Dobrý den,
asi týden zpět po zapnutí notebooku se mi zobrazila plocha jako bych přeinstaloval windows (všechny nastavení - plocha, ikony, okna, vzhled fontu, Chrome) se mi změnilo jakoby do původního. Ale všechny soubory zůstali zachovány, jen nejsou na ploše apod. Myslím si, že to bude nějakým virem. Navíc se mi v Chrome přidává pořád několik rozšíření, které po odstranění a znovu spuštění Chromu jsou zpět.
Prosím o kontrolu logu a nějaké řešení, nerad bych přeinstalovával windows.
Děkuji.
Logfile of random's system information tool 1.09 (written by random/random)
Run by radek at 2013-12-02 14:30:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 5 GB (2%) free of 288 GB
Total RAM: 3066 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:30:58, on 2.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\windows\system32\NOTEPAD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\windows\system32\config\systemprofile\Downloads\RSIT.exe
C:\Program Files\trend micro\radek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pur-esult.info/?pid=72 ... g=EN&cc=CZ
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pur-esult.info/?pid=72 ... g=EN&cc=CZ
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE.dll
O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE.dll
O2 - BHO: Browse2save - {219FC29F-FE3E-37F2-C6E2-D0AD9CD868CA} - C:\ProgramData\Browse2save\511ff10e98753.dll
O2 - BHO: Seaarcho-iNewwTaabb - {4DDC5AC1-FB8C-59AC-84F6-3A62605DA19B} - C:\Program Files\Seaarcho-iNewwTaabb\9Dy_Ft_4mg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: surf anD kkeuep - {A25E5A8F-DAC9-A52E-1570-BCE766377399} - C:\Program Files\surf anD kkeuep\S8ujHx.dll
O2 - BHO: (no name) - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Search-NewTab - {B0DB0831-3E7B-FE54-3380-378C339527E4} - C:\ProgramData\Search-NewTab\511ff150d9dfc.dll
O2 - BHO: YoutubeAdblocker - {B30815A3-6427-E936-5A29-42319CBB4390} - C:\Program Files\YoutubeAdblocker\JqsJr0.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\RunOnce: [NCPluginUpdater] "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
O4 - HKCU\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [LiveSupport] "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log
O4 - HKCU\..\Run: [se] "C:\Windows\System32\config\systemprofile\AppData\Roaming\SkypEmoticons\SE.exe" /minimized
O4 - HKUS\S-1-5-21-2547358587-2929462275-746118280-1008\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - HKUS\S-1-5-21-2547358587-2929462275-746118280-1008\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN (User 'postgres')
O4 - HKUS\S-1-5-21-2547358587-2929462275-746118280-1008\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\Programy\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\Programy\ICQ7.7\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)
O9 - Extra button: PokerStars.it - {C4046502-6524-4d87-896C-878F57D1FF07} - C:\Program Files\PokerStars.IT\PokerStarsUpdate.exe (file missing)
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.3\ViProtocol.dll
O20 - AppInit_DLLs: c:\progra~1\sk-enh~1\psupport.dll c:\progra~1\websea~1\sprote~1.dll
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\windows\system32\NLSSRV32.EXE
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - c:/postgreSQL/bin/pg_ctl.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: vToolbarUpdater17.1.3 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe
--
End of file - 12893 bytes
======Scheduled tasks folder======
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job
C:\windows\tasks\schedule!3036567561.job
C:\windows\tasks\Sk-Enhancer-S-5902107913.job
C:\windows\tasks\WpsUpdateTask_radek.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
IObit Apps Toolbar - C:\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE.dll [2013-11-27 1398080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{219FC29F-FE3E-37F2-C6E2-D0AD9CD868CA}]
Browse2save - C:\ProgramData\Browse2save\511ff10e98753.dll [2013-02-16 118272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4DDC5AC1-FB8C-59AC-84F6-3A62605DA19B}]
Seaarcho-iNewwTaabb - C:\Program Files\Seaarcho-iNewwTaabb\9Dy_Ft_4mg.dll [2012-11-23 425984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05 453544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A25E5A8F-DAC9-A52E-1570-BCE766377399}]
surf anD kkeuep - C:\Program Files\surf anD kkeuep\S8ujHx.dll [2012-11-23 425984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B0DB0831-3E7B-FE54-3380-378C339527E4}]
Search-NewTab - C:\ProgramData\Search-NewTab\511ff150d9dfc.dll [2013-02-16 118272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B30815A3-6427-E936-5A29-42319CBB4390}]
YoutubeAdblocker - C:\Program Files\YoutubeAdblocker\JqsJr0.dll [2012-11-23 425984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL [2013-01-15 656704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05 157616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files\Yontoo\YontooIEClient.dll [2012-10-24 194928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233}
{03EB0E9C-7A91-4381-A220-9B52B641CDB1} - IObit Apps Toolbar - C:\Program Files\IObit Apps Toolbar\IE\8.3\iobitappsToolbarIE.dll [2013-11-27 1398080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-07-27 288312]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-25 186904]
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2565520]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1612920]
"vProt"=C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2013-11-21 2334384]
"mobilegeni daemon"=C:\Program Files\Mobogenie\DaemonProcess.exe [2013-11-23 747712]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
""= []
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2013-11-27 1383232]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2013-11-19 21720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\Sidebar.exe [2010-11-20 1174016]
"HPADVISOR"=C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-07-16 1668664]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
"LiveSupport"=C:\Program Files\LiveSupport\LiveSupport.exe /noshow /log []
"se"=C:\Windows\System32\config\system [2013-12-02 18612224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6]
C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe [2013-01-15 491840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CompuCare Check for updates]
C:\Users\radek\AppData\Roaming\SuperPump\updater.exe [2012-03-04 260608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\Programy\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\radek\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-20 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files\Programy\Kies\Kies.exe [2012-08-31 964024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Programy\Kies\KiesTrayAgent.exe [2012-08-31 3524536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-06-27 1996200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv]
C:\windows\inf\ntvdm.vbe [2013-06-20 1219]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files\PDF Complete\pdfsty.exe [2009-06-18 563736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2013-11-21 2334384]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\sk-enh~1\psupport.dll c:\progra~1\websea~1\sprote~1.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2013-11-28 208384]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"VIDC.FPS1"=frapsvid.dll
"vidc.xtor"=DxtoryCodec.dll
"vidc.VP62"=vp6vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-12-02 14:30:49 ----D---- C:\rsit
2013-11-30 21:33:02 ----D---- C:\windows\system32\%LocalAppData%
2013-11-28 17:33:09 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-28 17:33:09 ----A---- C:\windows\system32\elshyph.dll
2013-11-28 17:33:08 ----A---- C:\windows\system32\wininet.dll
2013-11-28 17:33:08 ----A---- C:\windows\system32\urlmon.dll
2013-11-28 17:33:08 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-11-28 17:33:08 ----A---- C:\windows\system32\msrating.dll
2013-11-28 17:33:08 ----A---- C:\windows\system32\msls31.dll
2013-11-28 17:33:08 ----A---- C:\windows\system32\jsproxy.dll
2013-11-28 17:33:08 ----A---- C:\windows\system32\jsIntl.dll
2013-11-28 17:33:08 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 17:33:08 ----A---- C:\windows\system32\iertutil.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\wextract.exe
2013-11-28 17:33:07 ----A---- C:\windows\system32\webcheck.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\vbscript.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\url.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\occache.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\mshtmlmedia.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\mshtmled.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\mshtml.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\msfeeds.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\licmgr10.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\inseng.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\iexpress.exe
2013-11-28 17:33:07 ----A---- C:\windows\system32\ieUnatt.exe
2013-11-28 17:33:07 ----A---- C:\windows\system32\iesetup.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\iernonce.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\iedkcs32.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\ieapfltr.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\ieapfltr.dat
2013-11-28 17:33:07 ----A---- C:\windows\system32\ie4uinit.exe
2013-11-28 17:33:07 ----A---- C:\windows\system32\icardie.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\dxtrans.dll
2013-11-28 17:33:07 ----A---- C:\windows\system32\dxtmsft.dll
2013-11-28 17:33:06 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2013-11-28 17:33:06 ----A---- C:\windows\system32\pngfilt.dll
2013-11-28 17:33:06 ----A---- C:\windows\system32\mshtmler.dll
2013-11-28 17:33:06 ----A---- C:\windows\system32\MshtmlDac.dll
2013-11-28 17:33:06 ----A---- C:\windows\system32\mshta.exe
2013-11-28 17:33:06 ----A---- C:\windows\system32\msfeedssync.exe
2013-11-28 17:33:06 ----A---- C:\windows\system32\msfeedsbs.dll
2013-11-28 17:33:06 ----A---- C:\windows\system32\jscript9diag.dll
2013-11-28 17:33:06 ----A---- C:\windows\system32\jscript9.dll
2013-11-28 17:33:06 ----A---- C:\windows\system32\jscript.dll
2013-11-28 17:33:06 ----A---- C:\windows\system32\imgutil.dll
2013-11-28 17:33:06 ----A---- C:\windows\system32\ieui.dll
2013-11-28 17:33:06 ----A---- C:\windows\system32\iesysprep.dll
2013-11-28 17:33:06 ----A---- C:\windows\system32\iepeers.dll
2013-11-28 17:33:06 ----A---- C:\windows\system32\ieframe.dll
2013-11-28 17:33:06 ----A---- C:\windows\system32\ieetwproxystub.dll
2013-11-28 17:33:06 ----A---- C:\windows\system32\ieetwcollectorres.dll
2013-11-28 17:33:06 ----A---- C:\windows\system32\ieetwcollector.exe
2013-11-28 17:33:06 ----A---- C:\windows\system32\IEAdvpack.dll
2013-11-28 17:09:28 ----D---- C:\Program Files\Application Updater
2013-11-28 17:09:27 ----D---- C:\Program Files\IObit Apps Toolbar
2013-11-23 19:29:27 ----D---- C:\windows\system32\config\systemprofile\AppData\Roaming\SkypEmoticons
2013-11-23 19:29:22 ----D---- C:\ProgramData\Seaarcho-iNewwTaabb
2013-11-23 19:29:21 ----D---- C:\Program Files\Seaarcho-iNewwTaabb
2013-11-23 19:29:21 ----A---- C:\windows\system32\config\systemprofile\AppData\Roaming\regsvr32.exe_log.txt
2013-11-23 19:29:21 ----A---- C:\windows\system32\config\systemprofile\AppData\Roaming\LiveSupport.exe_log.txt
2013-11-23 19:28:04 ----D---- C:\ProgramData\QuickSet
2013-11-23 19:27:55 ----D---- C:\Program Files\Sk-Enhancer
2013-11-23 19:27:43 ----D---- C:\ProgramData\YoutubeAdblocker
2013-11-23 19:27:42 ----D---- C:\Program Files\YoutubeAdblocker
2013-11-23 19:27:33 ----D---- C:\ProgramData\surf anD kkeuep
2013-11-23 19:27:33 ----D---- C:\ProgramData\ec85d8a7b43ce61f
2013-11-23 19:27:32 ----D---- C:\Program Files\surf anD kkeuep
2013-11-23 19:06:58 ----D---- C:\windows\system32\config\systemprofile\AppData\Roaming\Sid Meier's Civilization 5
2013-11-23 18:32:26 ----D---- C:\Program Files\R.G. Mechanics
2013-11-23 14:37:00 ----D---- C:\Program Files\Elaborate Bytes
2013-11-23 13:45:28 ----D---- C:\windows\system32\config\systemprofile\AppData\Roaming\DAEMON Tools Lite
2013-11-23 11:28:29 ----D---- C:\ProgramData\Tages
2013-11-23 10:55:51 ----D---- C:\Program Files\Mobogenie
2013-11-23 10:54:45 ----D---- C:\Program Files\SimilarSites
2013-11-23 10:54:30 ----D---- C:\windows\system32\config\systemprofile\AppData\Roaming\SimilarSites
2013-11-23 10:54:21 ----D---- C:\Program Files\BitLord 2
2013-11-22 20:04:47 ----D---- C:\Program Files\iVIDI.org plugin
2013-11-22 20:00:31 ----D---- C:\windows\system32\config\systemprofile\AppData\Roaming\uTorrent
2013-11-19 19:19:08 ----D---- C:\windows\system32\config\systemprofile\AppData\Roaming\PotPlayerMini
2013-11-17 10:18:37 ----A---- C:\windows\system32\BASSMOD.dll
2013-11-17 10:09:14 ----D---- C:\windows\system32\cache
2013-11-16 12:33:17 ----A---- C:\windows\system32\psfind.dll
2013-11-16 11:40:14 ----D---- C:\windows\system32\config\systemprofile\AppData\Roaming\Macromedia
2013-11-15 20:05:23 ----D---- C:\Program Files\Paradox Interactive
2013-11-15 19:50:06 ----A---- C:\windows\system32\SmartcardCredentialProvider.dll
2013-11-15 19:50:06 ----A---- C:\windows\system32\credui.dll
2013-11-15 19:50:06 ----A---- C:\windows\system32\authui.dll
2013-11-15 19:49:59 ----A---- C:\windows\system32\schannel.dll
2013-11-15 19:49:58 ----A---- C:\windows\system32\sspicli.dll
2013-11-15 19:49:58 ----A---- C:\windows\system32\secur32.dll
2013-11-15 19:49:58 ----A---- C:\windows\system32\ncrypt.dll
2013-11-15 19:49:58 ----A---- C:\windows\system32\lsass.exe
2013-11-15 19:49:58 ----A---- C:\windows\system32\lsasrv.dll
2013-11-15 19:49:58 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2013-11-15 19:49:58 ----A---- C:\windows\system32\drivers\ksecdd.sys
2013-11-15 19:49:58 ----A---- C:\windows\system32\drivers\cng.sys
2013-11-15 19:49:57 ----A---- C:\windows\system32\sspisrv.dll
2013-11-15 19:49:53 ----A---- C:\windows\system32\gdi32.dll
2013-11-15 19:49:52 ----A---- C:\windows\system32\nshwfp.dll
2013-11-15 19:49:52 ----A---- C:\windows\system32\IKEEXT.DLL
2013-11-15 19:49:52 ----A---- C:\windows\system32\FWPUCLNT.DLL
2013-11-15 19:49:48 ----A---- C:\windows\system32\crypt32.dll
2013-11-13 23:50:25 ----D---- C:\windows\system32\config\systemprofile\AppData\Roaming\Hewlett-Packard
2013-11-13 23:48:25 ----D---- C:\windows\system32\config\systemprofile\AppData\Roaming\Winamp
2013-11-13 16:58:18 ----D---- C:\windows\system32\config\systemprofile\AppData\Roaming\Kingsoft
2013-11-13 16:56:36 ----D---- C:\windows\system32\config\systemprofile\AppData\Roaming\GHISLER
2013-11-13 16:52:40 ----D---- C:\windows\system32\config\systemprofile\AppData\Roaming\Canon
2013-11-13 16:46:14 ----D---- C:\windows\system32\config\systemprofile\AppData\Roaming\Identities
2013-11-13 16:46:07 ----D---- C:\windows\system32\config\systemprofile\AppData\Roaming\Adobe
======List of files/folders modified in the last 1 month======
2013-12-02 14:30:51 ----D---- C:\Program Files\trend micro
2013-12-02 14:30:03 ----D---- C:\windows\temp
2013-12-02 13:25:42 ----SD---- C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft
2013-12-01 22:07:04 ----D---- C:\windows\system32\config
2013-12-01 19:32:00 ----SHD---- C:\System Volume Information
2013-11-30 21:33:02 ----D---- C:\windows\System32
2013-11-30 19:36:23 ----D---- C:\Program Files\Steam
2013-11-29 20:08:13 ----D---- C:\windows\Prefetch
2013-11-29 19:43:32 ----D---- C:\windows\winsxs
2013-11-29 19:42:22 ----D---- C:\windows\system32\cs-CZ
2013-11-29 19:42:22 ----D---- C:\Program Files\Internet Explorer
2013-11-29 19:42:21 ----D---- C:\windows\system32\migration
2013-11-29 19:42:21 ----D---- C:\windows\PolicyDefinitions
2013-11-29 19:42:20 ----D---- C:\windows\system32\en-US
2013-11-29 19:42:07 ----SHD---- C:\Config.Msi
2013-11-28 17:35:44 ----D---- C:\windows\Logs
2013-11-28 17:35:29 ----D---- C:\windows\system32\catroot
2013-11-28 17:34:45 ----D---- C:\windows\system32\catroot2
2013-11-28 17:32:05 ----AD---- C:\Windows
2013-11-28 17:09:31 ----SHD---- C:\windows\Installer
2013-11-28 17:09:28 ----RD---- C:\Program Files
2013-11-28 17:09:27 ----D---- C:\Program Files\Common Files\Spigot
2013-11-28 17:04:45 ----D---- C:\ProgramData
2013-11-28 17:04:45 ----A---- C:\ProgramData\HPWALog.txt
2013-11-28 16:28:49 ----D---- C:\ProgramData\PDFC
2013-11-27 21:02:58 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-11-27 21:02:57 ----D---- C:\windows\inf
2013-11-27 18:42:58 ----RD---- C:\Users
2013-11-23 19:29:27 ----D---- C:\ProgramData\InstallMate
2013-11-23 19:29:09 ----D---- C:\Program Files\WebSearch
2013-11-23 19:28:09 ----D---- C:\windows\Tasks
2013-11-23 19:28:09 ----D---- C:\windows\system32\Tasks
2013-11-23 18:31:56 ----D---- C:\Program Files\THQ
2013-11-23 14:37:03 ----D---- C:\windows\system32\drivers
2013-11-22 23:00:20 ----RSD---- C:\windows\assembly
2013-11-22 21:14:20 ----D---- C:\GOG Games
2013-11-21 23:58:37 ----D---- C:\Program Files\Microsoft Security Client
2013-11-21 20:10:35 ----D---- C:\Program Files\AVG SafeGuard toolbar
2013-11-19 11:21:30 ----N---- C:\windows\system32\MpSigStub.exe
2013-11-18 18:43:09 ----D---- C:\windows\rescache
2013-11-17 10:17:37 ----D---- C:\ProgramData\Browse2save
2013-11-16 12:27:45 ----HD---- C:\Program Files\InstallShield Installation Information
2013-11-16 11:40:05 ----A---- C:\windows\tmp2Level.ini
2013-11-16 11:40:05 ----A---- C:\windows\level.ini
2013-11-16 09:57:42 ----D---- C:\Program Files\Microsoft Games
2013-11-16 09:48:07 ----D---- C:\windows\Panther
2013-11-16 01:31:48 ----D---- C:\ProgramData\Microsoft Help
2013-11-16 01:28:47 ----D---- C:\windows\system32\MRT
2013-11-16 01:24:01 ----D---- C:\windows\debug
2013-11-16 01:23:55 ----A---- C:\windows\system32\MRT.exe
2013-11-10 10:42:54 ----D---- C:\windows\system32\directx
2013-11-10 10:42:41 ----HD---- C:\windows\msdownld.tmp
2013-11-10 10:42:13 ----D---- C:\Temp
2013-11-09 23:45:21 ----D---- C:\Program Files\Counter-Strike 1.6 Standalone
2013-11-06 18:45:16 ----D---- C:\Program Files\Yontoo
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 iaStor;Intel RAID Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-09-27 214696]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2013-05-25 466008]
R1 avgtp;avgtp; \??\C:\windows\system32\drivers\avgtpx86.sys [2013-11-21 37664]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-13 242240]
R1 ElbyCDIO;ElbyCDIO Driver; C:\windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 31088]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2010-01-29 82320]
R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2009-05-16 214024]
R1 mfetdik;McAfee Inc. mfetdik; C:\windows\system32\drivers\mfetdik.sys [2009-05-16 55336]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2012-06-15 281760]
R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2012-06-15 25888]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R3 5U876UVC;HP Webcam [2 MP series]; C:\windows\system32\DRIVERS\5U876.sys [2009-06-30 118656]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\windows\system32\drivers\AtiHdmi.sys [2009-07-24 103440]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-08-04 4994048]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2013-07-08 2709056]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
R3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S0 prohlp02;StarForce Protection Helper Driver v2; C:\windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\windows\System32\drivers\prosync1.sys [2004-07-19 7040]
S0 sfhlp01;StarForce Protection Helper Driver; C:\windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
S1 nyiigiof;nyiigiof; \??\C:\windows\system32\drivers\nyiigiof.sys []
S1 prodrv06;StarForce Protection Environment Driver v6; C:\windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
S1 vcbenera;vcbenera; \??\C:\windows\system32\drivers\vcbenera.sys []
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2010-01-26 1163328]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2011-12-08 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 CFcatchme;CFcatchme; \??\C:\Users\radek\AppData\Local\Temp\CFcatchme.sys []
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 MfeAVFK;McAfee Inc. MfeAVFK; C:\windows\system32\drivers\MfeAVFK.sys [2009-05-16 79816]
S3 MfeBOPK;McAfee Inc. MfeBOPK; C:\windows\system32\drivers\MfeBOPK.sys [2009-05-16 35272]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\windows\system32\drivers\MfeRKDK.sys [2009-05-16 34248]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2013-02-02 14848]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2011-12-08 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\windows\system32\DRIVERS\ssadserd.sys [2011-12-08 114280]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2013-02-02 49664]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\drivers\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [2013-02-25 528192]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-12-03 26112]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-08-04 176128]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2013-11-27 807800]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-30 582944]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 1385896]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-07-09 124928]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-13 26168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-25 354840]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2011-02-07 138192]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe [2013-01-14 196616]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [2013-01-14 196624]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\windows\system32\NLSSRV32.EXE [2013-01-14 70152]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2012-12-13 66872]
R2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4; c:/postgreSQL/bin/pg_ctl.exe runservice -N postgresql-8.4 -D c:/postgreSQL/data -w []
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 vToolbarUpdater17.1.3;vToolbarUpdater17.1.3; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe [2013-11-21 1643696]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-28 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2012-07-09 46528]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-28 116648]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-11-28 108032]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2013-05-04 543656]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-03-04 1343400]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola logu
Zdravim 
Jste se dal na chov konicku trosjkych nebo co 
Cela zoo i s babkou pokladni 
Odinstalujte Advanced SystemCare 5 a IObit Malware Fighter a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Jste se dal na chov konicku trosjkych nebo co Cela zoo i s babkou pokladni Odinstalujte Advanced SystemCare 5 a IObit Malware Fighter a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x86
Ran by SYSTEM on po 02.12.2013 at 16:11:23,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\smbarbroker.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tdataprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\browsercompanion
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\utorrentcontrol2
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_install_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_install_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\optimizerpro
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{71277dc4-4217-462a-9ff4-62d7815b2c69}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c3f3165c-74d3-6fdb-3274-14fda8698cfa}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c670dcae-e392-aa32-6f42-143c7fc4bdfd}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_age-of-empires-iii_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_age-of-empires-iii_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_minecraft-skinedit_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_minecraft-skinedit_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{219FC29F-FE3E-37F2-C6E2-D0AD9CD868CA}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{219FC29F-FE3E-37F2-C6E2-D0AD9CD868CA}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
~~~ Files
Successfully deleted: [File] C:\windows\System32\Tasks\goforfilesupdate
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\addict-thing"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\bettersoft"
Successfully deleted: [Folder] "C:\ProgramData\bitguard"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\rightclick"
Successfully deleted: [Folder] "C:\ProgramData\search-newtab"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\windows\system32\config\systemprofile\appdata\locallow\application updater"
Successfully deleted: [Folder] "C:\windows\system32\config\systemprofile\appdata\locallow\search settings"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\software informer"
Successfully deleted: [Folder] "C:\Program Files\torntv.com"
Successfully deleted: [Folder] "C:\Program Files\websearch"
Successfully deleted: [Folder] "C:\Program Files\yontoo"
Successfully deleted: [Folder] "C:\Program Files\Common Files\spigot"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\browse2save"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro"
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 02.12.2013 at 16:14:53,70
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x86
Ran by SYSTEM on po 02.12.2013 at 16:11:23,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\smbarbroker.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tdataprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\browsercompanion
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\utorrentcontrol2
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_install_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_install_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\optimizerpro
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{71277dc4-4217-462a-9ff4-62d7815b2c69}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c3f3165c-74d3-6fdb-3274-14fda8698cfa}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c670dcae-e392-aa32-6f42-143c7fc4bdfd}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_age-of-empires-iii_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_age-of-empires-iii_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_minecraft-skinedit_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_minecraft-skinedit_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{219FC29F-FE3E-37F2-C6E2-D0AD9CD868CA}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{219FC29F-FE3E-37F2-C6E2-D0AD9CD868CA}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
~~~ Files
Successfully deleted: [File] C:\windows\System32\Tasks\goforfilesupdate
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\addict-thing"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\bettersoft"
Successfully deleted: [Folder] "C:\ProgramData\bitguard"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\rightclick"
Successfully deleted: [Folder] "C:\ProgramData\search-newtab"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\windows\system32\config\systemprofile\appdata\locallow\application updater"
Successfully deleted: [Folder] "C:\windows\system32\config\systemprofile\appdata\locallow\search settings"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\software informer"
Successfully deleted: [Folder] "C:\Program Files\torntv.com"
Successfully deleted: [Folder] "C:\Program Files\websearch"
Successfully deleted: [Folder] "C:\Program Files\yontoo"
Successfully deleted: [Folder] "C:\Program Files\Common Files\spigot"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\browse2save"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro"
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 02.12.2013 at 16:14:53,70
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Kontrola logu
# AdwCleaner v3.014 - Report created 02/12/2013 at 16:20:23
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : radek - RADEK-PC
# Running from : C:\Windows\System32\config\systemprofile\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Program Files\Mozilla Firefox\user.js
File Found : C:\windows\System32\Tasks\BitGuard
File Found : C:\windows\System32\Tasks\Express FilesUpdate
Folder Found : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found C:\Program Files\AVG SafeGuard toolbar
Folder Found C:\Program Files\BitLord 2
Folder Found C:\Program Files\BrowseToSave
Folder Found C:\Program Files\Common Files\AVG Secure Search
Folder Found C:\Program Files\Red Sky
Folder Found C:\Program Files\Seaarcho-iNewwTaabb
Folder Found C:\Program Files\SimilarSites
Folder Found C:\Program Files\surf anD kkeuep
Folder Found C:\Program Files\YoutubeAdblocker
Folder Found C:\ProgramData\AVG SafeGuard toolbar
Folder Found C:\ProgramData\Browse2Save
Folder Found C:\ProgramData\Browse2save
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search-NewTab
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Folder Found C:\ProgramData\QuickSet
Folder Found C:\ProgramData\Seaarcho-iNewwTaabb
Folder Found C:\ProgramData\surf anD kkeuep
Folder Found C:\ProgramData\YoutubeAdblocker
Folder Found C:\windows\system32\config\systemprofile\AppData\Local\AVG SafeGuard toolbar
Folder Found C:\windows\system32\config\systemprofile\AppData\Local\AVG SafeGuard toolbar
Folder Found C:\windows\system32\config\systemprofile\AppData\Local\AVG SafeGuard toolbar
Folder Found C:\windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found C:\windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found C:\windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\SimilarSites
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\SimilarSites
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\SimilarSites
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\SkypEmoticons
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\SkypEmoticons
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\SkypEmoticons
Folder Found C:\windows\system32\config\systemprofile\Documents\BitLord
Folder Found C:\windows\system32\config\systemprofile\Documents\BitLord
Folder Found C:\windows\system32\config\systemprofile\Documents\BitLord
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\5a558ddfbd69e412
Key Found : HKLM\Software\AVG SafeGuard toolbar
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Found : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Found : HKLM\Software\ExpressFiles
Key Found : HKLM\Software\GoforFiles
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\BitGuard
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Express FilesUpdate
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\GoforFilesUpdate
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07C48022-63A0-4099-927F-3DD2066025E0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1680DEDB-3771-40FD-BDC1-B4E766E7698C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17617E8B-102D-4A75-8B36-D5F9C387E8FF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_48c708f2
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_b0285714
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_d5615630
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Key Found : HKLM\Software\Trymedia Systems
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [se]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v31.0.1650.57
[ File : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : homepage
[ File : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : homepage
[ File : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : homepage
*************************
AdwCleaner[R0].txt - [9062 octets] - [02/12/2013 16:20:23]
########## EOF - \AdwCleaner\AdwCleaner[R0].txt - [9122 octets] ##########
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : radek - RADEK-PC
# Running from : C:\Windows\System32\config\systemprofile\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Program Files\Mozilla Firefox\user.js
File Found : C:\windows\System32\Tasks\BitGuard
File Found : C:\windows\System32\Tasks\Express FilesUpdate
Folder Found : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found C:\Program Files\AVG SafeGuard toolbar
Folder Found C:\Program Files\BitLord 2
Folder Found C:\Program Files\BrowseToSave
Folder Found C:\Program Files\Common Files\AVG Secure Search
Folder Found C:\Program Files\Red Sky
Folder Found C:\Program Files\Seaarcho-iNewwTaabb
Folder Found C:\Program Files\SimilarSites
Folder Found C:\Program Files\surf anD kkeuep
Folder Found C:\Program Files\YoutubeAdblocker
Folder Found C:\ProgramData\AVG SafeGuard toolbar
Folder Found C:\ProgramData\Browse2Save
Folder Found C:\ProgramData\Browse2save
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search-NewTab
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Folder Found C:\ProgramData\QuickSet
Folder Found C:\ProgramData\Seaarcho-iNewwTaabb
Folder Found C:\ProgramData\surf anD kkeuep
Folder Found C:\ProgramData\YoutubeAdblocker
Folder Found C:\windows\system32\config\systemprofile\AppData\Local\AVG SafeGuard toolbar
Folder Found C:\windows\system32\config\systemprofile\AppData\Local\AVG SafeGuard toolbar
Folder Found C:\windows\system32\config\systemprofile\AppData\Local\AVG SafeGuard toolbar
Folder Found C:\windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found C:\windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found C:\windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\SimilarSites
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\SimilarSites
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\SimilarSites
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\SkypEmoticons
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\SkypEmoticons
Folder Found C:\windows\system32\config\systemprofile\AppData\Roaming\SkypEmoticons
Folder Found C:\windows\system32\config\systemprofile\Documents\BitLord
Folder Found C:\windows\system32\config\systemprofile\Documents\BitLord
Folder Found C:\windows\system32\config\systemprofile\Documents\BitLord
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\5a558ddfbd69e412
Key Found : HKLM\Software\AVG SafeGuard toolbar
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Found : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Found : HKLM\Software\ExpressFiles
Key Found : HKLM\Software\GoforFiles
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\BitGuard
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Express FilesUpdate
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\GoforFilesUpdate
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07C48022-63A0-4099-927F-3DD2066025E0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1680DEDB-3771-40FD-BDC1-B4E766E7698C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17617E8B-102D-4A75-8B36-D5F9C387E8FF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_48c708f2
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_b0285714
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_d5615630
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Key Found : HKLM\Software\Trymedia Systems
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [se]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v31.0.1650.57
[ File : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : homepage
[ File : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : homepage
[ File : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : homepage
*************************
AdwCleaner[R0].txt - [9062 octets] - [02/12/2013 16:20:23]
########## EOF - \AdwCleaner\AdwCleaner[R0].txt - [9122 octets] ##########
Re: Kontrola logu
# AdwCleaner v3.014 - Report created 02/12/2013 at 16:27:41
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : radek - RADEK-PC
# Running from : C:\Windows\System32\config\systemprofile\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\Browse2Save
Folder Deleted : C:\ProgramData\QuickSet
Folder Deleted : C:\ProgramData\YoutubeAdblocker
[/!\] Not Deleted ( Junction ) : C:\ProgramData\Browse2save
Folder Deleted : C:\ProgramData\Seaarcho-iNewwTaabb
Folder Deleted : C:\ProgramData\surf anD kkeuep
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search-NewTab
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\BitLord 2
Folder Deleted : C:\Program Files\BrowseToSave
Folder Deleted : C:\Program Files\Red Sky
Folder Deleted : C:\Program Files\SimilarSites
Folder Deleted : C:\Program Files\YoutubeAdblocker
Folder Deleted : C:\Program Files\Seaarcho-iNewwTaabb
Folder Deleted : C:\Program Files\surf anD kkeuep
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\windows\system32\config\systemprofile\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\windows\system32\config\systemprofile\AppData\Roaming\SimilarSites
Folder Deleted : C:\windows\system32\config\systemprofile\AppData\Roaming\SkypEmoticons
Folder Deleted : C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Deleted : C:\windows\system32\config\systemprofile\Documents\BitLord
Folder Deleted : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[!] Folder Deleted : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[!] Folder Deleted : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Program Files\Mozilla Firefox\user.js
File Deleted : C:\windows\System32\Tasks\BitGuard
File Deleted : C:\windows\System32\Tasks\Express FilesUpdate
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1680DEDB-3771-40FD-BDC1-B4E766E7698C}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1680DEDB-3771-40FD-BDC1-B4E766E7698C}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{07C48022-63A0-4099-927F-3DD2066025E0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07C48022-63A0-4099-927F-3DD2066025E0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{17617E8B-102D-4A75-8B36-D5F9C387E8FF}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17617E8B-102D-4A75-8B36-D5F9C387E8FF}
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [se]
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_48c708f2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_b0285714
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_d5615630
Key Deleted : HKLM\SOFTWARE\5a558ddfbd69e412
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v31.0.1650.57
[ File : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
[ File : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [9200 octets] - [02/12/2013 16:20:23]
AdwCleaner[R1].txt - [9260 octets] - [02/12/2013 16:26:50]
AdwCleaner[S0].txt - [8289 octets] - [02/12/2013 16:27:41]
########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [8349 octets] ##########
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : radek - RADEK-PC
# Running from : C:\Windows\System32\config\systemprofile\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\Browse2Save
Folder Deleted : C:\ProgramData\QuickSet
Folder Deleted : C:\ProgramData\YoutubeAdblocker
[/!\] Not Deleted ( Junction ) : C:\ProgramData\Browse2save
Folder Deleted : C:\ProgramData\Seaarcho-iNewwTaabb
Folder Deleted : C:\ProgramData\surf anD kkeuep
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search-NewTab
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\BitLord 2
Folder Deleted : C:\Program Files\BrowseToSave
Folder Deleted : C:\Program Files\Red Sky
Folder Deleted : C:\Program Files\SimilarSites
Folder Deleted : C:\Program Files\YoutubeAdblocker
Folder Deleted : C:\Program Files\Seaarcho-iNewwTaabb
Folder Deleted : C:\Program Files\surf anD kkeuep
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\windows\system32\config\systemprofile\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\windows\system32\config\systemprofile\AppData\Roaming\SimilarSites
Folder Deleted : C:\windows\system32\config\systemprofile\AppData\Roaming\SkypEmoticons
Folder Deleted : C:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Deleted : C:\windows\system32\config\systemprofile\Documents\BitLord
Folder Deleted : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[!] Folder Deleted : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[!] Folder Deleted : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Program Files\Mozilla Firefox\user.js
File Deleted : C:\windows\System32\Tasks\BitGuard
File Deleted : C:\windows\System32\Tasks\Express FilesUpdate
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1680DEDB-3771-40FD-BDC1-B4E766E7698C}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1680DEDB-3771-40FD-BDC1-B4E766E7698C}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{07C48022-63A0-4099-927F-3DD2066025E0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07C48022-63A0-4099-927F-3DD2066025E0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{17617E8B-102D-4A75-8B36-D5F9C387E8FF}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17617E8B-102D-4A75-8B36-D5F9C387E8FF}
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [se]
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_48c708f2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_b0285714
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_d5615630
Key Deleted : HKLM\SOFTWARE\5a558ddfbd69e412
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v31.0.1650.57
[ File : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
[ File : C:\windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [9200 octets] - [02/12/2013 16:20:23]
AdwCleaner[R1].txt - [9260 octets] - [02/12/2013 16:26:50]
AdwCleaner[S0].txt - [8289 octets] - [02/12/2013 16:27:41]
########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [8349 octets] ##########
Re: Kontrola logu
Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-12-2013
Ran by radek (administrator) on RADEK-PC on 02-12-2013 16:56:55
Running from C:\Windows\System32\config\systemprofile\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
(Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
(Nalpeiron Ltd.) C:\Windows\System32\NLSSRV32.EXE
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
() C:\Program Files\Mobogenie\DaemonProcess.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Windows\System32\config\systemprofile\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [QlbCtrl.exe] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe [288312 2009-07-27] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-08-25] (Intel Corporation)
HKLM\...\Run: [WirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2565520 2011-03-14] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenuEx] - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [747712 2013-11-23] ()
HKLM\...\Run: [VirtualCloneDrive] - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-19] (Hewlett-Packard)
HKCU\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-16] (Hewlett-Packard)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
==================== Internet (Whitelisted) ====================
URLSearchHook: HKLM - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: No Name - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - No File
BHO: Search-NewTab - {B0DB0831-3E7B-FE54-3380-378C339527E4} - C:\ProgramData\Search-NewTab\511ff150d9dfc.dll No File
BHO: YoutubeAdblocker - {B30815A3-6427-E936-5A29-42319CBB4390} - C:\Program Files\YoutubeAdblocker\JqsJr0.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Chrome:
=======
CHR Extension: (Google Docs) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (iVIDI.org plugin) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol\1.3_1
CHR Extension: (Skype Click to Call) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_1
CHR Extension: (Google Wallet) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1
CHR Extension: (Gmail) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2
CHR HKLM\...\Chrome\Extension: [giacfgjdclhnmkacnfbaljbmpnelflol] - C:\Program Files\iVIDI.org plugin\ividiplg.crx
CHR HKLM\...\Chrome\Extension: [jkcmkpifpihhlkkbjfehamkiigljaome] - C:\ProgramData\ADDICT-THING\jkcmkpifpihhlkkbjfehamkiigljaome.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [nlpindoelpbbhemddgobhijndonccnge] - C:\Program Files\Search Fairy\SearchFairy.crx
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\radek\AppData\Local\Temp\ccex.crx
========================== Services (Whitelisted) =================
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1385896 2012-06-27] (LogMeIn Inc.)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-09] (Hewlett-Packard)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe [196616 2013-01-14] (Nitro PDF Software)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-01-14] (Nitro PDF Software)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)
R2 PnkBstrA; C:\windows\system32\PnkBstrA.exe [66872 2012-12-13] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
R2 yksvc; C:\Windows\System32\yk62x86.dll [364544 2009-09-28] (Marvell)
R2 postgresql-8.4; c:/postgreSQL/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "c:/postgreSQL/data" -w [x]
S2 vToolbarUpdater17.1.3; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe [x]
==================== Drivers (Whitelisted) ====================
R3 5U876UVC; C:\Windows\System32\DRIVERS\5U876.sys [118656 2009-06-30] (Ricoh co.,Ltd.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2012-06-15] ()
R1 avgtp; C:\windows\system32\drivers\avgtpx86.sys [37664 2013-11-21] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-03-13] (DT Soft Ltd)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-06-15] ()
S3 MfeAVFK; C:\Windows\System32\drivers\MfeAVFK.sys [79816 2009-05-16] (McAfee, Inc.)
S3 MfeBOPK; C:\Windows\System32\drivers\MfeBOPK.sys [35272 2009-05-16] (McAfee, Inc.)
R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [214024 2009-05-16] (McAfee, Inc.)
S3 MfeRKDK; C:\Windows\System32\drivers\MfeRKDK.sys [34248 2009-05-16] (McAfee, Inc.)
R1 mfetdik; C:\Windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S1 prodrv06; C:\Windows\System32\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology)
S0 prohlp02; C:\Windows\System32\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology)
S0 prosync1; C:\Windows\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology)
S0 sfhlp01; C:\Windows\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-05-25] (Duplex Secure Ltd.)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [10144 2005-04-12] (Logitech Inc.)
S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [5600 2005-04-12] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [45504 2005-04-12] (Logitech Inc.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
U3 a4tzd33o; C:\Windows\System32\Drivers\a4tzd33o.sys [0 ] (Adaptec, Inc.)
U3 aszd3nz3; C:\Windows\System32\Drivers\aszd3nz3.sys [0 ] (Adaptec, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 CFcatchme; \??\C:\Users\radek\AppData\Local\Temp\CFcatchme.sys [x]
S1 nyiigiof; \??\C:\windows\system32\drivers\nyiigiof.sys [x]
S1 vcbenera; \??\C:\windows\system32\drivers\vcbenera.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-02 16:56 - 2013-12-02 16:57 - 00015346 _____ C:\windows\system32\config\systemprofile\Desktop\FRST.txt
2013-12-02 16:55 - 2013-12-02 16:55 - 00000000 ____D C:\FRST
2013-12-02 16:54 - 2013-12-02 16:54 - 00112640 _____ (forum.viry.cz) C:\windows\system32\config\systemprofile\Desktop\FRSTLauncher.exe
2013-12-02 16:53 - 2013-12-02 16:54 - 01092187 _____ (Farbar) C:\windows\system32\config\systemprofile\Desktop\FRST.exe
2013-12-02 16:20 - 2013-12-02 16:28 - 00000000 ____D C:\AdwCleaner
2013-12-02 16:19 - 2013-12-02 16:19 - 01110034 _____ C:\windows\system32\config\systemprofile\Desktop\adwcleaner.exe
2013-12-02 16:14 - 2013-12-02 16:14 - 00012673 _____ C:\windows\system32\config\systemprofile\Desktop\JRT.txt
2013-12-02 16:06 - 2013-12-02 16:06 - 00000000 ____D C:\windows\ERUNT
2013-12-02 16:05 - 2013-12-02 16:05 - 01034531 _____ (Thisisu) C:\windows\system32\config\systemprofile\Desktop\JRT.exe
2013-12-02 14:30 - 2013-12-02 14:31 - 00000000 ____D C:\rsit
2013-12-02 14:29 - 2013-12-02 14:29 - 00781383 _____ C:\windows\system32\config\systemprofile\Desktop\RSIT.exe
2013-11-30 21:33 - 2013-11-30 21:33 - 00000000 ____D C:\windows\system32\%LocalAppData%
2013-11-28 17:33 - 2013-11-28 17:33 - 17142784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 11220992 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 04240384 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-28 17:33 - 2013-11-28 17:33 - 02166272 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 01926656 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-28 17:33 - 2013-11-28 17:33 - 01818112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 01156608 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 01051136 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00703488 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-28 17:33 - 2013-11-28 17:33 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00553472 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00523776 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00454656 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00367104 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-28 17:33 - 2013-11-28 17:33 - 00244736 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00238288 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00208384 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-28 17:33 - 2013-11-28 17:33 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-28 17:32 - 2013-11-28 17:36 - 00010058 _____ C:\windows\IE11_main.log
2013-11-26 17:09 - 2013-11-26 17:12 - 00000000 ____D C:\windows\system32\config\systemprofile\Desktop\cd1113
2013-11-23 22:52 - 2013-11-23 22:53 - 00000000 ____D C:\windows\system32\config\systemprofile\Downloads\civ5_allinone_cz_v1.22_lite
2013-11-23 22:49 - 2013-11-23 22:59 - 150248469 _____ C:\windows\system32\config\systemprofile\Downloads\civ5_bnw_cz_intro.zip
2013-11-23 22:49 - 2013-11-23 22:49 - 01231346 _____ C:\windows\system32\config\systemprofile\Downloads\civ5_allinone_cz_v1.22_lite.zip
2013-11-23 19:38 - 2013-11-23 19:39 - 09012016 ____R C:\windows\system32\config\systemprofile\Downloads\3DMGAME-Civilization.V.Brave.New.World.Crack.Only.V2-3DM.rar
2013-11-23 19:28 - 2013-12-02 16:29 - 00000452 ____H C:\windows\Tasks\Sk-Enhancer-S-5902107913.job
2013-11-23 19:27 - 2013-11-23 19:27 - 00000000 ____D C:\Program Files\Sk-Enhancer
2013-11-23 19:25 - 2013-11-23 19:26 - 00312208 _____ (QuickSet) C:\windows\system32\config\systemprofile\Downloads\3DMGAME-Civilization V Brave New World Crack Only V2-3DM rar.exe
2013-11-23 19:06 - 2013-11-23 19:06 - 00001280 _____ C:\windows\system32\config\systemprofile\Desktop\Sid Meier's Civilization 5.lnk
2013-11-23 18:32 - 2013-11-23 18:32 - 00000000 ____D C:\Program Files\R.G. Mechanics
2013-11-23 16:18 - 2013-11-23 17:27 - 00000000 ____D C:\windows\system32\config\systemprofile\Downloads\[R.G. Mechanics] Civilization 5 GOTY
2013-11-23 14:39 - 2013-11-23 19:23 - 00000000 ____D C:\windows\system32\config\systemprofile\Desktop\CIV
2013-11-23 14:37 - 2013-11-23 14:37 - 00000000 ____D C:\Program Files\Elaborate Bytes
2013-11-23 11:27 - 2013-11-23 18:30 - 00000000 ____D C:\windows\system32\config\systemprofile\Downloads\Civilization V
2013-11-23 10:55 - 2013-11-24 19:40 - 00000000 ____D C:\Program Files\Mobogenie
2013-11-22 20:04 - 2013-11-22 20:04 - 00000000 ____D C:\Program Files\iVIDI.org plugin
2013-11-19 18:35 - 2013-11-26 17:12 - 00000000 ____D C:\windows\system32\config\systemprofile\Desktop\ssongy
2013-11-17 10:18 - 2013-11-17 10:18 - 00034308 _____ C:\windows\system32\BASSMOD.dll
2013-11-17 10:09 - 2013-12-02 16:11 - 00000000 ____D C:\windows\system32\cache
2013-11-16 12:33 - 2006-04-29 14:25 - 00040960 _____ C:\windows\system32\psfind.dll
2013-11-16 11:40 - 2013-11-16 11:40 - 01156921 _____ C:\windows\content.csv
2013-11-15 20:05 - 2013-11-15 20:05 - 00000000 ____D C:\Program Files\Paradox Interactive
2013-11-15 19:50 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2013-11-15 19:50 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-15 19:50 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2013-11-15 19:49 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-11-15 19:49 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-15 19:49 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-11-15 19:49 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-15 19:49 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-15 19:49 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2013-11-15 19:49 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2013-11-15 19:49 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-15 19:49 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2013-11-15 19:49 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2013-11-15 19:49 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2013-11-15 19:49 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2013-11-15 19:49 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2013-11-15 19:49 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2013-11-15 19:49 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2013-11-13 16:57 - 2013-11-13 16:57 - 00000000 ____D C:\windows\system32\config\systemprofile\AppData\LocalGoogle
2013-11-09 20:38 - 2013-11-22 23:00 - 00234052 _____ C:\windows\Directx.log
==================== One Month Modified Files and Folders =======
2013-12-02 16:57 - 2013-12-02 16:56 - 00015346 _____ C:\windows\system32\config\systemprofile\Desktop\FRST.txt
2013-12-02 16:55 - 2013-12-02 16:55 - 00000000 ____D C:\FRST
2013-12-02 16:55 - 2013-10-28 14:46 - 00040268 _____ C:\windows\setupact.log
2013-12-02 16:54 - 2013-12-02 16:54 - 00112640 _____ (forum.viry.cz) C:\windows\system32\config\systemprofile\Desktop\FRSTLauncher.exe
2013-12-02 16:54 - 2013-12-02 16:53 - 01092187 _____ (Farbar) C:\windows\system32\config\systemprofile\Desktop\FRST.exe
2013-12-02 16:47 - 2012-09-11 21:19 - 00000940 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-02 16:36 - 2009-07-14 05:34 - 00019760 _____ C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-02 16:36 - 2009-07-14 05:34 - 00019760 _____ C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-02 16:33 - 2012-03-04 00:18 - 01473446 _____ C:\windows\WindowsUpdate.log
2013-12-02 16:29 - 2013-11-23 19:28 - 00000452 ____H C:\windows\Tasks\Sk-Enhancer-S-5902107913.job
2013-12-02 16:29 - 2013-10-29 16:16 - 00008414 _____ C:\windows\PFRO.log
2013-12-02 16:29 - 2013-02-16 21:23 - 00000416 ____H C:\windows\Tasks\schedule!3036567561.job
2013-12-02 16:29 - 2012-09-11 21:19 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-02 16:29 - 2009-07-14 05:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-12-02 16:28 - 2013-12-02 16:20 - 00000000 ____D C:\AdwCleaner
2013-12-02 16:28 - 2012-05-28 13:27 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-02 16:24 - 2012-03-04 14:32 - 00000362 _____ C:\windows\Tasks\WpsUpdateTask_radek.job
2013-12-02 16:20 - 2012-09-20 18:15 - 00000928 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job
2013-12-02 16:19 - 2013-12-02 16:19 - 01110034 _____ C:\windows\system32\config\systemprofile\Desktop\adwcleaner.exe
2013-12-02 16:17 - 2012-09-18 16:37 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job
2013-12-02 16:14 - 2013-12-02 16:14 - 00012673 _____ C:\windows\system32\config\systemprofile\Desktop\JRT.txt
2013-12-02 16:11 - 2013-11-17 10:09 - 00000000 ____D C:\windows\system32\cache
2013-12-02 16:09 - 2009-07-14 05:53 - 00032586 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-12-02 16:06 - 2013-12-02 16:06 - 00000000 ____D C:\windows\ERUNT
2013-12-02 16:05 - 2013-12-02 16:05 - 01034531 _____ (Thisisu) C:\windows\system32\config\systemprofile\Desktop\JRT.exe
2013-12-02 14:31 - 2013-12-02 14:30 - 00000000 ____D C:\rsit
2013-12-02 14:30 - 2012-09-08 13:19 - 00000000 ____D C:\Program Files\trend micro
2013-12-02 14:29 - 2013-12-02 14:29 - 00781383 _____ C:\windows\system32\config\systemprofile\Desktop\RSIT.exe
2013-12-01 20:17 - 2012-09-18 16:37 - 00000910 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job
2013-12-01 19:20 - 2012-09-20 18:15 - 00000906 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job
2013-11-30 21:33 - 2013-11-30 21:33 - 00000000 ____D C:\windows\system32\%LocalAppData%
2013-11-30 19:36 - 2012-06-10 14:22 - 00000000 ____D C:\Program Files\Steam
2013-11-28 17:36 - 2013-11-28 17:32 - 00010058 _____ C:\windows\IE11_main.log
2013-11-28 17:33 - 2013-11-28 17:33 - 17142784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 11220992 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 04240384 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-28 17:33 - 2013-11-28 17:33 - 02166272 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 01926656 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-28 17:33 - 2013-11-28 17:33 - 01818112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 01156608 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 01051136 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00703488 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-28 17:33 - 2013-11-28 17:33 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00553472 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00523776 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00454656 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00367104 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-28 17:33 - 2013-11-28 17:33 - 00244736 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00238288 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00208384 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-28 17:33 - 2013-11-28 17:33 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-27 21:02 - 2009-09-20 08:17 - 01616260 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-26 17:12 - 2013-11-26 17:09 - 00000000 ____D C:\windows\system32\config\systemprofile\Desktop\cd1113
2013-11-26 17:12 - 2013-11-19 18:35 - 00000000 ____D C:\windows\system32\config\systemprofile\Desktop\ssongy
2013-11-24 19:40 - 2013-11-23 10:55 - 00000000 ____D C:\Program Files\Mobogenie
2013-11-23 22:59 - 2013-11-23 22:49 - 150248469 _____ C:\windows\system32\config\systemprofile\Downloads\civ5_bnw_cz_intro.zip
2013-11-23 22:53 - 2013-11-23 22:52 - 00000000 ____D C:\windows\system32\config\systemprofile\Downloads\civ5_allinone_cz_v1.22_lite
2013-11-23 22:49 - 2013-11-23 22:49 - 01231346 _____ C:\windows\system32\config\systemprofile\Downloads\civ5_allinone_cz_v1.22_lite.zip
2013-11-23 19:39 - 2013-11-23 19:38 - 09012016 ____R C:\windows\system32\config\systemprofile\Downloads\3DMGAME-Civilization.V.Brave.New.World.Crack.Only.V2-3DM.rar
2013-11-23 19:27 - 2013-11-23 19:27 - 00000000 ____D C:\Program Files\Sk-Enhancer
2013-11-23 19:26 - 2013-11-23 19:25 - 00312208 _____ (QuickSet) C:\windows\system32\config\systemprofile\Downloads\3DMGAME-Civilization V Brave New World Crack Only V2-3DM rar.exe
2013-11-23 19:23 - 2013-11-23 14:39 - 00000000 ____D C:\windows\system32\config\systemprofile\Desktop\CIV
2013-11-23 19:06 - 2013-11-23 19:06 - 00001280 _____ C:\windows\system32\config\systemprofile\Desktop\Sid Meier's Civilization 5.lnk
2013-11-23 18:32 - 2013-11-23 18:32 - 00000000 ____D C:\Program Files\R.G. Mechanics
2013-11-23 18:31 - 2013-10-12 14:52 - 00000000 ____D C:\Program Files\THQ
2013-11-23 18:30 - 2013-11-23 11:27 - 00000000 ____D C:\windows\system32\config\systemprofile\Downloads\Civilization V
2013-11-23 17:27 - 2013-11-23 16:18 - 00000000 ____D C:\windows\system32\config\systemprofile\Downloads\[R.G. Mechanics] Civilization 5 GOTY
2013-11-23 14:37 - 2013-11-23 14:37 - 00000000 ____D C:\Program Files\Elaborate Bytes
2013-11-22 23:00 - 2013-11-09 20:38 - 00234052 _____ C:\windows\Directx.log
2013-11-22 21:14 - 2013-08-30 18:11 - 00000000 ____D C:\GOG Games
2013-11-22 20:04 - 2013-11-22 20:04 - 00000000 ____D C:\Program Files\iVIDI.org plugin
2013-11-22 14:12 - 2012-03-23 10:25 - 00000052 _____ C:\windows\system32\DOErrors.log
2013-11-21 23:58 - 2012-03-04 14:16 - 00001912 _____ C:\windows\epplauncher.mif
2013-11-21 23:58 - 2012-03-04 14:12 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-21 20:15 - 2012-10-22 12:56 - 00000000 ____D C:\windows\system32\config\systemprofile\AppData\Local\Apps\2.0
2013-11-21 20:10 - 2013-09-14 12:16 - 00037664 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx86.sys
2013-11-20 23:42 - 2009-07-27 08:32 - 60305408 _____ C:\windows\system32\config\RegBack\SOFTWARE
2013-11-20 23:42 - 2009-07-27 08:32 - 18526208 _____ C:\windows\system32\config\RegBack\SYSTEM
2013-11-20 23:42 - 2009-07-27 08:32 - 00983040 _____ C:\windows\system32\config\RegBack\DEFAULT
2013-11-20 23:42 - 2009-07-27 08:32 - 00036864 _____ C:\windows\system32\config\RegBack\SECURITY
2013-11-20 23:42 - 2009-07-27 08:32 - 00028672 _____ C:\windows\system32\config\RegBack\SAM
2013-11-19 11:21 - 2012-03-05 14:42 - 00230048 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2013-11-18 18:43 - 2009-07-14 03:37 - 00000000 ____D C:\windows\rescache
2013-11-17 10:18 - 2013-11-17 10:18 - 00034308 _____ C:\windows\system32\BASSMOD.dll
2013-11-16 12:27 - 2009-09-20 08:10 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-11-16 11:40 - 2013-11-16 11:40 - 01156921 _____ C:\windows\content.csv
2013-11-16 11:40 - 2012-06-29 19:52 - 00000326 _____ C:\windows\level.ini
2013-11-16 11:40 - 2012-06-29 19:52 - 00000316 _____ C:\windows\tmp2Level.ini
2013-11-16 09:57 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\Microsoft Games
2013-11-16 09:48 - 2009-07-27 09:31 - 00000000 ____D C:\windows\Panther
2013-11-16 01:28 - 2013-07-16 22:25 - 00000000 ____D C:\windows\system32\MRT
2013-11-16 01:23 - 2012-03-04 14:55 - 80340640 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-15 20:05 - 2013-11-15 20:05 - 00000000 ____D C:\Program Files\Paradox Interactive
2013-11-13 16:57 - 2013-11-13 16:57 - 00000000 ____D C:\windows\system32\config\systemprofile\AppData\LocalGoogle
2013-11-10 10:42 - 2012-11-09 18:26 - 00000000 ___HD C:\windows\msdownld.tmp
2013-11-10 10:42 - 2012-06-11 14:04 - 00000000 ____D C:\windows\system32\directx
2013-11-09 23:45 - 2013-03-24 14:55 - 00000000 ____D C:\Program Files\Counter-Strike 1.6 Standalone
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-20 23:42
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:280.8 GB) (Free:5.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.92 GB) FAT32
Available physical RAM: 1804.52 MB
Total physical RAM: 3066.27 MB
Percentage of memory in use: 41%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: DCB86D34)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=281 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job => C:\Users\radek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job => C:\Users\radek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job => C:\Users\radek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job => C:\Users\radek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\schedule!3036567561.job => C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe
Task: C:\windows\Tasks\Sk-Enhancer-S-5902107913.job => c:\programdata\quickset\sk-enhancer\Sk-Enhancer.exe
Task: C:\windows\Tasks\WpsUpdateTask_radek.job => C:\Program Files\Programy\Kingsoft Office\office6\wpsupdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\windows\system32\config\systemprofile\Desktop" je 5020 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6
"C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount
"C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CompuCare Check for updates
C:\Users\radek\AppData\Roaming\SuperPump\updater.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\Programy\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\radek\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files\Programy\Kies\Kies.exe /preload [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files\Programy\Kies\KiesTrayAgent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv
C:\windows\inf\ntvdm.vbe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete
C:\Program Files\PDF Complete\pdfsty.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt
"C:\Program Files\AVG SafeGuard toolbar\vprot.exe" [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Ran by radek (administrator) on RADEK-PC on 02-12-2013 16:56:55
Running from C:\Windows\System32\config\systemprofile\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
(Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
(Nalpeiron Ltd.) C:\Windows\System32\NLSSRV32.EXE
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
() C:\Program Files\Mobogenie\DaemonProcess.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Windows\System32\config\systemprofile\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [QlbCtrl.exe] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe [288312 2009-07-27] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-08-25] (Intel Corporation)
HKLM\...\Run: [WirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2565520 2011-03-14] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenuEx] - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [747712 2013-11-23] ()
HKLM\...\Run: [VirtualCloneDrive] - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-19] (Hewlett-Packard)
HKCU\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-16] (Hewlett-Packard)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
==================== Internet (Whitelisted) ====================
URLSearchHook: HKLM - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: No Name - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - No File
BHO: Search-NewTab - {B0DB0831-3E7B-FE54-3380-378C339527E4} - C:\ProgramData\Search-NewTab\511ff150d9dfc.dll No File
BHO: YoutubeAdblocker - {B30815A3-6427-E936-5A29-42319CBB4390} - C:\Program Files\YoutubeAdblocker\JqsJr0.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Chrome:
=======
CHR Extension: (Google Docs) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (iVIDI.org plugin) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol\1.3_1
CHR Extension: (Skype Click to Call) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_1
CHR Extension: (Google Wallet) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1
CHR Extension: (Gmail) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2
CHR HKLM\...\Chrome\Extension: [giacfgjdclhnmkacnfbaljbmpnelflol] - C:\Program Files\iVIDI.org plugin\ividiplg.crx
CHR HKLM\...\Chrome\Extension: [jkcmkpifpihhlkkbjfehamkiigljaome] - C:\ProgramData\ADDICT-THING\jkcmkpifpihhlkkbjfehamkiigljaome.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [nlpindoelpbbhemddgobhijndonccnge] - C:\Program Files\Search Fairy\SearchFairy.crx
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\radek\AppData\Local\Temp\ccex.crx
========================== Services (Whitelisted) =================
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1385896 2012-06-27] (LogMeIn Inc.)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-09] (Hewlett-Packard)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe [196616 2013-01-14] (Nitro PDF Software)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-01-14] (Nitro PDF Software)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)
R2 PnkBstrA; C:\windows\system32\PnkBstrA.exe [66872 2012-12-13] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
R2 yksvc; C:\Windows\System32\yk62x86.dll [364544 2009-09-28] (Marvell)
R2 postgresql-8.4; c:/postgreSQL/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "c:/postgreSQL/data" -w [x]
S2 vToolbarUpdater17.1.3; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe [x]
==================== Drivers (Whitelisted) ====================
R3 5U876UVC; C:\Windows\System32\DRIVERS\5U876.sys [118656 2009-06-30] (Ricoh co.,Ltd.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2012-06-15] ()
R1 avgtp; C:\windows\system32\drivers\avgtpx86.sys [37664 2013-11-21] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-03-13] (DT Soft Ltd)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-06-15] ()
S3 MfeAVFK; C:\Windows\System32\drivers\MfeAVFK.sys [79816 2009-05-16] (McAfee, Inc.)
S3 MfeBOPK; C:\Windows\System32\drivers\MfeBOPK.sys [35272 2009-05-16] (McAfee, Inc.)
R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [214024 2009-05-16] (McAfee, Inc.)
S3 MfeRKDK; C:\Windows\System32\drivers\MfeRKDK.sys [34248 2009-05-16] (McAfee, Inc.)
R1 mfetdik; C:\Windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S1 prodrv06; C:\Windows\System32\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology)
S0 prohlp02; C:\Windows\System32\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology)
S0 prosync1; C:\Windows\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology)
S0 sfhlp01; C:\Windows\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-05-25] (Duplex Secure Ltd.)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [10144 2005-04-12] (Logitech Inc.)
S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [5600 2005-04-12] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [45504 2005-04-12] (Logitech Inc.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
U3 a4tzd33o; C:\Windows\System32\Drivers\a4tzd33o.sys [0 ] (Adaptec, Inc.)
U3 aszd3nz3; C:\Windows\System32\Drivers\aszd3nz3.sys [0 ] (Adaptec, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 CFcatchme; \??\C:\Users\radek\AppData\Local\Temp\CFcatchme.sys [x]
S1 nyiigiof; \??\C:\windows\system32\drivers\nyiigiof.sys [x]
S1 vcbenera; \??\C:\windows\system32\drivers\vcbenera.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-02 16:56 - 2013-12-02 16:57 - 00015346 _____ C:\windows\system32\config\systemprofile\Desktop\FRST.txt
2013-12-02 16:55 - 2013-12-02 16:55 - 00000000 ____D C:\FRST
2013-12-02 16:54 - 2013-12-02 16:54 - 00112640 _____ (forum.viry.cz) C:\windows\system32\config\systemprofile\Desktop\FRSTLauncher.exe
2013-12-02 16:53 - 2013-12-02 16:54 - 01092187 _____ (Farbar) C:\windows\system32\config\systemprofile\Desktop\FRST.exe
2013-12-02 16:20 - 2013-12-02 16:28 - 00000000 ____D C:\AdwCleaner
2013-12-02 16:19 - 2013-12-02 16:19 - 01110034 _____ C:\windows\system32\config\systemprofile\Desktop\adwcleaner.exe
2013-12-02 16:14 - 2013-12-02 16:14 - 00012673 _____ C:\windows\system32\config\systemprofile\Desktop\JRT.txt
2013-12-02 16:06 - 2013-12-02 16:06 - 00000000 ____D C:\windows\ERUNT
2013-12-02 16:05 - 2013-12-02 16:05 - 01034531 _____ (Thisisu) C:\windows\system32\config\systemprofile\Desktop\JRT.exe
2013-12-02 14:30 - 2013-12-02 14:31 - 00000000 ____D C:\rsit
2013-12-02 14:29 - 2013-12-02 14:29 - 00781383 _____ C:\windows\system32\config\systemprofile\Desktop\RSIT.exe
2013-11-30 21:33 - 2013-11-30 21:33 - 00000000 ____D C:\windows\system32\%LocalAppData%
2013-11-28 17:33 - 2013-11-28 17:33 - 17142784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 11220992 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 04240384 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-28 17:33 - 2013-11-28 17:33 - 02166272 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 01926656 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-28 17:33 - 2013-11-28 17:33 - 01818112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 01156608 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 01051136 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00703488 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-28 17:33 - 2013-11-28 17:33 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00553472 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00523776 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00454656 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00367104 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-28 17:33 - 2013-11-28 17:33 - 00244736 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00238288 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00208384 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-28 17:33 - 2013-11-28 17:33 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-28 17:32 - 2013-11-28 17:36 - 00010058 _____ C:\windows\IE11_main.log
2013-11-26 17:09 - 2013-11-26 17:12 - 00000000 ____D C:\windows\system32\config\systemprofile\Desktop\cd1113
2013-11-23 22:52 - 2013-11-23 22:53 - 00000000 ____D C:\windows\system32\config\systemprofile\Downloads\civ5_allinone_cz_v1.22_lite
2013-11-23 22:49 - 2013-11-23 22:59 - 150248469 _____ C:\windows\system32\config\systemprofile\Downloads\civ5_bnw_cz_intro.zip
2013-11-23 22:49 - 2013-11-23 22:49 - 01231346 _____ C:\windows\system32\config\systemprofile\Downloads\civ5_allinone_cz_v1.22_lite.zip
2013-11-23 19:38 - 2013-11-23 19:39 - 09012016 ____R C:\windows\system32\config\systemprofile\Downloads\3DMGAME-Civilization.V.Brave.New.World.Crack.Only.V2-3DM.rar
2013-11-23 19:28 - 2013-12-02 16:29 - 00000452 ____H C:\windows\Tasks\Sk-Enhancer-S-5902107913.job
2013-11-23 19:27 - 2013-11-23 19:27 - 00000000 ____D C:\Program Files\Sk-Enhancer
2013-11-23 19:25 - 2013-11-23 19:26 - 00312208 _____ (QuickSet) C:\windows\system32\config\systemprofile\Downloads\3DMGAME-Civilization V Brave New World Crack Only V2-3DM rar.exe
2013-11-23 19:06 - 2013-11-23 19:06 - 00001280 _____ C:\windows\system32\config\systemprofile\Desktop\Sid Meier's Civilization 5.lnk
2013-11-23 18:32 - 2013-11-23 18:32 - 00000000 ____D C:\Program Files\R.G. Mechanics
2013-11-23 16:18 - 2013-11-23 17:27 - 00000000 ____D C:\windows\system32\config\systemprofile\Downloads\[R.G. Mechanics] Civilization 5 GOTY
2013-11-23 14:39 - 2013-11-23 19:23 - 00000000 ____D C:\windows\system32\config\systemprofile\Desktop\CIV
2013-11-23 14:37 - 2013-11-23 14:37 - 00000000 ____D C:\Program Files\Elaborate Bytes
2013-11-23 11:27 - 2013-11-23 18:30 - 00000000 ____D C:\windows\system32\config\systemprofile\Downloads\Civilization V
2013-11-23 10:55 - 2013-11-24 19:40 - 00000000 ____D C:\Program Files\Mobogenie
2013-11-22 20:04 - 2013-11-22 20:04 - 00000000 ____D C:\Program Files\iVIDI.org plugin
2013-11-19 18:35 - 2013-11-26 17:12 - 00000000 ____D C:\windows\system32\config\systemprofile\Desktop\ssongy
2013-11-17 10:18 - 2013-11-17 10:18 - 00034308 _____ C:\windows\system32\BASSMOD.dll
2013-11-17 10:09 - 2013-12-02 16:11 - 00000000 ____D C:\windows\system32\cache
2013-11-16 12:33 - 2006-04-29 14:25 - 00040960 _____ C:\windows\system32\psfind.dll
2013-11-16 11:40 - 2013-11-16 11:40 - 01156921 _____ C:\windows\content.csv
2013-11-15 20:05 - 2013-11-15 20:05 - 00000000 ____D C:\Program Files\Paradox Interactive
2013-11-15 19:50 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2013-11-15 19:50 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-15 19:50 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2013-11-15 19:49 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-11-15 19:49 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-15 19:49 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-11-15 19:49 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-15 19:49 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-15 19:49 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2013-11-15 19:49 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2013-11-15 19:49 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-15 19:49 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2013-11-15 19:49 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2013-11-15 19:49 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2013-11-15 19:49 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2013-11-15 19:49 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2013-11-15 19:49 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2013-11-15 19:49 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2013-11-13 16:57 - 2013-11-13 16:57 - 00000000 ____D C:\windows\system32\config\systemprofile\AppData\LocalGoogle
2013-11-09 20:38 - 2013-11-22 23:00 - 00234052 _____ C:\windows\Directx.log
==================== One Month Modified Files and Folders =======
2013-12-02 16:57 - 2013-12-02 16:56 - 00015346 _____ C:\windows\system32\config\systemprofile\Desktop\FRST.txt
2013-12-02 16:55 - 2013-12-02 16:55 - 00000000 ____D C:\FRST
2013-12-02 16:55 - 2013-10-28 14:46 - 00040268 _____ C:\windows\setupact.log
2013-12-02 16:54 - 2013-12-02 16:54 - 00112640 _____ (forum.viry.cz) C:\windows\system32\config\systemprofile\Desktop\FRSTLauncher.exe
2013-12-02 16:54 - 2013-12-02 16:53 - 01092187 _____ (Farbar) C:\windows\system32\config\systemprofile\Desktop\FRST.exe
2013-12-02 16:47 - 2012-09-11 21:19 - 00000940 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-02 16:36 - 2009-07-14 05:34 - 00019760 _____ C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-02 16:36 - 2009-07-14 05:34 - 00019760 _____ C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-02 16:33 - 2012-03-04 00:18 - 01473446 _____ C:\windows\WindowsUpdate.log
2013-12-02 16:29 - 2013-11-23 19:28 - 00000452 ____H C:\windows\Tasks\Sk-Enhancer-S-5902107913.job
2013-12-02 16:29 - 2013-10-29 16:16 - 00008414 _____ C:\windows\PFRO.log
2013-12-02 16:29 - 2013-02-16 21:23 - 00000416 ____H C:\windows\Tasks\schedule!3036567561.job
2013-12-02 16:29 - 2012-09-11 21:19 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-02 16:29 - 2009-07-14 05:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-12-02 16:28 - 2013-12-02 16:20 - 00000000 ____D C:\AdwCleaner
2013-12-02 16:28 - 2012-05-28 13:27 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-02 16:24 - 2012-03-04 14:32 - 00000362 _____ C:\windows\Tasks\WpsUpdateTask_radek.job
2013-12-02 16:20 - 2012-09-20 18:15 - 00000928 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job
2013-12-02 16:19 - 2013-12-02 16:19 - 01110034 _____ C:\windows\system32\config\systemprofile\Desktop\adwcleaner.exe
2013-12-02 16:17 - 2012-09-18 16:37 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job
2013-12-02 16:14 - 2013-12-02 16:14 - 00012673 _____ C:\windows\system32\config\systemprofile\Desktop\JRT.txt
2013-12-02 16:11 - 2013-11-17 10:09 - 00000000 ____D C:\windows\system32\cache
2013-12-02 16:09 - 2009-07-14 05:53 - 00032586 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-12-02 16:06 - 2013-12-02 16:06 - 00000000 ____D C:\windows\ERUNT
2013-12-02 16:05 - 2013-12-02 16:05 - 01034531 _____ (Thisisu) C:\windows\system32\config\systemprofile\Desktop\JRT.exe
2013-12-02 14:31 - 2013-12-02 14:30 - 00000000 ____D C:\rsit
2013-12-02 14:30 - 2012-09-08 13:19 - 00000000 ____D C:\Program Files\trend micro
2013-12-02 14:29 - 2013-12-02 14:29 - 00781383 _____ C:\windows\system32\config\systemprofile\Desktop\RSIT.exe
2013-12-01 20:17 - 2012-09-18 16:37 - 00000910 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job
2013-12-01 19:20 - 2012-09-20 18:15 - 00000906 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job
2013-11-30 21:33 - 2013-11-30 21:33 - 00000000 ____D C:\windows\system32\%LocalAppData%
2013-11-30 19:36 - 2012-06-10 14:22 - 00000000 ____D C:\Program Files\Steam
2013-11-28 17:36 - 2013-11-28 17:32 - 00010058 _____ C:\windows\IE11_main.log
2013-11-28 17:33 - 2013-11-28 17:33 - 17142784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 11220992 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 04240384 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-28 17:33 - 2013-11-28 17:33 - 02166272 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 01926656 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-28 17:33 - 2013-11-28 17:33 - 01818112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 01156608 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 01051136 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00703488 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-28 17:33 - 2013-11-28 17:33 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00553472 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00523776 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00454656 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00367104 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-28 17:33 - 2013-11-28 17:33 - 00244736 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00238288 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00208384 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-28 17:33 - 2013-11-28 17:33 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-28 17:33 - 2013-11-28 17:33 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-28 17:33 - 2013-11-28 17:33 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-27 21:02 - 2009-09-20 08:17 - 01616260 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-26 17:12 - 2013-11-26 17:09 - 00000000 ____D C:\windows\system32\config\systemprofile\Desktop\cd1113
2013-11-26 17:12 - 2013-11-19 18:35 - 00000000 ____D C:\windows\system32\config\systemprofile\Desktop\ssongy
2013-11-24 19:40 - 2013-11-23 10:55 - 00000000 ____D C:\Program Files\Mobogenie
2013-11-23 22:59 - 2013-11-23 22:49 - 150248469 _____ C:\windows\system32\config\systemprofile\Downloads\civ5_bnw_cz_intro.zip
2013-11-23 22:53 - 2013-11-23 22:52 - 00000000 ____D C:\windows\system32\config\systemprofile\Downloads\civ5_allinone_cz_v1.22_lite
2013-11-23 22:49 - 2013-11-23 22:49 - 01231346 _____ C:\windows\system32\config\systemprofile\Downloads\civ5_allinone_cz_v1.22_lite.zip
2013-11-23 19:39 - 2013-11-23 19:38 - 09012016 ____R C:\windows\system32\config\systemprofile\Downloads\3DMGAME-Civilization.V.Brave.New.World.Crack.Only.V2-3DM.rar
2013-11-23 19:27 - 2013-11-23 19:27 - 00000000 ____D C:\Program Files\Sk-Enhancer
2013-11-23 19:26 - 2013-11-23 19:25 - 00312208 _____ (QuickSet) C:\windows\system32\config\systemprofile\Downloads\3DMGAME-Civilization V Brave New World Crack Only V2-3DM rar.exe
2013-11-23 19:23 - 2013-11-23 14:39 - 00000000 ____D C:\windows\system32\config\systemprofile\Desktop\CIV
2013-11-23 19:06 - 2013-11-23 19:06 - 00001280 _____ C:\windows\system32\config\systemprofile\Desktop\Sid Meier's Civilization 5.lnk
2013-11-23 18:32 - 2013-11-23 18:32 - 00000000 ____D C:\Program Files\R.G. Mechanics
2013-11-23 18:31 - 2013-10-12 14:52 - 00000000 ____D C:\Program Files\THQ
2013-11-23 18:30 - 2013-11-23 11:27 - 00000000 ____D C:\windows\system32\config\systemprofile\Downloads\Civilization V
2013-11-23 17:27 - 2013-11-23 16:18 - 00000000 ____D C:\windows\system32\config\systemprofile\Downloads\[R.G. Mechanics] Civilization 5 GOTY
2013-11-23 14:37 - 2013-11-23 14:37 - 00000000 ____D C:\Program Files\Elaborate Bytes
2013-11-22 23:00 - 2013-11-09 20:38 - 00234052 _____ C:\windows\Directx.log
2013-11-22 21:14 - 2013-08-30 18:11 - 00000000 ____D C:\GOG Games
2013-11-22 20:04 - 2013-11-22 20:04 - 00000000 ____D C:\Program Files\iVIDI.org plugin
2013-11-22 14:12 - 2012-03-23 10:25 - 00000052 _____ C:\windows\system32\DOErrors.log
2013-11-21 23:58 - 2012-03-04 14:16 - 00001912 _____ C:\windows\epplauncher.mif
2013-11-21 23:58 - 2012-03-04 14:12 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-21 20:15 - 2012-10-22 12:56 - 00000000 ____D C:\windows\system32\config\systemprofile\AppData\Local\Apps\2.0
2013-11-21 20:10 - 2013-09-14 12:16 - 00037664 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx86.sys
2013-11-20 23:42 - 2009-07-27 08:32 - 60305408 _____ C:\windows\system32\config\RegBack\SOFTWARE
2013-11-20 23:42 - 2009-07-27 08:32 - 18526208 _____ C:\windows\system32\config\RegBack\SYSTEM
2013-11-20 23:42 - 2009-07-27 08:32 - 00983040 _____ C:\windows\system32\config\RegBack\DEFAULT
2013-11-20 23:42 - 2009-07-27 08:32 - 00036864 _____ C:\windows\system32\config\RegBack\SECURITY
2013-11-20 23:42 - 2009-07-27 08:32 - 00028672 _____ C:\windows\system32\config\RegBack\SAM
2013-11-19 11:21 - 2012-03-05 14:42 - 00230048 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2013-11-18 18:43 - 2009-07-14 03:37 - 00000000 ____D C:\windows\rescache
2013-11-17 10:18 - 2013-11-17 10:18 - 00034308 _____ C:\windows\system32\BASSMOD.dll
2013-11-16 12:27 - 2009-09-20 08:10 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-11-16 11:40 - 2013-11-16 11:40 - 01156921 _____ C:\windows\content.csv
2013-11-16 11:40 - 2012-06-29 19:52 - 00000326 _____ C:\windows\level.ini
2013-11-16 11:40 - 2012-06-29 19:52 - 00000316 _____ C:\windows\tmp2Level.ini
2013-11-16 09:57 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\Microsoft Games
2013-11-16 09:48 - 2009-07-27 09:31 - 00000000 ____D C:\windows\Panther
2013-11-16 01:28 - 2013-07-16 22:25 - 00000000 ____D C:\windows\system32\MRT
2013-11-16 01:23 - 2012-03-04 14:55 - 80340640 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-15 20:05 - 2013-11-15 20:05 - 00000000 ____D C:\Program Files\Paradox Interactive
2013-11-13 16:57 - 2013-11-13 16:57 - 00000000 ____D C:\windows\system32\config\systemprofile\AppData\LocalGoogle
2013-11-10 10:42 - 2012-11-09 18:26 - 00000000 ___HD C:\windows\msdownld.tmp
2013-11-10 10:42 - 2012-06-11 14:04 - 00000000 ____D C:\windows\system32\directx
2013-11-09 23:45 - 2013-03-24 14:55 - 00000000 ____D C:\Program Files\Counter-Strike 1.6 Standalone
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-20 23:42
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:280.8 GB) (Free:5.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.92 GB) FAT32
Available physical RAM: 1804.52 MB
Total physical RAM: 3066.27 MB
Percentage of memory in use: 41%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: DCB86D34)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=281 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job => C:\Users\radek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job => C:\Users\radek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job => C:\Users\radek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job => C:\Users\radek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\schedule!3036567561.job => C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe
Task: C:\windows\Tasks\Sk-Enhancer-S-5902107913.job => c:\programdata\quickset\sk-enhancer\Sk-Enhancer.exe
Task: C:\windows\Tasks\WpsUpdateTask_radek.job => C:\Program Files\Programy\Kingsoft Office\office6\wpsupdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\windows\system32\config\systemprofile\Desktop" je 5020 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6
"C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount
"C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CompuCare Check for updates
C:\Users\radek\AppData\Roaming\SuperPump\updater.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\Programy\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\radek\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files\Programy\Kies\Kies.exe /preload [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files\Programy\Kies\KiesTrayAgent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv
C:\windows\inf\ntvdm.vbe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete
C:\Program Files\PDF Complete\pdfsty.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt
"C:\Program Files\AVG SafeGuard toolbar\vprot.exe" [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
- Přílohy
-
- Addition.zip
- (7.99 KiB) Staženo 52 x
Re: Kontrola logu
Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/
- C:\Windows\System32\yk62x86.dll
- Kliknete na Choose file
- Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
- Kliknete na Scan It
- Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
- Vysledek analyzy sem vlozte (jako odkaz)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start URLSearchHook: HKLM - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File SearchScopes: HKLM - DefaultScope value is missing. BHO: No Name - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - No File BHO: Search-NewTab - {B0DB0831-3E7B-FE54-3380-378C339527E4} - C:\ProgramData\Search-NewTab\511ff150d9dfc.dll No File BHO: YoutubeAdblocker - {B30815A3-6427-E936-5A29-42319CBB4390} - C:\Program Files\YoutubeAdblocker\JqsJr0.dll No File CHR Extension: (iVIDI.org plugin) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol\1.3_1 CHR HKLM\...\Chrome\Extension: [giacfgjdclhnmkacnfbaljbmpnelflol] - C:\Program Files\iVIDI.org plugin\ividiplg.crx CHR HKLM\...\Chrome\Extension: [jkcmkpifpihhlkkbjfehamkiigljaome] - C:\ProgramData\ADDICT-THING\jkcmkpifpihhlkkbjfehamkiigljaome.crx CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx CHR HKLM\...\Chrome\Extension: [nlpindoelpbbhemddgobhijndonccnge] - C:\Program Files\Search Fairy\SearchFairy.crx CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\radek\AppData\Local\Temp\ccex.crx S2 vToolbarUpdater17.1.3; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe [x] S3 CFcatchme; \??\C:\Users\radek\AppData\Local\Temp\CFcatchme.sys [x] S1 nyiigiof; \??\C:\windows\system32\drivers\nyiigiof.sys [x] S1 vcbenera; \??\C:\windows\system32\drivers\vcbenera.sys [x] Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job => C:\Users\radek\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job => C:\Users\radek\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job => C:\Users\radek\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job => C:\Users\radek\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\schedule!3036567561.job => C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe Task: C:\windows\Tasks\Sk-Enhancer-S-5902107913.job => c:\programdata\quickset\sk-enhancer\Sk-Enhancer.exe Task: C:\windows\Tasks\WpsUpdateTask_radek.job => C:\Program Files\Programy\Kingsoft Office\office6\wpsupdate.exe AlternateDataStreams: C:\Windows:nlsPreferences REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CompuCare Check for updates" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt" /f C:\Program Files\Search Fairy C:\Program Files\AVG SafeGuard toolbar C:\Program Files\IObit C:\ProgramData\BetterSoft c:\programdata\quickset\sk-enhancer Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-12-2013
Ran by radek at 2013-12-03 16:29:38 Run:1
Running from C:\Windows\System32\config\systemprofile\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
URLSearchHook: HKLM - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM - DefaultScope value is missing.
BHO: No Name - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - No File
BHO: Search-NewTab - {B0DB0831-3E7B-FE54-3380-378C339527E4} - C:\ProgramData\Search-NewTab\511ff150d9dfc.dll No File
BHO: YoutubeAdblocker - {B30815A3-6427-E936-5A29-42319CBB4390} - C:\Program Files\YoutubeAdblocker\JqsJr0.dll No File
CHR Extension: (iVIDI.org plugin) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol\1.3_1
CHR HKLM\...\Chrome\Extension: [giacfgjdclhnmkacnfbaljbmpnelflol] - C:\Program Files\iVIDI.org plugin\ividiplg.crx
CHR HKLM\...\Chrome\Extension: [jkcmkpifpihhlkkbjfehamkiigljaome] - C:\ProgramData\ADDICT-THING\jkcmkpifpihhlkkbjfehamkiigljaome.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [nlpindoelpbbhemddgobhijndonccnge] - C:\Program Files\Search Fairy\SearchFairy.crx
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\radek\AppData\Local\Temp\ccex.crx
S2 vToolbarUpdater17.1.3; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe [x]
S3 CFcatchme; \??\C:\Users\radek\AppData\Local\Temp\CFcatchme.sys [x]
S1 nyiigiof; \??\C:\windows\system32\drivers\nyiigiof.sys [x]
S1 vcbenera; \??\C:\windows\system32\drivers\vcbenera.sys [x]
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job => C:\Users\radek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job => C:\Users\radek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job => C:\Users\radek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job => C:\Users\radek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\schedule!3036567561.job => C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe
Task: C:\windows\Tasks\Sk-Enhancer-S-5902107913.job => c:\programdata\quickset\sk-enhancer\Sk-Enhancer.exe
Task: C:\windows\Tasks\WpsUpdateTask_radek.job => C:\Program Files\Programy\Kingsoft Office\office6\wpsupdate.exe
AlternateDataStreams: C:\Windows:nlsPreferences
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CompuCare Check for updates" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt" /f
C:\Program Files\Search Fairy
C:\Program Files\AVG SafeGuard toolbar
C:\Program Files\IObit
C:\ProgramData\BetterSoft
c:\programdata\quickset\sk-enhancer
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} => Key deleted successfully.
HKCR\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B0DB0831-3E7B-FE54-3380-378C339527E4} => Key deleted successfully.
HKCR\CLSID\{B0DB0831-3E7B-FE54-3380-378C339527E4} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B30815A3-6427-E936-5A29-42319CBB4390} => Key deleted successfully.
HKCR\CLSID\{B30815A3-6427-E936-5A29-42319CBB4390} => Key deleted successfully.
C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol => Key deleted successfully.
C:\Program Files\iVIDI.org plugin\ividiplg.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\jkcmkpifpihhlkkbjfehamkiigljaome => Key deleted successfully.
"C:\ProgramData\ADDICT-THING\jkcmkpifpihhlkkbjfehamkiigljaome.crx" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key deleted successfully.
C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\nlpindoelpbbhemddgobhijndonccnge => Key deleted successfully.
"C:\Program Files\Search Fairy\SearchFairy.crx" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc => Key deleted successfully.
"C:\Users\radek\AppData\Local\Temp\ccex.crx" => File/Directory not found.
vToolbarUpdater17.1.3 => Service deleted successfully.
CFcatchme => Service deleted successfully.
nyiigiof => Service deleted successfully.
vcbenera => Service deleted successfully.
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job => Moved successfully.
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job => Moved successfully.
C:\windows\Tasks\schedule!3036567561.job => Moved successfully.
C:\windows\Tasks\Sk-Enhancer-S-5902107913.job => Moved successfully.
C:\windows\Tasks\WpsUpdateTask_radek.job => Moved successfully.
C:\Windows => ":nlsPreferences" ADS removed successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CompuCare Check for updates" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"C:\Program Files\Search Fairy" => File/Directory not found.
"C:\Program Files\AVG SafeGuard toolbar" => File/Directory not found.
C:\Program Files\IObit => Moved successfully.
"C:\ProgramData\BetterSoft" => File/Directory not found.
"c:\programdata\quickset\sk-enhancer" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Ran by radek at 2013-12-03 16:29:38 Run:1
Running from C:\Windows\System32\config\systemprofile\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
URLSearchHook: HKLM - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM - DefaultScope value is missing.
BHO: No Name - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - No File
BHO: Search-NewTab - {B0DB0831-3E7B-FE54-3380-378C339527E4} - C:\ProgramData\Search-NewTab\511ff150d9dfc.dll No File
BHO: YoutubeAdblocker - {B30815A3-6427-E936-5A29-42319CBB4390} - C:\Program Files\YoutubeAdblocker\JqsJr0.dll No File
CHR Extension: (iVIDI.org plugin) - C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol\1.3_1
CHR HKLM\...\Chrome\Extension: [giacfgjdclhnmkacnfbaljbmpnelflol] - C:\Program Files\iVIDI.org plugin\ividiplg.crx
CHR HKLM\...\Chrome\Extension: [jkcmkpifpihhlkkbjfehamkiigljaome] - C:\ProgramData\ADDICT-THING\jkcmkpifpihhlkkbjfehamkiigljaome.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [nlpindoelpbbhemddgobhijndonccnge] - C:\Program Files\Search Fairy\SearchFairy.crx
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\radek\AppData\Local\Temp\ccex.crx
S2 vToolbarUpdater17.1.3; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe [x]
S3 CFcatchme; \??\C:\Users\radek\AppData\Local\Temp\CFcatchme.sys [x]
S1 nyiigiof; \??\C:\windows\system32\drivers\nyiigiof.sys [x]
S1 vcbenera; \??\C:\windows\system32\drivers\vcbenera.sys [x]
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job => C:\Users\radek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job => C:\Users\radek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job => C:\Users\radek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job => C:\Users\radek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\schedule!3036567561.job => C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe
Task: C:\windows\Tasks\Sk-Enhancer-S-5902107913.job => c:\programdata\quickset\sk-enhancer\Sk-Enhancer.exe
Task: C:\windows\Tasks\WpsUpdateTask_radek.job => C:\Program Files\Programy\Kingsoft Office\office6\wpsupdate.exe
AlternateDataStreams: C:\Windows:nlsPreferences
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CompuCare Check for updates" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt" /f
C:\Program Files\Search Fairy
C:\Program Files\AVG SafeGuard toolbar
C:\Program Files\IObit
C:\ProgramData\BetterSoft
c:\programdata\quickset\sk-enhancer
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} => Key deleted successfully.
HKCR\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B0DB0831-3E7B-FE54-3380-378C339527E4} => Key deleted successfully.
HKCR\CLSID\{B0DB0831-3E7B-FE54-3380-378C339527E4} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B30815A3-6427-E936-5A29-42319CBB4390} => Key deleted successfully.
HKCR\CLSID\{B30815A3-6427-E936-5A29-42319CBB4390} => Key deleted successfully.
C:\windows\system32\config\SYSTEM~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol => Key deleted successfully.
C:\Program Files\iVIDI.org plugin\ividiplg.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\jkcmkpifpihhlkkbjfehamkiigljaome => Key deleted successfully.
"C:\ProgramData\ADDICT-THING\jkcmkpifpihhlkkbjfehamkiigljaome.crx" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key deleted successfully.
C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\nlpindoelpbbhemddgobhijndonccnge => Key deleted successfully.
"C:\Program Files\Search Fairy\SearchFairy.crx" => File/Directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc => Key deleted successfully.
"C:\Users\radek\AppData\Local\Temp\ccex.crx" => File/Directory not found.
vToolbarUpdater17.1.3 => Service deleted successfully.
CFcatchme => Service deleted successfully.
nyiigiof => Service deleted successfully.
vcbenera => Service deleted successfully.
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job => Moved successfully.
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001Core.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2547358587-2929462275-746118280-1001UA.job => Moved successfully.
C:\windows\Tasks\schedule!3036567561.job => Moved successfully.
C:\windows\Tasks\Sk-Enhancer-S-5902107913.job => Moved successfully.
C:\windows\Tasks\WpsUpdateTask_radek.job => Moved successfully.
C:\Windows => ":nlsPreferences" ADS removed successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CompuCare Check for updates" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"C:\Program Files\Search Fairy" => File/Directory not found.
"C:\Program Files\AVG SafeGuard toolbar" => File/Directory not found.
C:\Program Files\IObit => Moved successfully.
"C:\ProgramData\BetterSoft" => File/Directory not found.
"c:\programdata\quickset\sk-enhancer" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: Kontrola logu
Jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Řekl bych že v pohodě, jen musím všechno nastavit zpět a uvidím.
Re: Kontrola logu
Tak jeste uklidime 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Všechno sem udělal podle postupů... po Ccleaneru sem notebook ještě restartoval a opět mám místo nastaveného pozadí, jenom černé pozadí.
Ještě se mi na ploše zobrazuje (již delší dobu), že ovladač Starforce nefunguje z důvodu kompatibility - nevím jak to odstranit.
Popřípadě ještě jedna věcička (poměrně detail) - od doby kdy se mi v notebooku pokazila baterie (musím být pořád připojen do elektřiny, baterie jede 15 minut) se mi před začátkem načítání windows zobrazuje nějaká hláška od HP o chybě (myslím že číslo 603 nebo 613) baterie, kterou musím odkliknout entrem nebo čekat pár vteřin.... kdyby to šlo odstranit, tak bych byl taky velmi rád.
Prozatím děkuju za všechny rady a návody.
Ještě se mi na ploše zobrazuje (již delší dobu), že ovladač Starforce nefunguje z důvodu kompatibility - nevím jak to odstranit.
Popřípadě ještě jedna věcička (poměrně detail) - od doby kdy se mi v notebooku pokazila baterie (musím být pořád připojen do elektřiny, baterie jede 15 minut) se mi před začátkem načítání windows zobrazuje nějaká hláška od HP o chybě (myslím že číslo 603 nebo 613) baterie, kterou musím odkliknout entrem nebo čekat pár vteřin.... kdyby to šlo odstranit, tak bych byl taky velmi rád.
Prozatím děkuju za všechny rady a návody.
Přispějete na provoz fóra?