Dobrý den,
prosím o pomoc s odvirováním.
Používám Mozillu Firefox. V textech zobrazených stránek jsou nesmyslné odkazy (většinou se otevře hxxp://rvzr-a.akamaihd.net...)
a navíc se mi otevírají dvě okna, jedno, které jsem si zvolil a druhé, reklamní, většinou na nějakou hru.
Díky
Přikládám log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by vasek at 2013-12-09 11:31:08
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 224 GB (49%) free of 459 GB
Total RAM: 8047 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:31:10, on 9.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender_gui.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Users\vasek\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
C:\windows\SysWOW64\ctfmon.exe
C:\Program Files\trend micro\vasek.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2786678
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: BitTorrentBar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: iToolsBHO - {E1499FE7-129D-4B6E-B681-DDF21E14172C} - C:\Users\vasek\Documents\iTools\Plugin\iToolsBHO.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\95408223-996a-44c6-a919-232e4a22c1e0.exe /check
O4 - HKCU\..\Run: [googletalk] C:\Users\vasek\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [Google Update] "C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: DEBridge - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP SkyRoom (Hp.Skyroom.Windows.Service) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Remote Graphics Sender Service (rgsender) - Hewlett-Packard, Inc. - c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 18470 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
"c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
C:\windows\system32\Hpservice.exe
C:\windows\system32\svchost.exe -k NetworkService
winlogon.exe
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\system32\nvvsvc.exe -session -first
/QuitInfo:000000000000076C;0000000000000770; /AddRef;
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe" -startService
"c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"taskhost.exe"
/QuitInfo:0000000000000810;000000000000080C; /AddRef;
/QuitInfo:0000000000000818;00000000000008B8;
WLIDSvcM.exe 3184
/loadhooks /Parent:0000000000000E38
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\windows\system32\wbem\wmiprvse.exe
"c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe" -l logSetup
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
rgsender.exe -l logSetup
"C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe /Embedding
"rgsender_gui.exe"
Hp.SkyRoom.Windows.RgsPlugin.Authentication.exe
\??\C:\windows\system32\conhost.exe "232237128-2103686043278271805-1787993227-1973725274-1026309398-1669635100-1719472088
C:\windows\system32\svchost.exe -k bthsvcs
Hp.SkyRoom.Windows.RgsPlugin.Lens.exe
\??\C:\windows\system32\conhost.exe "-3255889881573245371846095188-755334626-1029456445-14439991872085783641002514535
Hp.SkyRoom.Windows.RgsPlugin.Licensing.exe
\??\C:\windows\system32\conhost.exe "7670997781523118370-910562991-698871616110391921918643784291184424839-1388857750
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Users\vasek\AppData\Roaming\Google\Google Talk\googletalk.exe" /autostart
"C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe" /Start
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\windows\splwow64.exe 8192
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE"
"C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe" "C:\Users\vasek\AppData\Local\Plex Media Server\Plug-ins\Framework.bundle\Contents\Resources\Versions\2\Python/bootstrap.py" "C:\Users\vasek\AppData\Local\Plex Media Server\Plug-ins\System.bundle"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
\??\C:\windows\system32\conhost.exe "-1792637100-1405842559-951377019-1065692136788211757-4922690745415-1258289541
"C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
C:\windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
ctfmon.exe
/QuitInfo:000000000000069C;0000000000000A28; /SeekDesktop:
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\vasek\Desktop\RSITx64.exe"
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000UA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003UA.job
C:\windows\tasks\HPCeeScheduleForvasek.job
=========Mozilla firefox=========
ProfilePath - C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.cz/?gws_rd=cr&ei=Vch ... 4ATsnoDYBw"
prefs.js - "extensions.enabledItems" - "otis@digitalpersona.com:5.0.0.4189, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, xmlfiller@software602.cz:3.16.2, {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, DTToolbar@toolbarnet.com:1.1.4.0024, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 191&UM=&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.152 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@itools.hk/npiTools, version=1.0.0]
"Description"=
"Path"=C:\Users\vasek\Documents\iTools\Plugin\npiTools.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.152 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@itools.hk/npiTools, version=1.0.0]
"Description"=
"Path"=C:\Users\vasek\Documents\iTools\Plugin\npiTools.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39]
"Description"=
"Path"=C:\windows\system32\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
xmlfiller@software602.cz
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
nsIFillerPlugin.xpt
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
npfiller.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
mall-cz.xml
McSiteAdvisor.xml
C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\searchplugins\
ask-search.xml
askcom.xml
conduit.xml
daemon-search.xml
qr-code-online.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-10-31 245592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2012-02-06 2132304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2013-03-28 351664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14 6307960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-03-28 54192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E1499FE7-129D-4B6E-B681-DDF21E14172C}]
BHOImpl Class - C:\Users\vasek\Documents\iTools\Plugin\iToolsBHO64.dll [2012-12-19 40400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14 175776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2012-02-06 1471824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
BitTorrentBar Toolbar - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll [2011-05-09 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-21 606544]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E1499FE7-129D-4B6E-B681-DDF21E14172C}]
BHOImpl Class - C:\Users\vasek\Documents\iTools\Plugin\iToolsBHO.dll [2012-12-19 51152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-10-31 245592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - BitTorrentBar Toolbar - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll [2011-05-09 176936]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-21 606544]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14 4372120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2010-04-05 186904]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2009-11-19 1690680]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [2009-11-19 363064]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-01-29 487424]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"nwiz"=nwiz.exe /installquiet []
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2009-11-24 16405608]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-07-26 2782096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2013-11-27 21720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"googletalk"=C:\Users\vasek\AppData\Roaming\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
"Google Update"=C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-16 136176]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]
"Plex Media Server"=C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [2013-09-05 4195464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2013-05-08 642664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Program Files (x86)\BitTorrent\BitTorrent.exe [2012-06-18 6380440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^vasek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-06-07 1195520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]
"NUSB3MON"=c:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-11-21 106496]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2010-03-03 111640]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2013-05-08 44128]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AppleSyncNotifier"=C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-11-02 59240]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-12-02 1316248]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-11-02 152392]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-21 3568312]
"20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\95408223-996a-44c6-a919-232e4a22c1e0.exe [2013-11-25 180184]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
wlnotify.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2013-11-27 243200]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=3
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-12-09 11:31:08 ----D---- C:\rsit
2013-11-27 11:10:12 ----A---- C:\windows\system32\IEUDINIT.EXE
2013-11-27 11:06:46 ----A---- C:\windows\SYSWOW64\elshyph.dll
2013-11-27 11:06:46 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-27 11:06:44 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-11-27 11:06:44 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-11-27 11:06:44 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-27 11:06:44 ----A---- C:\windows\SYSWOW64\msrating.dll
2013-11-27 11:06:44 ----A---- C:\windows\SYSWOW64\msls31.dll
2013-11-27 11:06:44 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-11-27 11:06:44 ----A---- C:\windows\SYSWOW64\jsIntl.dll
2013-11-27 11:06:44 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-11-27 11:06:44 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-11-27 11:06:44 ----A---- C:\windows\system32\elshyph.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\wextract.exe
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\webcheck.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\url.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\SetIEInstalledDate.exe
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\pngfilt.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\occache.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\mshtmler.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\mshta.exe
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\msfeedssync.exe
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\licmgr10.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\inseng.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\imgutil.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\iexpress.exe
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\iesetup.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\iernonce.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\iepeers.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\ieapfltr.dat
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\IEAdvpack.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\icardie.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2013-11-27 11:06:43 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\wininet.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\wextract.exe
2013-11-27 11:06:43 ----A---- C:\windows\system32\webcheck.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\vbscript.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\urlmon.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\url.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2013-11-27 11:06:43 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-11-27 11:06:43 ----A---- C:\windows\system32\pngfilt.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\occache.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\msrating.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\msls31.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\mshtmlmedia.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\mshtmler.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\mshtmled.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\MshtmlDac.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\mshtml.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\mshta.exe
2013-11-27 11:06:43 ----A---- C:\windows\system32\msfeedssync.exe
2013-11-27 11:06:43 ----A---- C:\windows\system32\msfeedsbs.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\msfeeds.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\licmgr10.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\jsproxy.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\jsIntl.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\jscript9diag.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\jscript9.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\jscript.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\inseng.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\imgutil.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\iexpress.exe
2013-11-27 11:06:43 ----A---- C:\windows\system32\ieUnatt.exe
2013-11-27 11:06:43 ----A---- C:\windows\system32\ieui.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\iesysprep.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\iesetup.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\iertutil.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\iernonce.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\iepeers.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\ieframe.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\ieetwproxystub.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\ieetwcollectorres.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\ieetwcollector.exe
2013-11-27 11:06:43 ----A---- C:\windows\system32\iedkcs32.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\ieapfltr.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\ieapfltr.dat
2013-11-27 11:06:43 ----A---- C:\windows\system32\IEAdvpack.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\ie4uinit.exe
2013-11-27 11:06:43 ----A---- C:\windows\system32\icardie.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\dxtrans.dll
2013-11-27 11:06:43 ----A---- C:\windows\system32\dxtmsft.dll
2013-11-21 21:10:00 ----D---- C:\Users\vasek\AppData\Roaming\AVAST Software
2013-11-16 13:01:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-11-14 20:52:15 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-14 20:52:15 ----D---- C:\Program Files\iTunes
2013-11-14 20:52:15 ----D---- C:\Program Files\iPod
2013-11-14 20:52:15 ----D---- C:\Program Files (x86)\iTunes
2013-11-14 11:44:21 ----A---- C:\windows\SYSWOW64\crypt32.dll
2013-11-14 11:44:21 ----A---- C:\windows\system32\crypt32.dll
2013-11-14 11:44:14 ----A---- C:\windows\system32\drivers\afd.sys
2013-11-14 11:44:12 ----A---- C:\windows\system32\authui.dll
2013-11-14 11:44:10 ----A---- C:\windows\SYSWOW64\authui.dll
2013-11-14 11:44:09 ----A---- C:\windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-14 11:44:09 ----A---- C:\windows\SYSWOW64\credui.dll
2013-11-14 11:44:09 ----A---- C:\windows\system32\SmartcardCredentialProvider.dll
2013-11-14 11:44:09 ----A---- C:\windows\system32\credui.dll
2013-11-14 11:44:02 ----A---- C:\windows\system32\schannel.dll
2013-11-14 11:44:01 ----A---- C:\windows\SYSWOW64\schannel.dll
2013-11-14 11:44:01 ----A---- C:\windows\system32\lsasrv.dll
2013-11-14 11:44:01 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2013-11-14 11:44:01 ----A---- C:\windows\system32\drivers\ksecdd.sys
2013-11-14 11:44:01 ----A---- C:\windows\system32\drivers\cng.sys
2013-11-14 11:44:00 ----A---- C:\windows\SYSWOW64\sspicli.dll
2013-11-14 11:44:00 ----A---- C:\windows\SYSWOW64\secur32.dll
2013-11-14 11:44:00 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2013-11-14 11:44:00 ----A---- C:\windows\system32\sspisrv.dll
2013-11-14 11:44:00 ----A---- C:\windows\system32\sspicli.dll
2013-11-14 11:44:00 ----A---- C:\windows\system32\secur32.dll
2013-11-14 11:44:00 ----A---- C:\windows\system32\ncrypt.dll
2013-11-14 11:44:00 ----A---- C:\windows\system32\lsass.exe
2013-11-14 11:43:57 ----A---- C:\windows\SYSWOW64\gdi32.dll
2013-11-14 11:43:57 ----A---- C:\windows\system32\gdi32.dll
2013-11-14 11:43:56 ----A---- C:\windows\system32\nshwfp.dll
2013-11-14 11:43:56 ----A---- C:\windows\system32\IKEEXT.DLL
2013-11-14 11:43:56 ----A---- C:\windows\system32\FWPUCLNT.DLL
2013-11-14 11:43:55 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2013-11-14 11:43:55 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
======List of files/folders modified in the last 1 month======
2013-12-09 11:31:09 ----D---- C:\windows\Temp
2013-12-09 11:31:09 ----D---- C:\Program Files\trend micro
2013-12-09 11:28:29 ----D---- C:\Users\vasek\AppData\Roaming\Skype
2013-12-09 11:09:03 ----D---- C:\windows\system32\config
2013-12-09 10:56:07 ----D---- C:\ProgramData\boost_interprocess
2013-12-09 10:53:56 ----A---- C:\windows\SYSWOW64\log.txt
2013-12-08 20:06:24 ----SHD---- C:\System Volume Information
2013-12-08 14:10:06 ----D---- C:\ProgramData\CanonIJPLM
2013-12-08 14:03:13 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-12-06 22:03:14 ----D---- C:\windows\Prefetch
2013-12-06 21:25:54 ----D---- C:\windows\system32\catroot2
2013-12-03 10:32:27 ----D---- C:\windows\inf
2013-12-02 22:15:45 ----D---- C:\Users\vasek\AppData\Roaming\SoftGrid Client
2013-12-02 14:11:18 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-12-02 12:53:12 ----D---- C:\Windows
2013-12-02 12:45:19 ----D---- C:\Users\vasek\AppData\Roaming\inkscape
2013-12-02 12:45:17 ----D---- C:\Users\vasek\AppData\Roaming\BitTorrent
2013-12-02 12:44:41 ----D---- C:\windows\Panther
2013-12-02 12:44:40 ----D---- C:\windows\Minidump
2013-12-02 12:44:40 ----D---- C:\windows\Logs
2013-12-02 12:44:40 ----D---- C:\windows\debug
2013-12-02 12:42:01 ----D---- C:\windows\system32\Tasks
2013-12-02 12:41:59 ----RD---- C:\Program Files (x86)
2013-12-02 12:41:59 ----D---- C:\Program Files (x86)\Google
2013-12-02 12:41:59 ----D---- C:\Program Files (x86)\CCleaner
2013-12-02 12:38:12 ----D---- C:\ProgramData
2013-12-02 12:28:31 ----SHD---- C:\windows\Installer
2013-11-27 20:21:50 ----D---- C:\windows\rescache
2013-11-27 14:16:30 ----D---- C:\Users\vasek\AppData\Roaming\vlc
2013-11-27 13:40:59 ----D---- C:\windows\System32
2013-11-27 13:40:59 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-11-27 13:36:33 ----D---- C:\windows\winsxs
2013-11-27 13:33:43 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-11-27 13:33:43 ----D---- C:\windows\system32\cs-CZ
2013-11-27 13:33:43 ----D---- C:\Program Files\Internet Explorer
2013-11-27 13:33:43 ----D---- C:\Program Files (x86)\Internet Explorer
2013-11-27 13:33:40 ----D---- C:\windows\SYSWOW64\migration
2013-11-27 13:33:40 ----D---- C:\windows\SYSWOW64\en-US
2013-11-27 13:33:40 ----D---- C:\windows\SysWOW64
2013-11-27 13:33:38 ----D---- C:\windows\system32\migration
2013-11-27 13:33:38 ----D---- C:\windows\system32\en-US
2013-11-27 13:33:38 ----D---- C:\windows\PolicyDefinitions
2013-11-27 11:09:51 ----D---- C:\windows\system32\catroot
2013-11-26 10:20:13 ----RD---- C:\Program Files
2013-11-26 09:06:48 ----D---- C:\ProgramData\Skype
2013-11-26 09:06:44 ----RD---- C:\Program Files (x86)\Skype
2013-11-21 21:07:09 ----D---- C:\windows\system32\drivers
2013-11-21 21:05:49 ----A---- C:\windows\system32\aswBoot.exe
2013-11-21 21:04:12 ----D---- C:\ProgramData\AVAST Software
2013-11-21 12:54:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-21 10:20:27 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-11-16 18:29:45 ----D---- C:\windows\Tasks
2013-11-14 17:19:41 ----D---- C:\windows\system32\MRT
2013-11-14 17:17:50 ----A---- C:\windows\system32\MRT.exe
2013-11-11 15:49:01 ----D---- C:\Users\vasek\AppData\Roaming\Mozilla
2013-11-11 05:50:16 ----N---- C:\windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2013-11-21 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2013-11-21 205320]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-04-05 409624]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2009-11-11 56648]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2009-06-04 60160]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2009-11-11 15688]
R0 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 34688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; \??\C:\windows\system32\drivers\aswRdr2.sys [2013-11-21 92544]
R1 aswSnx;aswSnx; \??\C:\windows\system32\drivers\aswSnx.sys [2013-11-21 1032416]
R1 aswSP;aswSP; \??\C:\windows\system32\drivers\aswSP.sys [2013-11-21 409832]
R1 aswTdi;aswTdi; \??\C:\windows\system32\drivers\aswTdi.sys [2013-11-21 65264]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-17 254528]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2009-11-11 58184]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; \??\C:\windows\system32\drivers\aswFsBlk.sys [2013-11-21 38984]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2013-11-21 84328]
R2 rimmptsk;rimmptsk; C:\windows\system32\DRIVERS\rimmpx64.sys [2009-06-26 67584]
R2 rimsptsk;rimsptsk; C:\windows\system32\DRIVERS\rimspx64.sys [2009-06-26 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\windows\system32\DRIVERS\rixdpx64.sys [2009-06-26 57856]
R3 5U876UVC;HP Webcam [2 MP series]; C:\windows\system32\DRIVERS\5U876.sys [2009-11-14 144768]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-08-03 1208320]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed; C:\windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\windows\system32\DRIVERS\e1k62x64.sys [2011-05-04 340656]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-08-03 8604672]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2009-11-21 75776]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2009-11-21 177152]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2009-11-12 84584]
R3 rismcx64;RICOH Smart Card Reader; C:\windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
R3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt64.sys [2010-01-29 505856]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
R3 tap0901;TAP-Win32 Adapter V9; C:\windows\system32\DRIVERS\tap0901.sys [2009-12-12 31232]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\windows\system32\DRIVERS\wacommousefilter.sys [2007-02-16 12848]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\windows\system32\DRIVERS\wacomvhid.sys [2009-09-22 16168]
S2 rimspci;rimspci; C:\windows\system32\DRIVERS\rimspe64.sys [2009-10-26 61952]
S2 risdpcie;risdpcie; C:\windows\system32\DRIVERS\risdpe64.sys [2009-10-29 79360]
S2 rixdpcie;rixdpcie; C:\windows\system32\DRIVERS\rixdpe64.sys [2009-09-29 55808]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed; C:\windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-09-17 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2009-09-17 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-09-17 35104]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-09-17 21160]
S3 grmnusb;grmnusb; C:\windows\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]
S3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 tap0801;TAP-Win32 Adapter V8; C:\windows\system32\DRIVERS\tap0801.sys [2005-04-13 30720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 wacmoumonitor;Wacom Mode Helper; C:\windows\system32\DRIVERS\wacmoumonitor.sys [2010-11-02 13312]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [2009-03-03 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-08-03 16896]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-15 659976]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-21 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-23 135952]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 873248]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 DpHost;@C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2010-07-16 462160]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2009-11-19 102968]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-11-19 102968]
R2 Hp.Skyroom.Windows.Service;HP SkyRoom; C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe [2009-11-20 124984]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-06-14 90112]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-11-11 277096]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2010-04-05 354840]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2009-11-24 392296]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 rgsender;Remote Graphics Sender Service; c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe [2009-11-19 379904]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe [2010-01-29 244736]
R2 TabletServiceWacom;TabletServiceWacom; C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe [2010-11-15 5716848]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 DEBridge;DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2009-11-11 704512]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 641352]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-28 136176]
S2 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-10-19 32768]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2010-02-18 2045232]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-02 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-01-06 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-28 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-11-27 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-16 119408]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2009-12-12 36352]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nesmyslné odkazy v prohlížeči, otevírání reklamních stránek
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Nesmyslné odkazy v prohlížeči, otevírání reklamních stránek
Naposledy upravil(a) vyosek dne 09 pro 2013 17:10, celkem upraveno 1 x.
Důvod: Z bezp.duvodu zneaktivnen link (http --> hxxp)
Důvod: Z bezp.duvodu zneaktivnen link (http --> hxxp)
Re: Nesmyslné odkazy v prohlížeči, otevírání reklamních strá
Zdravim 
Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Spustte tradicne dvouklikem
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Nesmyslné odkazy v prohlížeči, otevírání reklamních strá
Také zdravím,
dodržel jsem rady a vkládám výsledné logy.
Nesmyslné odkazy a otevírání dalších oken zmizelo, přesto díky za další odvšivení.
Shortcut Cleaner 1.2.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/
Windows Version: Windows 7 Professional Service Pack 1
Program started at: 12/10/2013 12:19:36 AM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\vasek\AppData\Roaming\Microsoft\Windows\Start Menu\
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
Searching C:\Users\vasek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
Searching C:\Users\Public\Desktop\
Searching C:\Users\vasek\Desktop
0 bad shortcuts found.
Program finished at: 12/10/2013 12:19:41 AM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)
-----------------------------------------------------------------------------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Professional x64
Ran by vasek on Łt 10.12.2013 at 0:20:38,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3986653516-3093899517-2893670574-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\bittorrentbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bittorrentbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\performersoft
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\hdvid codec v1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2790392
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{720B8287-32F5-4D6B-A9F2-B279A990C1BF}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
~~~ Files
Successfully deleted: [File] C:\windows\syswow64\shoBAA8.tmp
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\Users\vasek\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\vasek\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\vasek\appdata\locallow\bittorrentbar"
Successfully deleted: [Folder] "C:\Users\vasek\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\vasek\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\vasek\appdata\locallow\utorrentbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\bittorrentbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\hdvid codec v1"
Successfully deleted: [Folder] "C:\ProgramData\ask"
~~~ FireFox
Successfully deleted: [File] C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\user.js
Successfully deleted: [File] C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\extensions\hdvc3@hdvidcodec.com.xpi
Successfully deleted: [File] C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\searchplugins\conduit.xml
Successfully deleted: [Folder] C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\conduitcommon
Successfully deleted: [Folder] C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\smartbar
Successfully deleted: [Folder] C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Successfully deleted the following from C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\prefs.js
user_pref("CT2790392..clientLogIsEnabled", false);
user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2790392./9b+7e+x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e,x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e-x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e/x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e06cg5el8:.from_oldbar.enc", "bm1qb2ptcHJ2dg==");
user_pref("CT2790392./9b+7e06cg5el;8i:k.from_oldbar.enc", "JH4tLyJqdHNwdXBzdnh8fCQvS0lHT0I1fV1cPQ==");
user_pref("CT2790392./9b+7e0x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e1x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e2x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e3x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e4x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e5x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e6x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e7x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e8x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e9x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e:x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e;x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e<x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e=x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e>x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e?x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e@x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7eax305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7ebe3g=;d9n9=d.from_oldbar.enc", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZJZXFzTTN9VlRROFBc");
user_pref("CT2790392./9b+7ebx305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7ecx305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7edx305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7etx305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b-0?3g>d.from_oldbar.enc", "aDprPmx0dXV6d3Z3cyBISUp6JSEgIFQqJSZXVSNaKSpdKGBh");
user_pref("CT2790392./9b-0?3g@6:5;.from_oldbar.enc", "AA==");
user_pref("CT2790392./9b-0?3gfa7ef.from_oldbar.enc", "Ky4sPQ==");
user_pref("CT2790392./9b-3=3eccja=f>.from_oldbar.enc", "JH4zPSxFL0E1J28pe359ISAvJjE+Qkk1fTc4LzpJTV1RPygzOENdZVRpW2VUbVdpXV1oY2VTPHB2bGZ1Xg==");
user_pref("CT2790392./9b/>01=9a6k6<im;krie@pdawm.from_oldbar.enc", "bmpocHN0dXZ3");
user_pref("CT2790392./9b3=>@44i48?.from_oldbar.enc", "NywtMml1djNCNjNBSEd7IT8+SE9OTUZIUCtWS04uWVlZX0xWTzdkU1dQ");
user_pref("CT2790392./9b5ba==9cjag.from_oldbar.enc", "bm1rbXJzdUB6eHV1e0d9fnZ7Tnkj");
user_pref("CT2790392./9b6b11g4c56b>f;p;anr@p.from_oldbar.enc", "bm1qb2ptcHJ3b3dzeQ==");
user_pref("CT2790392./9b9643g3/9e.from_oldbar.enc", "ag==");
user_pref("CT2790392./9b;45>:bi9i7ie.from_oldbar.enc", "Ky4sPQ==");
user_pref("CT2790392./9b<:222h64<.from_oldbar.enc", "OT81Lz4=");
user_pref("CT2790392./9b<:222h64<l8daj.from_oldbar.enc", "bXBwb3Z0bnl2cip5enJ4fnUgIA==");
user_pref("CT2790392./9b=+03eh8h8j?:.from_oldbar.enc", "REM=");
user_pref("CT2790392./9b?+e2a52d8.from_oldbar.enc", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZkcHJ5UVVeXlI=");
user_pref("CT2790392./9b?b0d:8aj62<h.from_oldbar.enc", "bQ==");
user_pref("CT2790392./9ba@0<0bi6a7gn:6@l?.from_oldbar.enc", "bA==");
user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2790392.AppTrackingLastCheckTime", "Mon Jul 09 2012 15:23:37 GMT+0200");
user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
user_pref("CT2790392.BrowserCompStateIsOpen_130059329278017115", true);
user_pref("CT2790392.BrowserCompStateIsOpen_1359634298000", true);
user_pref("CT2790392.CT2790392.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=SB_CUI&S
user_pref("CT2790392.CTID", "CT2790392");
user_pref("CT2790392.ConfigurationLastCheckTime", "Thu Nov 07 2013 18:14:50 GMT+0100");
user_pref("CT2790392.CurrentServerDate", "8-11-2013");
user_pref("CT2790392.DSInstall", false);
user_pref("CT2790392.DialogsAlignMode", "LTR");
user_pref("CT2790392.DialogsGetterLastCheckTime", "Mon Nov 04 2013 19:58:15 GMT+0100");
user_pref("CT2790392.DownloadReferralCookieData", "");
user_pref("CT2790392.EMailNotifierPollDate", "Thu Aug 09 2012 14:35:10 GMT+0200");
user_pref("CT2790392.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2790392.FeedLastCount129313977501788460", 501);
user_pref("CT2790392.FeedPollDate129313974171006416", "Thu Aug 09 2012 14:05:10 GMT+0200");
user_pref("CT2790392.FeedPollDate129313975698350231", "Thu Aug 09 2012 14:05:10 GMT+0200");
user_pref("CT2790392.FeedPollDate129313976370850190", "Thu Aug 09 2012 14:05:10 GMT+0200");
user_pref("CT2790392.FeedPollDate129313976648818968", "Thu Aug 09 2012 14:05:10 GMT+0200");
user_pref("CT2790392.FeedPollDate129313977444757117", "Thu Aug 09 2012 14:05:10 GMT+0200");
user_pref("CT2790392.FeedPollDate129313980389131455", "Thu Aug 09 2012 14:05:11 GMT+0200");
user_pref("CT2790392.FeedPollDate129313980655381977", "Thu Aug 09 2012 14:05:11 GMT+0200");
user_pref("CT2790392.FeedPollDate129313980886163259", "Thu Aug 09 2012 14:05:11 GMT+0200");
user_pref("CT2790392.FeedPollDate129313981234756535", "Thu Aug 09 2012 14:05:11 GMT+0200");
user_pref("CT2790392.FeedPollDate129313983226631720", "Thu Aug 09 2012 14:05:11 GMT+0200");
user_pref("CT2790392.FeedPollDate129313983607725691", "Thu Aug 09 2012 14:05:11 GMT+0200");
user_pref("CT2790392.FeedTTL129313974171006416", 10);
user_pref("CT2790392.FeedTTL129313977444757117", 15);
user_pref("CT2790392.FeedTTL129313980655381977", 5);
user_pref("CT2790392.FeedTTL129313981234756535", 5);
user_pref("CT2790392.FirstServerDate", "18-6-2012");
user_pref("CT2790392.FirstTime", true);
user_pref("CT2790392.FirstTimeFF3", true);
user_pref("CT2790392.FirstTimeHiddenVer", true);
user_pref("CT2790392.FixPageNotFoundErrors", true);
user_pref("CT2790392.GroupingServerCheckInterval", 1440);
user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2790392.HPInstall", false);
user_pref("CT2790392.HasUserGlobalKeys", true);
user_pref("CT2790392.HomePageProtectorEnabled", false);
user_pref("CT2790392.HomepageBeforeUnload", "hxxp://www.google.com/");
user_pref("CT2790392.Initialize", true);
user_pref("CT2790392.InitializeCommonPrefs", true);
user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
user_pref("CT2790392.InstallationId", "fft947.tmp.exe");
user_pref("CT2790392.InstallationType", "XPE");
user_pref("CT2790392.InstalledDate", "Mon Jun 18 2012 14:10:07 GMT+0200");
user_pref("CT2790392.IsAlertDBUpdated", true);
user_pref("CT2790392.IsGrouping", false);
user_pref("CT2790392.IsInitSetupIni", true);
user_pref("CT2790392.IsMulticommunity", false);
user_pref("CT2790392.IsOpenThankYouPage", true);
user_pref("CT2790392.IsOpenUninstallPage", false);
user_pref("CT2790392.LanguagePackLastCheckTime", "Thu Nov 07 2013 18:14:50 GMT+0100");
user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2790392.LastLogin_3.13.0.6", "Tue Jul 17 2012 10:47:48 GMT+0200");
user_pref("CT2790392.LastLogin_3.14.1.0", "Mon Aug 27 2012 18:08:17 GMT+0200");
user_pref("CT2790392.LastLogin_3.15.1.0", "Mon Nov 19 2012 12:50:35 GMT+0100");
user_pref("CT2790392.LastLogin_3.16.0.3", "Sun Feb 10 2013 13:02:38 GMT+0100");
user_pref("CT2790392.LastLogin_3.18.0.7", "Mon Jul 15 2013 11:36:27 GMT+0200");
user_pref("CT2790392.LastLogin_3.19.0.3", "Mon Sep 09 2013 10:20:38 GMT+0200");
user_pref("CT2790392.LastLogin_3.20.0.4", "Fri Nov 08 2013 10:48:24 GMT+0100");
user_pref("CT2790392.LatestVersion", "3.20.0.4");
user_pref("CT2790392.Locale", "en");
user_pref("CT2790392.MCDetectTooltipHeight", "83");
user_pref("CT2790392.MCDetectTooltipShow", false);
user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2790392.MCDetectTooltipWidth", "295");
user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
user_pref("CT2790392.OriginalFirstVersion", "3.13.0.6");
user_pref("CT2790392.SearchAPILastCheckTime", "Thu Nov 07 2013 18:14:50 GMT+0100");
user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
user_pref("CT2790392.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
user_pref("CT2790392.SearchFromAddressBarIsInit", true);
user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=");
user_pref("CT2790392.SearchInNewTabEnabled", true);
user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
user_pref("CT2790392.SearchInNewTabLastCheckTime", "Mon Sep 09 2013 10:20:37 GMT+0200");
user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
user_pref("CT2790392.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
user_pref("CT2790392.SearchProtectorEnabled", false);
user_pref("CT2790392.SearchProtectorToolbarDisabled", false);
user_pref("CT2790392.SendProtectorDataViaLogin", true);
user_pref("CT2790392.ServiceMapLastCheckTime", "Thu Nov 07 2013 18:14:50 GMT+0100");
user_pref("CT2790392.SettingsLastCheckTime", "Fri Nov 08 2013 10:48:22 GMT+0100");
user_pref("CT2790392.SettingsLastUpdate", "1383901083");
user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Mon Jul 30 2012 18:03:00 GMT+0200");
user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1331805997");
user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT2790392.UserID", "UN97859474143775191");
user_pref("CT2790392.ValidationData_Toolbar", 2);
user_pref("CT2790392.WeatherNetwork", "");
user_pref("CT2790392.WeatherPollDate", "Thu Aug 09 2012 14:35:11 GMT+0200");
user_pref("CT2790392.WeatherUnit", "C");
user_pref("CT2790392._9b_7e.:2z527.from_oldbar.enc", "JCM=");
user_pref("CT2790392._9b_7e.x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT2790392.alertChannelId", "1182482");
user_pref("CT2790392.approveUntrustedApps", false);
user_pref("CT2790392.autoDisableScopes", -1);
user_pref("CT2790392.backendstorage./9b+7e+x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e,x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e-x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e.:2z527", "2423");
user_pref("CT2790392.backendstorage./9b+7e.x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e/x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e06cg5el8:", "6E6D6A6F6A6D70727676");
user_pref("CT2790392.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737075707376787C7C242F4B49474F42357D5D5C3D");
user_pref("CT2790392.backendstorage./9b+7e0x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e1x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e2x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e3x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e4x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e5x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e6x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e7x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e8x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e9x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e:x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e;x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e<x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e=x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e>x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e?x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e@x305", "2423");
user_pref("CT2790392.backendstorage./9b+7eax305", "2423");
user_pref("CT2790392.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
user_pref("CT2790392.backendstorage./9b+7ebx305", "2423");
user_pref("CT2790392.backendstorage./9b+7ecx305", "2423");
user_pref("CT2790392.backendstorage./9b+7edx305", "2423");
user_pref("CT2790392.backendstorage./9b+7etx305", "2423");
user_pref("CT2790392.backendstorage./9b-0?3g>d", "683A6B3E6C7475757A777677732048494A7A25212020542A25265755235A292A5D286061");
user_pref("CT2790392.backendstorage./9b-0?3g@6:5;", "");
user_pref("CT2790392.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
user_pref("CT2790392.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F297B7E7D21202F26313E4249357D37382F3A494D5D513F283338435D6554695B65546D57695D5D686365533C70766C6675
user_pref("CT2790392.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
user_pref("CT2790392.backendstorage./9b3=>@44i48?", "372C2D32697576334236334148477B213F3E484F4E4D4648502B564B4E2E5959595F4C564F3764535750");
user_pref("CT2790392.backendstorage./9b5ba==9cjag", "6E6D6B6D727375407A7875757B477D7E767B4E7923");
user_pref("CT2790392.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6A6F6A6D7072776F777379");
user_pref("CT2790392.backendstorage./9b9643g3/9e", "6A");
user_pref("CT2790392.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
user_pref("CT2790392.backendstorage./9b<:222h64<", "393F352F3E");
user_pref("CT2790392.backendstorage./9b<:222h64<l8daj", "6D70706F76746E7976722A797A72787E752020");
user_pref("CT2790392.backendstorage./9b=+03eh8h8j?:", "4443");
user_pref("CT2790392.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
user_pref("CT2790392.backendstorage./9b?b0d:8aj62<h", "6D");
user_pref("CT2790392.backendstorage./9ba@0<0bi6a7gn:6@l?", "6C");
user_pref("CT2790392.backendstorage.cbcountry_001", "435A");
user_pref("CT2790392.backendstorage.cbfirsttime", "4D6F6E204A756E20313820323031322031343A31303A303920474D542B30323030");
user_pref("CT2790392.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A225072696365476F6E67222C2275726C223A22687474703A2F2F7072696365676F6E672E636F6E647569746170
user_pref("CT2790392.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
user_pref("CT2790392.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
user_pref("CT2790392.backendstorage.mam_gk_appstate_easytobook", "6F6E");
user_pref("CT2790392.backendstorage.mam_gk_appstate_easytobook_targeted", "6F6E");
user_pref("CT2790392.backendstorage.mam_gk_appstate_pricegong", "6F6E");
user_pref("CT2790392.backendstorage.mam_gk_appstatereporttime", "31333733393735343037343935");
user_pref("CT2790392.backendstorage.mam_gk_calledsetupservice", "31");
user_pref("CT2790392.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B226964223A2245617379746F626F6F6B5F7461726765746564222C22637269746572696173223
user_pref("CT2790392.backendstorage.mam_gk_currentversion", "312E392E302E34");
user_pref("CT2790392.backendstorage.mam_gk_existingusersrecoverydone", "31");
user_pref("CT2790392.backendstorage.mam_gk_first_time", "31");
user_pref("CT2790392.backendstorage.mam_gk_lastlogintime", "31333733393735343035303833");
user_pref("CT2790392.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C696379223A7B2254657874223A22436F6E74656E7420506F6C696379227D2C226761646765744465
user_pref("CT2790392.backendstorage.mam_gk_mamenabled", "66616C7365");
user_pref("CT2790392.backendstorage.mam_gk_settings1.6.0.1", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2232313
user_pref("CT2790392.backendstorage.mam_gk_settings1.9.0.4", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2238345
user_pref("CT2790392.backendstorage.mam_gk_showclosebutton", "74727565");
user_pref("CT2790392.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
user_pref("CT2790392.backendstorage.mam_gk_userid", "38643366653662382D346130312D346237612D383465372D316436376366396461373835");
user_pref("CT2790392.backendstorage.pairingkey", "41393437414541333843374541394330454534354336343636323339303838353046443030303336");
user_pref("CT2790392.backendstorage.pg_enable", "74727565");
user_pref("CT2790392.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F6775692F");
user_pref("CT2790392.backendstorage.searchappstate", "31");
user_pref("CT2790392.backendstorage.searchapptracking", "73656E74");
user_pref("CT2790392.backendstorage.sf_just_installed", "46414C5345");
user_pref("CT2790392.backendstorage.sf_status", "454E41424C4544");
user_pref("CT2790392.backendstorage.sf_user_id", "6369645F31363732303133313335303836333232343536");
user_pref("CT2790392.backendstorage.url_history0001", "68747470733A2F2F7777772E676F6F676C652E636F6D3A3A3A636C69636B68616E646C65723A3A3A313334303032313432333836352C2C2C68747470
user_pref("CT2790392.backendstorage.uttorrents", "7B226275696C64223A32373332382C226C6162656C223A5B5D2C22746F7272656E7473223A5B5D2C22746F7272656E7463223A22313734363531333633382
user_pref("CT2790392.cbcountry_001.from_oldbar.enc", "Q1o=");
user_pref("CT2790392.cbfirsttime.from_oldbar.enc", "TW9uIEp1biAxOCAyMDEyIDE0OjEwOjA5IEdNVCswMjAw");
user_pref("CT2790392.componentAlertEnabled", false);
user_pref("CT2790392.components.1000034", false);
user_pref("CT2790392.components.1000234", false);
user_pref("CT2790392.components.129309565073350181", false);
user_pref("CT2790392.components.129309577647413174", false);
user_pref("CT2790392.components.129309578575850709", false);
user_pref("CT2790392.components.129313977501788460", false);
user_pref("CT2790392.components.129526968991422666", false);
user_pref("CT2790392.components.129633547190125290", false);
user_pref("CT2790392.components.129791371079091292", false);
user_pref("CT2790392.components.129820989550310799", false);
user_pref("CT2790392.countryCode", "CZ");
user_pref("CT2790392.enableAlerts", "never");
user_pref("CT2790392.firstTimeDialogOpened", true);
user_pref("CT2790392.fixPageNotFoundErrorByUser", "TRUE");
user_pref("CT2790392.fixPageNotFoundErrorInHidden", "true");
user_pref("CT2790392.fullUserID", "UN97859474143775191.UP.202408105514");
user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Thu Aug 09 2012 14:05:10 GMT+0200");
user_pref("CT2790392.homepageProtectorEnableByLogin", true);
user_pref("CT2790392.initDone", true);
user_pref("CT2790392.installId", "fft947.tmp.exe");
user_pref("CT2790392.installType", "XPE");
user_pref("CT2790392.isAppTrackingManagerOn", true);
user_pref("CT2790392.isCheckedStartAsHidden", true);
user_pref("CT2790392.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":true}");
user_pref("CT2790392.isFirstTimeToolbarLoading", "false");
user_pref("CT2790392.isPerformedSmartBarTransition", "true");
user_pref("CT2790392.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT2790392.keyword", true);
user_pref("CT2790392.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=UN9785947414377519
user_pref("CT2790392.lastVersion", "10.22.3.518");
user_pref("CT2790392.mam_gk_appsdata.from_oldbar.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCI
user_pref("CT2790392.mam_gk_appsdefaultenabled.from_oldbar.enc", "bnVsbA==");
user_pref("CT2790392.mam_gk_appstate_couponbuddy.from_oldbar.enc", "b24=");
user_pref("CT2790392.mam_gk_appstate_easytobook.from_oldbar.enc", "b24=");
user_pref("CT2790392.mam_gk_appstate_easytobook_targeted.from_oldbar.enc", "b24=");
user_pref("CT2790392.mam_gk_appstate_pricegong.from_oldbar.enc", "b24=");
user_pref("CT2790392.mam_gk_appstatereporttime.from_oldbar.enc", "MTM3Mzk3NTQwNzQ5NQ==");
user_pref("CT2790392.mam_gk_calledsetupservice.from_oldbar.enc", "MQ==");
user_pref("CT2790392.mam_gk_configuration.from_oldbar.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiIzYTM3MTg0MC03NT
user_pref("CT2790392.mam_gk_currentversion.from_oldbar.enc", "MS45LjAuNA==");
user_pref("CT2790392.mam_gk_existingusersrecoverydone.from_oldbar.enc", "MQ==");
user_pref("CT2790392.mam_gk_first_time.from_oldbar.enc", "MQ==");
user_pref("CT2790392.mam_gk_lastlogintime.from_oldbar.enc", "MTM3Mzk3NTQwNTA4Mw==");
user_pref("CT2790392.mam_gk_localization.from_oldbar.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZ
user_pref("CT2790392.mam_gk_mamenabled.from_oldbar.enc", "ZmFsc2U=");
user_pref("CT2790392.mam_gk_showclosebutton.from_oldbar.enc", "dHJ1ZQ==");
user_pref("CT2790392.mam_gk_showwelcomegadget.from_oldbar.enc", "ZmFsc2U=");
user_pref("CT2790392.mam_gk_userid.from_oldbar.enc", "OGQzZmU2YjgtNGEwMS00YjdhLTg0ZTctMWQ2N2NmOWRhNzg1");
user_pref("CT2790392.myStuffEnabled", true);
user_pref("CT2790392.myStuffPublihserMinWidth", 400);
user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2790392.navigateToUrlOnSearch", false);
user_pref("CT2790392.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fforum.viry.cz%2Fviewtopic.php%3Ff%3D13%26t%3D134557\",\"EB_MAIN_FRA
user_pref("CT2790392.oldAppsList", "129298377186075601,129298377186388102,1000234,129791371079091292,1000034,129526968991422666,129309578575850709,129313977501788460,129309577
user_pref("CT2790392.originalHomepage", "hxxp://www.google.com/");
user_pref("CT2790392.originalSearchAddressUrl", "");
user_pref("CT2790392.originalSearchEngine", "chrome://browser-region/locale/region.properties");
user_pref("CT2790392.pairingkey.from_oldbar.enc", "QTk0N0FFQTM4QzdFQTlDMEVFNDVDNjQ2NjIzOTA4ODUwRkQwMDAzNg==");
user_pref("CT2790392.pg_enable.from_oldbar.enc", "dHJ1ZQ==");
user_pref("CT2790392.revertSettingsEnabled", true);
user_pref("CT2790392.scriptsource.from_oldbar.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv");
user_pref("CT2790392.searchFromAddressBarEnabledByUser", "true");
user_pref("CT2790392.searchInNewTabEnabledByUser", "true");
user_pref("CT2790392.searchInNewTabEnabledInHidden", "true");
user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
user_pref("CT2790392.searchProtectorEnableByLogin", true);
user_pref("CT2790392.searchSuggestEnabledByUser", "true");
user_pref("CT2790392.searchappstate.from_oldbar.enc", "MQ==");
user_pref("CT2790392.searchapptracking.from_oldbar.enc", "c2VudA==");
user_pref("CT2790392.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2790392.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT2790392.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2790392\"}");
user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BitTorrentBar.OurToolbar.com//xpi\"}");
user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BitTorrentBar \"}");
user_pref("CT2790392.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2790392.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
user_pref("CT2790392.serviceLayer_services_Configuration_lastUpdate", "1386593724467");
user_pref("CT2790392.serviceLayer_services_login_10.20.101.5_lastUpdate", "1386278833513");
user_pref("CT2790392.serviceLayer_services_login_10.22.3.518_lastUpdate", "1386626437028");
user_pref("CT2790392.serviceLayer_services_searchAPI_lastUpdate", "1386593724405");
user_pref("CT2790392.serviceLayer_services_serviceMap_lastUpdate", "1386593724298");
user_pref("CT2790392.serviceLayer_services_toolbarSettings_lastUpdate", "1386626880474");
user_pref("CT2790392.serviceLayer_services_translation_lastUpdate", "1386593724126");
user_pref("CT2790392.settingsINI", true);
user_pref("CT2790392.sf_just_installed.from_oldbar.enc", "RkFMU0U=");
user_pref("CT2790392.sf_status.from_oldbar.enc", "RU5BQkxFRA==");
user_pref("CT2790392.sf_user_id.from_oldbar.enc", "Y2lkXzE2NzIwMTMxMzUwODYzMjI0NTY=");
user_pref("CT2790392.showToolbarPermission", "false");
user_pref("CT2790392.smartbar.CTID", "CT2790392");
user_pref("CT2790392.smartbar.Uninstall", "0");
user_pref("CT2790392.smartbar.toolbarName", "BitTorrentBar ");
user_pref("CT2790392.testingCtid", "");
user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Thu Nov 07 2013 18:14:50 GMT+0100");
user_pref("CT2790392.toolbarBornServerTime", "18-6-2012");
user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Mon Jul 30 2012 18:03:01 GMT+0200");
user_pref("CT2790392.toolbarCurrentServerTime", "10-12-2013");
user_pref("CT2790392.toolbarLoginClientTime", "Fri Nov 08 2013 10:55:18 GMT+0100");
user_pref("CT2790392.upgradeFromOBVersion", true);
user_pref("CT2790392.url_history0001.from_oldbar.enc", "aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo6OmNsaWNraGFuZGxlcjo6OjEzNDAwMjE0MjM4NjUsLCxodHRwczovL3d3dy5nb29nbGUuY29tOjo6Y2xpY2toYW5
user_pref("CT2790392.usagesFlag", 2);
user_pref("CT2790392.uttorrents.from_oldbar.enc", "eyJidWlsZCI6MjczMjgsImxhYmVsIjpbXSwidG9ycmVudHMiOltdLCJ0b3JyZW50YyI6IjE3NDY1MTM2MzgiLCJyc3NmZWVkcyI6W10sInJzc2ZpbHRlcnMiOltd
user_pref("CT2790392_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1386630903779,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT2790392", "\"33efb89ea2883315f9b63b64f2efe7133\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT2790392", "\"1361459328\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "C5ZJe6gL80JBW5CuLy+wkg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "2E1/v7EfCEDbv3VaBQMELg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "k9un27OkAvkwB2ZmvXxTnA==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "FqddrIU7eyJgaaLyHDeVMQ==");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\"8076e3ce381dcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.13.0.6", "\"0d648794549cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.14.1.0", "\"0e0a4327275cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.15.1.0", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.16.0.3", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.18.0.7", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.19.0.3", "\"23c5489aa686ce1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.20.0.4", "\"dfe74040abc2ce1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT2790392", "\"07766f5592f76b152ec9246ce6a0b574\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... ?locale=en", "\"968402cf2834e7ec0f38a19f0e9a9eb0\"");
user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\vasek\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\lpdgogv7.default\\conduitCommon\\modules\\3.14.1.0");
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");
user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");
user_pref("CommunityToolbar.globalUserId", "9feeee12-5f25-4a36-ad1a-02c1366292e5");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Aug 08 2012 10:38:04 GMT+0200");
user_pref("CommunityToolbar.notifications.alertEnabled", false);
user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Aug 09 2012 14:05:11 GMT+0200");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "9c80f464-4a07-40af-a933-e4bb3abbcee3");
user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.com/");
user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
user_pref("Smartbar.keywordURLSelectedCTID", "CT2790392");
user_pref("browser.search.defaultthis.engineName", "uTorrentBar Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}");
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&CUI=UN97859474143775191&UM=&q=");
user_pref("plugin.state.npconduitfirefoxplugin", 2);
user_pref("smartbar.addressBarOwnerCTID", "CT2790392");
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT
user_pref("smartbar.machineId", "ZIJP77G5UADYMU/R0ACJ8S4H3+B+2K1FRQGNZMNQXLBQIK+5HI0F+QNHYPFDJBL6R3BU/HOZA6PZIMWREKEH1G");
Emptied folder: C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\minidumps [244 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\vasek\appdata\local\Google\Chrome\User Data\Default\Extensions\dnllcmllkjofnojidnaknldfehfhehoo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dnllcmllkjofnojidnaknldfehfhehoo
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 10.12.2013 at 0:28:01,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v3.014 - Report created 10/12/2013 at 00:31:58
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : vasek - VASEK-HP
# Running from : C:\Users\vasek\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files (x86)\HDvidCodec.com
Folder Deleted : C:\Users\vasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Folder Deleted : C:\Users\Bond\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Bond\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
[!] Folder Deleted : C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
File Deleted : C:\Users\vasek\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Users\vasek\Desktop\HDVidCodec.lnk
File Deleted : C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\searchplugins\ask-search.xml
File Deleted : C:\Users\Bond\AppData\Roaming\Mozilla\Firefox\Profiles\lcx3jiph.default\searchplugins\ask-search.xml
File Deleted : C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\searchplugins\daemon-search.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v25.0.1 (cs)
[ File : C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\prefs.js ]
Line Deleted : user_pref("CT2790392./9b+7e06cg5el8:.from_oldbar.enc", "bm1qb2ptcHJ2dg==");
Line Deleted : user_pref("CT2790392./9b/>01=9a6k6<im;krie@pdawm.from_oldbar.enc", "bmpocHN0dXZ3");
Line Deleted : user_pref("CT2790392./9b6b11g4c56b>f;p;anr@p.from_oldbar.enc", "bm1qb2ptcHJ3b3dzeQ==");
Line Deleted : user_pref("CT2790392./9b?+e2a52d8.from_oldbar.enc", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZkcHJ5UVVeXlI=");
Line Deleted : user_pref("CT2790392.CT2790392.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_I[...]
Line Deleted : user_pref("CT2790392.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2790392.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":true}");
Line Deleted : user_pref("CT2790392.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT2790392.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=UN97859474143775191&SSPV=&Lay=1&UM=\"}");
Line Deleted : user_pref("CT2790392.mam_gk_appsdata.from_oldbar.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsi[...]
Line Deleted : user_pref("CT2790392.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fforum.viry.cz%2Fviewtopic.php%3Ff%3D13%26t%3D134557\",\"EB_MAIN_FRAME_TITLE\":\"VIRY.CZ%20%E[...]
Line Deleted : user_pref("CT2790392.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2790392\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BitTorrentBar.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BitTorrentBar \"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT2790392.url_history0001.from_oldbar.enc", "aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo6OmNsaWNraGFuZGxlcjo6OjEzNDAwMjE0MjM4NjUsLCxodHRwczovL3d3dy5nb29nbGUuY29tOjo6Y2xpY2toYW5kbGVyOjo6MTM0MDAyMTQyNTQw[...]
Line Deleted : user_pref("CT2790392_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1386630903779,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT2790392", "\"33efb89ea2883315f9b63b64f2efe7133\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT2790392", "\"1361459328\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\"8076e3ce381dcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.13.0.6", "\"0d648794549cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.16.0.3", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.18.0.7", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.19.0.3", "\"23c5489aa686ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.20.0.4", "\"dfe74040abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT2790392", "\"07766f5592f76b152ec9246ce6a0b574\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... ?locale=en", "\"968402cf2834e7ec0f38a19f0e9a9eb0\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\vasek\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\lpdgogv7.default\\conduitCommon\\modules\\3.14.1.0");
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[ File : C:\Users\Bond\AppData\Roaming\Mozilla\Firefox\Profiles\lcx3jiph.default\prefs.js ]
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.yahoo.com/search?fr=mcafee&p=");
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Bond\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [9314 octets] - [10/12/2013 00:31:20]
AdwCleaner[S0].txt - [9191 octets] - [10/12/2013 00:31:58]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9251 octets] ##########
dodržel jsem rady a vkládám výsledné logy.
Nesmyslné odkazy a otevírání dalších oken zmizelo, přesto díky za další odvšivení.
Shortcut Cleaner 1.2.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/
Windows Version: Windows 7 Professional Service Pack 1
Program started at: 12/10/2013 12:19:36 AM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\vasek\AppData\Roaming\Microsoft\Windows\Start Menu\
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
Searching C:\Users\vasek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
Searching C:\Users\Public\Desktop\
Searching C:\Users\vasek\Desktop
0 bad shortcuts found.
Program finished at: 12/10/2013 12:19:41 AM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)
-----------------------------------------------------------------------------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Professional x64
Ran by vasek on Łt 10.12.2013 at 0:20:38,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3986653516-3093899517-2893670574-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\bittorrentbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bittorrentbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\performersoft
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\hdvid codec v1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2790392
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{720B8287-32F5-4D6B-A9F2-B279A990C1BF}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
~~~ Files
Successfully deleted: [File] C:\windows\syswow64\shoBAA8.tmp
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\Users\vasek\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\vasek\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\vasek\appdata\locallow\bittorrentbar"
Successfully deleted: [Folder] "C:\Users\vasek\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\vasek\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\vasek\appdata\locallow\utorrentbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\bittorrentbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\hdvid codec v1"
Successfully deleted: [Folder] "C:\ProgramData\ask"
~~~ FireFox
Successfully deleted: [File] C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\user.js
Successfully deleted: [File] C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\extensions\hdvc3@hdvidcodec.com.xpi
Successfully deleted: [File] C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\searchplugins\conduit.xml
Successfully deleted: [Folder] C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\conduitcommon
Successfully deleted: [Folder] C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\smartbar
Successfully deleted: [Folder] C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Successfully deleted the following from C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\prefs.js
user_pref("CT2790392..clientLogIsEnabled", false);
user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2790392./9b+7e+x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e,x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e-x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e/x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e06cg5el8:.from_oldbar.enc", "bm1qb2ptcHJ2dg==");
user_pref("CT2790392./9b+7e06cg5el;8i:k.from_oldbar.enc", "JH4tLyJqdHNwdXBzdnh8fCQvS0lHT0I1fV1cPQ==");
user_pref("CT2790392./9b+7e0x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e1x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e2x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e3x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e4x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e5x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e6x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e7x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e8x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e9x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e:x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e;x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e<x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e=x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e>x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e?x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7e@x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7eax305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7ebe3g=;d9n9=d.from_oldbar.enc", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZJZXFzTTN9VlRROFBc");
user_pref("CT2790392./9b+7ebx305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7ecx305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7edx305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b+7etx305.from_oldbar.enc", "JCM=");
user_pref("CT2790392./9b-0?3g>d.from_oldbar.enc", "aDprPmx0dXV6d3Z3cyBISUp6JSEgIFQqJSZXVSNaKSpdKGBh");
user_pref("CT2790392./9b-0?3g@6:5;.from_oldbar.enc", "AA==");
user_pref("CT2790392./9b-0?3gfa7ef.from_oldbar.enc", "Ky4sPQ==");
user_pref("CT2790392./9b-3=3eccja=f>.from_oldbar.enc", "JH4zPSxFL0E1J28pe359ISAvJjE+Qkk1fTc4LzpJTV1RPygzOENdZVRpW2VUbVdpXV1oY2VTPHB2bGZ1Xg==");
user_pref("CT2790392./9b/>01=9a6k6<im;krie@pdawm.from_oldbar.enc", "bmpocHN0dXZ3");
user_pref("CT2790392./9b3=>@44i48?.from_oldbar.enc", "NywtMml1djNCNjNBSEd7IT8+SE9OTUZIUCtWS04uWVlZX0xWTzdkU1dQ");
user_pref("CT2790392./9b5ba==9cjag.from_oldbar.enc", "bm1rbXJzdUB6eHV1e0d9fnZ7Tnkj");
user_pref("CT2790392./9b6b11g4c56b>f;p;anr@p.from_oldbar.enc", "bm1qb2ptcHJ3b3dzeQ==");
user_pref("CT2790392./9b9643g3/9e.from_oldbar.enc", "ag==");
user_pref("CT2790392./9b;45>:bi9i7ie.from_oldbar.enc", "Ky4sPQ==");
user_pref("CT2790392./9b<:222h64<.from_oldbar.enc", "OT81Lz4=");
user_pref("CT2790392./9b<:222h64<l8daj.from_oldbar.enc", "bXBwb3Z0bnl2cip5enJ4fnUgIA==");
user_pref("CT2790392./9b=+03eh8h8j?:.from_oldbar.enc", "REM=");
user_pref("CT2790392./9b?+e2a52d8.from_oldbar.enc", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZkcHJ5UVVeXlI=");
user_pref("CT2790392./9b?b0d:8aj62<h.from_oldbar.enc", "bQ==");
user_pref("CT2790392./9ba@0<0bi6a7gn:6@l?.from_oldbar.enc", "bA==");
user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2790392.AppTrackingLastCheckTime", "Mon Jul 09 2012 15:23:37 GMT+0200");
user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
user_pref("CT2790392.BrowserCompStateIsOpen_130059329278017115", true);
user_pref("CT2790392.BrowserCompStateIsOpen_1359634298000", true);
user_pref("CT2790392.CT2790392.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=SB_CUI&S
user_pref("CT2790392.CTID", "CT2790392");
user_pref("CT2790392.ConfigurationLastCheckTime", "Thu Nov 07 2013 18:14:50 GMT+0100");
user_pref("CT2790392.CurrentServerDate", "8-11-2013");
user_pref("CT2790392.DSInstall", false);
user_pref("CT2790392.DialogsAlignMode", "LTR");
user_pref("CT2790392.DialogsGetterLastCheckTime", "Mon Nov 04 2013 19:58:15 GMT+0100");
user_pref("CT2790392.DownloadReferralCookieData", "");
user_pref("CT2790392.EMailNotifierPollDate", "Thu Aug 09 2012 14:35:10 GMT+0200");
user_pref("CT2790392.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2790392.FeedLastCount129313977501788460", 501);
user_pref("CT2790392.FeedPollDate129313974171006416", "Thu Aug 09 2012 14:05:10 GMT+0200");
user_pref("CT2790392.FeedPollDate129313975698350231", "Thu Aug 09 2012 14:05:10 GMT+0200");
user_pref("CT2790392.FeedPollDate129313976370850190", "Thu Aug 09 2012 14:05:10 GMT+0200");
user_pref("CT2790392.FeedPollDate129313976648818968", "Thu Aug 09 2012 14:05:10 GMT+0200");
user_pref("CT2790392.FeedPollDate129313977444757117", "Thu Aug 09 2012 14:05:10 GMT+0200");
user_pref("CT2790392.FeedPollDate129313980389131455", "Thu Aug 09 2012 14:05:11 GMT+0200");
user_pref("CT2790392.FeedPollDate129313980655381977", "Thu Aug 09 2012 14:05:11 GMT+0200");
user_pref("CT2790392.FeedPollDate129313980886163259", "Thu Aug 09 2012 14:05:11 GMT+0200");
user_pref("CT2790392.FeedPollDate129313981234756535", "Thu Aug 09 2012 14:05:11 GMT+0200");
user_pref("CT2790392.FeedPollDate129313983226631720", "Thu Aug 09 2012 14:05:11 GMT+0200");
user_pref("CT2790392.FeedPollDate129313983607725691", "Thu Aug 09 2012 14:05:11 GMT+0200");
user_pref("CT2790392.FeedTTL129313974171006416", 10);
user_pref("CT2790392.FeedTTL129313977444757117", 15);
user_pref("CT2790392.FeedTTL129313980655381977", 5);
user_pref("CT2790392.FeedTTL129313981234756535", 5);
user_pref("CT2790392.FirstServerDate", "18-6-2012");
user_pref("CT2790392.FirstTime", true);
user_pref("CT2790392.FirstTimeFF3", true);
user_pref("CT2790392.FirstTimeHiddenVer", true);
user_pref("CT2790392.FixPageNotFoundErrors", true);
user_pref("CT2790392.GroupingServerCheckInterval", 1440);
user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2790392.HPInstall", false);
user_pref("CT2790392.HasUserGlobalKeys", true);
user_pref("CT2790392.HomePageProtectorEnabled", false);
user_pref("CT2790392.HomepageBeforeUnload", "hxxp://www.google.com/");
user_pref("CT2790392.Initialize", true);
user_pref("CT2790392.InitializeCommonPrefs", true);
user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
user_pref("CT2790392.InstallationId", "fft947.tmp.exe");
user_pref("CT2790392.InstallationType", "XPE");
user_pref("CT2790392.InstalledDate", "Mon Jun 18 2012 14:10:07 GMT+0200");
user_pref("CT2790392.IsAlertDBUpdated", true);
user_pref("CT2790392.IsGrouping", false);
user_pref("CT2790392.IsInitSetupIni", true);
user_pref("CT2790392.IsMulticommunity", false);
user_pref("CT2790392.IsOpenThankYouPage", true);
user_pref("CT2790392.IsOpenUninstallPage", false);
user_pref("CT2790392.LanguagePackLastCheckTime", "Thu Nov 07 2013 18:14:50 GMT+0100");
user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2790392.LastLogin_3.13.0.6", "Tue Jul 17 2012 10:47:48 GMT+0200");
user_pref("CT2790392.LastLogin_3.14.1.0", "Mon Aug 27 2012 18:08:17 GMT+0200");
user_pref("CT2790392.LastLogin_3.15.1.0", "Mon Nov 19 2012 12:50:35 GMT+0100");
user_pref("CT2790392.LastLogin_3.16.0.3", "Sun Feb 10 2013 13:02:38 GMT+0100");
user_pref("CT2790392.LastLogin_3.18.0.7", "Mon Jul 15 2013 11:36:27 GMT+0200");
user_pref("CT2790392.LastLogin_3.19.0.3", "Mon Sep 09 2013 10:20:38 GMT+0200");
user_pref("CT2790392.LastLogin_3.20.0.4", "Fri Nov 08 2013 10:48:24 GMT+0100");
user_pref("CT2790392.LatestVersion", "3.20.0.4");
user_pref("CT2790392.Locale", "en");
user_pref("CT2790392.MCDetectTooltipHeight", "83");
user_pref("CT2790392.MCDetectTooltipShow", false);
user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2790392.MCDetectTooltipWidth", "295");
user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
user_pref("CT2790392.OriginalFirstVersion", "3.13.0.6");
user_pref("CT2790392.SearchAPILastCheckTime", "Thu Nov 07 2013 18:14:50 GMT+0100");
user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
user_pref("CT2790392.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
user_pref("CT2790392.SearchFromAddressBarIsInit", true);
user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=");
user_pref("CT2790392.SearchInNewTabEnabled", true);
user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
user_pref("CT2790392.SearchInNewTabLastCheckTime", "Mon Sep 09 2013 10:20:37 GMT+0200");
user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
user_pref("CT2790392.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
user_pref("CT2790392.SearchProtectorEnabled", false);
user_pref("CT2790392.SearchProtectorToolbarDisabled", false);
user_pref("CT2790392.SendProtectorDataViaLogin", true);
user_pref("CT2790392.ServiceMapLastCheckTime", "Thu Nov 07 2013 18:14:50 GMT+0100");
user_pref("CT2790392.SettingsLastCheckTime", "Fri Nov 08 2013 10:48:22 GMT+0100");
user_pref("CT2790392.SettingsLastUpdate", "1383901083");
user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Mon Jul 30 2012 18:03:00 GMT+0200");
user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1331805997");
user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT2790392.UserID", "UN97859474143775191");
user_pref("CT2790392.ValidationData_Toolbar", 2);
user_pref("CT2790392.WeatherNetwork", "");
user_pref("CT2790392.WeatherPollDate", "Thu Aug 09 2012 14:35:11 GMT+0200");
user_pref("CT2790392.WeatherUnit", "C");
user_pref("CT2790392._9b_7e.:2z527.from_oldbar.enc", "JCM=");
user_pref("CT2790392._9b_7e.x305.from_oldbar.enc", "JCM=");
user_pref("CT2790392.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT2790392.alertChannelId", "1182482");
user_pref("CT2790392.approveUntrustedApps", false);
user_pref("CT2790392.autoDisableScopes", -1);
user_pref("CT2790392.backendstorage./9b+7e+x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e,x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e-x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e.:2z527", "2423");
user_pref("CT2790392.backendstorage./9b+7e.x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e/x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e06cg5el8:", "6E6D6A6F6A6D70727676");
user_pref("CT2790392.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74737075707376787C7C242F4B49474F42357D5D5C3D");
user_pref("CT2790392.backendstorage./9b+7e0x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e1x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e2x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e3x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e4x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e5x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e6x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e7x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e8x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e9x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e:x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e;x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e<x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e=x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e>x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e?x305", "2423");
user_pref("CT2790392.backendstorage./9b+7e@x305", "2423");
user_pref("CT2790392.backendstorage./9b+7eax305", "2423");
user_pref("CT2790392.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
user_pref("CT2790392.backendstorage./9b+7ebx305", "2423");
user_pref("CT2790392.backendstorage./9b+7ecx305", "2423");
user_pref("CT2790392.backendstorage./9b+7edx305", "2423");
user_pref("CT2790392.backendstorage./9b+7etx305", "2423");
user_pref("CT2790392.backendstorage./9b-0?3g>d", "683A6B3E6C7475757A777677732048494A7A25212020542A25265755235A292A5D286061");
user_pref("CT2790392.backendstorage./9b-0?3g@6:5;", "");
user_pref("CT2790392.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
user_pref("CT2790392.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F297B7E7D21202F26313E4249357D37382F3A494D5D513F283338435D6554695B65546D57695D5D686365533C70766C6675
user_pref("CT2790392.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
user_pref("CT2790392.backendstorage./9b3=>@44i48?", "372C2D32697576334236334148477B213F3E484F4E4D4648502B564B4E2E5959595F4C564F3764535750");
user_pref("CT2790392.backendstorage./9b5ba==9cjag", "6E6D6B6D727375407A7875757B477D7E767B4E7923");
user_pref("CT2790392.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6A6F6A6D7072776F777379");
user_pref("CT2790392.backendstorage./9b9643g3/9e", "6A");
user_pref("CT2790392.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
user_pref("CT2790392.backendstorage./9b<:222h64<", "393F352F3E");
user_pref("CT2790392.backendstorage./9b<:222h64<l8daj", "6D70706F76746E7976722A797A72787E752020");
user_pref("CT2790392.backendstorage./9b=+03eh8h8j?:", "4443");
user_pref("CT2790392.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
user_pref("CT2790392.backendstorage./9b?b0d:8aj62<h", "6D");
user_pref("CT2790392.backendstorage./9ba@0<0bi6a7gn:6@l?", "6C");
user_pref("CT2790392.backendstorage.cbcountry_001", "435A");
user_pref("CT2790392.backendstorage.cbfirsttime", "4D6F6E204A756E20313820323031322031343A31303A303920474D542B30323030");
user_pref("CT2790392.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A225072696365476F6E67222C2275726C223A22687474703A2F2F7072696365676F6E672E636F6E647569746170
user_pref("CT2790392.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
user_pref("CT2790392.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
user_pref("CT2790392.backendstorage.mam_gk_appstate_easytobook", "6F6E");
user_pref("CT2790392.backendstorage.mam_gk_appstate_easytobook_targeted", "6F6E");
user_pref("CT2790392.backendstorage.mam_gk_appstate_pricegong", "6F6E");
user_pref("CT2790392.backendstorage.mam_gk_appstatereporttime", "31333733393735343037343935");
user_pref("CT2790392.backendstorage.mam_gk_calledsetupservice", "31");
user_pref("CT2790392.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B226964223A2245617379746F626F6F6B5F7461726765746564222C22637269746572696173223
user_pref("CT2790392.backendstorage.mam_gk_currentversion", "312E392E302E34");
user_pref("CT2790392.backendstorage.mam_gk_existingusersrecoverydone", "31");
user_pref("CT2790392.backendstorage.mam_gk_first_time", "31");
user_pref("CT2790392.backendstorage.mam_gk_lastlogintime", "31333733393735343035303833");
user_pref("CT2790392.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C696379223A7B2254657874223A22436F6E74656E7420506F6C696379227D2C226761646765744465
user_pref("CT2790392.backendstorage.mam_gk_mamenabled", "66616C7365");
user_pref("CT2790392.backendstorage.mam_gk_settings1.6.0.1", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2232313
user_pref("CT2790392.backendstorage.mam_gk_settings1.9.0.4", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2238345
user_pref("CT2790392.backendstorage.mam_gk_showclosebutton", "74727565");
user_pref("CT2790392.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
user_pref("CT2790392.backendstorage.mam_gk_userid", "38643366653662382D346130312D346237612D383465372D316436376366396461373835");
user_pref("CT2790392.backendstorage.pairingkey", "41393437414541333843374541394330454534354336343636323339303838353046443030303336");
user_pref("CT2790392.backendstorage.pg_enable", "74727565");
user_pref("CT2790392.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F6775692F");
user_pref("CT2790392.backendstorage.searchappstate", "31");
user_pref("CT2790392.backendstorage.searchapptracking", "73656E74");
user_pref("CT2790392.backendstorage.sf_just_installed", "46414C5345");
user_pref("CT2790392.backendstorage.sf_status", "454E41424C4544");
user_pref("CT2790392.backendstorage.sf_user_id", "6369645F31363732303133313335303836333232343536");
user_pref("CT2790392.backendstorage.url_history0001", "68747470733A2F2F7777772E676F6F676C652E636F6D3A3A3A636C69636B68616E646C65723A3A3A313334303032313432333836352C2C2C68747470
user_pref("CT2790392.backendstorage.uttorrents", "7B226275696C64223A32373332382C226C6162656C223A5B5D2C22746F7272656E7473223A5B5D2C22746F7272656E7463223A22313734363531333633382
user_pref("CT2790392.cbcountry_001.from_oldbar.enc", "Q1o=");
user_pref("CT2790392.cbfirsttime.from_oldbar.enc", "TW9uIEp1biAxOCAyMDEyIDE0OjEwOjA5IEdNVCswMjAw");
user_pref("CT2790392.componentAlertEnabled", false);
user_pref("CT2790392.components.1000034", false);
user_pref("CT2790392.components.1000234", false);
user_pref("CT2790392.components.129309565073350181", false);
user_pref("CT2790392.components.129309577647413174", false);
user_pref("CT2790392.components.129309578575850709", false);
user_pref("CT2790392.components.129313977501788460", false);
user_pref("CT2790392.components.129526968991422666", false);
user_pref("CT2790392.components.129633547190125290", false);
user_pref("CT2790392.components.129791371079091292", false);
user_pref("CT2790392.components.129820989550310799", false);
user_pref("CT2790392.countryCode", "CZ");
user_pref("CT2790392.enableAlerts", "never");
user_pref("CT2790392.firstTimeDialogOpened", true);
user_pref("CT2790392.fixPageNotFoundErrorByUser", "TRUE");
user_pref("CT2790392.fixPageNotFoundErrorInHidden", "true");
user_pref("CT2790392.fullUserID", "UN97859474143775191.UP.202408105514");
user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Thu Aug 09 2012 14:05:10 GMT+0200");
user_pref("CT2790392.homepageProtectorEnableByLogin", true);
user_pref("CT2790392.initDone", true);
user_pref("CT2790392.installId", "fft947.tmp.exe");
user_pref("CT2790392.installType", "XPE");
user_pref("CT2790392.isAppTrackingManagerOn", true);
user_pref("CT2790392.isCheckedStartAsHidden", true);
user_pref("CT2790392.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":true}");
user_pref("CT2790392.isFirstTimeToolbarLoading", "false");
user_pref("CT2790392.isPerformedSmartBarTransition", "true");
user_pref("CT2790392.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT2790392.keyword", true);
user_pref("CT2790392.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=UN9785947414377519
user_pref("CT2790392.lastVersion", "10.22.3.518");
user_pref("CT2790392.mam_gk_appsdata.from_oldbar.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCI
user_pref("CT2790392.mam_gk_appsdefaultenabled.from_oldbar.enc", "bnVsbA==");
user_pref("CT2790392.mam_gk_appstate_couponbuddy.from_oldbar.enc", "b24=");
user_pref("CT2790392.mam_gk_appstate_easytobook.from_oldbar.enc", "b24=");
user_pref("CT2790392.mam_gk_appstate_easytobook_targeted.from_oldbar.enc", "b24=");
user_pref("CT2790392.mam_gk_appstate_pricegong.from_oldbar.enc", "b24=");
user_pref("CT2790392.mam_gk_appstatereporttime.from_oldbar.enc", "MTM3Mzk3NTQwNzQ5NQ==");
user_pref("CT2790392.mam_gk_calledsetupservice.from_oldbar.enc", "MQ==");
user_pref("CT2790392.mam_gk_configuration.from_oldbar.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiIzYTM3MTg0MC03NT
user_pref("CT2790392.mam_gk_currentversion.from_oldbar.enc", "MS45LjAuNA==");
user_pref("CT2790392.mam_gk_existingusersrecoverydone.from_oldbar.enc", "MQ==");
user_pref("CT2790392.mam_gk_first_time.from_oldbar.enc", "MQ==");
user_pref("CT2790392.mam_gk_lastlogintime.from_oldbar.enc", "MTM3Mzk3NTQwNTA4Mw==");
user_pref("CT2790392.mam_gk_localization.from_oldbar.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZ
user_pref("CT2790392.mam_gk_mamenabled.from_oldbar.enc", "ZmFsc2U=");
user_pref("CT2790392.mam_gk_showclosebutton.from_oldbar.enc", "dHJ1ZQ==");
user_pref("CT2790392.mam_gk_showwelcomegadget.from_oldbar.enc", "ZmFsc2U=");
user_pref("CT2790392.mam_gk_userid.from_oldbar.enc", "OGQzZmU2YjgtNGEwMS00YjdhLTg0ZTctMWQ2N2NmOWRhNzg1");
user_pref("CT2790392.myStuffEnabled", true);
user_pref("CT2790392.myStuffPublihserMinWidth", 400);
user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2790392.navigateToUrlOnSearch", false);
user_pref("CT2790392.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fforum.viry.cz%2Fviewtopic.php%3Ff%3D13%26t%3D134557\",\"EB_MAIN_FRA
user_pref("CT2790392.oldAppsList", "129298377186075601,129298377186388102,1000234,129791371079091292,1000034,129526968991422666,129309578575850709,129313977501788460,129309577
user_pref("CT2790392.originalHomepage", "hxxp://www.google.com/");
user_pref("CT2790392.originalSearchAddressUrl", "");
user_pref("CT2790392.originalSearchEngine", "chrome://browser-region/locale/region.properties");
user_pref("CT2790392.pairingkey.from_oldbar.enc", "QTk0N0FFQTM4QzdFQTlDMEVFNDVDNjQ2NjIzOTA4ODUwRkQwMDAzNg==");
user_pref("CT2790392.pg_enable.from_oldbar.enc", "dHJ1ZQ==");
user_pref("CT2790392.revertSettingsEnabled", true);
user_pref("CT2790392.scriptsource.from_oldbar.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv");
user_pref("CT2790392.searchFromAddressBarEnabledByUser", "true");
user_pref("CT2790392.searchInNewTabEnabledByUser", "true");
user_pref("CT2790392.searchInNewTabEnabledInHidden", "true");
user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
user_pref("CT2790392.searchProtectorEnableByLogin", true);
user_pref("CT2790392.searchSuggestEnabledByUser", "true");
user_pref("CT2790392.searchappstate.from_oldbar.enc", "MQ==");
user_pref("CT2790392.searchapptracking.from_oldbar.enc", "c2VudA==");
user_pref("CT2790392.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2790392.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT2790392.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2790392\"}");
user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BitTorrentBar.OurToolbar.com//xpi\"}");
user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BitTorrentBar \"}");
user_pref("CT2790392.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2790392.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
user_pref("CT2790392.serviceLayer_services_Configuration_lastUpdate", "1386593724467");
user_pref("CT2790392.serviceLayer_services_login_10.20.101.5_lastUpdate", "1386278833513");
user_pref("CT2790392.serviceLayer_services_login_10.22.3.518_lastUpdate", "1386626437028");
user_pref("CT2790392.serviceLayer_services_searchAPI_lastUpdate", "1386593724405");
user_pref("CT2790392.serviceLayer_services_serviceMap_lastUpdate", "1386593724298");
user_pref("CT2790392.serviceLayer_services_toolbarSettings_lastUpdate", "1386626880474");
user_pref("CT2790392.serviceLayer_services_translation_lastUpdate", "1386593724126");
user_pref("CT2790392.settingsINI", true);
user_pref("CT2790392.sf_just_installed.from_oldbar.enc", "RkFMU0U=");
user_pref("CT2790392.sf_status.from_oldbar.enc", "RU5BQkxFRA==");
user_pref("CT2790392.sf_user_id.from_oldbar.enc", "Y2lkXzE2NzIwMTMxMzUwODYzMjI0NTY=");
user_pref("CT2790392.showToolbarPermission", "false");
user_pref("CT2790392.smartbar.CTID", "CT2790392");
user_pref("CT2790392.smartbar.Uninstall", "0");
user_pref("CT2790392.smartbar.toolbarName", "BitTorrentBar ");
user_pref("CT2790392.testingCtid", "");
user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Thu Nov 07 2013 18:14:50 GMT+0100");
user_pref("CT2790392.toolbarBornServerTime", "18-6-2012");
user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Mon Jul 30 2012 18:03:01 GMT+0200");
user_pref("CT2790392.toolbarCurrentServerTime", "10-12-2013");
user_pref("CT2790392.toolbarLoginClientTime", "Fri Nov 08 2013 10:55:18 GMT+0100");
user_pref("CT2790392.upgradeFromOBVersion", true);
user_pref("CT2790392.url_history0001.from_oldbar.enc", "aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo6OmNsaWNraGFuZGxlcjo6OjEzNDAwMjE0MjM4NjUsLCxodHRwczovL3d3dy5nb29nbGUuY29tOjo6Y2xpY2toYW5
user_pref("CT2790392.usagesFlag", 2);
user_pref("CT2790392.uttorrents.from_oldbar.enc", "eyJidWlsZCI6MjczMjgsImxhYmVsIjpbXSwidG9ycmVudHMiOltdLCJ0b3JyZW50YyI6IjE3NDY1MTM2MzgiLCJyc3NmZWVkcyI6W10sInJzc2ZpbHRlcnMiOltd
user_pref("CT2790392_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1386630903779,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT2790392", "\"33efb89ea2883315f9b63b64f2efe7133\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT2790392", "\"1361459328\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "C5ZJe6gL80JBW5CuLy+wkg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "2E1/v7EfCEDbv3VaBQMELg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "k9un27OkAvkwB2ZmvXxTnA==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... &locale=en", "FqddrIU7eyJgaaLyHDeVMQ==");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\"8076e3ce381dcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.13.0.6", "\"0d648794549cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.14.1.0", "\"0e0a4327275cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.15.1.0", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.16.0.3", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.18.0.7", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.19.0.3", "\"23c5489aa686ce1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.20.0.4", "\"dfe74040abc2ce1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT2790392", "\"07766f5592f76b152ec9246ce6a0b574\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... ?locale=en", "\"968402cf2834e7ec0f38a19f0e9a9eb0\"");
user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\vasek\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\lpdgogv7.default\\conduitCommon\\modules\\3.14.1.0");
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");
user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");
user_pref("CommunityToolbar.globalUserId", "9feeee12-5f25-4a36-ad1a-02c1366292e5");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Aug 08 2012 10:38:04 GMT+0200");
user_pref("CommunityToolbar.notifications.alertEnabled", false);
user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Aug 09 2012 14:05:11 GMT+0200");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "9c80f464-4a07-40af-a933-e4bb3abbcee3");
user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.com/");
user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
user_pref("Smartbar.keywordURLSelectedCTID", "CT2790392");
user_pref("browser.search.defaultthis.engineName", "uTorrentBar Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}");
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&CUI=UN97859474143775191&UM=&q=");
user_pref("plugin.state.npconduitfirefoxplugin", 2);
user_pref("smartbar.addressBarOwnerCTID", "CT2790392");
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT
user_pref("smartbar.machineId", "ZIJP77G5UADYMU/R0ACJ8S4H3+B+2K1FRQGNZMNQXLBQIK+5HI0F+QNHYPFDJBL6R3BU/HOZA6PZIMWREKEH1G");
Emptied folder: C:\Users\vasek\AppData\Roaming\mozilla\firefox\profiles\lpdgogv7.default\minidumps [244 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\vasek\appdata\local\Google\Chrome\User Data\Default\Extensions\dnllcmllkjofnojidnaknldfehfhehoo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dnllcmllkjofnojidnaknldfehfhehoo
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 10.12.2013 at 0:28:01,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v3.014 - Report created 10/12/2013 at 00:31:58
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : vasek - VASEK-HP
# Running from : C:\Users\vasek\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files (x86)\HDvidCodec.com
Folder Deleted : C:\Users\vasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Folder Deleted : C:\Users\Bond\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Bond\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
[!] Folder Deleted : C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
File Deleted : C:\Users\vasek\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Users\vasek\Desktop\HDVidCodec.lnk
File Deleted : C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\searchplugins\ask-search.xml
File Deleted : C:\Users\Bond\AppData\Roaming\Mozilla\Firefox\Profiles\lcx3jiph.default\searchplugins\ask-search.xml
File Deleted : C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\searchplugins\daemon-search.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v25.0.1 (cs)
[ File : C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\prefs.js ]
Line Deleted : user_pref("CT2790392./9b+7e06cg5el8:.from_oldbar.enc", "bm1qb2ptcHJ2dg==");
Line Deleted : user_pref("CT2790392./9b/>01=9a6k6<im;krie@pdawm.from_oldbar.enc", "bmpocHN0dXZ3");
Line Deleted : user_pref("CT2790392./9b6b11g4c56b>f;p;anr@p.from_oldbar.enc", "bm1qb2ptcHJ3b3dzeQ==");
Line Deleted : user_pref("CT2790392./9b?+e2a52d8.from_oldbar.enc", "NywtMml1di46PHs6OUNKSUhBQ0smUUZJKWVQRlZkcHJ5UVVeXlI=");
Line Deleted : user_pref("CT2790392.CT2790392.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_I[...]
Line Deleted : user_pref("CT2790392.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2790392.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":true}");
Line Deleted : user_pref("CT2790392.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT2790392.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=UN97859474143775191&SSPV=&Lay=1&UM=\"}");
Line Deleted : user_pref("CT2790392.mam_gk_appsdata.from_oldbar.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsi[...]
Line Deleted : user_pref("CT2790392.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fforum.viry.cz%2Fviewtopic.php%3Ff%3D13%26t%3D134557\",\"EB_MAIN_FRAME_TITLE\":\"VIRY.CZ%20%E[...]
Line Deleted : user_pref("CT2790392.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2790392\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BitTorrentBar.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BitTorrentBar \"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT2790392.url_history0001.from_oldbar.enc", "aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo6OmNsaWNraGFuZGxlcjo6OjEzNDAwMjE0MjM4NjUsLCxodHRwczovL3d3dy5nb29nbGUuY29tOjo6Y2xpY2toYW5kbGVyOjo6MTM0MDAyMTQyNTQw[...]
Line Deleted : user_pref("CT2790392_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1386630903779,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT2790392", "\"33efb89ea2883315f9b63b64f2efe7133\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT2790392", "\"1361459328\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\"8076e3ce381dcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.13.0.6", "\"0d648794549cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.16.0.3", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.18.0.7", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.19.0.3", "\"23c5489aa686ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... r=3.20.0.4", "\"dfe74040abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT2790392", "\"07766f5592f76b152ec9246ce6a0b574\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... ?locale=en", "\"968402cf2834e7ec0f38a19f0e9a9eb0\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\vasek\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\lpdgogv7.default\\conduitCommon\\modules\\3.14.1.0");
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[ File : C:\Users\Bond\AppData\Roaming\Mozilla\Firefox\Profiles\lcx3jiph.default\prefs.js ]
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.yahoo.com/search?fr=mcafee&p=");
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Bond\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [9314 octets] - [10/12/2013 00:31:20]
AdwCleaner[S0].txt - [9191 octets] - [10/12/2013 00:31:58]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9251 octets] ##########
Re: Nesmyslné odkazy v prohlížeči, otevírání reklamních strá
Poprosim o log z FRSTLauncheru http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Nesmyslné odkazy v prohlížeči, otevírání reklamních strá
Zdravim,
tady to je.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2013
Ran by vasek (administrator) on VASEK-HP on 10-12-2013 17:11:22
Running from C:\Users\vasek\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender_gui.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\Plugins\Ice\Hp.SkyRoom.Windows.RgsPlugin.Authentication\Hp.SkyRoom.Windows.RgsPlugin.Authentication.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\Plugins\Ice\Hp.SkyRoom.Windows.RgsPlugin.Lens\Hp.SkyRoom.Windows.RgsPlugin.Lens.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\Plugins\Ice\Hp.SkyRoom.Windows.RgsPlugin.Licensing\Hp.SkyRoom.Windows.RgsPlugin.Licensing.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Google) C:\Users\vasek\AppData\Roaming\Google\Google Talk\googletalk.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
() C:\Program Files (x86)\OpenVPN-old\bin\openvpn-gui.exe
() C:\Program Files (x86)\OpenVPN\bin\openvpn.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(forum.viry.cz) C:\Users\vasek\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2010-04-05] (Intel Corporation)
HKLM\...\Run: [HPPowerAssistant] - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1690680 2009-11-19] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2009-11-19] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-29] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [nwiz] - nwiz.exe /installquiet
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2782096 2010-07-26] (CANON INC.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-27] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\ScCertProp: C:\Windows\SysWOW64\explorer.exe (Microsoft Corporation)
HKCU\...\Run: [googletalk] - C:\Users\vasek\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKCU\...\Run: [Google Update] - C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-16] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [Plex Media Server] - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4195464 2013-09-05] (Plex, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2010-03-03] ()
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1316248 2010-12-02] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-21] (AVAST Software)
HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\95408223-996a-44c6-a919-232e4a22c1e0.exe [180184 2013-11-25] (AVAST Software)
HKU\Bond\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\Bond\...\Run: [Google Update] - C:\Users\Bond\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-09-13] (Google Inc.)
HKU\Bond\...\Run: [uTorrent] - "C:\Program Files (x86)\uTorrent\uTorrent.exe"
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Bond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: HKLM-x32 - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: BHOImpl Class - {E1499FE7-129D-4B6E-B681-DDF21E14172C} - C:\Users\vasek\Documents\iTools\Plugin\iToolsBHO64.dll (iTools.hk)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BHOImpl Class - {E1499FE7-129D-4B6E-B681-DDF21E14172C} - C:\Users\vasek\Documents\iTools\Plugin\iToolsBHO.dll (iTools.hk)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - No Name - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab
DPF: HKLM-x32 {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default
FF SearchEngineOrder.1: Ask Search
FF Homepage: https://www.google.cz/?gws_rd=cr&ei=Vch ... 4ATsnoDYBw
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @itools.hk/npiTools, version=1.0.0 - C:\Users\vasek\Documents\iTools\Plugin\npiTools.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_39 - C:\windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @itools.hk/npiTools, version=1.0.0 - C:\Users\vasek\Documents\iTools\Plugin\npiTools.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\vasek\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\vasek\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\vasek\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\vasek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\vasek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\searchplugins\qr-code-online.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Garmin Communicator - C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: jid0-RwTySlpoKU14fw7yw2AflOAihhA - C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\Extensions\jid0-RwTySlpoKU14fw7yw2AflOAihhA@jetpack.xpi
FF Extension: trident - C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\Extensions\trident@trident.com.ua.xpi
FF Extension: 602XML Filler - C:\Program Files (x86)\Mozilla Firefox\extensions\xmlfiller@software602.cz
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
Chrome:
=======
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Extension: (Docs) - C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Skype Click to Call) - C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\vasek\AppData\Local\Temp\ccex.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
==================== Services (Whitelisted) =================
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [73728 2010-04-14] (Software602 a.s.)
R2 AESTFilters; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-21] (AVAST Software)
R3 DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512 2009-11-11] (McAfee, Inc.)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [462160 2010-07-16] (DigitalPersona, Inc.)
S2 HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [32768 2010-10-19] (Hewlett-Packard Development Company, L.P)
R2 Hp.Skyroom.Windows.Service; C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe [124984 2009-11-20] (Hewlett-Packard)
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [277096 2009-11-11] (McAfee, Inc.)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [36352 2009-12-12] ()
R2 rgsender; c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe [379904 2009-11-19] (Hewlett-Packard, Inc.)
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe [244736 2010-01-29] (IDT, Inc.)
==================== Drivers (Whitelisted) ====================
R3 5U876UVC; C:\Windows\System32\DRIVERS\5U876.sys [144768 2009-11-14] (Ricoh co.,Ltd.)
R2 aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [38984 2013-11-21] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [84328 2013-11-21] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-11-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-21] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1032416 2013-11-21] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [409832 2013-11-21] (AVAST Software)
R1 aswTdi; C:\windows\system32\drivers\aswTdi.sys [65264 2013-11-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-21] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-03-17] (DT Soft Ltd)
R3 rismcx64; C:\Windows\System32\DRIVERS\rismcx64.sys [59008 2009-07-20] (RICOH Company, Ltd.)
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [58184 2009-11-11] (McAfee, Inc.)
R1 RsvLock; C:\Windows\SysWow64\Drivers\RsvLock.sys [40088 2009-11-11] (McAfee, Inc.)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [56648 2009-11-11] ()
R0 SafeBoot; C:\Windows\SysWow64\Drivers\SafeBoot.sys [110520 2009-11-11] (McAfee, Inc.)
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [60160 2009-06-04] (McAfee, Inc.)
R0 SbAlg; C:\Windows\SysWow64\Drivers\SbAlg.sys [51800 2009-11-11] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [15688 2009-11-11] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\SysWow64\Drivers\SbFsLock.sys [13256 2009-11-11] (McAfee, Inc.)
S3 tap0801; C:\Windows\System32\DRIVERS\tap0801.sys [30720 2005-04-13] (The OpenVPN Project)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-10 17:11 - 2013-12-10 17:11 - 00028343 _____ C:\Users\vasek\Desktop\FRST.txt
2013-12-10 17:10 - 2013-12-10 17:10 - 00000000 ____D C:\FRST
2013-12-10 17:05 - 2013-12-10 17:05 - 00112640 _____ (forum.viry.cz) C:\Users\vasek\Desktop\FRSTLauncher.exe
2013-12-10 16:59 - 2013-12-10 16:59 - 01927982 _____ (Farbar) C:\Users\vasek\Desktop\FRST64.exe
2013-12-10 00:34 - 2013-12-10 08:18 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-12-10 00:31 - 2013-12-10 00:32 - 00000000 ____D C:\AdwCleaner
2013-12-10 00:28 - 2013-12-10 00:28 - 00039072 _____ C:\Users\vasek\Desktop\JRT.txt
2013-12-10 00:20 - 2013-12-10 00:20 - 00000000 ____D C:\windows\ERUNT
2013-12-10 00:19 - 2013-12-10 00:19 - 00001796 _____ C:\sc-cleaner.txt
2013-12-10 00:17 - 2013-12-10 00:17 - 01110034 _____ C:\Users\vasek\Desktop\adwcleaner.exe
2013-12-10 00:17 - 2013-12-10 00:17 - 01034531 _____ (Thisisu) C:\Users\vasek\Desktop\JRT.exe
2013-12-10 00:16 - 2013-12-10 00:16 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\vasek\Desktop\sc-cleaner.exe
2013-12-09 11:31 - 2013-12-09 11:31 - 00000000 ____D C:\rsit
2013-12-09 11:27 - 2013-12-09 11:27 - 00935175 _____ C:\Users\vasek\Desktop\RSITx64.exe
2013-12-04 20:12 - 2013-12-05 00:52 - 01454080 _____ C:\Users\vasek\Desktop\45xx_RogerDB_PF2014.indd
2013-12-04 11:16 - 2013-12-04 11:17 - 50580310 _____ C:\Users\vasek\Desktop\PN titul.eps
2013-12-04 11:14 - 2013-12-04 11:14 - 01116760 _____ C:\Users\vasek\Desktop\pn-titul7.cdr
2013-12-04 11:01 - 2013-12-04 10:57 - 00944104 _____ C:\Users\vasek\Desktop\Záloha_pn-titul.cdr
2013-12-04 10:57 - 2013-12-04 11:01 - 01144464 _____ C:\Users\vasek\Desktop\pn-titul.cdr
2013-12-04 10:50 - 2013-12-04 10:50 - 17146943 _____ C:\Users\vasek\Desktop\pokus1.ps
2013-12-04 10:48 - 2013-12-04 10:48 - 17146943 _____ C:\Users\vasek\Desktop\pokus.ps
2013-12-02 12:53 - 2013-12-10 08:16 - 00000952 _____ C:\windows\setupact.log
2013-12-02 12:53 - 2013-12-02 12:53 - 00000000 _____ C:\windows\setuperr.log
2013-12-02 12:52 - 2013-12-02 12:52 - 00000780 _____ C:\windows\PFRO.log
2013-12-02 12:49 - 2013-12-02 12:49 - 00166200 _____ C:\Users\vasek\Documents\cc_20131202_124934.reg
2013-12-02 12:42 - 2013-12-02 12:42 - 00002784 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-12-02 12:42 - 2013-12-02 12:42 - 00001021 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-02 12:41 - 2013-12-06 22:04 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-27 17:51 - 2013-11-27 17:57 - 00000000 ____D C:\Users\vasek\Desktop\IPhone pouzdro
2013-11-27 11:10 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2013-11-27 11:06 - 2013-11-27 11:06 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-27 11:06 - 2013-11-27 11:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-27 11:06 - 2013-11-27 11:06 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-27 11:06 - 2013-11-27 11:06 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-11-27 11:06 - 2013-11-27 11:06 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-11-27 11:06 - 2013-11-27 11:06 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-27 11:06 - 2013-11-27 11:06 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-27 11:06 - 2013-11-27 11:06 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-11-27 11:06 - 2013-11-27 11:06 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-27 11:06 - 2013-11-27 11:06 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-11-27 11:06 - 2013-11-27 11:06 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-25 22:58 - 2013-11-25 22:58 - 00000000 ____D C:\windows\System32\Tasks\Games
2013-11-24 12:42 - 2013-11-24 12:42 - 00000000 ____D C:\Users\Bond\AppData\Roaming\AVAST Software
2013-11-21 21:10 - 2013-11-21 21:10 - 00000000 ____D C:\Users\vasek\AppData\Roaming\AVAST Software
2013-11-21 18:50 - 2013-11-26 10:42 - 00000000 ____D C:\Users\vasek\Desktop\Peceti_zalozka_PFarchiv
2013-11-16 13:01 - 2013-11-16 13:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 20:53 - 2013-11-14 20:53 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-14 20:52 - 2013-11-14 20:52 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-14 20:52 - 2013-11-14 20:52 - 00000000 ____D C:\Program Files\iTunes
2013-11-14 20:52 - 2013-11-14 20:52 - 00000000 ____D C:\Program Files\iPod
2013-11-14 20:52 - 2013-11-14 20:52 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-14 16:52 - 2013-11-14 16:53 - 00000000 ____D C:\Users\vasek\Desktop\Cedule dveře
2013-11-14 16:10 - 2013-11-14 16:11 - 00000000 ____D C:\Users\vasek\Desktop\Podpis M4
2013-11-14 11:44 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-14 11:44 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-11-14 11:44 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2013-11-14 11:44 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2013-11-14 11:44 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-14 11:44 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 11:44 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-11-14 11:44 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2013-11-14 11:44 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-11-14 11:44 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2013-11-14 11:44 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2013-11-14 11:44 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2013-11-14 11:44 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2013-11-14 11:44 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2013-11-14 11:44 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-14 11:44 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2013-11-14 11:44 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2013-11-14 11:44 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2013-11-14 11:44 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-11-14 11:44 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2013-11-14 11:44 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2013-11-14 11:44 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2013-11-14 11:44 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2013-11-14 11:43 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-11-14 11:43 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-14 11:43 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-11-14 11:43 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-11-14 11:43 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 11:43 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-14 11:43 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
==================== One Month Modified Files and Folders =======
2013-12-10 17:11 - 2013-12-10 17:11 - 00028343 _____ C:\Users\vasek\Desktop\FRST.txt
2013-12-10 17:10 - 2013-12-10 17:10 - 00000000 ____D C:\FRST
2013-12-10 17:09 - 2010-11-26 09:33 - 01085113 _____ C:\windows\WindowsUpdate.log
2013-12-10 17:08 - 2010-12-25 20:38 - 00000000 ____D C:\Users\vasek\AppData\Roaming\Skype
2013-12-10 17:05 - 2013-12-10 17:05 - 00112640 _____ (forum.viry.cz) C:\Users\vasek\Desktop\FRSTLauncher.exe
2013-12-10 17:01 - 2012-07-15 08:02 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-10 16:59 - 2013-12-10 16:59 - 01927982 _____ (Farbar) C:\Users\vasek\Desktop\FRST64.exe
2013-12-10 16:53 - 2012-07-19 09:54 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000UA.job
2013-12-10 16:45 - 2012-07-19 14:25 - 00000958 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003UA.job
2013-12-10 16:44 - 2012-04-03 09:51 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-12-10 13:45 - 2012-07-19 14:25 - 00000906 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003Core.job
2013-12-10 13:22 - 2012-08-21 07:56 - 00000000 ____D C:\Users\vasek\Desktop\Zatecke
2013-12-10 08:24 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-10 08:24 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-10 08:18 - 2013-12-10 00:34 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-12-10 08:16 - 2013-12-02 12:53 - 00000952 _____ C:\windows\setupact.log
2013-12-10 08:16 - 2012-07-15 08:02 - 00000948 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-10 08:16 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-12-10 02:53 - 2012-07-19 09:54 - 00000910 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000Core.job
2013-12-10 02:48 - 2011-06-16 14:41 - 00003932 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000UA
2013-12-10 02:48 - 2011-06-16 14:41 - 00003536 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000Core
2013-12-10 00:36 - 2012-07-05 18:56 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-12-10 00:32 - 2013-12-10 00:31 - 00000000 ____D C:\AdwCleaner
2013-12-10 00:31 - 2011-09-02 12:02 - 00000000 ____D C:\Users\vasek\AppData\Roaming\SoftGrid Client
2013-12-10 00:28 - 2013-12-10 00:28 - 00039072 _____ C:\Users\vasek\Desktop\JRT.txt
2013-12-10 00:20 - 2013-12-10 00:20 - 00000000 ____D C:\windows\ERUNT
2013-12-10 00:19 - 2013-12-10 00:19 - 00001796 _____ C:\sc-cleaner.txt
2013-12-10 00:17 - 2013-12-10 00:17 - 01110034 _____ C:\Users\vasek\Desktop\adwcleaner.exe
2013-12-10 00:17 - 2013-12-10 00:17 - 01034531 _____ (Thisisu) C:\Users\vasek\Desktop\JRT.exe
2013-12-10 00:16 - 2013-12-10 00:16 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\vasek\Desktop\sc-cleaner.exe
2013-12-10 00:05 - 2010-12-22 13:38 - 00083672 _____ C:\Users\vasek\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-09 23:42 - 2011-07-22 12:48 - 00000000 ____D C:\Users\vasek\Desktop\hlas
2013-12-09 16:37 - 2012-03-05 16:42 - 00007604 _____ C:\Users\vasek\AppData\Local\Resmon.ResmonCfg
2013-12-09 12:29 - 2013-06-10 14:15 - 00003186 _____ C:\windows\System32\Tasks\HPCeeScheduleForvasek
2013-12-09 12:29 - 2013-06-10 14:15 - 00000332 _____ C:\windows\Tasks\HPCeeScheduleForvasek.job
2013-12-09 11:31 - 2013-12-09 11:31 - 00000000 ____D C:\rsit
2013-12-09 11:31 - 2012-04-15 16:06 - 00000000 ____D C:\Program Files\trend micro
2013-12-09 11:27 - 2013-12-09 11:27 - 00935175 _____ C:\Users\vasek\Desktop\RSITx64.exe
2013-12-08 19:17 - 2010-12-27 15:01 - 00000000 ____D C:\Users\Bond\AppData\Roaming\Skype
2013-12-08 14:10 - 2013-10-01 10:50 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-12-08 14:03 - 2012-01-14 08:50 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-12-08 14:03 - 2011-01-13 15:02 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2013-12-06 22:04 - 2013-12-02 12:41 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-05 11:39 - 2012-08-08 09:36 - 00000000 ____D C:\Users\vasek\Desktop\Polabské noviny
2013-12-05 00:52 - 2013-12-04 20:12 - 01454080 _____ C:\Users\vasek\Desktop\45xx_RogerDB_PF2014.indd
2013-12-04 11:17 - 2013-12-04 11:16 - 50580310 _____ C:\Users\vasek\Desktop\PN titul.eps
2013-12-04 11:14 - 2013-12-04 11:14 - 01116760 _____ C:\Users\vasek\Desktop\pn-titul7.cdr
2013-12-04 11:01 - 2013-12-04 10:57 - 01144464 _____ C:\Users\vasek\Desktop\pn-titul.cdr
2013-12-04 10:57 - 2013-12-04 11:01 - 00944104 _____ C:\Users\vasek\Desktop\Záloha_pn-titul.cdr
2013-12-04 10:50 - 2013-12-04 10:50 - 17146943 _____ C:\Users\vasek\Desktop\pokus1.ps
2013-12-04 10:48 - 2013-12-04 10:48 - 17146943 _____ C:\Users\vasek\Desktop\pokus.ps
2013-12-02 14:11 - 2012-04-03 09:51 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-12-02 14:11 - 2012-04-03 09:51 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-12-02 14:11 - 2011-05-16 22:07 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-02 14:11 - 2011-01-06 12:54 - 00000000 ____D C:\Users\vasek\AppData\Local\Adobe
2013-12-02 12:53 - 2013-12-02 12:53 - 00000000 _____ C:\windows\setuperr.log
2013-12-02 12:52 - 2013-12-02 12:52 - 00000780 _____ C:\windows\PFRO.log
2013-12-02 12:49 - 2013-12-02 12:49 - 00166200 _____ C:\Users\vasek\Documents\cc_20131202_124934.reg
2013-12-02 12:45 - 2012-01-02 01:47 - 00000000 ____D C:\Users\vasek\AppData\Roaming\BitTorrent
2013-12-02 12:45 - 2011-01-14 15:34 - 00000000 ____D C:\Users\vasek\AppData\Roaming\inkscape
2013-12-02 12:45 - 2010-12-22 13:25 - 00000000 ____D C:\Users\vasek
2013-12-02 12:44 - 2011-08-12 14:00 - 00000000 ____D C:\windows\Minidump
2013-12-02 12:44 - 2009-07-27 16:04 - 00000000 ____D C:\windows\Panther
2013-12-02 12:42 - 2013-12-02 12:42 - 00002784 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-12-02 12:42 - 2013-12-02 12:42 - 00001021 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-02 12:41 - 2012-03-05 16:53 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-12-02 12:41 - 2010-12-28 12:25 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-02 12:32 - 2013-09-27 19:43 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-28 18:56 - 2010-12-28 12:25 - 00003948 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-28 18:56 - 2010-12-28 12:25 - 00003696 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-28 18:33 - 2011-05-06 09:59 - 00001397 _____ C:\Users\Bond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-27 20:21 - 2010-12-22 22:13 - 00000000 ____D C:\windows\rescache
2013-11-27 17:57 - 2013-11-27 17:51 - 00000000 ____D C:\Users\vasek\Desktop\IPhone pouzdro
2013-11-27 14:16 - 2011-12-16 14:44 - 00000000 ____D C:\Users\vasek\AppData\Roaming\vlc
2013-11-27 14:13 - 2013-05-16 22:49 - 00025088 _____ C:\Users\vasek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-27 13:54 - 2010-12-22 13:36 - 00001397 _____ C:\Users\vasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-27 13:40 - 2010-09-12 01:10 - 00631978 _____ C:\windows\system32\perfh005.dat
2013-11-27 13:40 - 2010-09-12 01:10 - 00122342 _____ C:\windows\system32\perfc005.dat
2013-11-27 13:40 - 2009-07-14 06:13 - 01471850 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-27 13:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\PolicyDefinitions
2013-11-27 11:06 - 2013-11-27 11:06 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-27 11:06 - 2013-11-27 11:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-27 11:06 - 2013-11-27 11:06 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-27 11:06 - 2013-11-27 11:06 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-11-27 11:06 - 2013-11-27 11:06 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-11-27 11:06 - 2013-11-27 11:06 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-27 11:06 - 2013-11-27 11:06 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-27 11:06 - 2013-11-27 11:06 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-11-27 11:06 - 2013-11-27 11:06 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-27 11:06 - 2013-11-27 11:06 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-11-27 11:06 - 2013-11-27 11:06 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-26 10:42 - 2013-11-21 18:50 - 00000000 ____D C:\Users\vasek\Desktop\Peceti_zalozka_PFarchiv
2013-11-26 09:06 - 2010-12-25 20:38 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-26 09:06 - 2010-12-25 20:38 - 00000000 ____D C:\ProgramData\Skype
2013-11-25 22:58 - 2013-11-25 22:58 - 00000000 ____D C:\windows\System32\Tasks\Games
2013-11-24 12:42 - 2013-11-24 12:42 - 00000000 ____D C:\Users\Bond\AppData\Roaming\AVAST Software
2013-11-21 21:10 - 2013-11-21 21:10 - 00000000 ____D C:\Users\vasek\AppData\Roaming\AVAST Software
2013-11-21 21:05 - 2013-03-07 13:02 - 00205320 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-11-21 21:05 - 2013-03-07 13:02 - 00065776 _____ C:\windows\system32\Drivers\aswRvrt.sys
2013-11-21 21:05 - 2012-03-05 17:27 - 01032416 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-11-21 21:05 - 2012-03-05 17:27 - 00409832 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2013-11-21 21:05 - 2012-03-05 17:27 - 00334648 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2013-11-21 21:05 - 2012-03-05 17:27 - 00092544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2013-11-21 21:05 - 2012-03-05 17:27 - 00084328 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2013-11-21 21:05 - 2012-03-05 17:27 - 00065264 _____ (AVAST Software) C:\windows\system32\Drivers\aswTdi.sys
2013-11-21 21:05 - 2012-03-05 17:27 - 00038984 _____ (AVAST Software) C:\windows\system32\Drivers\aswFsBlk.sys
2013-11-21 21:05 - 2012-03-05 17:27 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-21 21:05 - 2012-03-05 17:26 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2013-11-21 21:04 - 2012-03-05 17:27 - 00000000 _____ C:\windows\SysWOW64\config.nt
2013-11-21 21:04 - 2012-03-05 17:26 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-21 12:54 - 2012-05-07 10:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-21 10:20 - 2013-10-29 15:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-16 13:01 - 2013-11-16 13:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 20:53 - 2013-11-14 20:53 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-14 20:52 - 2013-11-14 20:52 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-14 20:52 - 2013-11-14 20:52 - 00000000 ____D C:\Program Files\iTunes
2013-11-14 20:52 - 2013-11-14 20:52 - 00000000 ____D C:\Program Files\iPod
2013-11-14 20:52 - 2013-11-14 20:52 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-14 17:19 - 2013-07-15 10:38 - 00000000 ____D C:\windows\system32\MRT
2013-11-14 17:17 - 2010-12-25 20:25 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-14 16:53 - 2013-11-14 16:52 - 00000000 ____D C:\Users\vasek\Desktop\Cedule dveře
2013-11-14 16:12 - 2012-12-19 11:49 - 00000000 ____D C:\Users\vasek\Desktop\Iphone foto 121219
2013-11-14 16:11 - 2013-11-14 16:10 - 00000000 ____D C:\Users\vasek\Desktop\Podpis M4
2013-11-11 15:49 - 2010-12-22 13:58 - 00000000 ____D C:\Users\vasek\AppData\Roaming\Mozilla
2013-11-11 10:07 - 2009-07-14 06:08 - 00032562 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-11-11 05:50 - 2010-12-22 13:46 - 00267936 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2013-11-10 11:35 - 2010-12-25 22:20 - 00000000 ____D C:\Users\Bond\AppData\Roaming\Mozilla
Files to move or delete:
====================
C:\ProgramData\pconfig.dat
Some content of TEMP:
====================
C:\Users\Bond\AppData\Local\Temp\i4jdel0.exe
C:\Users\Bond\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Bond\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\Bond\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\vasek\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-10 01:29
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:448.46 GB) (Free:218.26 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive z: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:0 GB) FAT32
Available physical RAM: 5715.98 MB
Total physical RAM: 8047.38 MB
Percentage of memory in use: 28%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: EC94DFF7)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000Core.job => C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000UA.job => C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003Core.job => C:\Users\Bond\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003UA.job => C:\Users\Bond\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForvasek.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\vasek\Desktop" je 13446 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent
"C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^vasek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
tady to je.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2013
Ran by vasek (administrator) on VASEK-HP on 10-12-2013 17:11:22
Running from C:\Users\vasek\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender_gui.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\Plugins\Ice\Hp.SkyRoom.Windows.RgsPlugin.Authentication\Hp.SkyRoom.Windows.RgsPlugin.Authentication.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\Plugins\Ice\Hp.SkyRoom.Windows.RgsPlugin.Lens\Hp.SkyRoom.Windows.RgsPlugin.Lens.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\Plugins\Ice\Hp.SkyRoom.Windows.RgsPlugin.Licensing\Hp.SkyRoom.Windows.RgsPlugin.Licensing.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Google) C:\Users\vasek\AppData\Roaming\Google\Google Talk\googletalk.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
() C:\Program Files (x86)\OpenVPN-old\bin\openvpn-gui.exe
() C:\Program Files (x86)\OpenVPN\bin\openvpn.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(forum.viry.cz) C:\Users\vasek\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2010-04-05] (Intel Corporation)
HKLM\...\Run: [HPPowerAssistant] - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1690680 2009-11-19] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2009-11-19] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-29] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [nwiz] - nwiz.exe /installquiet
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2782096 2010-07-26] (CANON INC.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-27] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\ScCertProp: C:\Windows\SysWOW64\explorer.exe (Microsoft Corporation)
HKCU\...\Run: [googletalk] - C:\Users\vasek\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKCU\...\Run: [Google Update] - C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-16] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [Plex Media Server] - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4195464 2013-09-05] (Plex, Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2010-03-03] ()
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1316248 2010-12-02] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-21] (AVAST Software)
HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\Setup\emupdate\95408223-996a-44c6-a919-232e4a22c1e0.exe [180184 2013-11-25] (AVAST Software)
HKU\Bond\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\Bond\...\Run: [Google Update] - C:\Users\Bond\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-09-13] (Google Inc.)
HKU\Bond\...\Run: [uTorrent] - "C:\Program Files (x86)\uTorrent\uTorrent.exe"
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Bond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: HKLM-x32 - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: BHOImpl Class - {E1499FE7-129D-4B6E-B681-DDF21E14172C} - C:\Users\vasek\Documents\iTools\Plugin\iToolsBHO64.dll (iTools.hk)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BHOImpl Class - {E1499FE7-129D-4B6E-B681-DDF21E14172C} - C:\Users\vasek\Documents\iTools\Plugin\iToolsBHO.dll (iTools.hk)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - No Name - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab
DPF: HKLM-x32 {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default
FF SearchEngineOrder.1: Ask Search
FF Homepage: https://www.google.cz/?gws_rd=cr&ei=Vch ... 4ATsnoDYBw
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @itools.hk/npiTools, version=1.0.0 - C:\Users\vasek\Documents\iTools\Plugin\npiTools.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_39 - C:\windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @itools.hk/npiTools, version=1.0.0 - C:\Users\vasek\Documents\iTools\Plugin\npiTools.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\vasek\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\vasek\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\vasek\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\vasek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\vasek\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\searchplugins\qr-code-online.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Garmin Communicator - C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: jid0-RwTySlpoKU14fw7yw2AflOAihhA - C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\Extensions\jid0-RwTySlpoKU14fw7yw2AflOAihhA@jetpack.xpi
FF Extension: trident - C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\Extensions\trident@trident.com.ua.xpi
FF Extension: 602XML Filler - C:\Program Files (x86)\Mozilla Firefox\extensions\xmlfiller@software602.cz
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
Chrome:
=======
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Extension: (Docs) - C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Skype Click to Call) - C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\vasek\AppData\Local\Temp\ccex.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
==================== Services (Whitelisted) =================
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [73728 2010-04-14] (Software602 a.s.)
R2 AESTFilters; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-21] (AVAST Software)
R3 DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512 2009-11-11] (McAfee, Inc.)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [462160 2010-07-16] (DigitalPersona, Inc.)
S2 HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [32768 2010-10-19] (Hewlett-Packard Development Company, L.P)
R2 Hp.Skyroom.Windows.Service; C:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe [124984 2009-11-20] (Hewlett-Packard)
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [277096 2009-11-11] (McAfee, Inc.)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [36352 2009-12-12] ()
R2 rgsender; c:\Program Files (x86)\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe [379904 2009-11-19] (Hewlett-Packard, Inc.)
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe [244736 2010-01-29] (IDT, Inc.)
==================== Drivers (Whitelisted) ====================
R3 5U876UVC; C:\Windows\System32\DRIVERS\5U876.sys [144768 2009-11-14] (Ricoh co.,Ltd.)
R2 aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [38984 2013-11-21] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [84328 2013-11-21] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-11-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-21] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1032416 2013-11-21] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [409832 2013-11-21] (AVAST Software)
R1 aswTdi; C:\windows\system32\drivers\aswTdi.sys [65264 2013-11-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-21] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-03-17] (DT Soft Ltd)
R3 rismcx64; C:\Windows\System32\DRIVERS\rismcx64.sys [59008 2009-07-20] (RICOH Company, Ltd.)
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [58184 2009-11-11] (McAfee, Inc.)
R1 RsvLock; C:\Windows\SysWow64\Drivers\RsvLock.sys [40088 2009-11-11] (McAfee, Inc.)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [56648 2009-11-11] ()
R0 SafeBoot; C:\Windows\SysWow64\Drivers\SafeBoot.sys [110520 2009-11-11] (McAfee, Inc.)
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [60160 2009-06-04] (McAfee, Inc.)
R0 SbAlg; C:\Windows\SysWow64\Drivers\SbAlg.sys [51800 2009-11-11] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [15688 2009-11-11] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\SysWow64\Drivers\SbFsLock.sys [13256 2009-11-11] (McAfee, Inc.)
S3 tap0801; C:\Windows\System32\DRIVERS\tap0801.sys [30720 2005-04-13] (The OpenVPN Project)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-10 17:11 - 2013-12-10 17:11 - 00028343 _____ C:\Users\vasek\Desktop\FRST.txt
2013-12-10 17:10 - 2013-12-10 17:10 - 00000000 ____D C:\FRST
2013-12-10 17:05 - 2013-12-10 17:05 - 00112640 _____ (forum.viry.cz) C:\Users\vasek\Desktop\FRSTLauncher.exe
2013-12-10 16:59 - 2013-12-10 16:59 - 01927982 _____ (Farbar) C:\Users\vasek\Desktop\FRST64.exe
2013-12-10 00:34 - 2013-12-10 08:18 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-12-10 00:31 - 2013-12-10 00:32 - 00000000 ____D C:\AdwCleaner
2013-12-10 00:28 - 2013-12-10 00:28 - 00039072 _____ C:\Users\vasek\Desktop\JRT.txt
2013-12-10 00:20 - 2013-12-10 00:20 - 00000000 ____D C:\windows\ERUNT
2013-12-10 00:19 - 2013-12-10 00:19 - 00001796 _____ C:\sc-cleaner.txt
2013-12-10 00:17 - 2013-12-10 00:17 - 01110034 _____ C:\Users\vasek\Desktop\adwcleaner.exe
2013-12-10 00:17 - 2013-12-10 00:17 - 01034531 _____ (Thisisu) C:\Users\vasek\Desktop\JRT.exe
2013-12-10 00:16 - 2013-12-10 00:16 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\vasek\Desktop\sc-cleaner.exe
2013-12-09 11:31 - 2013-12-09 11:31 - 00000000 ____D C:\rsit
2013-12-09 11:27 - 2013-12-09 11:27 - 00935175 _____ C:\Users\vasek\Desktop\RSITx64.exe
2013-12-04 20:12 - 2013-12-05 00:52 - 01454080 _____ C:\Users\vasek\Desktop\45xx_RogerDB_PF2014.indd
2013-12-04 11:16 - 2013-12-04 11:17 - 50580310 _____ C:\Users\vasek\Desktop\PN titul.eps
2013-12-04 11:14 - 2013-12-04 11:14 - 01116760 _____ C:\Users\vasek\Desktop\pn-titul7.cdr
2013-12-04 11:01 - 2013-12-04 10:57 - 00944104 _____ C:\Users\vasek\Desktop\Záloha_pn-titul.cdr
2013-12-04 10:57 - 2013-12-04 11:01 - 01144464 _____ C:\Users\vasek\Desktop\pn-titul.cdr
2013-12-04 10:50 - 2013-12-04 10:50 - 17146943 _____ C:\Users\vasek\Desktop\pokus1.ps
2013-12-04 10:48 - 2013-12-04 10:48 - 17146943 _____ C:\Users\vasek\Desktop\pokus.ps
2013-12-02 12:53 - 2013-12-10 08:16 - 00000952 _____ C:\windows\setupact.log
2013-12-02 12:53 - 2013-12-02 12:53 - 00000000 _____ C:\windows\setuperr.log
2013-12-02 12:52 - 2013-12-02 12:52 - 00000780 _____ C:\windows\PFRO.log
2013-12-02 12:49 - 2013-12-02 12:49 - 00166200 _____ C:\Users\vasek\Documents\cc_20131202_124934.reg
2013-12-02 12:42 - 2013-12-02 12:42 - 00002784 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-12-02 12:42 - 2013-12-02 12:42 - 00001021 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-02 12:41 - 2013-12-06 22:04 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-27 17:51 - 2013-11-27 17:57 - 00000000 ____D C:\Users\vasek\Desktop\IPhone pouzdro
2013-11-27 11:10 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2013-11-27 11:06 - 2013-11-27 11:06 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-27 11:06 - 2013-11-27 11:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-27 11:06 - 2013-11-27 11:06 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-27 11:06 - 2013-11-27 11:06 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-11-27 11:06 - 2013-11-27 11:06 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-11-27 11:06 - 2013-11-27 11:06 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-27 11:06 - 2013-11-27 11:06 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-27 11:06 - 2013-11-27 11:06 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-11-27 11:06 - 2013-11-27 11:06 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-27 11:06 - 2013-11-27 11:06 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-11-27 11:06 - 2013-11-27 11:06 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-25 22:58 - 2013-11-25 22:58 - 00000000 ____D C:\windows\System32\Tasks\Games
2013-11-24 12:42 - 2013-11-24 12:42 - 00000000 ____D C:\Users\Bond\AppData\Roaming\AVAST Software
2013-11-21 21:10 - 2013-11-21 21:10 - 00000000 ____D C:\Users\vasek\AppData\Roaming\AVAST Software
2013-11-21 18:50 - 2013-11-26 10:42 - 00000000 ____D C:\Users\vasek\Desktop\Peceti_zalozka_PFarchiv
2013-11-16 13:01 - 2013-11-16 13:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 20:53 - 2013-11-14 20:53 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-14 20:52 - 2013-11-14 20:52 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-14 20:52 - 2013-11-14 20:52 - 00000000 ____D C:\Program Files\iTunes
2013-11-14 20:52 - 2013-11-14 20:52 - 00000000 ____D C:\Program Files\iPod
2013-11-14 20:52 - 2013-11-14 20:52 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-14 16:52 - 2013-11-14 16:53 - 00000000 ____D C:\Users\vasek\Desktop\Cedule dveře
2013-11-14 16:10 - 2013-11-14 16:11 - 00000000 ____D C:\Users\vasek\Desktop\Podpis M4
2013-11-14 11:44 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-14 11:44 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-11-14 11:44 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2013-11-14 11:44 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2013-11-14 11:44 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-14 11:44 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 11:44 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-11-14 11:44 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2013-11-14 11:44 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-11-14 11:44 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2013-11-14 11:44 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2013-11-14 11:44 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2013-11-14 11:44 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2013-11-14 11:44 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2013-11-14 11:44 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-14 11:44 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2013-11-14 11:44 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2013-11-14 11:44 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2013-11-14 11:44 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-11-14 11:44 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2013-11-14 11:44 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2013-11-14 11:44 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2013-11-14 11:44 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2013-11-14 11:43 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-11-14 11:43 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-14 11:43 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-11-14 11:43 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-11-14 11:43 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 11:43 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-14 11:43 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
==================== One Month Modified Files and Folders =======
2013-12-10 17:11 - 2013-12-10 17:11 - 00028343 _____ C:\Users\vasek\Desktop\FRST.txt
2013-12-10 17:10 - 2013-12-10 17:10 - 00000000 ____D C:\FRST
2013-12-10 17:09 - 2010-11-26 09:33 - 01085113 _____ C:\windows\WindowsUpdate.log
2013-12-10 17:08 - 2010-12-25 20:38 - 00000000 ____D C:\Users\vasek\AppData\Roaming\Skype
2013-12-10 17:05 - 2013-12-10 17:05 - 00112640 _____ (forum.viry.cz) C:\Users\vasek\Desktop\FRSTLauncher.exe
2013-12-10 17:01 - 2012-07-15 08:02 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-10 16:59 - 2013-12-10 16:59 - 01927982 _____ (Farbar) C:\Users\vasek\Desktop\FRST64.exe
2013-12-10 16:53 - 2012-07-19 09:54 - 00000962 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000UA.job
2013-12-10 16:45 - 2012-07-19 14:25 - 00000958 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003UA.job
2013-12-10 16:44 - 2012-04-03 09:51 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-12-10 13:45 - 2012-07-19 14:25 - 00000906 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003Core.job
2013-12-10 13:22 - 2012-08-21 07:56 - 00000000 ____D C:\Users\vasek\Desktop\Zatecke
2013-12-10 08:24 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-10 08:24 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-10 08:18 - 2013-12-10 00:34 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-12-10 08:16 - 2013-12-02 12:53 - 00000952 _____ C:\windows\setupact.log
2013-12-10 08:16 - 2012-07-15 08:02 - 00000948 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-10 08:16 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-12-10 02:53 - 2012-07-19 09:54 - 00000910 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000Core.job
2013-12-10 02:48 - 2011-06-16 14:41 - 00003932 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000UA
2013-12-10 02:48 - 2011-06-16 14:41 - 00003536 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000Core
2013-12-10 00:36 - 2012-07-05 18:56 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-12-10 00:32 - 2013-12-10 00:31 - 00000000 ____D C:\AdwCleaner
2013-12-10 00:31 - 2011-09-02 12:02 - 00000000 ____D C:\Users\vasek\AppData\Roaming\SoftGrid Client
2013-12-10 00:28 - 2013-12-10 00:28 - 00039072 _____ C:\Users\vasek\Desktop\JRT.txt
2013-12-10 00:20 - 2013-12-10 00:20 - 00000000 ____D C:\windows\ERUNT
2013-12-10 00:19 - 2013-12-10 00:19 - 00001796 _____ C:\sc-cleaner.txt
2013-12-10 00:17 - 2013-12-10 00:17 - 01110034 _____ C:\Users\vasek\Desktop\adwcleaner.exe
2013-12-10 00:17 - 2013-12-10 00:17 - 01034531 _____ (Thisisu) C:\Users\vasek\Desktop\JRT.exe
2013-12-10 00:16 - 2013-12-10 00:16 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\vasek\Desktop\sc-cleaner.exe
2013-12-10 00:05 - 2010-12-22 13:38 - 00083672 _____ C:\Users\vasek\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-09 23:42 - 2011-07-22 12:48 - 00000000 ____D C:\Users\vasek\Desktop\hlas
2013-12-09 16:37 - 2012-03-05 16:42 - 00007604 _____ C:\Users\vasek\AppData\Local\Resmon.ResmonCfg
2013-12-09 12:29 - 2013-06-10 14:15 - 00003186 _____ C:\windows\System32\Tasks\HPCeeScheduleForvasek
2013-12-09 12:29 - 2013-06-10 14:15 - 00000332 _____ C:\windows\Tasks\HPCeeScheduleForvasek.job
2013-12-09 11:31 - 2013-12-09 11:31 - 00000000 ____D C:\rsit
2013-12-09 11:31 - 2012-04-15 16:06 - 00000000 ____D C:\Program Files\trend micro
2013-12-09 11:27 - 2013-12-09 11:27 - 00935175 _____ C:\Users\vasek\Desktop\RSITx64.exe
2013-12-08 19:17 - 2010-12-27 15:01 - 00000000 ____D C:\Users\Bond\AppData\Roaming\Skype
2013-12-08 14:10 - 2013-10-01 10:50 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-12-08 14:03 - 2012-01-14 08:50 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-12-08 14:03 - 2011-01-13 15:02 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2013-12-06 22:04 - 2013-12-02 12:41 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-05 11:39 - 2012-08-08 09:36 - 00000000 ____D C:\Users\vasek\Desktop\Polabské noviny
2013-12-05 00:52 - 2013-12-04 20:12 - 01454080 _____ C:\Users\vasek\Desktop\45xx_RogerDB_PF2014.indd
2013-12-04 11:17 - 2013-12-04 11:16 - 50580310 _____ C:\Users\vasek\Desktop\PN titul.eps
2013-12-04 11:14 - 2013-12-04 11:14 - 01116760 _____ C:\Users\vasek\Desktop\pn-titul7.cdr
2013-12-04 11:01 - 2013-12-04 10:57 - 01144464 _____ C:\Users\vasek\Desktop\pn-titul.cdr
2013-12-04 10:57 - 2013-12-04 11:01 - 00944104 _____ C:\Users\vasek\Desktop\Záloha_pn-titul.cdr
2013-12-04 10:50 - 2013-12-04 10:50 - 17146943 _____ C:\Users\vasek\Desktop\pokus1.ps
2013-12-04 10:48 - 2013-12-04 10:48 - 17146943 _____ C:\Users\vasek\Desktop\pokus.ps
2013-12-02 14:11 - 2012-04-03 09:51 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-12-02 14:11 - 2012-04-03 09:51 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-12-02 14:11 - 2011-05-16 22:07 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-02 14:11 - 2011-01-06 12:54 - 00000000 ____D C:\Users\vasek\AppData\Local\Adobe
2013-12-02 12:53 - 2013-12-02 12:53 - 00000000 _____ C:\windows\setuperr.log
2013-12-02 12:52 - 2013-12-02 12:52 - 00000780 _____ C:\windows\PFRO.log
2013-12-02 12:49 - 2013-12-02 12:49 - 00166200 _____ C:\Users\vasek\Documents\cc_20131202_124934.reg
2013-12-02 12:45 - 2012-01-02 01:47 - 00000000 ____D C:\Users\vasek\AppData\Roaming\BitTorrent
2013-12-02 12:45 - 2011-01-14 15:34 - 00000000 ____D C:\Users\vasek\AppData\Roaming\inkscape
2013-12-02 12:45 - 2010-12-22 13:25 - 00000000 ____D C:\Users\vasek
2013-12-02 12:44 - 2011-08-12 14:00 - 00000000 ____D C:\windows\Minidump
2013-12-02 12:44 - 2009-07-27 16:04 - 00000000 ____D C:\windows\Panther
2013-12-02 12:42 - 2013-12-02 12:42 - 00002784 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-12-02 12:42 - 2013-12-02 12:42 - 00001021 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-02 12:41 - 2012-03-05 16:53 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-12-02 12:41 - 2010-12-28 12:25 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-02 12:32 - 2013-09-27 19:43 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-28 18:56 - 2010-12-28 12:25 - 00003948 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-28 18:56 - 2010-12-28 12:25 - 00003696 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-28 18:33 - 2011-05-06 09:59 - 00001397 _____ C:\Users\Bond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-27 20:21 - 2010-12-22 22:13 - 00000000 ____D C:\windows\rescache
2013-11-27 17:57 - 2013-11-27 17:51 - 00000000 ____D C:\Users\vasek\Desktop\IPhone pouzdro
2013-11-27 14:16 - 2011-12-16 14:44 - 00000000 ____D C:\Users\vasek\AppData\Roaming\vlc
2013-11-27 14:13 - 2013-05-16 22:49 - 00025088 _____ C:\Users\vasek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-27 13:54 - 2010-12-22 13:36 - 00001397 _____ C:\Users\vasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-27 13:40 - 2010-09-12 01:10 - 00631978 _____ C:\windows\system32\perfh005.dat
2013-11-27 13:40 - 2010-09-12 01:10 - 00122342 _____ C:\windows\system32\perfc005.dat
2013-11-27 13:40 - 2009-07-14 06:13 - 01471850 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-27 13:33 - 2009-07-14 04:20 - 00000000 ____D C:\windows\PolicyDefinitions
2013-11-27 11:06 - 2013-11-27 11:06 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-27 11:06 - 2013-11-27 11:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-27 11:06 - 2013-11-27 11:06 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-11-27 11:06 - 2013-11-27 11:06 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-11-27 11:06 - 2013-11-27 11:06 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-11-27 11:06 - 2013-11-27 11:06 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-11-27 11:06 - 2013-11-27 11:06 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-11-27 11:06 - 2013-11-27 11:06 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-11-27 11:06 - 2013-11-27 11:06 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-11-27 11:06 - 2013-11-27 11:06 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-11-27 11:06 - 2013-11-27 11:06 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-11-27 11:06 - 2013-11-27 11:06 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-11-27 11:06 - 2013-11-27 11:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-11-26 10:42 - 2013-11-21 18:50 - 00000000 ____D C:\Users\vasek\Desktop\Peceti_zalozka_PFarchiv
2013-11-26 09:06 - 2010-12-25 20:38 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-26 09:06 - 2010-12-25 20:38 - 00000000 ____D C:\ProgramData\Skype
2013-11-25 22:58 - 2013-11-25 22:58 - 00000000 ____D C:\windows\System32\Tasks\Games
2013-11-24 12:42 - 2013-11-24 12:42 - 00000000 ____D C:\Users\Bond\AppData\Roaming\AVAST Software
2013-11-21 21:10 - 2013-11-21 21:10 - 00000000 ____D C:\Users\vasek\AppData\Roaming\AVAST Software
2013-11-21 21:05 - 2013-03-07 13:02 - 00205320 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-11-21 21:05 - 2013-03-07 13:02 - 00065776 _____ C:\windows\system32\Drivers\aswRvrt.sys
2013-11-21 21:05 - 2012-03-05 17:27 - 01032416 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-11-21 21:05 - 2012-03-05 17:27 - 00409832 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2013-11-21 21:05 - 2012-03-05 17:27 - 00334648 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2013-11-21 21:05 - 2012-03-05 17:27 - 00092544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2013-11-21 21:05 - 2012-03-05 17:27 - 00084328 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2013-11-21 21:05 - 2012-03-05 17:27 - 00065264 _____ (AVAST Software) C:\windows\system32\Drivers\aswTdi.sys
2013-11-21 21:05 - 2012-03-05 17:27 - 00038984 _____ (AVAST Software) C:\windows\system32\Drivers\aswFsBlk.sys
2013-11-21 21:05 - 2012-03-05 17:27 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-21 21:05 - 2012-03-05 17:26 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2013-11-21 21:04 - 2012-03-05 17:27 - 00000000 _____ C:\windows\SysWOW64\config.nt
2013-11-21 21:04 - 2012-03-05 17:26 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-21 12:54 - 2012-05-07 10:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-21 10:20 - 2013-10-29 15:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-16 13:01 - 2013-11-16 13:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 20:53 - 2013-11-14 20:53 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-14 20:52 - 2013-11-14 20:52 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-14 20:52 - 2013-11-14 20:52 - 00000000 ____D C:\Program Files\iTunes
2013-11-14 20:52 - 2013-11-14 20:52 - 00000000 ____D C:\Program Files\iPod
2013-11-14 20:52 - 2013-11-14 20:52 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-14 17:19 - 2013-07-15 10:38 - 00000000 ____D C:\windows\system32\MRT
2013-11-14 17:17 - 2010-12-25 20:25 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-14 16:53 - 2013-11-14 16:52 - 00000000 ____D C:\Users\vasek\Desktop\Cedule dveře
2013-11-14 16:12 - 2012-12-19 11:49 - 00000000 ____D C:\Users\vasek\Desktop\Iphone foto 121219
2013-11-14 16:11 - 2013-11-14 16:10 - 00000000 ____D C:\Users\vasek\Desktop\Podpis M4
2013-11-11 15:49 - 2010-12-22 13:58 - 00000000 ____D C:\Users\vasek\AppData\Roaming\Mozilla
2013-11-11 10:07 - 2009-07-14 06:08 - 00032562 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-11-11 05:50 - 2010-12-22 13:46 - 00267936 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2013-11-10 11:35 - 2010-12-25 22:20 - 00000000 ____D C:\Users\Bond\AppData\Roaming\Mozilla
Files to move or delete:
====================
C:\ProgramData\pconfig.dat
Some content of TEMP:
====================
C:\Users\Bond\AppData\Local\Temp\i4jdel0.exe
C:\Users\Bond\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Bond\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\Bond\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\vasek\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-10 01:29
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:448.46 GB) (Free:218.26 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive z: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:0 GB) FAT32
Available physical RAM: 5715.98 MB
Total physical RAM: 8047.38 MB
Percentage of memory in use: 28%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: EC94DFF7)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000Core.job => C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000UA.job => C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003Core.job => C:\Users\Bond\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003UA.job => C:\Users\Bond\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForvasek.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\vasek\Desktop" je 13446 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent
"C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^vasek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (7.2 KiB) Staženo 46 x
Re: Nesmyslné odkazy v prohlížeči, otevírání reklamních strá
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [500208 2010-03-06] (Adobe Systems Incorporated) HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-27] (Hewlett-Packard) HKCU\...\Run: [googletalk] - C:\Users\vasek\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google) HKCU\...\Run: [Google Update] - C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-16] (Google Inc.) HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) HKCU\...\Run: [Plex Media Server] - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4195464 2013-09-05] (Plex, Inc.) HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.) HKU\Bond\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) HKU\Bond\...\Run: [Google Update] - C:\Users\Bond\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-09-13] (Google Inc.) HKU\Bond\...\Run: [uTorrent] - "C:\Program Files (x86)\uTorrent\uTorrent.exe" HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch URLSearchHook: HKLM-x32 - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKLM-x32 - No Name - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File FF SearchEngineOrder.1: Ask Search FF Homepage: https://www.google.cz/?gws_rd=cr&ei=Vch ... 4ATsnoDYBw FF Extension: jid0-RwTySlpoKU14fw7yw2AflOAihhA - C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\Extensions\jid0-RwTySlpoKU14fw7yw2AflOAihhA@jetpack.xpi CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\vasek\AppData\Local\Temp\ccex.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx 2013-12-10 00:16 - 2013-12-10 00:16 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\vasek\Desktop\sc-cleaner.exe 2013-12-10 00:19 - 2013-12-10 00:19 - 00001796 _____ C:\sc-cleaner.txt Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000Core.job => C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000UA.job => C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003Core.job => C:\Users\Bond\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003UA.job => C:\Users\Bond\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\HPCeeScheduleForvasek.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Nesmyslné odkazy v prohlížeči, otevírání reklamních strá
Úkol splněn.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-12-2013
Ran by vasek at 2013-12-10 19:06:08 Run:1
Running from C:\Users\vasek\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-27] (Hewlett-Packard)
HKCU\...\Run: [googletalk] - C:\Users\vasek\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKCU\...\Run: [Google Update] - C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-16] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [Plex Media Server] - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4195464 2013-09-05] (Plex, Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKU\Bond\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\Bond\...\Run: [Google Update] - C:\Users\Bond\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-09-13] (Google Inc.)
HKU\Bond\...\Run: [uTorrent] - "C:\Program Files (x86)\uTorrent\uTorrent.exe"
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: HKLM-x32 - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM-x32 - No Name - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
FF SearchEngineOrder.1: Ask Search
FF Homepage: https://www.google.cz/?gws_rd=cr&ei=Vch ... 4ATsnoDYBw
FF Extension: jid0-RwTySlpoKU14fw7yw2AflOAihhA - C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\Extensions\jid0-RwTySlpoKU14fw7yw2AflOAihhA@jetpack.xpi
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\vasek\AppData\Local\Temp\ccex.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
2013-12-10 00:16 - 2013-12-10 00:16 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\vasek\Desktop\sc-cleaner.exe
2013-12-10 00:19 - 2013-12-10 00:19 - 00001796 _____ C:\sc-cleaner.txt
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000Core.job => C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000UA.job => C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003Core.job => C:\Users\Bond\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003UA.job => C:\Users\Bond\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForvasek.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NCPluginUpdater => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\googletalk => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Plex Media Server => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Acrobat Speed Launcher => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKU\Bond\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKU\Bond\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKU\Bond\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Value deleted successfully.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => Value deleted successfully.
HKCR\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => Key not found.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox homepage deleted successfully.
C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\Extensions\jid0-RwTySlpoKU14fw7yw2AflOAihhA@jetpack.xpi => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj => Key deleted successfully.
"C:\Users\vasek\AppData\Local\Temp\ccex.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => Moved successfully.
C:\Users\vasek\Desktop\sc-cleaner.exe => Moved successfully.
C:\sc-cleaner.txt => Moved successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000Core.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000UA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003Core.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003UA.job => Moved successfully.
C:\windows\Tasks\HPCeeScheduleForvasek.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-12-2013
Ran by vasek at 2013-12-10 19:06:08 Run:1
Running from C:\Users\vasek\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-27] (Hewlett-Packard)
HKCU\...\Run: [googletalk] - C:\Users\vasek\AppData\Roaming\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKCU\...\Run: [Google Update] - C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-16] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [Plex Media Server] - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4195464 2013-09-05] (Plex, Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKU\Bond\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\Bond\...\Run: [Google Update] - C:\Users\Bond\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-09-13] (Google Inc.)
HKU\Bond\...\Run: [uTorrent] - "C:\Program Files (x86)\uTorrent\uTorrent.exe"
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: HKLM-x32 - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM-x32 - No Name - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
FF SearchEngineOrder.1: Ask Search
FF Homepage: https://www.google.cz/?gws_rd=cr&ei=Vch ... 4ATsnoDYBw
FF Extension: jid0-RwTySlpoKU14fw7yw2AflOAihhA - C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\Extensions\jid0-RwTySlpoKU14fw7yw2AflOAihhA@jetpack.xpi
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\vasek\AppData\Local\Temp\ccex.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
2013-12-10 00:16 - 2013-12-10 00:16 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\vasek\Desktop\sc-cleaner.exe
2013-12-10 00:19 - 2013-12-10 00:19 - 00001796 _____ C:\sc-cleaner.txt
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000Core.job => C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000UA.job => C:\Users\vasek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003Core.job => C:\Users\Bond\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003UA.job => C:\Users\Bond\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForvasek.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NCPluginUpdater => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\googletalk => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Plex Media Server => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Acrobat Speed Launcher => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKU\Bond\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKU\Bond\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKU\Bond\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Value deleted successfully.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => Value deleted successfully.
HKCR\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => Key not found.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox homepage deleted successfully.
C:\Users\vasek\AppData\Roaming\Mozilla\Firefox\Profiles\lpdgogv7.default\Extensions\jid0-RwTySlpoKU14fw7yw2AflOAihhA@jetpack.xpi => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj => Key deleted successfully.
"C:\Users\vasek\AppData\Local\Temp\ccex.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => Moved successfully.
C:\Users\vasek\Desktop\sc-cleaner.exe => Moved successfully.
C:\sc-cleaner.txt => Moved successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000Core.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1000UA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003Core.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3986653516-3093899517-2893670574-1003UA.job => Moved successfully.
C:\windows\Tasks\HPCeeScheduleForvasek.job => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: Nesmyslné odkazy v prohlížeči, otevírání reklamních strá
Tak jeste uklidime 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Nesmyslné odkazy v prohlížeči, otevírání reklamních strá
Odvšiveno, vyčištěno a spokojeno!
Velkej respekt, moc děkuju.
Velkej respekt, moc děkuju.
Re: Nesmyslné odkazy v prohlížeči, otevírání reklamních strá
Zase nekdy 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?