FRST log:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-05-2014
Ran by Tomík at 2014-05-03 13:28:24 Run:1
Running from C:\Users\Tomík\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKU\S-1-5-21-344498811-508803493-3516053801-1003\...\MountPoints2: {05a54dbd-a985-11e2-b3f2-d43d7e317dfb} - E:\Cossacks2Setup.exe
HKU\S-1-5-21-344498811-508803493-3516053801-1003\...\MountPoints2: {42629cc9-4e08-11e2-9948-806e6f6e6963} - D:\autorun.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://websearch.searchsun.info/?pid=72 ... g=EN&cc=CZ
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
http://websearch.searchsun.info/?pid=72 ... g=EN&cc=CZ
SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
http://websearch.searchsun.info/?l=1&q= ... g=EN&cc=CZ
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
http://websearch.searchsun.info/?l=1&q= ... g=EN&cc=CZ
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {B89A3AA5-1645-4271-82D3-47DD7202CFED} URL =
http://search.conduit.com/ResultsExt.as ... 63019&UM=1
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
http://websearch.searchsun.info/?l=1&q= ... g=EN&cc=CZ
SearchScopes: HKCU - {F429924A-67F2-46C0-8450-5317A6B153E7} URL =
http://search.conduit.com/ResultsExt.as ... 189E&SSPV=
SearchScopes: HKCU - {FD3577CD-3C00-435F-BC22-B4C848D2D99B} URL =
http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CZ&apn_uid=1BF2E58D-E15F-4554-BC33-A54A272EA6B5&apn_sauid=93F78126-689C-4BF9-BBBE-C23A590E3BDE
BHO: Searcch-NEEwTab - {9D27BC9F-8A9E-C514-7B8D-C4DEEBF6D1BC} - C:\Program Files (x86)\Searcch-NEEwTab\uq9VUjz.x64.dll ()
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: DuealExpresSS - {CA569FB8-0F9A-8481-A3EC-CA502882ED38} - C:\ProgramData\DuealExpresSS\Fi.x64.dll ()
BHO: SaVE net - {CAFEAAC6-3A1B-9F01-99AA-1D97303A9FEF} - C:\Program Files (x86)\SaVE net\7tvrB4.x64.dll ()
C:\Program Files (x86)\Searcch-NEEwTab
C:\Program Files (x86)\Skype\Toolbars
C:\ProgramData\DuealExpresSS
C:\Program Files (x86)\SaVE net
BHO-x32: Searcch-NEEwTab - {9D27BC9F-8A9E-C514-7B8D-C4DEEBF6D1BC} - C:\Program Files (x86)\Searcch-NEEwTab\uq9VUjz.dll ()
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
FF Extension: Torntv 3 - C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\profiles\extensions\
trtv3@trtv.com.xpi [2013-06-30]
CHR HomePage: hxxp://websearch.searchsun.info/?pid=72 ... g=EN&cc=CZ
CHR StartupUrls: "hxxp://websearch.searchsun.info/?pid=724&r=2014/04/13&hid=6650250605528727184&lg=EN&cc=CZ"
CHR DefaultSearchKeyword: websearch
CHR DefaultSearchProvider: WebSearch
CHR DefaultSearchURL:
http://websearch.searchsun.info/?l=1&q= ... g=EN&cc=CZ
CHR DefaultNewTabURL:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 d0e87c27; C:\Program Files (x86)\SW-Booster\AssistantSvc.dll [174928 2014-04-13] ()
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\{8FC16B41-4808-42B0-88E1-6B1E6722BF39}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Tomík\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
End
*****************
HKU\S-1-5-21-344498811-508803493-3516053801-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{05a54dbd-a985-11e2-b3f2-d43d7e317dfb} => Key deleted successfully.
HKCR\CLSID\{05a54dbd-a985-11e2-b3f2-d43d7e317dfb} => Key not found.
HKU\S-1-5-21-344498811-508803493-3516053801-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{42629cc9-4e08-11e2-9948-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{42629cc9-4e08-11e2-9948-806e6f6e6963} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B89A3AA5-1645-4271-82D3-47DD7202CFED} => Key deleted successfully.
HKCR\CLSID\{B89A3AA5-1645-4271-82D3-47DD7202CFED} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key deleted successfully.
HKCR\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F429924A-67F2-46C0-8450-5317A6B153E7} => Key deleted successfully.
HKCR\CLSID\{F429924A-67F2-46C0-8450-5317A6B153E7} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FD3577CD-3C00-435F-BC22-B4C848D2D99B} => Key deleted successfully.
HKCR\CLSID\{FD3577CD-3C00-435F-BC22-B4C848D2D99B} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D27BC9F-8A9E-C514-7B8D-C4DEEBF6D1BC} => Key deleted successfully.
HKCR\CLSID\{9D27BC9F-8A9E-C514-7B8D-C4DEEBF6D1BC} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA569FB8-0F9A-8481-A3EC-CA502882ED38} => Key deleted successfully.
HKCR\CLSID\{CA569FB8-0F9A-8481-A3EC-CA502882ED38} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAFEAAC6-3A1B-9F01-99AA-1D97303A9FEF} => Key deleted successfully.
HKCR\CLSID\{CAFEAAC6-3A1B-9F01-99AA-1D97303A9FEF} => Key deleted successfully.
C:\Program Files (x86)\Searcch-NEEwTab => Moved successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
C:\ProgramData\DuealExpresSS => Moved successfully.
C:\Program Files (x86)\SaVE net => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D27BC9F-8A9E-C514-7B8D-C4DEEBF6D1BC} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9D27BC9F-8A9E-C514-7B8D-C4DEEBF6D1BC} => Key deleted successfully.
HKCR\PROTOCOLS\Handler\skype-ie-addon-data => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skype-ie-addon-data => Key not found.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key deleted successfully.
C:\Users\Tomík\AppData\Roaming\Mozilla\Firefox\profiles\extensions\
trtv3@trtv.com.xpi => Moved successfully.
CHR HomePage: hxxp://websearch.searchsun.info/?pid=72 ... g=EN&cc=CZ ==> The Chrome "Settings" can be used to fix the entry.
CHR StartupUrls: "hxxp://websearch.searchsun.info/?pid=724&r=2014/04/13&hid=6650250605528727184&lg=EN&cc=CZ" ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchKeyword: websearch ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchProvider: WebSearch ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL:
http://websearch.searchsun.info/?l=1&q= ... g=EN&cc=CZ ==> The Chrome "Settings" can be used to fix the entry.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.
d0e87c27 => Service stopped successfully.
d0e87c27 => Service deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\System32\Tasks\{8FC16B41-4808-42B0-88E1-6B1E6722BF39} => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
"C:\Users\Tomík\AppData\Local\Temp" directory move:
C:\Users\Tomík\AppData\Local\Temp\$$$1040.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\$$$24D8.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\$$$A379.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\$$$AAAA.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\0E17786D-965C-4A04-BEAD-F881A9E0C81E.Diagnose.0.etl => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\6D86D00D-39E5-4654-BB94-D6AF75F4C29B.Diagnose.0.etl => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\adb.log => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AdobeARM_NotLocked.log => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AdobeSFX.log => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\amt3.log => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\au-descriptor-1.7.0_55-b14.xml => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AvgRep.xml => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU2393008170086414146.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU3554803217987715577.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU3629140928339458261.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU4095364745355563395.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU4500334632944803651.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU4864987257699676159.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU5265846687329985029.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU608069649091273727.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU6642264974158691253.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU7156080982861845971.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU7283332775074481457.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU7739323009358457865.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU7845251155626813535.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU8140228087544910855.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU8300921311144197386.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU8458394395365750365.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\AZU9164142469831926891.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\azupdater_1.9.1.zip => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\Azureus5.2.0.0.jar => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\comver.dll => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4j25FA.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4j604C.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4j652E.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4j8594.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4j9E68.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4jA509.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4jD183.tmp => Moved successfully.
Could not move "C:\Users\Tomík\AppData\Local\Temp\etilqs_TpVNj8CgW8r80Pq" => Scheduled to move on reboot.
Could not move "C:\Users\Tomík\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Tomík\AppData\Local\Temp\GLF5C89.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\gomtemp.smi => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\gsi7470.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\Guest.bmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\hamachi.lng => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\hamAF70.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\i4jdel0.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\inet.txt => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\inf66C8.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\Jedna Ruka Netleska[CZ]Od Duriho-Benny avi.log => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\LiveSupport_setup.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsaAD04.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsaD79A.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsaEFA2.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsb5FC9.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsb5FC9.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsb623A.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsb623A.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsbB61B.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nscEA0.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsd2AD7.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nse907C.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nse95BA.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nseC29B.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsfB223.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsfB7E9.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsfD93F.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsh968B.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nshC17B.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nshCEB.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsi46B0.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsj2481.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsk5C58.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nskA370.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nskDDDA.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nskDDDA.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsl40F0.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsl40F0.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsl7DEE.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsm253C.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nso9E70.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsoBF2.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsoCB3A.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsp8B13.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsq321F.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsq3E9E.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsq3E9E.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsq3FD4.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsq966D.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsqE8F8.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsqFF36.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nss98F4.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsvAF07.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsx65F3.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsx7AE9.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsx84B9.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsz9CB4.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\oobelib.log => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\PDApp.log => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\qtsingleapp-richme-532f-1-lockfile => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\qtsingleapp-whatpu-6d28-1-lockfile => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\relnotes.html => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\sSetup-se.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\swtag.log => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\Tomík.bmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\Tsu5F627FBB.dll => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\TUInstallLogBP_2014-02-18_13-59-54.log => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\TUMCB6C.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\TUMCBAB.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\unrar.dll => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\Vuze_5.3.0.0a_win64.zip => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\Vuze_5.3.0.0_win64.zip => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\wmplog01.sqm => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\wmplog02.sqm => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\wmplog03.sqm => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\wp-keyboard-1392891454.png => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\~DF1964CB443AE3206F.TMP => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\~e5.0001 => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{bfd1d73a-56ef-4515-adc2-e8f68ba0c9d5}\GameRanger.dll => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{6EADAAFE-114D-41C8-A323-596FB54E8808}\general_logo.bmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{6EADAAFE-114D-41C8-A323-596FB54E8808}\v_grey.jpg => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{6EADAAFE-114D-41C8-A323-596FB54E8808}\x86\regsvr32.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{6EADAAFE-114D-41C8-A323-596FB54E8808}\x64\regsvr32.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{6EADAAFE-114D-41C8-A323-596FB54E8808}\Addons\newtab_setup.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{6EADAAFE-114D-41C8-A323-596FB54E8808}\Addons\OptimizerProInstaller.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{6EADAAFE-114D-41C8-A323-596FB54E8808}\Addons\search_installer.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{6EADAAFE-114D-41C8-A323-596FB54E8808}\Addons\ytab_setup.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{4E1933C5-C429-4F27-B27B-D976916C707E}\setup.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{354A19EE-AB77-4B66-A98D-E355EEA93B18}\Custom.dll => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{354A19EE-AB77-4B66-A98D-E355EEA93B18}\general_logo.bmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{354A19EE-AB77-4B66-A98D-E355EEA93B18}\Readme.txt => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{354A19EE-AB77-4B66-A98D-E355EEA93B18}\Setup.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{354A19EE-AB77-4B66-A98D-E355EEA93B18}\Setup.ico => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{354A19EE-AB77-4B66-A98D-E355EEA93B18}\v_grey.jpg => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\{354A19EE-AB77-4B66-A98D-E355EEA93B18}\_Setup.dll => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\ntusr_bc\Stop\BCcore.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\ntusr_bc\Stop\Stop.bat => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsu364F.tmp\background.bmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsu364F.tmp\BgWorker.dll => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsu364F.tmp\btn_min.bmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsu364F.tmp\install.ico => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsu364F.tmp\KillProcDLL.dll => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsu364F.tmp\nsis7z.dll => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsu364F.tmp\SkinBtn.dll => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsu364F.tmp\System.dll => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsu364F.tmp\uninstall.ico => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\nsq966D\SpSetup.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\Low\dat2994.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\Low\dat29A4.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\Low\dat29A5.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\Low\dat29B6.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4jD183.tmp_dir1395172908\exe4jlib.jar => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4jD183.tmp_dir1395172908\i4jdel.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4jA509.tmp_dir1397580205\exe4jlib.jar => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4jA509.tmp_dir1397580205\i4jdel.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4j9E68.tmp_dir1394831314\exe4jlib.jar => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4j9E68.tmp_dir1394831314\i4jdel.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4j8594.tmp_dir1397486905\exe4jlib.jar => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4j8594.tmp_dir1397486905\i4jdel.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4j652E.tmp_dir1394368317\exe4jlib.jar => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4j652E.tmp_dir1394368317\i4jdel.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4j604C.tmp_dir1395085143\exe4jlib.jar => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4j604C.tmp_dir1395085143\i4jdel.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4j25FA.tmp_dir1393333445\exe4jlib.jar => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\e4j25FA.tmp_dir1393333445\i4jdel.exe => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\divE5C1.tmp\divE5D2.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\div3096.tmp\div3097.tmp => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\892_17993\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\892_17993\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\892_17993\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\872_24056\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\872_24056\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\872_24056\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\856_3192\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\856_3192\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\856_3192\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\616_5772\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\616_5772\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\616_5772\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\5936_31795\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\5936_31795\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\5936_31795\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\5084_2140\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\5084_2140\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\5084_2140\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\5044_22003\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\5044_22003\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\5044_22003\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4856_20531\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4856_20531\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4856_20531\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4828_18679\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4828_18679\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4828_18679\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4784_19021\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4784_19021\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4784_19021\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4780_6477\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4780_6477\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4780_6477\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4748_2181\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4748_2181\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4748_2181\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4672_20007\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4672_20007\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4672_20007\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4656_32697\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4656_32697\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4656_32697\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4616_25389\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4616_25389\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4616_25389\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4524_18152\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4524_18152\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4524_18152\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4504_5152\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4504_5152\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4504_5152\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4492_21277\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4492_21277\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4492_21277\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4476_23519\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4476_23519\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4476_23519\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4456_12181\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4456_12181\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4456_12181\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4436_4224\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4436_4224\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4436_4224\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4388_2321\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4388_2321\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4388_2321\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4372_1603\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4372_1603\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4372_1603\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4256_7431\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4256_7431\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4256_7431\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4000_20327\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4000_20327\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\4000_20327\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3968_31795\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3968_31795\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3968_31795\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3912_8663\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3912_8663\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3912_8663\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3740_15158\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3740_15158\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3740_15158\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\372_5935\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\372_5935\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\372_5935\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3656_29633\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3656_29633\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3656_29633\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3620_3533\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3620_3533\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3620_3533\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3528_11531\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3528_11531\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3528_11531\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3504_23366\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3504_23366\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3504_23366\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3468_12648\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3468_12648\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3468_12648\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3444_4565\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3444_4565\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3444_4565\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3360_14157\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3360_14157\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3360_14157\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3288_18674\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3288_18674\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3288_18674\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\324_10803\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\324_10803\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\324_10803\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3208_10520\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3208_10520\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3208_10520\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3184_28859\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3184_28859\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3184_28859\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3160_17251\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3160_17251\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3160_17251\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3044_1817\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3044_1817\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3044_1817\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3008_15590\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3008_15590\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\3008_15590\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2936_11887\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2936_11887\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2936_11887\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2908_23881\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2908_23881\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2908_23881\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2724_589\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2724_589\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2724_589\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2604_4303\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2604_4303\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2604_4303\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2560_22621\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2560_22621\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2560_22621\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2504_9416\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2504_9416\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\2504_9416\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\1944_373\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\1944_373\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\1944_373\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\1736_433\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\1736_433\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\1736_433\manifest.json => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\172_1263\crl-set => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\172_1263\manifest.fingerprint => Moved successfully.
C:\Users\Tomík\AppData\Local\Temp\172_1263\manifest.json => Moved successfully.
Could not move "C:\Users\Tomík\AppData\Local\Temp" directory. => Scheduled to move on reboot.
C:\ProgramData\TEMP => ":05EE1EEF" ADS removed successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-05-03 14:37:55)<=
C:\Users\Tomík\AppData\Local\Temp\etilqs_TpVNj8CgW8r80Pq => Is moved successfully.
C:\Users\Tomík\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Tomík\AppData\Local\Temp => Moved successfully.
==== End of Fixlog ====
Log RSIT
Logfile of random's system information tool 1.08 (written by random/random)
Run by Tomík at 2014-05-03 15:52:45
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 1265 GB (66%) free of 1908 GB
Total RAM: 6142 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:52:48, on 3.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Tomík\Downloads\RSIT-1.06.exe
C:\Program Files (x86)\trend micro\Tomík.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
www.hal3000.cz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: YoutubeAdblocker - {8046B512-8B23-1FC0-037C-3015C48C9A76} - C:\Program Files (x86)\YoutubeAdblocker\a.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O2 - BHO: DuealExpresSS - {CA569FB8-0F9A-8481-A3EC-CA502882ED38} - C:\ProgramData\DuealExpresSS\Fi.dll (file missing)
O2 - BHO: SaVE net - {CAFEAAC6-3A1B-9F01-99AA-1D97303A9FEF} - C:\Program Files (x86)\SaVE net\7tvrB4.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Rich Media Player - {FEB703F7-E7B2-4AB0-9566-87658AC70095} - C:\Users\Tomík\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Tomík\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [EADM] "C:\Users\Public\Desktop\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [LiveSupport] "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: GameRanger.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\sw-boo~1\assist~1.dll
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: MgAssist Service (MgAssistService) - Unknown owner - C:\Program Files (x86)\Mobogenie\MgAssist.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files (x86)\Tor\tor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11904 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\SW-Booster-S-1095609242.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-02-01 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8046B512-8B23-1FC0-037C-3015C48C9A76}]
YoutubeAdblocker - C:\Program Files (x86)\YoutubeAdblocker\a.dll [2014-04-13 423936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA569FB8-0F9A-8481-A3EC-CA502882ED38}]
DuealExpresSS - C:\ProgramData\DuealExpresSS\Fi.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAFEAAC6-3A1B-9F01-99AA-1D97303A9FEF}]
SaVE net - C:\Program Files (x86)\SaVE net\7tvrB4.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-02-01 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]
Rich Media Player - C:\Users\Tomík\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll [2013-03-12 120600]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2011-06-24 5199984]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-03-21 1061960]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-12-06 766208]
"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [2014-04-17 748736]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe []
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-04-15 3814736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2014-04-24 1825984]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2013-12-06 389120]
"NextLive"=C:\Users\Tomík\AppData\Roaming\newnext.me\nengine.dll [2014-01-06 1283584]
"EADM"=C:\Users\Public\Desktop\Origin\Origin.exe [2014-03-02 3497552]
"LiveSupport"=C:\Program Files (x86)\LiveSupport\LiveSupport.exe /noshow /log []
C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
GameRanger.lnk - C:\Users\Tomík\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~2\sw-boo~1\assist~1.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 months======
2014-05-03 14:41:03 ----D---- C:\_OTM
2014-05-03 12:21:31 ----D---- C:\FRST
2014-05-02 22:35:24 ----A---- C:\Windows\SysWOW64\mshtml.dll
2014-04-29 22:38:34 ----A---- C:\Windows\SysWOW64\ieui.dll
2014-04-29 22:37:59 ----A---- C:\Windows\SysWOW64\vbscript.dll
2014-04-29 22:37:47 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2014-04-29 22:37:47 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2014-04-29 22:37:46 ----A---- C:\Windows\SysWOW64\msrating.dll
2014-04-29 22:37:46 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2014-04-29 22:37:46 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2014-04-29 22:37:45 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2014-04-29 22:37:44 ----A---- C:\Windows\SysWOW64\iesetup.dll
2014-04-29 22:37:44 ----A---- C:\Windows\SysWOW64\iernonce.dll
2014-04-29 22:37:43 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-29 22:37:41 ----A---- C:\Windows\SysWOW64\jscript9diag.dll
2014-04-29 22:37:41 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-29 22:37:40 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2014-04-29 22:37:38 ----A---- C:\Windows\SysWOW64\iertutil.dll
2014-04-29 22:37:37 ----A---- C:\Windows\SysWOW64\wininet.dll
2014-04-29 22:37:37 ----A---- C:\Windows\SysWOW64\urlmon.dll
2014-04-29 22:37:35 ----A---- C:\Windows\SysWOW64\ieframe.dll
2014-04-29 22:37:34 ----A---- C:\Windows\SysWOW64\jscript9.dll
2014-04-16 15:09:37 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2014-04-13 20:33:16 ----D---- C:\ProgramData\Searcch-NEEwTab
2014-04-13 20:32:46 ----A---- C:\Users\Tomík\AppData\Roaming\regsvr32.exe_log.txt
2014-04-13 20:32:46 ----A---- C:\Users\Tomík\AppData\Roaming\LiveSupport.exe_log.txt
2014-04-13 20:32:44 ----D---- C:\Users\Tomík\AppData\Roaming\SkypEmoticons
2014-04-13 20:31:52 ----D---- C:\ProgramData\SuperbApp
2014-04-13 20:31:47 ----D---- C:\Program Files (x86)\SW-Booster
2014-04-13 20:31:22 ----D---- C:\ProgramData\YoutubeAdblocker
2014-04-13 20:31:22 ----D---- C:\Program Files (x86)\YoutubeAdblocker
2014-04-13 20:31:14 ----D---- C:\ProgramData\562b5f13ec1d449a
2014-04-13 20:31:13 ----D---- C:\ProgramData\SaVE net
2014-04-13 19:40:53 ----D---- C:\Program Files (x86)\GSC Game World
2014-04-13 13:07:48 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-13 13:05:10 ----D---- C:\Users\Tomík\AppData\Roaming\GameRanger
2014-04-13 12:44:58 ----D---- C:\Program Files (x86)\Firefly Studios
2014-04-10 19:34:58 ----A---- C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 19:34:56 ----A---- C:\Windows\SysWOW64\setup16.exe
2014-04-10 19:34:56 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 19:34:56 ----A---- C:\Windows\SysWOW64\kernel32.dll
2014-04-10 19:34:55 ----A---- C:\Windows\SysWOW64\wow32.dll
2014-04-10 19:34:55 ----A---- C:\Windows\SysWOW64\user.exe
2014-04-10 19:34:55 ----A---- C:\Windows\SysWOW64\instnm.exe
2014-04-04 20:56:26 ----RD---- C:\Program Files (x86)\Skype
2014-04-04 20:56:26 ----D---- C:\Program Files (x86)\Common Files\Skype
======List of files/folders modified in the last 1 months======
2014-05-03 15:52:48 ----D---- C:\Windows\Prefetch
2014-05-03 15:52:47 ----D---- C:\Program Files (x86)\trend micro
2014-05-03 15:52:37 ----D---- C:\Windows\Temp
2014-05-03 15:48:10 ----D---- C:\Users\Tomík\AppData\Roaming\newnext.me
2014-05-03 15:47:48 ----D---- C:\Program Files (x86)\Steam
2014-05-03 13:28:24 ----RD---- C:\Program Files (x86)
2014-05-03 13:28:24 ----HD---- C:\ProgramData
2014-05-03 13:28:24 ----D---- C:\Windows\Tasks
2014-05-03 12:22:49 ----D---- C:\Windows
2014-05-02 22:35:37 ----D---- C:\Windows\SysWOW64
2014-05-02 22:35:37 ----D---- C:\Windows\System32
2014-05-02 22:35:29 ----D---- C:\Windows\winsxs
2014-05-02 22:35:20 ----SHD---- C:\System Volume Information
2014-05-02 22:01:11 ----D---- C:\Users\Tomík\AppData\Roaming\Skype
2014-05-01 15:17:14 ----D---- C:\Windows\rescache
2014-05-01 14:20:57 ----D---- C:\Windows\SysWOW64\en-US
2014-05-01 14:20:57 ----D---- C:\Windows\SysWOW64\cs-CZ
2014-05-01 14:20:57 ----D---- C:\Windows\PolicyDefinitions
2014-05-01 14:20:56 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-26 21:33:38 ----D---- C:\Program Files (x86)\Common Files\Steam
2014-04-18 22:20:10 ----D---- C:\Users\Tomík\AppData\Roaming\Azureus
2014-04-18 21:31:57 ----SHD---- C:\Windows\Installer
2014-04-18 14:38:02 ----SD---- C:\Users\Tomík\AppData\Roaming\Microsoft
2014-04-17 11:48:56 ----D---- C:\Program Files (x86)\Mobogenie
2014-04-13 20:49:14 ----AD---- C:\ProgramData\TEMP
2014-04-13 20:35:39 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2014-04-13 20:33:15 ----D---- C:\ProgramData\InstallMate
2014-04-13 20:31:06 ----D---- C:\Users
2014-04-13 18:52:39 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-04-13 12:56:16 ----RD---- C:\Program Files
2014-04-11 21:31:52 ----D---- C:\Windows\AppPatch
2014-04-10 22:38:41 ----D---- C:\ProgramData\Microsoft Help
2014-04-06 19:56:38 ----D---- C:\Windows\inf
2014-04-04 20:56:29 ----D---- C:\ProgramData\Skype
2014-04-04 20:56:26 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\drivers\amd_sata.sys []
R0 amd_xata;amd_xata; C:\Windows\system32\drivers\amd_xata.sys []
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\drivers\AtiPcie64.sys []
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-20 59648]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys []
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys []
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-20 59648]
S3 amdiox64;AMD IO Driver; C:\Windows\system32\drivers\amdiox64.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 AVerAF35;AVerMedia A835 USB DVB-T; C:\Windows\System32\Drivers\AVerAF35.sys []
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys []
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\drivers\ASACPI.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADExchange;ArcSoft Exchange Service; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2012-02-16 43112]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-06 344064]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-04-15 2227536]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-04-08 377616]
R2 MgAssistService;MgAssist Service; C:\Program Files (x86)\Mobogenie\MgAssist.exe [2014-04-17 70848]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-02-04 76888]
R2 tor;Tor Win32 Service; C:\Program Files (x86)\Tor\tor.exe [2013-08-29 3233806]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe []
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-04-24 572096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-24 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 641352]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Dokážete mi prosím pomoci?
Přispějete na provoz fóra?