.searchguard.enable", "true");
user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
user_pref("sweetim.toolbar.simapp_id", "{57C66490-E795-11E0-AAB1-20CF3034591B}");
user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.00000&barid={57C66490-E795-11E0-AAB1-20CF3034591B}");
user_pref("sweetim.toolbar.version", "1.9.0.0");
user_pref("CT3289075.autoDisableScopes", -1);
user_pref("CT3289075.UserID", "UN19882538872423111");
user_pref("CT3289075.installDate", "8/3/2013 18:31:16");
user_pref("CT3289075.FF19Solved", "true");
user_pref("smartbar.originalHomepage", "hxxp://www.delta-search.com/?affID=119816&tt=2 ... f06d29c9a6");
user_pref("CT3289075.smartbar.homepage", "true");
user_pref("browser.startup.homepage", "hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=3C6272F06D29C9A6&affID=119943&tsp=5005");
user_pref("CT3289075.startPageXPETakeover", "true");
user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3289075&CUI=UN19882538872423111&UM=1&SearchSource=13");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289075&CUI=UN19882538872423111&UM=1&SearchSource=3&q={searchTerms}");
user_pref("browser.search.defaultthis.engineName", "uTorrentControl_v6 Customized Web Search");
user_pref("CT3289075.browser.search.defaultthis.engineName", "true");
user_pref("CT3289075.defaultSearchXPETakeover", "true");
user_pref("smartbar.originalSearchEngine", "Delta Search");
user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=");
user_pref("CT3289075.keyword", "true");
user_pref("CT3289075.addressUrlXPETakeover", "true");
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289075&SearchSource=2&CUI=UN19882538872423111&UM=1&q=");

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Dominik\appdata\local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Successfully deleted: [Folder] C:\Users\Dominik\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Google\Chrome\Extensions\niogeckbkdcabhnapjbkeiklablhjoca

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 21.10.2013 at 22:40:04,22
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#10 Příspěvek od **vyosek** » 21 říj 2013 21:58

Poprosim o log z DDS http://forum.viry.cz/viewtopic.php?f=13&t=125171

AlohaAnty · #11 Příspěvek od **AlohaAnty** » 22 říj 2013 05:27

AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
C:\Program Files\IMPI\ExtensionUpdaterService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\My Lockbox\mylbx.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Users\Dominik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\Dominik\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\osk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: PC Tools Browser Guard: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: IMPI: {17E113E6-CD0E-4045-B154-65F0E57959EF} -
BHO: {230b9a15-0695-4130-93b8-a93d4f5df8ae} - <orphaned>
BHO: PC Tools Browser Guard BHO: {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
BHO: Oovoo Toolbar: {4F564F32-5637-006A-76A7-7A786E7484D7} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Rich Media Downloader: {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: {db0cf5d9-13eb-435e-9db3-4a8aaf4c75ce} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Rich Media Player: {FEB703F7-E7B2-4AB0-9566-87658AC70095} - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Oovoo Toolbar: {4F564F32-5637-006A-76A7-7A786E7484D7} -
TB: PC Tools Browser Guard: {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
uRun: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [cz.seznam.software.autoupdate] "C:\Users\Dominik\AppData\Roaming\Seznam.cz\szninstall.exe" -c
uRun: [cz.seznam.software.szndesktop] "C:\Users\Dominik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [msdnfjSrv] C:\Windows\inf\msdnfj.vbe
mRun: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Search the Web - <no file>
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{3D2CABB7-47D3-4DEF-BEAA-AF7B70BF7171} : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{3D2CABB7-47D3-4DEF-BEAA-AF7B70BF7171}\072716368656E6136343 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{3D2CABB7-47D3-4DEF-BEAA-AF7B70BF7171}\3545B414D4 : DHCPNameServer = 192.168.123.254
TCP: Interfaces\{3D2CABB7-47D3-4DEF-BEAA-AF7B70BF7171}\54B6F6E6F6D6B616 : DHCPNameServer = 192.168.1.1 192.168.1.254
TCP: Interfaces\{3D2CABB7-47D3-4DEF-BEAA-AF7B70BF7171}\94E666F627D6164796B616 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{3D2CABB7-47D3-4DEF-BEAA-AF7B70BF7171}\B41646C65636F66716 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{3D2CABB7-47D3-4DEF-BEAA-AF7B70BF7171}\D4F6E696B616 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{E1F67B74-8A63-450C-B403-FDCCC82A1F2F} : DHCPNameServer = 10.0.0.138
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Oovoo Toolbar: {4F564F32-5637-006A-76A7-7A786E7484D7} -
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Oovoo Toolbar: {4F564F32-5637-006A-76A7-7A786E7484D7} -
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [mylbx] C:\Program Files\My Lockbox\mylbx.exe /a
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\
FF - prefs.js: network.proxy.type - 0
.
============= SERVICES / DRIVERS ===============
.
R0 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-11-9 22600]
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-4-11 65336]
R0 FSProFilter;FSPro File Filter;C:\Windows\System32\drivers\FSPFltd.sys [2013-9-20 54848]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-11-9 1025808]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-11-9 377920]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-11-9 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-11-9 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-4-11 45248]
R2 Browser Defender Update Service;Browser Defender Update Service;C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [2013-10-20 337872]
R2 IMPI Updater;IMPI Updater;C:\Program Files\IMPI\ExtensionUpdaterService.exe [2013-2-24 185856]
R2 sp_rsdrv2;Spyware Terminator Driver Filter;C:\Windows\System32\drivers\stflt.sys [2012-10-28 51496]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2013-9-4 2271608]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-2-23 2886528]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-11-2 2365792]
R2 WCMVCAM;WebcamMax, WDM Video Capture;C:\Windows\System32\drivers\wcmvcam64.sys [2011-6-23 1071032]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-6-7 283200]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-9-11 140800]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);C:\Windows\System32\drivers\vcsvad.sys [2013-7-7 21504]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2011-9-11 1222144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-10-1 2746704]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-7-25 162672]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-8-21 44032]
S3 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-4-11 178624]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2012-10-28 31800]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);C:\Windows\System32\drivers\s1039bus.sys [2010-3-1 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;C:\Windows\System32\drivers\s1039mdfl.sys [2010-3-1 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;C:\Windows\System32\drivers\s1039mdm.sys [2010-3-1 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);C:\Windows\System32\drivers\s1039mgmt.sys [2010-3-1 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);C:\Windows\System32\drivers\s1039nd5.sys [2010-3-1 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;C:\Windows\System32\drivers\s1039obex.sys [2010-3-1 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);C:\Windows\System32\drivers\s1039unic.sys [2010-3-1 158320]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-9-10 59392]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-9-14 1255736]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2012-8-23 14544]
S4 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2012-10-28 1148664]
.
=============== Created Last 30 ================
.
2013-10-21 20:40:49 -------- d-----w- C:\AdwCleaner
2013-10-21 20:22:23 -------- d-----w- C:\Windows\ERUNT
2013-10-21 19:10:01 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-10-21 19:10:01 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-10-21 19:10:01 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-10-21 19:10:01 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-10-21 19:10:01 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-10-21 19:10:01 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-10-21 19:10:01 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-10-21 18:45:19 -------- d-sh--w- C:\$RECYCLE.BIN
2013-10-21 18:22:48 98816 ----a-w- C:\Windows\sed.exe
2013-10-21 18:22:48 256000 ----a-w- C:\Windows\PEV.exe
2013-10-21 18:22:48 208896 ----a-w- C:\Windows\MBR.exe
2013-10-21 18:22:41 -------- d-----w- C:\ComboFix
2013-10-21 17:52:35 -------- d-----w- C:\Program Files\trend micro
2013-10-21 17:48:46 -------- d-----w- C:\Program Files (x86)\trend micro
2013-10-21 16:58:45 2560 ----a-w- C:\Windows\_MSRSTRT.EXE
2013-10-20 19:23:50 -------- d-----w- C:\ProgramData\Simply Super Software
2013-10-20 19:10:16 767952 ----a-w- C:\Windows\BDTSupport.dll
2013-10-20 19:10:15 2078672 ----a-w- C:\Windows\PCTBDCore.dll
2013-10-20 19:10:15 1533904 ----a-w- C:\Windows\PCTBDRes.dll
2013-10-20 19:10:15 149456 ----a-w- C:\Windows\SGDetectionTool.dll
2013-10-20 19:06:26 -------- d-----w- C:\Program Files (x86)\PC Tools Security
2013-10-20 13:16:17 -------- d-----w- C:\Windows\System32\ljkb
2013-10-19 13:30:43 -------- d-----w- C:\Users\Dominik\AppData\Local\Adobe
2013-10-19 13:24:12 -------- d-----w- C:\Program Files (x86)\Half-Life Model Viewer
2013-10-19 13:19:13 -------- d-----w- C:\Users\Dominik\.gimp-2.6
2013-10-19 08:40:09 -------- d-----w- C:\Program Files (x86)\Counter-Strike 1.6 Non-Steam
2013-10-18 11:40:17 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7A7AD41E-76D9-4BE4-B937-B1123B356045}\mpengine.dll
2013-10-15 16:31:19 -------- d-----w- C:\Program Files (x86)\Common Files\Overwolf
2013-10-15 16:30:27 -------- d-----w- C:\Users\Dominik\AppData\Local\Overwolf
2013-10-10 04:06:55 633856 ----a-w- C:\Windows\System32\comctl32.dll
2013-10-10 04:05:45 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2013-10-07 12:09:30 -------- d-----w- C:\Users\Dominik\AppData\Local\Comodo
2013-10-07 12:09:13 -------- d-----w- C:\Program Files (x86)\Comodo
2013-10-07 12:09:08 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2013-10-07 12:09:08 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll
2013-10-07 12:08:58 -------- d-----w- C:\Program Files (x86)\ooVoo
2013-10-07 11:54:21 -------- d-----r- C:\Program Files (x86)\Skype
2013-10-05 17:57:10 722880 ----a-w- C:\Windows\Counter-Strike 1.6 Standalone Uninstaller.exe
2013-10-05 17:55:55 -------- d-----w- C:\Program Files (x86)\Counter-Strike 1.6 Standalone
2013-10-05 13:46:13 -------- d-----w- C:\Program Files\TeamSpeak 3 Client
2013-10-03 17:41:42 -------- d-----w- C:\Program Files (x86)\hrajcs
2013-10-02 18:41:45 -------- d-----w- C:\Program Files (x86)\Haali
2013-09-30 12:31:15 -------- d-----w- C:\Users\Dominik\AppData\Roaming\.minecraft
2013-09-29 10:55:21 -------- d-----w- C:\Program Files (x86)\Music!
2013-09-28 08:23:05 -------- d-----w- C:\Counter-Strike 1.6
2013-09-28 07:54:03 -------- d-----w- C:\Program Files (x86)\WB Games
.
==================== Find3M ====================
.
2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-09 08:52:48 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2013-09-09 08:52:48 608080 ----a-w- C:\Windows\System32\msvcp100.dll
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-09-03 12:35:10 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
2013-08-21 15:31:45 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-08-21 15:31:41 916456 ----a-w- C:\Windows\System32\deployJava1.dll
2013-08-21 15:31:41 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-08-21 15:25:59 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-21 15:25:56 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-08-21 15:25:56 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-08-01 12:09:36 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2003-04-30 14:17:52 212992 ----a-r- C:\Program Files (x86)\setup.bin
.
============= FINISH: 7:15:30,77 ===============

#12 Příspěvek od **vyosek** » 22 říj 2013 09:16

Odinstalujte nasledujici

PC Tools Security
Spyware Terminator
McAfee Security Scan
Game Booster 3 a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Driver::
bdssmldq
fgyglvyd
ICQ Service
APNMCP
Browser Defender Update Service

Collect::
C:\Windows\inf\msdnfj.vbe
c:\windows\SysWOW64\jmdp\stij.exe

File::
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job
C:\Windows\tasks\PC SpeedUp Service Deactivator.job

Folder::
C:\Windows\tasks
C:\Program Files (x86)\AskPartnerNetwork
C:\Program Files (x86)\Zrychleni Pocitace
C:\Program Files (x86)\SmartTweak
C:\Windows\SYSWOW64\jmdp
C:\Windows\system32\ljkb
C:\Program Files (x86)\PC Tools Security
C:\ProgramData\AskPartnerNetwork

DDS::
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: PC Tools Browser Guard: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: IMPI: {17E113E6-CD0E-4045-B154-65F0E57959EF} -
BHO: {230b9a15-0695-4130-93b8-a93d4f5df8ae} - <orphaned>
BHO: PC Tools Browser Guard BHO: {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
BHO: Oovoo Toolbar: {4F564F32-5637-006A-76A7-7A786E7484D7} - 
TB: Oovoo Toolbar: {4F564F32-5637-006A-76A7-7A786E7484D7} -
TB: PC Tools Browser Guard: {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
mRun: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
IE: Search the Web - <no file>
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com

Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=-
"AdobeAAMUpdater-1.0"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"=-
"PCSpeedUp"=-
"cz.seznam.software.autoupdate"=-
"SDP"=-
"Google Update"=-
"Clownfish"=-
"Tiny download manager"=-
"SpeedUpMyComputer"=-
"cz.seznam.software.szndesktop"=-
"uTorrent"=-
"Skype"=-
"ooVoo.exe"=-
"Facebook Update"=-
"Overwolf"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Optimizer Pro]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=-
"LogMeIn Hamachi Ui"=-
"msdnfjSrv"=-
"ApnTBMon"=-
"Adobe Creative Cloud"=-
"PCTools FGuard"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"removeiLividdatamngr"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

RegNull::
[HKEY_USERS\S-1-5-21-2071916412-1336065733-774511312-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-2071916412-1336065733-774511312-1000\Software\SecuROM\License information*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

AlohaAnty · #13 Příspěvek od **AlohaAnty** » 22 říj 2013 13:57

Chci se optat jestli už se blížíme ke konci?

ComboFix 13-10-21.01 - Dominik 22.10.2013 14:34:06.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4061.2817 [GMT 2:00]
Spuštěný z: c:\users\Dominik\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Dominik\Desktop\CFScript.txt
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\tasks\AutoKMS.job"
"c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job"
"c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job"
"c:\windows\tasks\PC SpeedUp Service Deactivator.job"
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\PC Tools Security
c:\program files (x86)\PC Tools Security\BDT\apdoms.dat
c:\program files (x86)\PC Tools Security\BDT\BDTDom.dll
c:\program files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
c:\program files (x86)\PC Tools Security\BDT\BG.XML
c:\program files (x86)\PC Tools Security\BDT\config.xml
c:\program files (x86)\PC Tools Security\BDT\CZ.XML
c:\program files (x86)\PC Tools Security\BDT\DA.XML
c:\program files (x86)\PC Tools Security\BDT\DbgHelp.dll
c:\program files (x86)\PC Tools Security\BDT\DE.XML
c:\program files (x86)\PC Tools Security\BDT\DRM\ISDRMHelper.dll
c:\program files (x86)\PC Tools Security\BDT\DRM\SDDRMHelper.dll
c:\program files (x86)\PC Tools Security\BDT\EN.xml
c:\program files (x86)\PC Tools Security\BDT\ES.XML
c:\program files (x86)\PC Tools Security\BDT\FGuard.exe
c:\program files (x86)\PC Tools Security\BDT\FGuardHks.dll
c:\program files (x86)\PC Tools Security\BDT\FI.XML
c:\program files (x86)\PC Tools Security\BDT\Firefox\components\autocomplete.js
c:\program files (x86)\PC Tools Security\BDT\Firefox\components\IBDCoreAccess.xpt
c:\program files (x86)\PC Tools Security\BDT\Firefox\components\IHeuristics.xpt
c:\program files (x86)\PC Tools Security\BDT\Firefox\data\BDTF3JSHook.dll
c:\program files (x86)\PC Tools Security\BDT\Firefox\data\BDTF4JSHook.dll
c:\program files (x86)\PC Tools Security\BDT\Firefox\data\hash.dat
c:\program files (x86)\PC Tools Security\BDT\Firefox\data\ISDRMHelper.dll
c:\program files (x86)\PC Tools Security\BDT\Firefox\data\SDDRMHelper.dll
c:\program files (x86)\PC Tools Security\BDT\Firefox\data\sites.txt
c:\program files (x86)\PC Tools Security\BDT\Firefox\chrome.manifest
c:\program files (x86)\PC Tools Security\BDT\Firefox\chrome\bdtoolbar.jar
c:\program files (x86)\PC Tools Security\BDT\Firefox\install.rdf
c:\program files (x86)\PC Tools Security\BDT\Firefox\platform\Linux_x86-gcc3\components\libheuristic.so
c:\program files (x86)\PC Tools Security\BDT\Firefox\platform\Linux_x86_64-gcc3\components\libheuristic.so
c:\program files (x86)\PC Tools Security\BDT\Firefox\platform\WINNT_x86-msvc\components\libheuristic.dll
c:\program files (x86)\PC Tools Security\BDT\FR.XML
c:\program files (x86)\PC Tools Security\BDT\GR.XML
c:\program files (x86)\PC Tools Security\BDT\hash.dat
c:\program files (x86)\PC Tools Security\BDT\HR.XML
c:\program files (x86)\PC Tools Security\BDT\HU.XML
c:\program files (x86)\PC Tools Security\BDT\InnoHelpers.dll
c:\program files (x86)\PC Tools Security\BDT\IT.XML
c:\program files (x86)\PC Tools Security\BDT\JP.XML
c:\program files (x86)\PC Tools Security\BDT\KO.XML
c:\program files (x86)\PC Tools Security\BDT\NL.XML
c:\program files (x86)\PC Tools Security\BDT\NO.XML
c:\program files (x86)\PC Tools Security\BDT\PCTBDUpdate.exe
c:\program files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll
c:\program files (x86)\PC Tools Security\BDT\PCTLicReset.dll
c:\program files (x86)\PC Tools Security\BDT\PL.XML
c:\program files (x86)\PC Tools Security\BDT\PT.XML
c:\program files (x86)\PC Tools Security\BDT\PTBR.XML
c:\program files (x86)\PC Tools Security\BDT\RO.XML
c:\program files (x86)\PC Tools Security\BDT\RU.XML
c:\program files (x86)\PC Tools Security\BDT\SC.XML
c:\program files (x86)\PC Tools Security\BDT\SE.XML
c:\program files (x86)\PC Tools Security\BDT\sites.dat
c:\program files (x86)\PC Tools Security\BDT\SK.XML
c:\program files (x86)\PC Tools Security\BDT\TC.XML
c:\program files (x86)\PC Tools Security\BDT\TH.XML
c:\program files (x86)\PC Tools Security\BDT\TR.XML
c:\program files (x86)\PC Tools Security\BDT\unins000.dat
c:\program files (x86)\PC Tools Security\BDT\unins000.exe
c:\program files (x86)\PC Tools Security\BDT\unins000.msg
c:\program files (x86)\PC Tools Security\BDT\Utility.dll
c:\program files (x86)\Zrychleni Pocitace
c:\program files (x86)\Zrychleni Pocitace\App.config
c:\program files (x86)\Zrychleni Pocitace\App.config.bkp
c:\program files (x86)\Zrychleni Pocitace\Icon.ico
c:\program files (x86)\Zrychleni Pocitace\PCSpeedUp.s3db
c:\program files (x86)\Zrychleni Pocitace\PCSpeedUp.sys
c:\program files (x86)\Zrychleni Pocitace\PCSUBootTimes.log
c:\program files (x86)\Zrychleni Pocitace\PCSUHelper.dll
c:\program files (x86)\Zrychleni Pocitace\PCSULauncher.exe
c:\program files (x86)\Zrychleni Pocitace\PCSUNotifier.exe
c:\program files (x86)\Zrychleni Pocitace\PCSUSD.exe
c:\program files (x86)\Zrychleni Pocitace\PCSUService-Timer.log
c:\program files (x86)\Zrychleni Pocitace\PCSUService.conf
c:\program files (x86)\Zrychleni Pocitace\PCSUService.conf.bkp
c:\program files (x86)\Zrychleni Pocitace\PCSUService.exe
c:\program files (x86)\Zrychleni Pocitace\PCSUService.log
c:\program files (x86)\Zrychleni Pocitace\PCSUUCC.exe
c:\program files (x86)\Zrychleni Pocitace\PCSUUCC.log
c:\program files (x86)\Zrychleni Pocitace\PopupNotification.dll
c:\program files (x86)\Zrychleni Pocitace\Sqlite3.dll
c:\program files (x86)\Zrychleni Pocitace\unins000.dat
c:\program files (x86)\Zrychleni Pocitace\unins000.exe
c:\program files (x86)\Zrychleni Pocitace\unins000.msg
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_bdssmldq
-------\Service_Browser Defender Update Service
-------\Service_fgyglvyd
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-22 do 2013-10-22 )))))))))))))))))))))))))))))))
.
.
2013-10-22 12:45 . 2013-10-22 12:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-21 20:40 . 2013-10-21 20:42 -------- d-----w- C:\AdwCleaner
2013-10-21 20:22 . 2013-10-21 20:22 -------- d-----w- c:\windows\ERUNT
2013-10-21 19:10 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-21 19:10 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-21 19:10 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-21 19:10 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-21 19:10 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-21 19:10 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-21 19:10 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-21 17:52 . 2013-10-21 17:52 -------- d-----w- c:\program files\trend micro
2013-10-21 17:48 . 2013-10-21 17:48 -------- d-----w- c:\program files (x86)\trend micro
2013-10-21 17:48 . 2013-10-21 17:49 -------- d-----w- C:\rsit
2013-10-21 16:58 . 2013-10-21 16:58 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2013-10-21 03:54 . 2013-10-21 03:55 -------- d-----w- c:\program files (x86)\Google
2013-10-20 19:23 . 2013-10-20 19:23 -------- d-----w- c:\programdata\Simply Super Software
2013-10-20 19:10 . 2011-05-20 09:44 767952 ----a-w- c:\windows\BDTSupport.dll
2013-10-20 19:10 . 2011-05-20 09:44 149456 ----a-w- c:\windows\SGDetectionTool.dll
2013-10-20 19:10 . 2011-05-20 09:44 2078672 ----a-w- c:\windows\PCTBDCore.dll
2013-10-20 19:10 . 2011-05-20 09:44 1533904 ----a-w- c:\windows\PCTBDRes.dll
2013-10-20 13:16 . 2013-10-20 13:16 -------- d-----w- c:\windows\system32\ljkb
2013-10-19 13:32 . 2013-10-19 13:33 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-10-19 13:30 . 2013-10-22 04:01 -------- d-----w- c:\users\Dominik\AppData\Local\Adobe
2013-10-19 13:24 . 2013-10-19 13:24 -------- d-----w- c:\program files (x86)\Half-Life Model Viewer
2013-10-19 13:19 . 2013-10-19 13:28 -------- d-----w- c:\users\Dominik\.gimp-2.6
2013-10-19 08:40 . 2013-10-19 08:43 -------- d-----w- c:\program files (x86)\Counter-Strike 1.6 Non-Steam
2013-10-18 11:40 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7A7AD41E-76D9-4BE4-B937-B1123B356045}\mpengine.dll
2013-10-15 16:31 . 2013-10-21 17:10 -------- d-----w- c:\program files (x86)\Common Files\Overwolf
2013-10-15 16:30 . 2013-10-21 17:02 -------- d-----w- c:\users\Dominik\AppData\Local\Overwolf
2013-10-12 07:04 . 2013-10-12 07:05 -------- d-----w- c:\users\Guest
2013-10-10 04:06 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2013-10-10 04:05 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-10-07 12:09 . 2013-10-07 12:09 -------- d-----w- c:\users\Dominik\AppData\Local\Comodo
2013-10-07 12:09 . 2013-10-20 20:05 -------- d-----w- c:\program files (x86)\Comodo
2013-10-07 12:09 . 2013-10-07 12:09 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2013-10-07 12:09 . 2013-10-07 12:09 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2013-10-07 12:08 . 2013-10-07 12:08 -------- d-----w- c:\program files (x86)\ooVoo
2013-10-07 11:54 . 2013-10-07 12:05 -------- d-----r- c:\program files (x86)\Skype
2013-10-05 17:57 . 2013-10-05 17:57 722880 ----a-w- c:\windows\Counter-Strike 1.6 Standalone Uninstaller.exe
2013-10-05 17:55 . 2013-10-05 17:56 -------- d-----w- c:\program files (x86)\Counter-Strike 1.6 Standalone
2013-10-05 13:46 . 2013-10-15 16:30 -------- d-----w- c:\program files\TeamSpeak 3 Client
2013-10-03 17:41 . 2012-12-15 07:43 -------- d-----w- c:\program files (x86)\hrajcs
2013-10-02 18:41 . 2013-10-02 18:41 -------- d-----w- c:\program files (x86)\Haali
2013-09-30 12:31 . 2013-10-14 15:13 -------- d-----w- c:\users\Dominik\AppData\Roaming\.minecraft
2013-09-29 10:55 . 2013-09-29 17:34 -------- d-----w- c:\program files (x86)\Music!
2013-09-28 08:23 . 2013-10-22 04:32 -------- d-----w- C:\Counter-Strike 1.6
2013-09-28 07:54 . 2013-09-28 07:54 -------- d-----w- c:\program files (x86)\WB Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-10 05:34 . 2012-07-19 16:35 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-09-24 05:03 . 2012-02-05 07:26 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-09-14 12:28 . 2013-09-14 12:28 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-09-09 08:52 . 2012-10-21 12:05 829264 ----a-w- c:\windows\system32\msvcr100.dll
2013-09-09 08:52 . 2012-10-21 12:05 608080 ----a-w- c:\windows\system32\msvcp100.dll
2013-09-03 12:35 . 2011-09-06 18:39 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-10-10 04:06 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-21 15:31 . 2013-08-21 15:31 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-08-21 15:31 . 2013-08-21 15:32 289768 ----a-w- c:\windows\system32\javaws.exe
2013-08-21 15:31 . 2013-08-21 15:31 189416 ----a-w- c:\windows\system32\javaw.exe
2013-08-21 15:31 . 2013-08-21 15:31 188904 ----a-w- c:\windows\system32\java.exe
2013-08-21 15:31 . 2012-06-30 12:22 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-08-21 15:31 . 2012-04-22 14:16 916456 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-21 15:25 . 2013-08-21 15:26 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-21 15:25 . 2012-11-24 09:52 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-08-21 15:25 . 2012-04-14 13:22 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-05 02:25 . 2013-09-13 04:09 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 02:14 . 2013-09-13 04:08 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 02:13 . 2013-09-13 04:08 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 02:13 . 2013-09-13 04:08 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-08-02 02:12 . 2013-09-13 04:08 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-08-02 02:12 . 2013-09-13 04:08 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 6656 ----a-w- c:\windows\system32\apisetschema.dll
2013-08-02 02:12 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:50 . 2013-09-13 04:08 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2013-08-02 01:48 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:09 . 2013-09-13 04:08 338432 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:59 . 2013-09-13 04:08 112640 ----a-w- c:\windows\system32\smss.exe
2013-08-02 00:43 . 2013-09-13 04:08 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 04:08 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 04:08 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 04:08 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-26 02:24 . 2013-09-13 04:08 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-07-26 02:24 . 2013-09-13 04:08 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-07-25 09:25 . 2013-08-14 08:12 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 08:12 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2003-04-30 14:17 . 2012-06-07 19:28 212992 ----a-r- c:\program files (x86)\setup.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{17E113E6-CD0E-4045-B154-65F0E57959EF}]
c:\program files\IMPI\Extension32.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
2013-07-03 11:51 155928 ----a-w- c:\users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]
2013-03-12 08:27 120600 ----a-w- c:\users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1AMPCBOK]
@="{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d}"
[HKEY_CLASSES_ROOT\CLSID\{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d}]
2010-11-04 15:58 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\persistentroutes]
"62.75.206.182,255.255.255.255,10.0.0.3,1"=""
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~3\SPYWAR~1\st_rsdel.exe \??\c:\programdata\Spyware
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 aswVmm;aswVmm; [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1039unic.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
S0 aswKbd;aswKbd; [x]
S0 aswRvrt;aswRvrt; [x]
S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys;c:\windows\SYSNATIVE\Drivers\FSPFltd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IMPI Updater;IMPI Updater;c:\program files\IMPI\ExtensionUpdaterService.exe;c:\program files\IMPI\ExtensionUpdaterService.exe [x]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys;c:\windows\SYSNATIVE\DRIVERS\wcmvcam64.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys;c:\windows\SYSNATIVE\DRIVERS\vcsvad.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-21 03:55 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-22 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2011-09-11 09:30]
.
2013-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21 03:54]
.
2013-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-21 03:54]
.
2013-10-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job
- c:\users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-11 09:33]
.
2013-10-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job
- c:\users\Dominik\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-11 09:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-08-30 08:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-08-30 08:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-08-30 08:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1AMPCBOK]
@="{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d}"
[HKEY_CLASSES_ROOT\CLSID\{04cd1f3e-81d5-4904-a3ab-e0f99a7d769d}]
2010-11-04 15:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
"mylbx"="c:\program files\My Lockbox\mylbx.exe" [2011-02-03 1898208]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\persistentroutes]
"62.75.206.182,255.255.255.255,10.0.0.3,1"=""
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
IE: {{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - c:\users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
FF - ProfilePath - c:\users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{230b9a15-0695-4130-93b8-a93d4f5df8ae} - (no file)
BHO-{4F564F32-5637-006A-76A7-7A786E7484D7} - c:\program files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport.dll
BHO-{db0cf5d9-13eb-435e-9db3-4a8aaf4c75ce} - (no file)
Toolbar-{17f24f6d-0284-4a62-a3b7-fca9f2084af4} - (no file)
Toolbar-10 - (no file)
Toolbar-{4F564F32-5637-006A-76A7-7A786E7484D7} - c:\program files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport.dll
ShellIconOverlayIdentifiers-{4d87b7a7-23f1-470c-aa45-96b25b9bd138} - (no file)
AddRemove-Adobe Creative Cloud - c:\program files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe
AddRemove-AV Voice Changer Software 7.0 - c:\progra~2\AVVCS7~1.0\UNWISE.EXE
AddRemove-Browser Defender_is1 - c:\program files (x86)\PC Tools Security\BDT\unins000.exe
AddRemove-Counter Strike 1.6 NonSteam Patch-v28 ZbotMod + ~BDADFDB1_is1 - c:\program files (x86)\Valve\unins000.exe
AddRemove-WinGimp-2.0_is1 - c:\program files (x86)\GIMP-2.0\setup\unins000.exe
AddRemove-zulagames - c:\program files (x86)\ZulaGames\uninst.exe
AddRemove-{6889EE56-1816-4E89-94DF-9F56E7804039}_is1 - c:\program files (x86)\Valve\unins000.exe
AddRemove-{6F31F376-65E0-4A33-9E91-01218BFCDD6B}_is1 - c:\program files (x86)\Counter-Strike Source\unins000.exe
AddRemove-GoforFiles - c:\program files (x86)\GoforFiles\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
.
**************************************************************************
.
Celkový čas: 2013-10-22 14:54:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-22 12:54
ComboFix2.txt 2013-10-21 18:52
.
Před spuštěním: Volných bajtů: 285 833 216 000
Po spuštění: Volných bajtů: 285 146 365 952
.
- - End Of File - - 34388B382454E223D4A8D45D57397B99
A36C5E4F47E84449FF07ED3517B43A31

#14 Příspěvek od **vyosek** » 22 říj 2013 14:19

Uz docela jo, jeste tak dva tri kroky a mame hotovo

Poprosim o FRSTL http://forum.viry.cz/viewtopic.php?f=13&t=133100

AlohaAnty · #15 Příspěvek od **AlohaAnty** » 22 říj 2013 14:32

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-10-2013
Ran by Dominik (administrator) on DOMINIK-PC on 22-10-2013 15:27:08
Running from C:\Users\Dominik\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(FSPro Labs) C:\Program Files\My Lockbox\mylbx.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\IMPI\ExtensionUpdaterService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Dominik\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [mylbx] - C:\Program Files\My Lockbox\mylbx.exe [1898208 2011-02-03] (FSPro Labs)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2244096 2009-07-13] (VIA)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304 2013-03-07] (AVAST Software)
HKU\Guest\...\Run: [Google Update] - C:\Users\Guest\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-12] (Google Inc.)
BootExecute: autocheck autochk * C:\PROGRA~3\SPYWAR~1\st_rsdel.exe \??\C:\ProgramData\Spyware

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {08B59813-C99C-4C4C-B091-7335D1DDA217} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {0C11CAC9-A586-470C-AF72-D4FE82E3E1CD} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKCU - {4AF6B2F1-4090-4A9B-A303-ECB6E93A6F8A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {79D206D7-DB82-4968-944D-95A8386AFD3D} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {7BE86DF6-B514-4421-9F24-FF39874D37F8} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKCU - {80E8FE2C-B09D-440C-B6F5-47456B3721E5} URL = http://www.firmy.cz/phr/{searchTerms}?s ... arch_13415
SearchScopes: HKCU - {EABE85B9-E332-42F2-893D-6900DEDDEA62} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IMPI - {17E113E6-CD0E-4045-B154-65F0E57959EF} - C:\Program Files\IMPI\Extension32.dll No File
BHO-x32: No Name - {230b9a15-0695-4130-93b8-a93d4f5df8ae} - No File
BHO-x32: PC Tools Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll No File
BHO-x32: Oovoo Toolbar - {4F564F32-5637-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport.dll" No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (Radiocom CJSC)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {db0cf5d9-13eb-435e-9db3-4a8aaf4c75ce} - No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Rich Media Player - {FEB703F7-E7B2-4AB0-9566-87658AC70095} - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll ()
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - No Name - {17f24f6d-0284-4a62-a3b7-fca9f2084af4} - No File
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Oovoo Toolbar - {4F564F32-5637-006A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7\Passport.dll" No File
Toolbar: HKLM-x32 - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default
FF NetworkProxy: "type", 0
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @richmediaplayer.com/nppluginrichmediaplayer - C:\Program Files (x86)\Mozilla Firefox\plugins\nppluginrichmediaplayer.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll No File
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Dominik\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dominik\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dominik\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\DotSpot_2k.xml
FF SearchPlugin: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\searchplugins\utorrentcontrolv6-customized-web-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: DotSpot - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\Extensions\2kffxtbr@DotSpot_2k.com
FF Extension: Battlefield Heroes Updater - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\Extensions\battlefieldheroespatcher@ea.com
FF Extension: Seznam lištička - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: onlinehdtv - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\Extensions\onlinehdtv@onlinehd.tv.xpi
FF Extension: torntv - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\loc3dukj.default\Extensions\torntv@torntv.com.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox
FF Extension: IMPI - C:\Program Files\IMPI\Firefox
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{17E113E6-CD0E-4045-B154-65F0E57959EF}] - C:\Program Files\IMPI\Firefox
FF Extension: IMPI - C:\Program Files\IMPI\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{3DF4B26D-DB19-45DF-962A-6719D071245B}] - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}
FF Extension: Rich Media Player extension - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}
FF HKLM-x32\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files (x86)\PC Tools Security\BDT\Firefox\

Chrome:
=======
CHR Extension: (KMPlayer Toolbar) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaoggiphohkihibdkcnhnokmkfmhnj\7.17.3.37909_0
CHR Extension: (Google Drive) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (avast! WebRep) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0
CHR Extension: (iPiccy Photo Editor) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\imokeandodnlammaoenbgcnbhigjbpjh\1.1_0
CHR Extension: (Gmail) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [aaaainelhcgoinheohbeolppeofibjlh] - C:\ProgramData\AskPartnerNetwork\Toolbar\OVO2V7\CRX\ToolbarCR.crx
CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Dominik\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx
CHR HKLM-x32\...\Chrome\Extension: [doagiokpgboiomffjfhaiimafndmmpni] - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\Chrome\richmediadownloader.crx
CHR HKLM-x32\...\Chrome\Extension: [egkcbimocjlaegijlkhcphggjpblepbf] - C:\ProgramData\SaveAs\egkcbimocjlaegijlkhcphggjpblepbf.crx
CHR HKLM-x32\...\Chrome\Extension: [fkcdbkhjcaljlfolhllfneigeepmjfim] - C:\Users\Dominik\AppData\Local\Rich Media Player\BrowserExtensions\Chrome\playerextension.crx
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Dominik\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software)
S3 COMSysApp; C:\Windows\SysWow64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation)
R2 IMPI Updater; C:\Program Files\IMPI\ExtensionUpdaterService.exe [185856 2013-02-05] ()
S3 msiserver; C:\Windows\SysWow64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-11-02] (TuneUp Software)
S4 WSearch; C:\Windows\SysWow64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation)
S2 PnkBstrA;

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-03-07] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-03-07] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [70992 2013-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-03-07] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-03-07] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [377920 2013-03-07] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [68920 2013-03-07] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178624 2013-03-07] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-06-07] (DT Soft Ltd)
R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [54848 2010-07-22] (FSPro Labs)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] ()
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2010-03-01] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2010-03-01] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2010-03-01] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2010-03-01] (MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2010-03-01] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2010-03-01] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2010-03-01] (MCCI Corporation)
S4 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [68608 2005-08-10] (Protection Technology)
S4 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [89600 2005-11-03] (Protection Technology)
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
R2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2011-06-23] (Windows (R) Win 7 DDK provider)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-10-22 15:26 - 2013-10-22 15:26 - 00029696 _____ C:\Users\Dominik\AppData\Local\MSGBOX.EXE
2013-10-22 15:26 - 2013-10-22 15:26 - 00015327 _____ C:\Users\Dominik\Desktop\LM.bat
2013-10-22 15:26 - 2013-10-22 15:26 - 00000000 ____D C:\FRST
2013-10-22 15:25 - 2013-10-22 15:25 - 00112128 _____ (forum.viry.cz) C:\Users\Dominik\Desktop\FRSTLauncher.exe
2013-10-22 15:24 - 2013-10-22 15:25 - 01954682 _____ (Farbar) C:\Users\Dominik\Desktop\FRST64.exe
2013-10-22 14:54 - 2013-10-22 14:54 - 00033846 _____ C:\ComboFix.txt
2013-10-22 14:33 - 2013-10-22 14:33 - 00001204 _____ C:\CF-Submit.htm
2013-10-22 14:29 - 2012-11-23 20:09 - 00002053 _____ C:\Users\Public\Desktop\Counter-Strike Source.lnk
2013-10-22 14:29 - 2012-08-23 15:49 - 00001672 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2013-10-22 14:29 - 2012-06-23 11:16 - 00002109 _____ C:\Users\Public\Desktop\Counter-Strike 1.6 Non-Steam.lnk
2013-10-21 22:40 - 2013-10-21 22:42 - 00000000 ____D C:\AdwCleaner
2013-10-21 22:40 - 2013-10-21 22:40 - 00053631 _____ C:\Users\Dominik\Desktop\JRT.txt
2013-10-21 22:22 - 2013-10-21 22:22 - 00000000 ____D C:\Windows\ERUNT
2013-10-21 22:21 - 2013-10-21 22:21 - 01060070 _____ C:\Users\Dominik\Desktop\adwcleaner.exe
2013-10-21 22:21 - 2013-10-21 22:21 - 01033335 _____ (Thisisu) C:\Users\Dominik\Desktop\JRT.exe
2013-10-21 21:10 - 2013-09-04 14:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-21 21:10 - 2013-09-04 14:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-21 21:10 - 2013-09-04 14:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-21 21:10 - 2013-09-04 14:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-21 21:10 - 2013-09-04 14:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-21 21:10 - 2013-09-04 14:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-21 21:10 - 2013-09-04 14:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-21 21:04 - 2013-10-21 21:04 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Dominik\Downloads\rkill.com
2013-10-21 20:22 - 2013-10-22 14:55 - 00000000 ____D C:\Qoobox
2013-10-21 20:22 - 2013-10-22 14:45 - 00000000 ____D C:\Windows\erdnt
2013-10-21 20:22 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-10-21 20:22 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-10-21 20:22 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-10-21 20:22 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-10-21 20:22 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-10-21 20:22 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-10-21 20:22 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-10-21 20:22 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-10-21 20:15 - 2013-10-21 21:05 - 00002522 _____ C:\Users\Dominik\Desktop\Rkill.txt
2013-10-21 20:15 - 2013-10-21 20:15 - 01038584 _____ (Bleeping Computer, LLC) C:\Users\Dominik\Desktop\rkill64.com
2013-10-21 20:15 - 2013-10-21 20:15 - 00000000 ____D C:\Users\Dominik\Desktop\rkill
2013-10-21 20:14 - 2013-10-21 20:15 - 05136138 ____R (Swearware) C:\Users\Dominik\Desktop\ComboFix.exe
2013-10-21 20:12 - 2013-10-21 20:12 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Dominik\Desktop\rkill.com
2013-10-21 19:52 - 2013-10-21 19:52 - 00935175 _____ C:\Users\Dominik\Downloads\RSITx64.exe
2013-10-21 19:52 - 2013-10-21 19:52 - 00000000 ____D C:\Program Files\trend micro
2013-10-21 19:48 - 2013-10-21 19:49 - 00000000 ____D C:\rsit
2013-10-21 19:48 - 2013-10-21 19:48 - 00781383 _____ C:\Users\Dominik\Downloads\RSIT.exe
2013-10-21 19:48 - 2013-10-21 19:48 - 00000000 ____D C:\Program Files (x86)\trend micro
2013-10-21 19:46 - 2013-10-22 07:15 - 00023465 _____ C:\Users\Dominik\Desktop\dds.txt
2013-10-21 19:46 - 2013-10-22 07:15 - 00011463 _____ C:\Users\Dominik\Desktop\attach.txt
2013-10-21 19:43 - 2013-10-21 19:43 - 00688992 ____R (Swearware) C:\Users\Dominik\Downloads\dds.exe
2013-10-21 19:43 - 2013-10-21 19:43 - 00688992 _____ (Swearware) C:\Users\Dominik\Downloads\dds (1).exe
2013-10-21 19:00 - 2013-10-22 15:02 - 00000504 _____ C:\Windows\setupact.log
2013-10-21 19:00 - 2013-10-21 19:00 - 00000000 _____ C:\Windows\setuperr.log
2013-10-21 18:59 - 2013-10-22 14:46 - 00010450 _____ C:\Windows\PFRO.log
2013-10-21 18:58 - 2013-10-21 18:58 - 00002560 _____ C:\Windows\_MSRSTRT.EXE
2013-10-21 15:42 - 2013-10-21 16:19 - 347642772 _____ C:\Users\Dominik\Downloads\Ztraceni---2x16-Celá-pravda.rar
2013-10-21 14:43 - 2013-10-21 14:55 - 00000000 ____D C:\Users\Dominik\Documents\Euro Truck Simulator 2
2013-10-21 06:21 - 2013-10-21 06:21 - 01105149 _____ C:\Users\Dominik\Desktop\OFF77.dem
2013-10-21 05:55 - 2013-10-21 05:55 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-21 05:54 - 2013-10-22 15:02 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-21 05:54 - 2013-10-22 15:00 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-21 05:54 - 2013-10-21 05:55 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-21 05:54 - 2013-10-21 05:54 - 00003950 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-21 05:54 - 2013-10-21 05:54 - 00003698 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-20 22:24 - 2013-10-20 22:24 - 00000000 ____H C:\Users\Dominik\Documents\Default.rdp
2013-10-20 21:23 - 2013-10-20 21:23 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-10-20 21:21 - 2013-10-20 21:22 - 23334896 _____ (Simply Super Software ) C:\Users\Dominik\Downloads\trjsetup688.exe
2013-10-20 21:10 - 2011-05-20 11:44 - 02078672 _____ (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll
2013-10-20 21:10 - 2011-05-20 11:44 - 01533904 _____ (Threat Expert Ltd.) C:\Windows\PCTBDRes.dll
2013-10-20 21:10 - 2011-05-20 11:44 - 00767952 _____ C:\Windows\BDTSupport.dll
2013-10-20 21:10 - 2011-05-20 11:44 - 00149456 _____ (PC Tools) C:\Windows\SGDetectionTool.dll
2013-10-20 21:10 - 2011-01-06 10:54 - 00002125 _____ C:\Windows\UDB.zip
2013-10-20 21:10 - 2010-08-20 09:50 - 00000882 _____ C:\Windows\RegSDImport.xml
2013-10-20 21:10 - 2010-01-22 08:44 - 00000879 _____ C:\Windows\RegISSImport.xml
2013-10-20 21:10 - 2008-11-26 11:08 - 00000131 _____ C:\Windows\IDB.zip
2013-10-20 21:07 - 2013-10-20 21:11 - 02514402 _____ C:\Windows\system32\Drivers\Cat.DB
2013-10-20 21:03 - 2013-10-20 21:05 - 67435656 _____ (PC Tools ) C:\Users\Dominik\Downloads\sdsetup_dl.exe
2013-10-20 19:18 - 2013-10-20 19:18 - 00000000 ____D C:\Users\Dominik\Documents\Add-in Express
2013-10-20 15:16 - 2013-10-20 15:16 - 00000000 ____D C:\Windows\system32\ljkb
2013-10-20 08:22 - 2013-10-20 15:52 - 00000684 _____ C:\Users\Dominik\Desktop\AMX PŘÍKAZY.txt
2013-10-19 15:35 - 2013-10-19 15:35 - 00003510 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Dominik-PC-Dominik
2013-10-19 15:32 - 2013-10-19 15:32 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-19 15:30 - 2013-10-22 06:01 - 00000000 ____D C:\Users\Dominik\AppData\Local\Adobe
2013-10-19 15:24 - 2013-10-19 15:24 - 00000000 ____D C:\Program Files (x86)\Half-Life Model Viewer
2013-10-19 15:19 - 2013-10-19 15:28 - 00000000 ____D C:\Users\Dominik\.gimp-2.6
2013-10-19 15:19 - 2013-10-19 15:19 - 00000000 ____D C:\Users\Dominik\Documents\gegl-0.0
2013-10-19 10:40 - 2013-10-19 10:43 - 00002109 _____ C:\Users\Dominik\Desktop\Counter-Strike 1.6 Non-Steam.lnk
2013-10-19 10:40 - 2013-10-19 10:43 - 00000000 ____D C:\Program Files (x86)\Counter-Strike 1.6 Non-Steam
2013-10-19 10:40 - 2013-10-19 10:40 - 00003238 _____ C:\Windows\System32\Tasks\{7F027BB3-666E-4E90-8935-041DE9CAA389}
2013-10-19 10:40 - 2013-10-19 10:40 - 00003238 _____ C:\Windows\System32\Tasks\{661A78C3-885D-4980-9B7D-264D72E77965}
2013-10-18 23:16 - 2013-10-20 19:02 - 00000000 ____D C:\Users\Dominik\Downloads\Ztraceni---2x01-Muž-vědy,-muž-víry
2013-10-15 18:30 - 2013-10-21 19:02 - 00000000 ____D C:\Users\Dominik\AppData\Local\Overwolf
2013-10-14 19:52 - 2013-07-17 00:23 - 00061802 _____ C:\Users\Dominik\Desktop\The Call.srt
2013-10-12 09:09 - 2013-10-12 09:09 - 00002366 _____ C:\Users\Guest\Desktop\Google Chrome.lnk
2013-10-12 09:09 - 2013-10-12 09:09 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-12 09:08 - 2013-10-12 09:08 - 00000000 ____D C:\Users\Guest\AppData\Local\Google
2013-10-12 09:07 - 2013-10-12 09:07 - 00739856 _____ (Google Inc.) C:\Users\Guest\Desktop\30.0.1599.66_chrome_installer.exe
2013-10-12 09:07 - 2013-10-12 09:07 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Macromedia
2013-10-12 09:05 - 2013-10-12 09:08 - 00000000 ____D C:\Users\Guest\AppData\Local\LogMeIn Hamachi
2013-10-12 09:05 - 2013-10-12 09:05 - 00000000 ___RD C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-12 09:05 - 2013-10-12 09:05 - 00000000 ___RD C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-12 09:05 - 2013-10-12 09:05 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Seznam.cz
2013-10-12 09:05 - 2013-10-12 09:05 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Opera
2013-10-12 09:05 - 2013-10-12 09:05 - 00000000 ____D C:\Users\Guest\AppData\Roaming\ooVoo Details
2013-10-12 09:05 - 2013-10-12 09:05 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Adobe
2013-10-12 09:05 - 2013-10-12 09:05 - 00000000 ____D C:\Users\Guest\AppData\Local\Opera
2013-10-12 09:04 - 2013-10-12 09:05 - 00000000 ____D C:\Users\Guest
2013-10-12 09:04 - 2013-10-12 09:04 - 00000020 ___SH C:\Users\Guest\ntuser.ini
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Šablony
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Soubory cookie
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Poslední
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Okolní tiskárny
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Okolní síť
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Nabídka Start
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Dokumenty
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Documents\Obrázky
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Documents\Hudba
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Documents\Filmy
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Data aplikací
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\AppData\Local\Data aplikací
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 ____D C:\Users\Guest\AppData\Local\VirtualStore
2013-10-12 09:04 - 2011-11-15 07:49 - 00000000 ____D C:\Users\Guest\AppData\Local\Microsoft Help
2013-10-12 09:04 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-12 09:04 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-11 19:28 - 2013-10-11 20:47 - 734142812 _____ C:\Users\Dominik\Downloads\Tři-dny-ke-svobodě-CZ-2010.avi
2013-10-10 07:50 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 07:50 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 07:50 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 07:50 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 07:50 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 07:50 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 07:50 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 07:50 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 07:50 - 2013-09-23 01:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 07:50 - 2013-09-23 01:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 07:50 - 2013-09-23 01:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 07:50 - 2013-09-23 01:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 07:50 - 2013-09-23 01:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 07:50 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 07:50 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 07:50 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 07:50 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 07:50 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 07:50 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 07:50 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 07:50 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 07:50 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 07:50 - 2013-09-23 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 07:50 - 2013-09-23 00:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 07:50 - 2013-09-23 00:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 07:50 - 2013-09-23 00:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 07:50 - 2013-09-23 00:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 07:50 - 2013-09-21 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 07:50 - 2013-09-21 05:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 06:06 - 2013-09-14 03:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 06:06 - 2013-09-08 04:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 06:06 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 06:06 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 06:06 - 2013-08-29 04:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 06:06 - 2013-08-29 04:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 06:06 - 2013-08-29 04:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 06:06 - 2013-08-29 04:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 06:06 - 2013-08-29 04:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 06:06 - 2013-08-29 03:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 06:06 - 2013-08-29 03:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 06:06 - 2013-08-29 03:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 06:06 - 2013-08-29 03:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 06:06 - 2013-08-29 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 06:06 - 2013-08-29 03:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 06:06 - 2013-08-29 02:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 06:06 - 2013-08-29 02:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 06:06 - 2013-08-29 02:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 06:06 - 2013-08-29 02:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 06:06 - 2013-08-28 03:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 06:06 - 2013-08-01 14:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 06:06 - 2013-07-20 12:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 06:06 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 06:06 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 06:06 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 06:06 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 06:06 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 06:06 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 06:06 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 06:06 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 06:06 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 06:06 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 06:06 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 06:06 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 06:06 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 06:06 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 06:06 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 06:06 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 06:06 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 06:06 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 06:06 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 06:06 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 06:06 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 06:06 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 06:06 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 06:05 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-07 14:09 - 2013-10-20 22:05 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-10-07 14:09 - 2013-10-12 16:24 - 00001857 _____ C:\Users\Public\Desktop\ooVoo.lnk
2013-10-07 14:09 - 2013-10-07 14:09 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2013-10-07 14:09 - 2013-10-07 14:09 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2013-10-07 14:09 - 2013-10-07 14:09 - 00000000 ____D C:\Users\Dominik\AppData\Local\Comodo
2013-10-07 14:08 - 2013-10-07 14:08 - 00000000 ____D C:\Program Files (x86)\ooVoo
2013-10-07 13:54 - 2013-10-07 14:05 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-05 19:57 - 2013-10-05 19:57 - 00722880 _____ C:\Windows\Counter-Strike 1.6 Standalone Uninstaller.exe
2013-10-05 19:57 - 2013-10-05 19:57 - 00002118 _____ C:\Users\Dominik\Desktop\Counter-Strike 1.6 Standalone.lnk
2013-10-05 19:57 - 2013-10-05 19:57 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 Standalone
2013-10-05 19:55 - 2013-10-05 19:56 - 00000000 ____D C:\Program Files (x86)\Counter-Strike 1.6 Standalone
2013-10-05 15:47 - 2013-10-15 18:30 - 00000967 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-10-05 15:47 - 2013-10-05 15:47 - 00003176 _____ C:\Windows\System32\Tasks\{9AFFF9D0-34FC-47D0-A2CC-10EF507ECEC7}
2013-10-05 15:46 - 2013-10-15 18:30 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-10-05 15:45 - 2013-10-05 15:45 - 73473368 _____ C:\Users\Dominik\Desktop\TeamSpeak-3--client-CZ.rar
2013-10-05 15:45 - 2013-10-05 15:45 - 00000000 ____D C:\Users\Dominik\Desktop\TeamSpeak 3
2013-10-05 12:17 - 2013-10-05 14:04 - 985768356 _____ C:\Users\Dominik\Downloads\50-50-2011-cz-dabing.avi
2013-10-04 22:09 - 2013-10-04 22:09 - 00000864 _____ C:\Users\Dominik\Desktop\Counter-Strike – zástupce.lnk
2013-10-03 19:45 - 2013-10-21 21:11 - 00000000 ____D C:\Users\Dominik\Downloads\hrajcs
2013-10-03 19:41 - 2012-12-15 09:43 - 00000000 ____D C:\Program Files (x86)\hrajcs
2013-10-02 20:41 - 2013-10-02 20:41 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-10-02 20:41 - 2013-10-02 20:41 - 00000000 ____D C:\Program Files (x86)\Haali
2013-10-01 22:23 - 2013-10-01 22:24 - 02045943 _____ C:\Users\Dominik\Desktop\Baruch Spinoza (1632-1677).pptx
2013-09-30 15:06 - 2013-09-30 15:06 - 00421588 _____ C:\Users\Dominik\Desktop\OptiFine_1.6.2_HD_U_C4.jar
2013-09-30 14:31 - 2013-10-14 17:13 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\.minecraft
2013-09-29 12:55 - 2013-09-29 19:34 - 00000000 ____D C:\Program Files (x86)\Music!
2013-09-29 11:27 - 2013-09-29 12:43 - 721739776 _____ C:\Users\Dominik\Downloads\Slepičí-úlet-CZ.avi
2013-09-28 10:24 - 2013-09-28 10:24 - 00001562 _____ C:\Users\Dominik\Desktop\Counter-Strike 1.6.lnk
2013-09-28 10:24 - 2013-09-28 10:24 - 00001508 _____ C:\Users\Dominik\Desktop\Half-Life.lnk
2013-09-28 10:23 - 2013-10-22 06:32 - 00000000 ____D C:\Counter-Strike 1.6
2013-09-28 09:54 - 2013-09-28 09:54 - 00000000 ____D C:\Program Files (x86)\WB Games
2013-09-28 09:05 - 2013-09-28 09:05 - 00000000 ____D C:\Users\Dominik\Downloads\Counter-Strike 1.6
2013-09-27 18:40 - 2013-09-27 18:40 - 00010553 _____ C:\Users\Dominik\Desktop\dtlegalconfigv12.rar

==================== One Month Modified Files and Folders =======

2013-10-22 15:26 - 2013-10-22 15:26 - 00029696 _____ C:\Users\Dominik\AppData\Local\MSGBOX.EXE
2013-10-22 15:26 - 2013-10-22 15:26 - 00015327 _____ C:\Users\Dominik\Desktop\LM.bat
2013-10-22 15:26 - 2013-10-22 15:26 - 00000000 ____D C:\FRST
2013-10-22 15:25 - 2013-10-22 15:25 - 00112128 _____ (forum.viry.cz) C:\Users\Dominik\Desktop\FRSTLauncher.exe
2013-10-22 15:25 - 2013-10-22 15:24 - 01954682 _____ (Farbar) C:\Users\Dominik\Desktop\FRST64.exe
2013-10-22 15:08 - 2009-07-14 06:45 - 00024048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-22 15:08 - 2009-07-14 06:45 - 00024048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-22 15:06 - 2011-09-06 19:47 - 01650989 _____ C:\Windows\WindowsUpdate.log
2013-10-22 15:03 - 2013-02-14 07:52 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS
2013-10-22 15:03 - 2011-09-11 11:30 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job
2013-10-22 15:02 - 2013-10-21 19:00 - 00000504 _____ C:\Windows\setupact.log
2013-10-22 15:02 - 2013-10-21 05:54 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-22 15:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-22 15:00 - 2013-10-21 05:54 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-22 14:55 - 2013-10-21 20:22 - 00000000 ____D C:\Qoobox
2013-10-22 14:54 - 2013-10-22 14:54 - 00033846 _____ C:\ComboFix.txt
2013-10-22 14:48 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-10-22 14:46 - 2013-10-21 18:59 - 00010450 _____ C:\Windows\PFRO.log
2013-10-22 14:46 - 2009-07-14 04:34 - 78950400 _____ C:\Windows\system32\config\software.bak
2013-10-22 14:46 - 2009-07-14 04:34 - 18612224 _____ C:\Windows\system32\config\system.bak
2013-10-22 14:46 - 2009-07-14 04:34 - 00245760 _____ C:\Windows\system32\config\default.bak
2013-10-22 14:46 - 2009-07-14 04:34 - 00098304 _____ C:\Windows\system32\config\sam.bak
2013-10-22 14:46 - 2009-07-14 04:34 - 00028672 _____ C:\Windows\system32\config\security.bak
2013-10-22 14:45 - 2013-10-21 20:22 - 00000000 ____D C:\Windows\erdnt
2013-10-22 14:37 - 2011-09-11 11:33 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA.job
2013-10-22 14:33 - 2013-10-22 14:33 - 00001204 _____ C:\CF-Submit.htm
2013-10-22 14:27 - 2013-03-03 18:21 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Seznam.cz
2013-10-22 14:26 - 2013-03-22 21:27 - 00000000 ____D C:\Users\Dominik\AppData\Local\LogMeIn Hamachi
2013-10-22 14:25 - 2012-10-21 13:55 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\uTorrent
2013-10-22 14:25 - 2011-09-16 17:54 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Skype
2013-10-22 07:15 - 2013-10-21 19:46 - 00023465 _____ C:\Users\Dominik\Desktop\dds.txt
2013-10-22 07:15 - 2013-10-21 19:46 - 00011463 _____ C:\Users\Dominik\Desktop\attach.txt
2013-10-22 06:32 - 2013-09-28 10:23 - 00000000 ____D C:\Counter-Strike 1.6
2013-10-22 06:01 - 2013-10-19 15:30 - 00000000 ____D C:\Users\Dominik\AppData\Local\Adobe
2013-10-21 22:42 - 2013-10-21 22:40 - 00000000 ____D C:\AdwCleaner
2013-10-21 22:42 - 2011-09-06 19:54 - 00000000 ___RD C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-21 22:41 - 2011-10-10 15:38 - 00000000 ____D C:\ProgramData\ICQ
2013-10-21 22:40 - 2013-10-21 22:40 - 00053631 _____ C:\Users\Dominik\Desktop\JRT.txt
2013-10-21 22:22 - 2013-10-21 22:22 - 00000000 ____D C:\Windows\ERUNT
2013-10-21 22:21 - 2013-10-21 22:21 - 01060070 _____ C:\Users\Dominik\Desktop\adwcleaner.exe
2013-10-21 22:21 - 2013-10-21 22:21 - 01033335 _____ (Thisisu) C:\Users\Dominik\Desktop\JRT.exe
2013-10-21 21:28 - 2011-09-11 11:32 - 00000000 ____D C:\Users\Dominik\AppData\Local\Apps\2.0
2013-10-21 21:11 - 2013-10-03 19:45 - 00000000 ____D C:\Users\Dominik\Downloads\hrajcs
2013-10-21 21:05 - 2013-10-21 20:15 - 00002522 _____ C:\Users\Dominik\Desktop\Rkill.txt
2013-10-21 21:04 - 2013-10-21 21:04 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Dominik\Downloads\rkill.com
2013-10-21 20:52 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-10-21 20:38 - 2013-02-24 20:01 - 00000000 ____D C:\Program Files\IMPI
2013-10-21 20:15 - 2013-10-21 20:15 - 01038584 _____ (Bleeping Computer, LLC) C:\Users\Dominik\Desktop\rkill64.com
2013-10-21 20:15 - 2013-10-21 20:15 - 00000000 ____D C:\Users\Dominik\Desktop\rkill
2013-10-21 20:15 - 2013-10-21 20:14 - 05136138 ____R (Swearware) C:\Users\Dominik\Desktop\ComboFix.exe
2013-10-21 20:12 - 2013-10-21 20:12 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Dominik\Desktop\rkill.com
2013-10-21 19:52 - 2013-10-21 19:52 - 00935175 _____ C:\Users\Dominik\Downloads\RSITx64.exe
2013-10-21 19:52 - 2013-10-21 19:52 - 00000000 ____D C:\Program Files\trend micro
2013-10-21 19:49 - 2013-10-21 19:48 - 00000000 ____D C:\rsit
2013-10-21 19:48 - 2013-10-21 19:48 - 00781383 _____ C:\Users\Dominik\Downloads\RSIT.exe
2013-10-21 19:48 - 2013-10-21 19:48 - 00000000 ____D C:\Program Files (x86)\trend micro
2013-10-21 19:43 - 2013-10-21 19:43 - 00688992 ____R (Swearware) C:\Users\Dominik\Downloads\dds.exe
2013-10-21 19:43 - 2013-10-21 19:43 - 00688992 _____ (Swearware) C:\Users\Dominik\Downloads\dds (1).exe
2013-10-21 19:40 - 2009-07-14 17:18 - 00666656 _____ C:\Windows\system32\perfh005.dat
2013-10-21 19:40 - 2009-07-14 17:18 - 00140320 _____ C:\Windows\system32\perfc005.dat
2013-10-21 19:40 - 2009-07-14 07:13 - 01577410 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-21 19:14 - 2013-05-29 15:59 - 00000000 ____D C:\Program Files (x86)\QuadCoreM2
2013-10-21 19:02 - 2013-10-15 18:30 - 00000000 ____D C:\Users\Dominik\AppData\Local\Overwolf
2013-10-21 19:00 - 2013-10-21 19:00 - 00000000 _____ C:\Windows\setuperr.log
2013-10-21 18:58 - 2013-10-21 18:58 - 00002560 _____ C:\Windows\_MSRSTRT.EXE
2013-10-21 18:58 - 2011-09-11 09:03 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-10-21 18:55 - 2013-06-09 11:31 - 00000000 ____D C:\Users\Dominik\AppData\Local\CrashDumps
2013-10-21 18:54 - 2011-10-03 15:14 - 00000000 ____D C:\Program Files (x86)\EA Sports
2013-10-21 18:54 - 2011-09-11 10:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-21 18:47 - 2012-12-09 17:49 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\TS3Client
2013-10-21 18:47 - 2012-12-06 18:26 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-21 18:46 - 2011-09-06 20:44 - 00000000 ____D C:\Windows\Panther
2013-10-21 16:19 - 2013-10-21 15:42 - 347642772 _____ C:\Users\Dominik\Downloads\Ztraceni---2x16-Celá-pravda.rar
2013-10-21 14:55 - 2013-10-21 14:43 - 00000000 ____D C:\Users\Dominik\Documents\Euro Truck Simulator 2
2013-10-21 14:38 - 2013-08-05 16:56 - 00000000 ____D C:\Program Files (x86)\Euro Truck Simulator 2
2013-10-21 14:03 - 2012-11-24 11:46 - 00000000 ___RD C:\Users\Dominik\Desktop\Danda
2013-10-21 08:36 - 2011-09-11 11:33 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core.job
2013-10-21 06:24 - 2011-11-08 09:55 - 07268352 ___SH C:\Users\Dominik\Desktop\Thumbs.db
2013-10-21 06:21 - 2013-10-21 06:21 - 01105149 _____ C:\Users\Dominik\Desktop\OFF77.dem
2013-10-21 05:55 - 2013-10-21 05:55 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-21 05:55 - 2013-10-21 05:54 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-21 05:54 - 2013-10-21 05:54 - 00003950 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-21 05:54 - 2013-10-21 05:54 - 00003698 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-20 22:24 - 2013-10-20 22:24 - 00000000 ____H C:\Users\Dominik\Documents\Default.rdp
2013-10-20 22:24 - 2012-04-14 15:09 - 00424448 ___SH C:\Users\Dominik\Thumbs.db
2013-10-20 22:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-20 22:05 - 2013-10-07 14:09 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-10-20 21:23 - 2013-10-20 21:23 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-10-20 21:22 - 2013-10-20 21:21 - 23334896 _____ (Simply Super Software ) C:\Users\Dominik\Downloads\trjsetup688.exe
2013-10-20 21:11 - 2013-10-20 21:07 - 02514402 _____ C:\Windows\system32\Drivers\Cat.DB
2013-10-20 21:05 - 2013-10-20 21:03 - 67435656 _____ (PC Tools ) C:\Users\Dominik\Downloads\sdsetup_dl.exe
2013-10-20 19:18 - 2013-10-20 19:18 - 00000000 ____D C:\Users\Dominik\Documents\Add-in Express
2013-10-20 19:02 - 2013-10-18 23:16 - 00000000 ____D C:\Users\Dominik\Downloads\Ztraceni---2x01-Muž-vědy,-muž-víry
2013-10-20 15:52 - 2013-10-20 08:22 - 00000684 _____ C:\Users\Dominik\Desktop\AMX PŘÍKAZY.txt
2013-10-20 15:16 - 2013-10-20 15:16 - 00000000 ____D C:\Windows\system32\ljkb
2013-10-20 11:22 - 2013-08-12 20:39 - 00000000 ____D C:\Users\Dominik\Desktop\fotky
2013-10-20 07:16 - 2011-09-15 15:30 - 00000000 ____D C:\ProgramData\Adobe
2013-10-19 17:01 - 2011-09-15 16:05 - 00032768 ____H C:\Users\Dominik\Desktop\photothumb.db
2013-10-19 15:35 - 2013-10-19 15:35 - 00003510 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Dominik-PC-Dominik
2013-10-19 15:35 - 2013-02-17 08:02 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Adobe
2013-10-19 15:32 - 2013-10-19 15:32 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-19 15:28 - 2013-10-19 15:19 - 00000000 ____D C:\Users\Dominik\.gimp-2.6
2013-10-19 15:24 - 2013-10-19 15:24 - 00000000 ____D C:\Program Files (x86)\Half-Life Model Viewer
2013-10-19 15:19 - 2013-10-19 15:19 - 00000000 ____D C:\Users\Dominik\Documents\gegl-0.0
2013-10-19 15:19 - 2011-09-06 19:54 - 00000000 ____D C:\Users\Dominik
2013-10-19 10:43 - 2013-10-19 10:40 - 00002109 _____ C:\Users\Dominik\Desktop\Counter-Strike 1.6 Non-Steam.lnk
2013-10-19 10:43 - 2013-10-19 10:40 - 00000000 ____D C:\Program Files (x86)\Counter-Strike 1.6 Non-Steam
2013-10-19 10:43 - 2013-05-01 09:06 - 00002133 _____ C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Counter-Strike 1.6 Non-Steam.lnk
2013-10-19 10:43 - 2013-05-01 09:06 - 00002129 _____ C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\CS 1.6 Servery.lnk
2013-10-19 10:40 - 2013-10-19 10:40 - 00003238 _____ C:\Windows\System32\Tasks\{7F027BB3-666E-4E90-8935-041DE9CAA389}
2013-10-19 10:40 - 2013-10-19 10:40 - 00003238 _____ C:\Windows\System32\Tasks\{661A78C3-885D-4980-9B7D-264D72E77965}
2013-10-16 21:58 - 2012-02-25 12:14 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\vlc
2013-10-15 18:30 - 2013-10-05 15:47 - 00000967 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-10-15 18:30 - 2013-10-05 15:46 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-10-14 22:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-10-14 17:13 - 2013-09-30 14:31 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\.minecraft
2013-10-12 16:24 - 2013-10-07 14:09 - 00001857 _____ C:\Users\Public\Desktop\ooVoo.lnk
2013-10-12 09:09 - 2013-10-12 09:09 - 00002366 _____ C:\Users\Guest\Desktop\Google Chrome.lnk
2013-10-12 09:09 - 2013-10-12 09:09 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-12 09:08 - 2013-10-12 09:08 - 00000000 ____D C:\Users\Guest\AppData\Local\Google
2013-10-12 09:08 - 2013-10-12 09:05 - 00000000 ____D C:\Users\Guest\AppData\Local\LogMeIn Hamachi
2013-10-12 09:07 - 2013-10-12 09:07 - 00739856 _____ (Google Inc.) C:\Users\Guest\Desktop\30.0.1599.66_chrome_installer.exe
2013-10-12 09:07 - 2013-10-12 09:07 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Macromedia
2013-10-12 09:05 - 2013-10-12 09:05 - 00000000 ___RD C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-12 09:05 - 2013-10-12 09:05 - 00000000 ___RD C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-12 09:05 - 2013-10-12 09:05 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Seznam.cz
2013-10-12 09:05 - 2013-10-12 09:05 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Opera
2013-10-12 09:05 - 2013-10-12 09:05 - 00000000 ____D C:\Users\Guest\AppData\Roaming\ooVoo Details
2013-10-12 09:05 - 2013-10-12 09:05 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Adobe
2013-10-12 09:05 - 2013-10-12 09:05 - 00000000 ____D C:\Users\Guest\AppData\Local\Opera
2013-10-12 09:05 - 2013-10-12 09:04 - 00000000 ____D C:\Users\Guest
2013-10-12 09:04 - 2013-10-12 09:04 - 00000020 ___SH C:\Users\Guest\ntuser.ini
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Šablony
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Soubory cookie
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Poslední
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Okolní tiskárny
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Okolní síť
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Nabídka Start
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Dokumenty
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Documents\Obrázky
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Documents\Hudba
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Documents\Filmy
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\Data aplikací
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 _SHDL C:\Users\Guest\AppData\Local\Data aplikací
2013-10-12 09:04 - 2013-10-12 09:04 - 00000000 ____D C:\Users\Guest\AppData\Local\VirtualStore
2013-10-12 08:31 - 2011-09-11 11:33 - 00003944 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000UA
2013-10-12 08:31 - 2011-09-11 11:33 - 00003548 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2071916412-1336065733-774511312-1000Core
2013-10-11 20:47 - 2013-10-11 19:28 - 734142812 _____ C:\Users\Dominik\Downloads\Tři-dny-ke-svobodě-CZ-2010.avi
2013-10-10 12:49 - 2009-07-14 06:45 - 00416904 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 12:42 - 2013-03-13 23:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 12:42 - 2013-03-13 23:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-10 07:53 - 2011-09-11 10:57 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 07:45 - 2011-09-06 20:20 - 01556632 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-10 07:38 - 2013-07-19 01:31 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 07:34 - 2012-07-19 18:35 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 06:29 - 2011-09-16 18:08 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Mozilla
2013-10-09 05:51 - 2012-08-23 15:45 - 00000000 ____D C:\ProgramData\IObit
2013-10-07 14:28 - 2012-04-11 22:00 - 00000000 ____D C:\Users\Dominik\AppData\Local\Facebook
2013-10-07 14:09 - 2013-10-07 14:09 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2013-10-07 14:09 - 2013-10-07 14:09 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2013-10-07 14:09 - 2013-10-07 14:09 - 00000000 ____D C:\Users\Dominik\AppData\Local\Comodo
2013-10-07 14:08 - 2013-10-07 14:08 - 00000000 ____D C:\Program Files (x86)\ooVoo
2013-10-07 14:06 - 2011-09-16 17:53 - 00000000 ____D C:\ProgramData\Skype
2013-10-07 14:05 - 2013-10-07 13:54 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-05 19:57 - 2013-10-05 19:57 - 00722880 _____ C:\Windows\Counter-Strike 1.6 Standalone Uninstaller.exe
2013-10-05 19:57 - 2013-10-05 19:57 - 00002118 _____ C:\Users\Dominik\Desktop\Counter-Strike 1.6 Standalone.lnk
2013-10-05 19:57 - 2013-10-05 19:57 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 Standalone
2013-10-05 19:56 - 2013-10-05 19:55 - 00000000 ____D C:\Program Files (x86)\Counter-Strike 1.6 Standalone
2013-10-05 15:49 - 2012-12-09 17:48 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-10-05 15:47 - 2013-10-05 15:47 - 00003176 _____ C:\Windows\System32\Tasks\{9AFFF9D0-34FC-47D0-A2CC-10EF507ECEC7}
2013-10-05 15:45 - 2013-10-05 15:45 - 73473368 _____ C:\Users\Dominik\Desktop\TeamSpeak-3--client-CZ.rar
2013-10-05 15:45 - 2013-10-05 15:45 - 00000000 ____D C:\Users\Dominik\Desktop\TeamSpeak 3
2013-10-05 14:04 - 2013-10-05 12:17 - 985768356 _____ C:\Users\Dominik\Downloads\50-50-2011-cz-dabing.avi
2013-10-04 22:09 - 2013-10-04 22:09 - 00000864 _____ C:\Users\Dominik\Desktop\Counter-Strike – zástupce.lnk
2013-10-03 05:49 - 2013-01-11 17:14 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-10-03 05:47 - 2009-07-14 07:08 - 00032638 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-02 20:41 - 2013-10-02 20:41 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2013-10-02 20:41 - 2013-10-02 20:41 - 00000000 ____D C:\Program Files (x86)\Haali
2013-10-01 22:24 - 2013-10-01 22:23 - 02045943 _____ C:\Users\Dominik\Desktop\Baruch Spinoza (1632-1677).pptx
2013-09-30 15:21 - 2011-09-16 18:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-30 15:06 - 2013-09-30 15:06 - 00421588 _____ C:\Users\Dominik\Desktop\OptiFine_1.6.2_HD_U_C4.jar
2013-09-29 19:34 - 2013-09-29 12:55 - 00000000 ____D C:\Program Files (x86)\Music!
2013-09-29 12:43 - 2013-09-29 11:27 - 721739776 _____ C:\Users\Dominik\Downloads\Slepičí-úlet-CZ.avi
2013-09-28 10:24 - 2013-09-28 10:24 - 00001562 _____ C:\Users\Dominik\Desktop\Counter-Strike 1.6.lnk
2013-09-28 10:24 - 2013-09-28 10:24 - 00001508 _____ C:\Users\Dominik\Desktop\Half-Life.lnk
2013-09-28 10:24 - 2012-03-22 18:15 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2013-09-28 09:54 - 2013-09-28 09:54 - 00000000 ____D C:\Program Files (x86)\WB Games
2013-09-28 09:05 - 2013-09-28 09:05 - 00000000 ____D C:\Users\Dominik\Downloads\Counter-Strike 1.6
2013-09-27 18:40 - 2013-09-27 18:40 - 00010553 _____ C:\Users\Dominik\Desktop\dtlegalconfigv12.rar
2013-09-23 01:28 - 2013-10-10 07:50 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-10 07:50 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-10 07:50 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-10 07:50 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-10 07:50 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-10 07:50 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-10 07:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-10 07:50 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-10 07:50 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-23 01:27 - 2013-10-10 07:50 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-23 01:27 - 2013-10-10 07:50 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-23 01:27 - 2013-10-10 07:50 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-23 01:27 - 2013-10-10 07:50 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-23 00:55 - 2013-10-10 07:50 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-10 07:50 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-10 07:50 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-10 07:50 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-10 07:50 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-10 07:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-10 07:50 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-10 07:50 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-10 07:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-10 07:50 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-23 00:54 - 2013-10-10 07:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-23 00:54 - 2013-10-10 07:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-23 00:54 - 2013-10-10 07:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-23 00:54 - 2013-10-10 07:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-22 21:40 - 2013-09-20 13:26 - 00000857 _____ C:\Users\Dominik\Desktop\My Lockbox.lnk
2013-09-22 16:11 - 2013-09-17 09:08 - 00000000 ____D C:\Program Files (x86)\call of

Files to move or delete:
====================
C:\Users\Dominik\EPVP-MHS 4.1 by MarcoPolo , Banjo & Remus.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-10-14 22:10

==================== End Of Log ============================

VIRY.CZ

Trojský kun

Trojský kun

Re: Trojský kun

Re: Trojský kun

Re: Trojský kun

Re: Trojský kun

Re: Trojský kun

Re: Trojský kun

Re: Trojský kun

Re: Trojský kun

Re: Trojský kun

Re: Trojský kun

Re: Trojský kun

Re: Trojský kun

Re: Trojský kun

Re: Trojský kun