Dynamic Pricer a zpomalení počítače

Zpráva

Daveson · #1 Příspěvek od **Daveson** » 15 kvě 2014 16:14

Zdravíčko pánové, prosím o kontrolu logu pc jelikož se mi tam nainstaloval DynamicPricer a ještě nějaký SPYHunter. Celý počítač pracuje pomaleji. Díky za pomoc předem.

Logfile of random's system information tool 1.08 (written by random/random)
Run by pavilion at 2014-05-15 17:00:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 579 GB (62%) free of 940 GB
Total RAM: 4095 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:01:12, on 15.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\pavilion\AppData\Local\Viber\Viber.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\kp\windowsclock.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\pavilion.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ1
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll
O3 - Toolbar: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - (no file)
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [4-Day Forecast] "C:\Program Files (x86)\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe" /Startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Windows Clock] "C:\Program Files (x86)\kp\windowsclock.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Hobbyist Software VLC Streamer] "C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe" /startup
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Viber] "C:\Users\pavilion\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\pavilion\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\pavilion\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\pavilion\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\pavilion\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\pavilion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\pavilion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E4E700BA-0678-4F3E-975B-9203E9E5566E}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\bandoo\bndhook.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bandoo Coordinator - Unknown owner - C:\Program Files (x86)\Bandoo\Bandoo.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16220 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe" -s
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\Microsoft LifeCam\MSCamS64.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2536
"C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe" -s
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4f0cb71d-e54a-4db4-b413-b340b25aca76 -SystemEventPortName:HostProcess-7eb4a4cd-2ad3-4d74-9ea7-7a3a8580435e -IoCancelEventPortName:HostProcess-260978cf-052d-43a4-b5c7-f9eb08697140 -NonStateChangingEventPortName:HostProcess-068a7331-a9c0-41c9-9630-ac04ca9ef258 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6631c002-cb0c-4b33-bfbf-54468fd3edcd -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"
"C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe" /startup
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"C:\Users\pavilion\AppData\Local\Viber\Viber.exe" StartMinimized
"C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe"
HydraDM64.exe -h:131456 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\kp\windowsclock.exe" /r
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart C5100 series#1313510261" -Startup
"C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe" -scan -tt_on
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files\GamePark2\gpcl.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7480.0.1184639175\2032042413" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,1,14,27 --gpu-vendor-id=0x1002 --gpu-device-id=0x68f9 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=9.12.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Control/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --enable-software-compositing --channel="7480.2.2086188630\90529797" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Control/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --enable-software-compositing --channel="7480.3.1381369573\1400590393" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Control/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --enable-software-compositing --channel="7480.4.2044311396\1211714934" /prefetch:673131151
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Control/FlashHardwareVideoDecode/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/ --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --enable-software-compositing --channel="7480.14.383579613\1772324570" /prefetch:673131151
C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
{B38E9CFE-8761-4231-A4BA-BF4DF3497DCA}
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-abf0473d-404d-418d-af25-5980f90bf556 -SystemEventPortName:HostProcess-7173edb3-27b2-46b5-9269-f4a6459ed067 -IoCancelEventPortName:HostProcess-3b48c62a-7faf-489b-972c-3e9afb3e636b -NonStateChangingEventPortName:HostProcess-63338d70-4e4a-45e8-80b7-0b42a4d1803d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:82fc9e5f-1e45-4ccd-80c7-e22401dbfd83 -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-98c5ad50-3e4e-4964-97f9-7070ce5830b1 -SystemEventPortName:HostProcess-4768491b-3064-4e98-be80-0dca32fcd312 -IoCancelEventPortName:HostProcess-6ae3ece6-cb76-4bda-8816-50e8e0a2e965 -NonStateChangingEventPortName:HostProcess-c087032b-a96e-4296-a517-9bc3cab213ab -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a919d45d-b49f-4e6a-bdf8-1fc29227795d -DeviceGroupId:
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\pavilion\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {699DD75A-EB0B-4364-80F8-D766CF1EA4CC}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2484980351-1062422368-565276184-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2484980351-1062422368-565276184-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14 6307960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-04 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
Searchqu Toolbar - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2012-02-27 88976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9C42510-9B41-42c1-9DCD-7282A2D07C61}C]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YTD Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2012-02-27 88976]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} -
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2010-09-15 611896]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"IntelliPoint"=c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-08-01 2417032]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Hobbyist Software VLC Streamer"=C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe [2014-04-23 1183048]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2010-09-08 393216]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2013-11-20 59720]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2013-11-20 59720]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"Viber"=C:\Users\pavilion\AppData\Local\Viber\Viber.exe [2013-12-02 936456]
""= []
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\pavilion\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"=C:\Windows\system32\cmd.exe [2010-11-20 345088]
"Uninstall C:\Users\pavilion\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"=C:\Windows\system32\cmd.exe [2010-11-20 345088]
"Uninstall C:\Users\pavilion\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"=C:\Windows\system32\cmd.exe [2010-11-20 345088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-09 54576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-06-20 2736128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup]
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Total CMA Pack]
C:\Program Files (x86)\Total CMA Pack\Total CMA Pack.exe [2009-09-01 43255]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^pavilion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2010-09-28 664600]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2010-08-30 61112]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2010-12-13 135536]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-02-12 43848]
"4-Day Forecast"=C:\Program Files (x86)\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe [2008-11-10 1060864]
""= []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Windows Clock"=C:\Program Files (x86)\kp\windowsclock.exe [2012-01-08 1024512]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-02-21 152392]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-12-30 52920]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-05-15 17:00:47 ----D---- C:\rsit
2014-05-14 21:52:58 ----A---- C:\Windows\wininit.ini
2014-05-14 21:07:18 ----A---- C:\autoexec.bat
2014-05-14 21:06:30 ----D---- C:\Program Files\Enigma Software Group
2014-05-14 21:05:31 ----D---- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-05-14 20:48:25 ----D---- C:\ProgramData\formatpart
2014-05-14 20:48:13 ----D---- C:\ProgramData\explauncher
2014-05-14 20:48:11 ----D---- C:\ProgramData\launcher
2014-05-14 20:46:53 ----D---- C:\Program Files (x86)\Paragon Software
2014-05-14 20:40:03 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2014-05-07 03:01:19 ----SD---- C:\Windows\system32\CompatTel
2014-05-06 20:54:10 ----A---- C:\Windows\system32\aepdu.dll
2014-05-06 20:54:10 ----A---- C:\Windows\system32\aeinv.dll
2014-05-04 03:00:27 ----A---- C:\Windows\system32\mshtml.dll
2014-05-04 03:00:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-03 22:55:31 ----D---- C:\ProgramData\SNT
2014-05-03 22:55:30 ----D---- C:\Program Files (x86)\SNT
2014-05-03 22:54:55 ----D---- C:\ProgramData\MiniApp
2014-05-03 22:54:04 ----D---- C:\ProgramData\YoutubeAdblocker
2014-05-03 22:54:02 ----D---- C:\Program Files (x86)\YoutubeAdblocker
2014-05-03 22:53:43 ----D---- C:\ProgramData\saavea net
2014-05-03 22:53:37 ----D---- C:\Program Files (x86)\saavea net
2014-05-03 22:53:08 ----D---- C:\ProgramData\82e8460c024ea8c0
2014-04-30 03:02:14 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-04-30 03:02:14 ----A---- C:\Windows\system32\ieui.dll
2014-04-30 03:02:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-04-30 03:02:00 ----A---- C:\Windows\system32\vbscript.dll
2014-04-30 03:01:50 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-30 03:01:50 ----A---- C:\Windows\system32\iernonce.dll
2014-04-30 03:01:50 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-30 03:01:50 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-30 03:01:48 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-30 03:01:47 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-04-30 03:01:47 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-30 03:01:47 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-30 03:01:46 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-04-30 03:01:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-04-30 03:01:46 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-04-30 03:01:46 ----A---- C:\Windows\system32\msrating.dll
2014-04-30 03:01:46 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-30 03:01:46 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-30 03:01:45 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-04-30 03:01:44 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-04-30 03:01:44 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-04-30 03:01:44 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-04-30 03:01:44 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-04-30 03:01:44 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-30 03:01:44 ----A---- C:\Windows\system32\iesetup.dll
2014-04-30 03:01:40 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-04-30 03:01:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-04-30 03:01:39 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-04-30 03:01:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-30 03:01:39 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-30 03:01:38 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-30 03:01:38 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-30 03:01:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-04-30 03:01:36 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-04-30 03:01:36 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-04-30 03:01:36 ----A---- C:\Windows\system32\wininet.dll
2014-04-30 03:01:36 ----A---- C:\Windows\system32\urlmon.dll
2014-04-30 03:01:36 ----A---- C:\Windows\system32\iertutil.dll
2014-04-30 03:01:33 ----A---- C:\Windows\system32\ieframe.dll
2014-04-30 03:01:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-04-30 03:01:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-04-30 03:01:29 ----A---- C:\Windows\system32\jscript9.dll

======List of files/folders modified in the last 1 months======

2014-05-15 17:00:56 ----D---- C:\Program Files\trend micro
2014-05-15 17:00:52 ----D---- C:\Windows\Temp
2014-05-15 17:00:19 ----HD---- C:\ProgramData\kp
2014-05-15 16:55:45 ----D---- C:\Windows\system32\config
2014-05-15 16:53:07 ----AD---- C:\Windows
2014-05-15 16:51:39 ----D---- C:\Windows\inf
2014-05-15 07:12:17 ----D---- C:\Windows\system32\catroot
2014-05-15 07:12:15 ----D---- C:\Windows\winsxs
2014-05-15 07:11:53 ----D---- C:\Windows\system32\catroot2
2014-05-15 00:21:53 ----SHD---- C:\Windows\Installer
2014-05-15 00:21:53 ----D---- C:\Windows\system32\Tasks
2014-05-15 00:21:51 ----SHD---- C:\Config.Msi
2014-05-15 00:21:24 ----D---- C:\Windows\system32\drivers
2014-05-15 00:20:25 ----SHD---- C:\System Volume Information
2014-05-14 23:10:25 ----D---- C:\Users\pavilion\AppData\Roaming\DAEMON Tools Lite
2014-05-14 23:10:25 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-05-14 23:09:05 ----D---- C:\Users\pavilion\AppData\Roaming\ViberPC
2014-05-14 23:06:27 ----D---- C:\Program Files (x86)
2014-05-14 21:53:30 ----HD---- C:\ProgramData
2014-05-14 21:52:59 ----D---- C:\Program Files (x86)\Common Files
2014-05-14 21:10:34 ----D---- C:\Windows\system32\drivers\etc
2014-05-14 21:08:53 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2014-05-14 21:06:30 ----RD---- C:\Program Files
2014-05-14 20:48:25 ----D---- C:\Windows\Logs
2014-05-14 20:47:30 ----AD---- C:\Windows\SysWOW64
2014-05-14 20:40:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-14 20:39:13 ----D---- C:\Windows\System32
2014-05-14 20:39:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-11 12:40:43 ----D---- C:\ProgramData\PDFC
2014-05-04 00:24:00 ----D---- C:\Windows\Tasks
2014-05-03 23:47:34 ----SD---- C:\ProgramData\Microsoft
2014-05-03 23:35:09 ----D---- C:\Windows\system32\wfp
2014-05-03 23:35:02 ----D---- C:\Windows\system32\wbem
2014-05-03 23:34:04 ----D---- C:\Windows\system32\DriverStore
2014-05-03 23:33:12 ----D---- C:\Program Files (x86)\Microsoft
2014-05-03 23:32:56 ----D---- C:\Windows\registration
2014-05-03 23:32:22 ----D---- C:\Users\pavilion\AppData\Roaming\Winamp
2014-05-03 23:31:58 ----RD---- C:\Users
2014-05-03 23:03:08 ----D---- C:\Windows\debug
2014-04-30 03:20:23 ----D---- C:\Windows\SYSWOW64\fr-FR
2014-04-30 03:20:23 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-04-30 03:20:23 ----D---- C:\Program Files\Internet Explorer
2014-04-30 03:20:22 ----D---- C:\Windows\SYSWOW64\en-US
2014-04-30 03:20:21 ----D---- C:\Windows\system32\fr-FR
2014-04-30 03:20:20 ----D---- C:\Windows\system32\en-US
2014-04-30 03:20:20 ----D---- C:\Windows\system32\cs-CZ
2014-04-30 03:20:20 ----D---- C:\Windows\PolicyDefinitions
2014-04-30 03:20:20 ----D---- C:\Program Files (x86)\Internet Explorer
2014-04-28 22:09:37 ----D---- C:\Users\pavilion\AppData\Roaming\Skype
2014-04-27 16:21:44 ----D---- C:\Program Files (x86)\Hobbyist Software
2014-04-25 05:08:58 ----D---- C:\Program Files (x86)\kp
2014-04-24 20:51:50 ----RD---- C:\Program Files (x86)\Skype
2014-04-24 20:51:35 ----D---- C:\ProgramData\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-08-13 75904]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-08-13 38016]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie64.sys [2010-03-10 16440]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-10-31 381440]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 11278336]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 552960]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2011-08-01 52584]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2013-04-09 91648]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-09-07 2484072]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-12-13 36720]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2012-12-06 2350176]
R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S2 Ca1528av;SPCA1528 Video Camera Service; C:\Windows\System32\Drivers\Ca1528av.sys [2008-12-17 533760]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 Bulk1528;SPCA1528 Still Camera Service; C:\Windows\System32\Drivers\Bulk1528.sys [2009-10-20 17792]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-12-21 34144]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-09-12 57856]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS [2013-02-05 37344]
S3 GemCCID;GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [2009-08-10 119680]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-07-04 982016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 203672]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 240640]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe [2007-12-12 65536]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-06-20 73728]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-12-13 194416]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-09-28 1119768]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-01-02 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2014-01-25 214520]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe [2007-12-12 1531989]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-02-21 641352]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S2 Bandoo Coordinator;Bandoo Coordinator; C:\Program Files (x86)\Bandoo\Bandoo.exe []
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-04 136176]
S2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-01-10 1512640]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-04 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-16 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 15 kvě 2014 16:38

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Daveson · #3 Příspěvek od **Daveson** » 15 kvě 2014 16:57

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by pavilion on źt 15.05.2014 at 17:41:29,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\browserconnection.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dnsbho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bandoo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchqumediabartb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnsbho.bho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnsbho.bho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetupv1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetupv1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\searchqumediabar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\searchqumediabar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\setupdatamngr_searchqu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\setupdatamngr_searchqu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchqu toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DynamicPricerInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DynamicPricerInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DynamicPricer_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DynamicPricer_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DynamicPricerInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DynamicPricerInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DynamicPricer_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DynamicPricer_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9C42510-9B41-42c1-9DCD-7282A2D07C61}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C9C42510-9B41-42c1-9DCD-7282A2D07C61}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\snt"
Successfully deleted: [Folder] "C:\ProgramData\youtubeadblocker"
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\pavilion\AppData\Roaming\bandoo"
Successfully deleted: [Folder] "C:\Users\pavilion\AppData\Roaming\searchqutoolbar"
Successfully deleted: [Folder] "C:\Users\pavilion\appdata\locallow\bandoo"
Successfully deleted: [Folder] "C:\Users\pavilion\appdata\locallow\search settings"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\Program Files (x86)\snt"
Successfully deleted: [Folder] "C:\Program Files (x86)\windows searchqu toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\youtubeadblocker"
Successfully deleted: [Folder] "C:\Program Files (x86)\ytd toolbar"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{002A0896-6714-495E-A6FF-9B9D70352E7F}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{010143CE-0843-4BFC-9A55-75A2C0D4BBA6}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{02B62C93-FA55-4D46-9EBB-130107417092}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{03B010CA-7161-4857-A7BD-7443C508ACD5}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{03D50F14-BD17-4C36-B2F0-2CA9512A6E33}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{04A68C47-A2E7-448C-B755-4B8534D9F618}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{04A9E3F3-AD19-4F5F-A790-2B185058D058}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{04B07A2C-86B9-4E93-A5FE-533AF39626F6}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{05A5280D-1139-444E-9C4E-796ADA51377D}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{05F6FA8E-7B59-43A2-8A1E-222D52BC05F4}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{06824E02-E1A0-4844-A18E-6F5352DA59C0}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{08330988-2EC2-4349-A22F-0AE126D27AC4}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{08E63BD4-C46B-4557-9698-49662CE466EE}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{098500F5-0C07-433B-9F02-22FD08E1D7F7}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{0B9F6853-D073-4BAF-8693-F61E73C2D16A}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{0D234629-1F89-4561-9A3A-898E6ECD4D7F}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{1087758B-74B5-48BC-B7FB-3BC7D6615B4D}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{112BF99A-E23F-40B3-91A1-5166ABFE5A41}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{12639F2F-C66E-4661-A062-E7C44B605CEE}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{140B23AF-C64D-4A9C-B61A-D5DA72447D09}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{14A1B865-E464-482A-8FD6-F914C68AF469}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{14CC5F13-9386-4FFE-825D-71611BD8C31C}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{16D91752-D8B1-430B-A871-9B6C3ED00DF5}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{17149125-5985-4E00-A5DC-2314BED253A9}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{17ACBBFF-FBF8-424D-A4F6-844A7F36A8AD}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{17BCA76E-AC8F-46C3-986C-3E343150317A}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{1C5D5DC7-91C8-46D6-8C83-D9FC3D29A0F9}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{1D2E1468-5622-4A5B-BCD5-8D9ECFDE7010}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{1DA38E47-EC49-4E37-908B-4923BCF9DB22}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{1E10C1A9-6526-4FBE-B072-A2498F50B926}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{1EF4BA15-CB12-4CD2-8F07-B5BE4ADC8269}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{1FF9BB6A-9A16-4364-AEBD-126954EAB1ED}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{21EE9587-5492-4E18-8ABB-F094D28265A9}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{226C124B-35B3-4335-978A-3A614B3288E8}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{23127716-C585-40C3-8778-93ADFDE10DB1}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{23F31CCC-42E9-4497-9568-F99AA6B4FC18}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{24D4FDD9-D0A2-4433-8B21-6F3A6AF23CE1}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{2598F51B-D153-4131-B8A7-9D4B10F19CA1}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{265CAF34-051C-45FB-9A77-221CA69F158C}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{2801EBE3-6A76-4A52-A2F2-692C8392AD10}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{2AFD2DEA-01C4-4535-88E5-A469EA4FD7CE}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{2B1D8DC0-83E5-4DA1-B3D5-7BF065337929}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{2F3A88C5-530E-41E6-9697-3D91026F7DF0}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{30569A97-4092-473C-B1D8-5A2C82A09CCE}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{30E8F389-8851-4258-860F-C38CE9A86BAF}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{31F97500-D2F0-4E84-976B-1FA21E0B605A}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{323E05E6-6103-4E03-8C5F-DCFDCD6CCBF5}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{32498279-89C0-4D19-BA5A-C7372ED25290}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{33BAF05B-78FF-4958-9A7F-CAD2A8E9D501}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{34866A46-3A5C-423B-BAEB-CA42F22B67A9}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{349BB922-757C-4616-B856-B241BB9B9170}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{35236402-C453-4013-B618-83F0948C03AD}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{362F13E4-CE9D-46A0-9D81-64FC86D9E3CB}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{37C12B97-69E4-438A-AAF0-E4F71C2E92BB}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{39A77C18-C558-4F8A-BDBA-DF9B51AE6F01}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{39CFC636-3A82-4093-8FCD-56A3CBF0ABA6}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{3A132EE7-59E1-4DD8-B91B-2E12BF2E47AA}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{3AC0C9A4-C43F-481B-A5AC-1DF3A6E4943E}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{3AFACF8A-1760-4E9F-97FB-D73D47253171}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{3E819C39-DDFE-4D1F-B438-29050EF4B1F3}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{3F6378EF-A618-42EE-B97E-A8D23B99994D}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{3FF8014D-E107-4AC2-9E99-D7DF24B6B6FC}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{405BF664-E78C-4820-BCF7-D9C5A2065AFB}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{409DF3E2-C11A-451F-BB7D-BB3D209A59EC}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{4118A55A-0A9E-4F29-B20C-DE2DD5F0F18F}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{43F1CF41-8F6F-4C45-A2FF-A507C042048D}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{44801259-77D1-4895-A085-2A7873CA21C2}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{44C83D1E-23CC-4588-AF82-8EF3B8C707E0}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{451024F7-0CC6-43D5-B928-B81FA54DDD07}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{453742FA-88C4-40F6-8E31-A0F35FDD32EE}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{45A44C1F-F6A0-4106-8AED-9B761A044704}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{462DC76C-896E-4A01-8576-F463F572098B}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{462E07A0-E0D2-4DCA-8B3E-70ECA6D31668}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{4699EA61-32B0-4037-9AAC-5C45E7DF1EAE}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{4911B8E4-033F-46B2-B73A-A72BD720400B}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{497C3DBD-E840-4CD9-89FE-BCB4C2CB0685}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{4C939EF2-E5C5-4E61-934C-1CA4B36905CC}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{4DAD767D-DFF8-4B72-B479-6CA219867950}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{4DC6DD9A-33FA-44B6-A7BC-225F7B17BCE6}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{4E8917D0-9D93-487B-841A-F4E582E999E7}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{5056C1BD-21FD-4E64-9DDF-104AF73E75E3}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{52190646-7214-4FB7-A972-8D7FAFDE0815}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{53E6E8E9-7D18-4325-86E9-CE3232421B57}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{54AB87B4-E170-4A01-9226-0D597EBFD4D4}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{54B2E3B2-FFA6-4653-8A39-668895D5726A}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{54F4B003-5909-432B-8574-2F17A62E9FA6}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{55F19CEC-3D06-4550-AFB0-ED0010461737}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{579584EB-1B0A-449A-97FE-359FA4468ABC}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{5889B524-C092-493B-8BCE-D67FA9A0D476}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{59F3BABD-2B37-4FE0-8888-22742CED77FB}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{5A47FEC8-D528-42FD-8E63-68BB07A91BAB}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{5B311C6E-E096-45E6-BB86-248FD1E12706}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{5B7A89A1-20CF-43C9-9247-BBD6411EEA7D}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{5BE29C68-6C53-48DA-A7A8-52F20660DF03}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{5BFF24A0-F841-40E7-8F4F-F7E1C20E26FB}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{5D367F93-6D5B-450D-BBFC-9DF5A87DD661}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{5D3BF945-76DB-468F-A194-827816863937}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{5D3F93BE-1406-413E-AC5F-B2F67E0B00F2}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{5DFDFEC5-CBFA-4EEC-92C1-0AADD5F8F22D}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{5F07C45D-F179-4A2B-888E-FC9D7745F6F8}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{625C1FA6-0AAC-4A71-871B-DE8174DA81BE}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{62660938-4E1B-4DA1-9814-D0999F958DDE}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{6303258B-B275-4629-9D32-53D1E6AC7D41}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{634CF30A-7B61-4008-AF56-41E1F912ED9E}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{63D01BCA-AAAA-4058-A811-94B6F4EBDB18}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{63F38A52-AFB9-4275-8CCC-130732224AA6}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{6458CC9B-A067-44A2-86E1-2A544A8DB4DB}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{66691C12-A6FC-4EDC-8901-E067DBDA8BCA}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{669E05EA-77E7-4786-9451-0B35DF2993E6}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{6A155857-92A7-4956-A9F9-F06B3E1649A2}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{6E759F95-E902-4D7A-A2FC-668A10F49C09}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{6EAD4D94-13A5-4F51-9A49-07D5E3F2FBC5}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{6EFF10F9-BB7D-4F3D-A761-BE19EDDE53D9}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{6F90B7BF-E37C-4763-B9C1-324C5EB00DE3}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{703DE55E-AE2F-4818-A090-26D76384923F}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{70C1C836-C6A1-4C3B-B013-7A668FDF365E}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{71AC0D79-1945-4E07-B62D-085196920086}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{72F4EE2A-2A0F-47DA-95DB-8A9292B58BB9}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{73B66CE7-F7BD-469B-9B48-9A95DA73C7B0}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{73ED22CD-3FCB-4C62-AAA5-241BE47BC624}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{740CD07B-D705-4D62-A45F-07C822DB6610}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{7454F790-934D-44D1-9E31-27714139547C}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{76061E03-2540-4BE1-B869-6F82A26A3570}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{76D7B389-EC89-4FA9-8CE1-B67FBA698A69}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{792197B8-91EC-4BE3-85D5-3EAB8910F90D}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{7AD07F66-F214-4556-883A-ADDFA32C35CC}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{7AFF5266-CE47-4771-98B5-19839C993135}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{7B002055-CE98-4871-9850-1791C4B1F905}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{7CC3EE23-EAB1-4A4E-8CA3-E212C9D7386F}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{7CF1D609-0C38-4B68-BCC0-3FE621B341B9}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{7DCCEDE6-0861-4EFB-AD6A-367E11C1DDB0}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{7E793F03-EC54-462E-9316-C37C869FAF89}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{7F1B3E5D-C42A-429F-9DBC-8318F5FC9CC7}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{7F32530D-17D2-447C-93DB-FE29947C72EE}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{7F83219F-8937-45C8-AF5E-4FE2C3CE0FE2}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{80218705-704C-4DB7-A37A-78F82FC0614D}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{802CD3FC-75BD-4F0F-BB95-EB6CABE718F3}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{80F978C7-7B23-44B5-BE3F-A99796FA9D36}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{837E1635-4A11-4F8E-B042-317E5F306B28}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{85F99A52-C561-41BC-B347-FB1AD5FE832E}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{86096395-EDCC-492A-AABD-23DBC28ACA9B}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{865DD867-81CA-4EF8-A7E4-0195A5E9946F}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{867C482C-0DC7-48A3-8BDB-AF5120B01C01}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{8696D7C2-3D3C-4D75-9DAD-5F5DD63AE62D}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{87DEF624-616F-42D2-A09B-A05AC157AD6E}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{887CB4CA-FBDC-4F9D-9C46-AB24BD019220}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{88910273-236D-4B2B-A2AA-3611E5B9E408}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{88D6546A-3FF4-41BD-9684-7CA0B85CB580}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{891A4D46-D5F8-4692-8918-4534F20F04AB}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{8BC397A8-DB8E-4C88-B657-53B184804D17}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{8C59A595-9DCC-47E6-97C3-FCB70796642D}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{8C8864B0-3F30-4062-8052-9D9D00E92CBF}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{8CDBF793-82ED-499A-AC4D-44655384E2DB}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{8F29700F-7D61-4556-9345-DDDDFFB2E899}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{8F44A347-5A91-4A43-95F4-ED13E8724064}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{8F6300D7-AC31-4EC1-8A3A-5F92F5602F10}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{90050877-984E-44D2-B48E-8CFA5086B4E2}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{906AC460-0C1D-4812-8358-EA39A63EB5D3}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{91C25A19-7204-4B37-B028-54E1411558DA}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{91D73AC5-3D2C-4BDE-BC10-A3295E6133FF}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{94C1C86C-4F16-4A00-B275-83B6627A3A02}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{957D2960-A6A2-410B-A6D2-2DA224C757A4}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{9715FBEB-EEC5-4F27-A7F3-68A5D29AA420}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{979B9A4C-C50F-40B8-925A-D37F10EF3EBF}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{9A3D8FB4-67D4-4594-BE1B-A5440BB1E709}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{9BBBDA09-8F7C-4423-BD40-84E9FFFE32F2}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{9BD5019E-F878-47E3-ADE5-4095E7BCD55A}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{9C05BD47-32E0-4144-A1C1-40D3D083431F}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{9C299120-7B05-41D7-BD5A-02FFB929675F}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{9CA72D73-8B8F-46A9-8C9E-2772001D8937}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{9D583D94-7E96-46D4-8999-80DBC335295A}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{9DA26F17-D2FE-4814-A051-C3A3BD7254AC}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{9F0E5C52-6FED-4040-B5E0-130184D17CB5}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{A096A4AC-AF34-43F6-9B88-BA9E766A12AB}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{A0B6CDF9-13C1-424F-853E-C809512EAEC4}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{A0CA2954-9E82-45F0-B5FB-9D56145D8DA5}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{A1535E49-BCE2-4A7A-AAEA-AA8627362B3B}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{A19D159F-6E4B-4FF3-B18D-1B18B9DB4878}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{A1BACC81-0AA0-44B6-8D7A-6D0FBE3A3462}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{A1E2E138-7B6A-407C-934B-AAC5FA2A7539}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{A3967234-FA5E-4DF4-91FD-23052B35BEF0}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{A7BCA98F-5D45-4E2C-BDCF-762AE329CA9B}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{ABDBE617-A632-44EC-BC3B-763519669006}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{AE5654FB-0626-493D-B559-95028B74C04E}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{AF691639-C210-4B98-8E98-DA884E0D82B8}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{AFB26AA9-E9B3-40EF-BFF3-6C0EDE59218D}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B023137C-8349-4501-A3CA-9A4288310140}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B1877D1F-344B-4576-9B3A-A7F92607BCCF}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B1994E1A-9181-4493-BE5D-F30F5FA835C4}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B1999C51-0F4A-4277-9627-1B6B34E931E6}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B19B3F3D-876A-48F6-9046-516898422C09}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B1D8A59F-015E-4D77-A61A-D325D3DA69AB}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B2B59DA8-AC8E-4424-B25E-C5AA30597DF3}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B2DB6A4E-9CFE-4B07-83A3-F98EFC6EB27C}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B2FFC684-20CD-473D-B064-8DBCF27DB775}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B3599D82-0A1A-4515-9C1E-CD09943CC26B}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B46185C7-AB20-486E-886E-D414038BA9B1}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B46A433A-FDD5-47B2-B5A9-214B7D2B9492}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B46C3FD4-5A22-454A-BFC4-BA7B0E79C3A6}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B48B6498-5AEB-4A2D-9283-484BA48921B0}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B581CA5C-1A52-46D2-8B6A-DABC69856C0E}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B6CAD3F9-A90C-4575-950C-8481B2253206}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B7659B8D-83F6-40E3-8286-C52BC9BCC355}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{B96D0F65-DA91-4034-88D6-2BF71346B0E0}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{BA704906-6CB1-426B-AEFE-9C6CEF8C5A19}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{BAAF49E0-CE11-4726-A039-B129AA0DB816}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{BDFE971C-6B53-4510-B40C-ADADD9BB67C6}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{C11FCFD3-9562-4241-A299-E3157636B1B2}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{C22BCA50-0D42-44F0-B0FB-89FD59AF6E8B}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{C22E4FA0-4E33-4727-B0E3-1F78A44E5E42}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{C35F8443-AD9C-461E-A3D8-E5D0C8253B09}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{C49FFE42-8F15-4040-98C4-487616927C61}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{C5D4108C-663E-4631-BA1C-81898943CBD2}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{C5FD9788-7405-487E-B7DD-6C1995A450ED}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{C6826E6D-5FCC-4E1D-A2B7-1C7AAFB91317}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{C70DB281-9B74-4661-93EE-8953F0E9372C}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{C88D5ACF-AAC8-4F8A-8BCD-605202872F41}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{C8C269EB-DC0E-43A8-AC73-8FD03FD4DE2C}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{C98E6CF8-2F80-48F0-9AD9-EF4335B889C1}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{C9F34FE0-14FA-4398-A6B9-30BB3A24CC85}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{CA238E65-44FA-4B22-A605-B845186A0C72}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{CA98EC66-6E1B-4063-866F-26D2CF697104}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{CC9725C9-490F-4DEC-B67F-FDAE3B5765F2}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{CCB5CC31-D938-4FA4-A2D5-35C1C064F8CC}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{CE4D524E-FA29-4D07-A75D-F9D92A1A3A89}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{CE986713-796C-46D6-A5F3-1B8871A18551}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{CFE33701-ED12-47EE-BA1F-BC2010D4AFFC}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{D02EA7A8-ABD5-4EDE-A67A-C8DB6632EDB4}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{D05161E0-D2C9-4329-860A-37ECFDBBE09F}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{D18BB891-D24A-43A7-80D0-7A815C1574AA}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{D2351483-D025-46A1-8597-7723D358BBCB}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{D2CA60B6-ED11-47C0-80A2-D0F9AEACAAB8}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{D2EE5397-71D2-4A48-A22C-9EF1063B1ADB}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{D3986FBE-6D78-4A46-82A4-AE7C8959D8E9}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{D87ECEA7-54A2-4EFD-B008-F013B13515D1}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{D9C67A1E-20BC-4DA5-82F8-B3CC5351B41A}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{DD3BDD77-8A28-43AC-9E4D-28B065F44D88}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{DDB980B4-E3A2-4BE5-BCCC-7430E60A9C0E}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{DDD21455-702C-4394-9214-8608A254E79D}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{E081E360-8D61-4413-8655-49FADE043361}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{E0FC312E-6A60-4F08-AC75-A9323AF1961C}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{E324AF0F-58B6-41D4-AD95-D3DD772C39F3}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{E4933334-D61B-449D-AE59-18B9E0E48B41}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{E4A4F346-3892-46AB-9B7A-47FA6A6792D9}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{E56EC1E9-37C9-4A23-8D57-CC08F37B75D6}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{E604C1A1-459B-4EB9-BC93-D205A1A86169}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{E66C5262-A08B-4D2D-861D-540C7507DCD8}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{E794DFBF-A545-4871-8329-554DA3A7B7E6}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{E7F0985E-E1B0-4958-853E-1DADF43ED6E6}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{E875332A-364A-4FE0-BD17-6CFC26E477F0}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{E8FF0765-09A0-4F95-9D8B-197028648218}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{E903609A-3DE0-4BFE-A421-12F5728DC9CD}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{ECA4E8F3-599C-48FC-9B08-7704EF21EFBF}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{ED641B96-2D2C-40CF-A34C-2F8B06374062}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{EF446C08-4FAB-4056-A7F0-E818C019A807}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{EF7C1558-8589-4A43-AEF1-90D0B5032811}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{F0959E3F-D049-4C4D-AF8A-4DAC8A2619B5}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{F0AD7FB9-8E14-40B1-BAD3-F53B1A0B30CB}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{F26438B6-B604-4163-ACCD-A6F269009106}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{F3114A52-A1C1-47AC-8B63-B0D4FAE27AC7}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{F33FE868-D443-41C5-AB92-DB71CE7CF299}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{F3E4B430-E514-4D30-9BC7-319A1CF79A0C}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{F3FBB888-9663-4055-B4C3-7854B11621A6}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{F3FF4521-74D6-4062-94E9-7C756272ECFE}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{F44CE08F-4652-49AB-9D9D-63E28C005C64}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{F56C4EC2-4F38-4C77-B8A4-A30C4691F3DE}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{F623EB50-836E-4E9F-BAC3-CC309C281EEF}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{F744310F-6018-47B8-BDF3-1149D994E0EC}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{F7B6FA01-1035-4FBC-B76F-70432789B749}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{F8314485-A7E7-41C6-A41F-861C2DBAF144}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{F9FC6101-F2F1-4240-987C-39EA5D42C16B}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{FD91A582-B3DD-46F2-9991-C399C6E54112}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{FEF66539-2551-4E19-809E-BEF7704E5E54}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{FFB97E62-D4F2-4532-8E12-285A3C4D2574}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{FFC86B64-BC0D-4C65-B0F5-84A91CDE1C12}
Successfully deleted: [Empty Folder] C:\Users\pavilion\appdata\local\{FFC87D1D-9326-4C71-96E8-15E8EA20BAFB}

~~~ FireFox

Successfully deleted: [File] C:\Users\pavilion\AppData\Roaming\mozilla\firefox\profiles\m96dmin3.default\searchplugins\search_results.xml
Successfully deleted: [Folder] C:\Users\pavilion\AppData\Roaming\mozilla\firefox\profiles\m96dmin3.default\searchqutoolbar
Failed to delete: [Folder] C:\Users\pavilion\AppData\Roaming\mozilla\firefox\profiles\m96dmin3.default\extensions\wtxpcom@mybrowserbar.com
Failed to delete: [Folder] C:\Users\pavilion\AppData\Roaming\mozilla\firefox\profiles\m96dmin3.default\extensions\youtubedownloader@mybrowserbar.com
Failed to delete: [Folder] C:\Users\pavilion\AppData\Roaming\mozilla\firefox\profiles\m96dmin3.default\extensions\ytd@mybrowserbar.com
Failed to delete: [Folder] C:\Users\pavilion\AppData\Roaming\mozilla\firefox\profiles\m96dmin3.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}
Successfully deleted: [Folder] C:\Users\pavilion\AppData\Roaming\mozilla\firefox\profiles\m96dmin3.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 15.05.2014 at 17:50:11,16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Daveson · #4 Příspěvek od **Daveson** » 15 kvě 2014 17:18

# AdwCleaner v3.208 - Report created 15/05/2014 at 18:03:42
# Updated 11/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : pavilion - PAVILION-HP
# Running from : C:\Users\pavilion\Desktop\adwcleaner_3.208.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Bandoo Coordinator

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\saavea net
Folder Deleted : C:\Program Files (x86)\saavea net
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\pavilion\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\pavilion\AppData\Local\PackageAware
Folder Deleted : C:\Users\pavilion\AppData\Local\torch
Folder Deleted : C:\Users\pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\m96dmin3.default\Extensions\tismeo.uye@gikgm-.co.uk
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm
Folder Deleted : C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm
File Deleted : C:\Users\pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\m96dmin3.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Users\pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\m96dmin3.default\Extensions\wtxpcom@mybrowserbar.com
File Deleted : C:\Users\pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\m96dmin3.default\searchplugins\ask-search.xml

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F3FEE66E-E034-436A-86E4-9690573BEE8A}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2101}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Search Settings
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Mozilla Firefox v5.0.1 (cs)

[ File : C:\Users\pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\m96dmin3.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://eu.ask.com/?l=dis&o=APN10462&gct=hp&apn_ptnrs=^AKM&apn_dtid=^zzz002^YY^CZ&tpid=ATU4&apn_dbr=cr_22.0.1229.79&apn_uid=2C34E685-9CDE-4DF4-9CEF-00EE3BFA5176&i[...]

-\\ Google Chrome v33.0.1750.117

[ File : C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=250&systemid=406&sr=0&q={searchTerms}
Deleted [Search Provider] : hxxp://www.search.ask.com/web?p2=%5EB1V%5Epfm0 ... earchTerms}
Deleted [Search Provider] : hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=688&r=2014/05/03&hid=18266315595268630661&lg=EN&cc=CZ&unqvl=51
Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=0&systemid=101&sr=0&q={searchTerms}
Deleted [Extension] : dolanjbedihplbccjecmpdcihbfkikhm
Deleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk

*************************

AdwCleaner[R0].txt - [6106 octets] - [15/05/2014 17:59:19]
AdwCleaner[S0].txt - [6044 octets] - [15/05/2014 18:03:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6104 octets] ##########

#5 Příspěvek od **vyosek** » 15 kvě 2014 17:26

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Daveson · #6 Příspěvek od **Daveson** » 15 kvě 2014 18:00

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by pavilion on źt 15.05.2014 at 18:34:14,36.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\pavilion\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

15.5.2014 18:37:21 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Possible Rootkit Infection ======================

C:\Windows\installer\{da14a9f1-7626-b6c0-6c00-736b73900450}\U

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2484980351-1062422368-565276184-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FB5531DC-4C79-486C-8A04-2D094CB94C29} deleted successfully
HKEY_USERS\S-1-5-21-2484980351-1062422368-565276184-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9C42510-9B41-42c1-9DCD-7282A2D07C61} deleted successfully
HKEY_USERS\S-1-5-21-2484980351-1062422368-565276184-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C9C42510-9B41-42c1-9DCD-7282A2D07C61} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2484980351-1062422368-565276184-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ff-bmboc@bytemobile.com deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\m96dmin3.default\prefs.js:
user_pref("browser.search.defaultengine", "Ask Search");user_pref("browser.search.defaultenginename", "Yahoo");
user_pref("browser.search.selectedEngine", "Yahoo");
user_pref("browser.search.order.1", "Ask Search");

Added to C:\Users\pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\m96dmin3.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\m96dmin3.default

user.js not found
---- Lines Search modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"msntoolbar@msn.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\
---- FireFox user.js and prefs.js backups ----

prefs_15.05.2014_1846_.backup

==== Deleting Files \ Folders ======================

C:\Windows\syswow64\appdata deleted
C:\Users\pavilion\AppData\LocalLow\{04E9FE82-41B6-3166-3DD7-A05420283E55} deleted
C:\Users\pavilion\AppData\LocalLow\{6C629C17-717E-3DAA-2626-A488E7B81EEA} deleted
C:\Users\pavilion\AppData\LocalLow\{ADF7F5C0-B0BE-0374-A090-35B06C7C89AA} deleted
C:\Users\pavilion\AppData\Local\Packages\windows_ie_ac_001\AC\{04E9FE82-41B6-3166-3DD7-A05420283E55} deleted
C:\Users\pavilion\AppData\Local\Packages\windows_ie_ac_001\AC\{6C629C17-717E-3DAA-2626-A488E7B81EEA} deleted
C:\Users\pavilion\AppData\Local\Packages\windows_ie_ac_001\AC\{ADF7F5C0-B0BE-0374-A090-35B06C7C89AA} deleted
C:\found.000 deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\isRS-000.tmp deleted
C:\Windows\wininit.ini deleted
C:\Users\pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\m96dmin3.default\extensions\ouu6vj@eiaauyamrvi.co.uk deleted
"C:\Users\pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\m96dmin3.default\extensions\youtubedownloader@mybrowserbar.com" deleted
"C:\Users\pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\m96dmin3.default\extensions\ytd@mybrowserbar.com" deleted
"C:\PROGRA~3\82e8460c024ea8c0\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted
"C:\PROGRA~3\82e8460c024ea8c0\{7DD5E91C-3864-77EC-7635-D14910C2A03E}" deleted
"C:\PROGRA~3\82e8460c024ea8c0\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}" deleted
"C:\PROGRA~3\82e8460c024ea8c0\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}" deleted
"C:\PROGRA~3\82e8460c024ea8c0" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"DynamicPricer@dynamic-pricer.com"="C:\Users\pavilion\AppData\Local\DynamicPricer\Firefox\DynamicPricer.xpi" [04.05.2014 00:01]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [16.08.2011 17:29]

==== Firefox Extensions ======================

ProfilePath: C:\Users\pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\m96dmin3.default
- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
- Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
- Undetermined - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_5.0
- SNT - %ProfilePath%\extensions\mardjryi@rqbo-.net

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

==== Firefox Plugins ======================

==== Deleted Firefox Extensions ======================

C:\Users\pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\m96dmin3.default\extensions\mardjryi@rqbo-.net deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[14.05.2013 13:27]

saave. neT - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa
YoutubeAdblocker - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm
SNT - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hfbjfkffebegkffnonbehpbmidjnfcpl
TV for Google Chrome - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
saave. neT - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa
YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm
SNT - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hfbjfkffebegkffnonbehpbmidjnfcpl
TV for Google Chrome - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
saave. neT - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa
SNT - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfbjfkffebegkffnonbehpbmidjnfcpl
TV for Google Chrome - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
saave. neT - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm
SNT - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hfbjfkffebegkffnonbehpbmidjnfcpl
TV for Google Chrome - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
saave. neT - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa
YoutubeAdblocker - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm
SNT - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hfbjfkffebegkffnonbehpbmidjnfcpl
TV for Google Chrome - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
saave. neT - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa
YoutubeAdblocker - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm
SNT - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hfbjfkffebegkffnonbehpbmidjnfcpl
TV for Google Chrome - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
saave. neT - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa
SNT - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfbjfkffebegkffnonbehpbmidjnfcpl
TV for Google Chrome - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
saave. neT - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa
YoutubeAdblocker - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm
SNT - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hfbjfkffebegkffnonbehpbmidjnfcpl
TV for Google Chrome - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
saave. neT - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm
SNT - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hfbjfkffebegkffnonbehpbmidjnfcpl
TV for Google Chrome - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
saave. neT - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm
SNT - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hfbjfkffebegkffnonbehpbmidjnfcpl
TV for Google Chrome - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
saave. neT - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa
SNT - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfbjfkffebegkffnonbehpbmidjnfcpl
TV for Google Chrome - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
saave. neT - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm
SNT - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hfbjfkffebegkffnonbehpbmidjnfcpl
TV for Google Chrome - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
saave. neT - pavilion\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa
YoutubeAdblocker - pavilion\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm
SNT - pavilion\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hfbjfkffebegkffnonbehpbmidjnfcpl
TV for Google Chrome - pavilion\AppData\Local\Chromatic Browser\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
saave. neT - pavilion\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa
YoutubeAdblocker - pavilion\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm
SNT - pavilion\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hfbjfkffebegkffnonbehpbmidjnfcpl
TV for Google Chrome - pavilion\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
AdBlock - pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
TV for Google Chrome - pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe
Skype Click to Call - pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
saave. neT - pavilion\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa
YoutubeAdblocker - pavilion\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm
SNT - pavilion\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hfbjfkffebegkffnonbehpbmidjnfcpl
TV for Google Chrome - pavilion\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe

==== Chrome Fix ======================

C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.amaizingsearches.info_0.localstorage-journal deleted successfully
C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_sd-card-recovery.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm deleted successfully
C:\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm deleted successfully
C:\Users\pavilion\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm deleted successfully
C:\Users\pavilion\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm deleted successfully
C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm deleted successfully
C:\Users\pavilion\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dolanjbedihplbccjecmpdcihbfkikhm deleted successfully
C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dolanjbedihplbccjecmpdcihbfkikhm_0.localstorage deleted successfully
C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dolanjbedihplbccjecmpdcihbfkikhm_0.localstorage-journal deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa deleted successfully
C:\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa deleted successfully
C:\Users\pavilion\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa deleted successfully
C:\Users\pavilion\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa deleted successfully
C:\Users\pavilion\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dgmhncficolphnnplbhfnfaahfaojgfa deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\pavilion\AppData\Local\Chromatic Browser\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\pavilion\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\pavilion\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe deleted successfully
C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licccgnfdlgmmmgaddmbcepikfadcmpe_0.localstorage deleted successfully
C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licccgnfdlgmmmgaddmbcepikfadcmpe_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} Bing Url="http://www.bing.com/search?q={searchTer ... -SearchBox"

==== Reset Google Chrome ======================

C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\pavilion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D466D8A0 will be deleted at reboot
C:\Users\pavilion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WN7XH413 will be deleted at reboot
C:\Users\pavilion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZDSHWO2S will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=131 folders=109 1357388 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\pavilion\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\pavilion\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\pavilion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D466D8A0" not found
"C:\Users\pavilion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WN7XH413" not found
"C:\Users\pavilion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZDSHWO2S" not found

==== EOF on źt 15.05.2014 at 18:54:19,33 ======================

#7 Příspěvek od **vyosek** » 15 kvě 2014 18:27

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

Ulozte nejlepe na Plochu a rozbalte
Spustte kliknutim na mbar
Nyni postupne kliknete na Next a Update
Po dokonceni update (aktualizace) databaze kliknete opet na Next
Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
PC bude restartovan
Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

Daveson · #8 Příspěvek od **Daveson** » 15 kvě 2014 20:40

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.05.15.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17105
pavilion :: PAVILION-HP [administrator]

15.5.2014 20:22:42
mbar-log-2014-05-15 (20-22-42).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 308091
Time elapsed: 47 minute(s), 31 second(s)

Memory Processes Detected: 1
C:\Program Files (x86)\kp\windowsclock.exe (Keylogger.KeyProwler) -> 4936 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\WOW6432NODE\KEYPROWLER (Keylogger.KeyProwler) -> Delete on reboot.

Registry Values Detected: 1
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|Windows Clock (Keylogger.KeyProwler) -> Data: "C:\Program Files (x86)\kp\windowsclock.exe" /r -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 2
C:\Program Files (x86)\kp (Keylogger.KeyProwler) -> Delete on reboot.
C:\Windows\Installer\{da14a9f1-7626-b6c0-6c00-736b73900450}\U (Backdoor.0Access) -> Delete on reboot.

Files Detected: 5
C:\Program Files (x86)\kp\windowsclock.exe (Keylogger.KeyProwler) -> Delete on reboot.
C:\Program Files (x86)\SN.Booster (Trojan.SProtector) -> Delete on reboot.
C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Delete on reboot.
C:\Program Files (x86)\kp\unins000.dat (Keylogger.KeyProwler) -> Delete on reboot.
C:\Program Files (x86)\kp\unins000.exe (Keylogger.KeyProwler) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

#9 Příspěvek od **vyosek** » 16 kvě 2014 06:26

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Daveson · #10 Příspěvek od **Daveson** » 16 kvě 2014 08:31

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-05-2014
Ran by pavilion (administrator) on PAVILION-HP on 16-05-2014 09:28:04
Running from C:\Users\pavilion\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(The Firebird Project) C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(The Firebird Project) C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe
(AMD) C:\Windows\System32\atieclxx.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hobbyist Software) C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
() C:\Users\pavilion\AppData\Local\Viber\Viber.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(forum.viry.cz) C:\Users\pavilion\Desktop\FRSTLauncher (2).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] ()
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [664600 2010-09-28] (PDF Complete Inc)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-08-30] (EasyBits Software AS)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [4-Day Forecast] => C:\Program Files (x86)\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe [1060864 2008-11-10] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [Hobbyist Software VLC Streamer] => C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe [1185096 2014-05-12] (Hobbyist Software)
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-09-08] (AMD)
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [Viber] => C:\Users\pavilion\AppData\Local\Viber\Viber.exe [936456 2013-12-02] ()
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [] => [X]
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony)
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\MountPoints2: L - L:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\MountPoints2: {3507cd9b-c82a-11e0-a556-d48564a128fc} - K:\setup.exe
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\MountPoints2: {390e93c7-1b4b-11e3-80a4-d48564a128fc} - L:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\MountPoints2: {e259ce56-dba1-11e3-a0a3-d48564a128fc} - J:\Startme.exe
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\MountPoints2: {f91448a0-7478-11e3-9635-d48564a128fc} - J:\HTC_Sync_Manager_PC.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk
ShortcutTarget: GamePark klient 2.lnk -> C:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: No Name - {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C - No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-12-30] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{E4E700BA-0678-4F3E-975B-9203E9E5566E}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\pavilion\AppData\Roaming\Mozilla\Firefox\Profiles\m96dmin3.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\pavilion\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\pavilion\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-08-04]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-11-18]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} [2011-08-04]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2011-11-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-07-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-28]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-06-23]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-08-16]
FF HKLM-x32\...\Firefox\Extensions: [DynamicPricer@dynamic-pricer.com] - C:\Users\pavilion\AppData\Local\DynamicPricer\Firefox\DynamicPricer.xpi
FF Extension: DynamicPricer - C:\Users\pavilion\AppData\Local\DynamicPricer\Firefox\DynamicPricer.xpi [2014-05-04]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-08-16]

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR Extension: (Dokumenty Google) - C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-15]
CHR Extension: (Disk Google) - C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-15]
CHR Extension: (YouTube) - C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-15]
CHR Extension: (Vyhledávání Google) - C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-15]
CHR Extension: (AdBlock) - C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-15]
CHR Extension: (Skype Click to Call) - C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-15]
CHR Extension: (Peněženka Google) - C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe [65536 2007-12-12] (The Firebird Project)
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe [1531989 2007-12-12] (The Firebird Project)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2012-01-02] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [214520 2014-01-25] ()

==================== Drivers (Whitelisted) ====================

S3 Bulk1528; C:\Windows\System32\Drivers\Bulk1528.sys [17792 2009-10-20] (SunPlus)
S2 Ca1528av; C:\Windows\System32\Drivers\Ca1528av.sys [533760 2008-12-17] (Digital Camera)
S3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [34144 2010-12-21] (ESET)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [119680 2009-08-10] (Gemalto)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-10-31] (Duplex Secure Ltd.)
U3 aoh431po; C:\Windows\System32\Drivers\aoh431po.sys [0 ] (Advanced Micro Devices)
S3 SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-16 09:28 - 2014-05-16 09:28 - 00025508 _____ () C:\Users\pavilion\Desktop\FRST.txt
2014-05-16 09:27 - 2014-05-16 09:28 - 00000000 ____D () C:\FRST
2014-05-16 09:17 - 2014-05-16 09:17 - 00112640 _____ (forum.viry.cz) C:\Users\pavilion\Downloads\Nepotvrzeno 345138.crdownload
2014-05-16 09:17 - 2014-05-16 09:17 - 00112640 _____ (forum.viry.cz) C:\Users\pavilion\Desktop\FRSTLauncher (2).exe
2014-05-16 09:16 - 2014-05-16 09:16 - 00112640 _____ (forum.viry.cz) C:\Users\pavilion\Downloads\Nepotvrzeno 810053.crdownload
2014-05-16 08:13 - 2014-05-16 08:13 - 02067456 _____ (Farbar) C:\Users\pavilion\Desktop\FRST64.exe
2014-05-16 03:14 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 03:14 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 03:14 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 03:14 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 03:14 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 03:14 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 21:22 - 2014-05-15 21:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2014-05-15 21:22 - 2014-05-15 21:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-05-15 20:44 - 2014-05-15 20:44 - 00027760 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2014-05-15 20:44 - 2014-05-15 20:44 - 00014448 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2014-05-15 20:43 - 2014-05-15 20:43 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-05-15 20:42 - 2014-05-15 20:42 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-05-15 20:22 - 2014-05-15 20:22 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-15 20:22 - 2014-05-15 20:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-15 20:21 - 2014-05-15 21:27 - 00000000 ____D () C:\Users\pavilion\Desktop\mbar
2014-05-15 20:21 - 2014-05-15 20:21 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-15 20:02 - 2014-05-15 20:03 - 12589848 _____ (Malwarebytes Corp.) C:\Users\pavilion\Desktop\mbar-1.07.0.1009.exe
2014-05-15 19:17 - 2014-05-15 19:17 - 05426464 _____ () C:\Users\pavilion\Downloads\SuperAdBlocker (1).exe
2014-05-15 19:15 - 2014-05-15 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperAdBlocker.com
2014-05-15 19:15 - 2014-05-15 19:15 - 00000000 ____D () C:\Users\pavilion\AppData\Roaming\SuperAdBlocker.com
2014-05-15 19:12 - 2014-05-15 19:13 - 05426464 _____ () C:\Users\pavilion\Downloads\SuperAdBlocker.exe
2014-05-15 19:07 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-15 19:07 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-15 19:07 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-15 19:07 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-15 19:05 - 2014-05-15 19:07 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-15 18:51 - 2014-05-15 18:34 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-15 18:42 - 2014-05-15 18:49 - 00211974 _____ () C:\Windows\DPINST.LOG
2014-05-15 18:42 - 2014-05-15 18:42 - 00002060 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\ProgramData\Sony
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-05-15 18:36 - 2014-05-15 18:54 - 00027159 _____ () C:\zoek-results.log
2014-05-15 18:34 - 2014-05-15 18:49 - 00000000 ____D () C:\zoek_backup
2014-05-15 18:31 - 2014-05-15 18:31 - 01285120 _____ () C:\Users\pavilion\Desktop\zoek.exe
2014-05-15 18:31 - 2014-05-15 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Streamer
2014-05-15 18:05 - 2014-05-16 03:32 - 00026724 _____ () C:\Windows\PFRO.log
2014-05-15 17:59 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-15 17:58 - 2014-05-15 18:04 - 00000000 ____D () C:\AdwCleaner
2014-05-15 17:50 - 2014-05-15 17:50 - 00040214 _____ () C:\Users\pavilion\Desktop\JRT.txt
2014-05-15 17:41 - 2014-05-15 17:41 - 00000000 ____D () C:\Windows\ERUNT
2014-05-15 17:40 - 2014-05-15 17:40 - 01325827 _____ () C:\Users\pavilion\Desktop\adwcleaner_3.208.exe
2014-05-15 17:39 - 2014-05-15 17:40 - 01016261 _____ (Thisisu) C:\Users\pavilion\Desktop\JRT.exe
2014-05-15 17:00 - 2014-05-15 17:01 - 00000000 ____D () C:\rsit
2014-05-15 17:00 - 2014-05-15 17:00 - 00832273 _____ () C:\Users\pavilion\Downloads\RSITx64.exe
2014-05-15 16:53 - 2014-05-16 03:33 - 00003150 _____ () C:\Windows\setupact.log
2014-05-15 16:53 - 2014-05-15 16:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-15 07:12 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 07:12 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 07:12 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 07:12 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 07:12 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 07:12 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 07:12 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 07:12 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 07:12 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 07:12 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 07:12 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 07:12 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 07:12 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 07:12 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 07:12 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 07:12 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 07:12 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 07:12 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 07:12 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 07:12 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 07:12 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 07:12 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 07:12 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 07:12 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 07:12 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 07:12 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 07:12 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 07:12 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 07:12 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 07:12 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 07:12 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 07:12 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 07:12 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 07:12 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 07:12 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 07:12 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 07:12 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 07:12 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 07:12 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 07:12 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 07:12 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 07:12 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 07:12 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 07:12 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 07:12 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 21:12 - 2014-05-14 21:27 - 540982840 _____ () C:\Users\pavilion\Downloads\Ordinace-v-růžové-zahradě-2-díl-497-Pro-mně-jsi-hrdina.amoral.avi
2014-05-14 21:10 - 2011-09-11 21:19 - 00000098 _____ () C:\Windows\system32\Drivers\etc\hosts.20140514-211033.backup
2014-05-14 21:07 - 2014-05-14 21:07 - 00000000 _____ () C:\autoexec.bat
2014-05-14 21:06 - 2014-05-14 21:06 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-14 21:05 - 2014-05-15 00:21 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-05-14 20:56 - 2014-05-14 20:56 - 00003146 _____ () C:\Windows\System32\Tasks\{BAA220E9-57F1-4FE4-AC84-6E27817E2418}
2014-05-14 20:48 - 2014-05-14 20:48 - 00000000 ____D () C:\ProgramData\launcher
2014-05-14 20:48 - 2014-05-14 20:48 - 00000000 ____D () C:\ProgramData\formatpart
2014-05-14 20:48 - 2014-05-14 20:48 - 00000000 ____D () C:\ProgramData\explauncher
2014-05-14 20:46 - 2014-05-14 20:46 - 00000000 ____D () C:\Program Files (x86)\Paragon Software
2014-05-14 20:40 - 2014-05-14 20:40 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-07 03:01 - 2014-05-16 03:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-03 23:59 - 2014-05-04 00:01 - 00000000 ____D () C:\Users\pavilion\AppData\Local\DynamicPricer
2014-05-03 23:00 - 2014-05-03 23:00 - 00000000 __SHD () C:\Users\pavilion\AppData\Local\EmieUserList
2014-05-03 23:00 - 2014-05-03 23:00 - 00000000 __SHD () C:\Users\pavilion\AppData\Local\EmieSiteList
2014-05-03 22:54 - 2014-05-03 22:54 - 04210176 _____ () C:\Program Files (x86)\SN_x64.Booster
2014-05-03 22:54 - 2014-05-03 22:54 - 00000000 ____D () C:\ProgramData\MiniApp
2014-05-03 22:53 - 2014-05-03 22:53 - 00000000 ____D () C:\Users\pavilion\AppData\Local\Packages
2014-05-03 22:53 - 2014-05-03 22:53 - 00000000 ____D () C:\Users\pavilion\AppData\Local\Chromatic Browser
2014-05-03 22:53 - 2014-05-03 22:53 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-05-03 22:53 - 2014-05-03 22:53 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-05-03 22:53 - 2014-05-03 22:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\pavilion\AppData\Local\Comodo
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\Guest
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\Administrator
2014-04-30 03:02 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-30 03:02 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-30 03:02 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-30 03:02 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-30 03:01 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-30 03:01 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-30 03:01 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-30 03:01 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-30 03:01 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-30 03:01 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-30 03:01 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-30 03:01 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-30 03:01 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-30 03:01 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-30 03:01 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-30 03:01 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-30 03:01 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-30 03:01 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-30 03:01 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-30 03:01 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-30 03:01 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-30 03:01 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-30 03:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-30 03:01 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-30 03:01 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-30 03:01 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-30 03:01 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-30 03:01 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-30 03:01 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-30 03:01 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-30 03:01 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-30 03:01 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-30 03:01 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-30 03:01 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-30 03:01 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-30 03:01 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-30 03:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-30 03:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-30 03:01 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-30 03:01 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-30 03:01 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-30 03:01 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-30 03:01 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-30 03:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-24 20:52 - 2014-04-24 20:52 - 00000000 ____D () C:\Users\pavilion\AppData\Local\Skype
2014-04-24 20:51 - 2014-04-24 20:51 - 00002731 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-24 20:51 - 2014-04-24 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== One Month Modified Files and Folders =======

2014-05-16 09:28 - 2014-05-16 09:28 - 00025508 _____ () C:\Users\pavilion\Desktop\FRST.txt
2014-05-16 09:28 - 2014-05-16 09:27 - 00000000 ____D () C:\FRST
2014-05-16 09:20 - 2012-04-28 18:43 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2484980351-1062422368-565276184-1000UA.job
2014-05-16 09:17 - 2014-05-16 09:17 - 00112640 _____ (forum.viry.cz) C:\Users\pavilion\Downloads\Nepotvrzeno 345138.crdownload
2014-05-16 09:17 - 2014-05-16 09:17 - 00112640 _____ (forum.viry.cz) C:\Users\pavilion\Desktop\FRSTLauncher (2).exe
2014-05-16 09:16 - 2014-05-16 09:16 - 00112640 _____ (forum.viry.cz) C:\Users\pavilion\Downloads\Nepotvrzeno 810053.crdownload
2014-05-16 09:01 - 2011-09-26 12:20 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-16 08:59 - 2011-09-11 22:26 - 01548555 _____ () C:\Windows\WindowsUpdate.log
2014-05-16 08:37 - 2012-06-26 22:32 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-16 08:13 - 2014-05-16 08:13 - 02067456 _____ (Farbar) C:\Users\pavilion\Desktop\FRST64.exe
2014-05-16 04:01 - 2011-09-26 12:20 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-16 03:48 - 2009-07-14 06:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-16 03:48 - 2009-07-14 06:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-16 03:40 - 2014-01-07 17:12 - 00000000 ____D () C:\Users\pavilion\AppData\Roaming\ViberPC
2014-05-16 03:38 - 2014-01-07 17:04 - 00000000 ____D () C:\Users\pavilion\AppData\Local\Viber
2014-05-16 03:36 - 2011-08-04 12:43 - 00000000 ___RD () C:\Users\pavilion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 03:36 - 2011-08-04 12:43 - 00000000 ___RD () C:\Users\pavilion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 03:35 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-16 03:33 - 2014-05-15 16:53 - 00003150 _____ () C:\Windows\setupact.log
2014-05-16 03:32 - 2014-05-15 18:05 - 00026724 _____ () C:\Windows\PFRO.log
2014-05-16 03:31 - 2014-05-07 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 03:14 - 2011-08-16 17:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-16 03:12 - 2013-08-15 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 03:05 - 2011-08-16 18:24 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 21:27 - 2014-05-15 20:21 - 00000000 ____D () C:\Users\pavilion\Desktop\mbar
2014-05-15 21:27 - 2014-02-21 07:32 - 00000000 ___HD () C:\ProgramData\kp
2014-05-15 21:22 - 2014-05-15 21:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2014-05-15 21:22 - 2014-05-15 21:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-05-15 20:44 - 2014-05-15 20:44 - 00027760 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2014-05-15 20:44 - 2014-05-15 20:44 - 00014448 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2014-05-15 20:43 - 2014-05-15 20:43 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-05-15 20:42 - 2014-05-15 20:42 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-05-15 20:22 - 2014-05-15 20:22 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-15 20:22 - 2014-05-15 20:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-15 20:21 - 2014-05-15 20:21 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-15 20:03 - 2014-05-15 20:02 - 12589848 _____ (Malwarebytes Corp.) C:\Users\pavilion\Desktop\mbar-1.07.0.1009.exe
2014-05-15 19:23 - 2014-05-15 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperAdBlocker.com
2014-05-15 19:17 - 2014-05-15 19:17 - 05426464 _____ () C:\Users\pavilion\Downloads\SuperAdBlocker (1).exe
2014-05-15 19:15 - 2014-05-15 19:15 - 00000000 ____D () C:\Users\pavilion\AppData\Roaming\SuperAdBlocker.com
2014-05-15 19:13 - 2014-05-15 19:12 - 05426464 _____ () C:\Users\pavilion\Downloads\SuperAdBlocker.exe
2014-05-15 19:10 - 2011-08-17 21:58 - 00000000 ____D () C:\Users\pavilion\AppData\Local\CrashDumps
2014-05-15 19:07 - 2014-05-15 19:05 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-15 19:07 - 2013-11-11 19:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-15 19:07 - 2011-08-04 11:56 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-15 18:59 - 2012-09-28 19:01 - 00000000 ____D () C:\Users\pavilion\AppData\Local\4-Day Forecast
2014-05-15 18:54 - 2014-05-15 18:36 - 00027159 _____ () C:\zoek-results.log
2014-05-15 18:49 - 2014-05-15 18:42 - 00211974 _____ () C:\Windows\DPINST.LOG
2014-05-15 18:49 - 2014-05-15 18:34 - 00000000 ____D () C:\zoek_backup
2014-05-15 18:42 - 2014-05-15 18:42 - 00002060 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\ProgramData\Sony
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-05-15 18:42 - 2014-05-15 18:42 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-05-15 18:42 - 2010-12-30 18:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-15 18:34 - 2014-05-15 18:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-15 18:33 - 2012-12-10 21:13 - 00000000 ____D () C:\Users\pavilion\AppData\Roaming\Hobbyist Software
2014-05-15 18:31 - 2014-05-15 18:31 - 01285120 _____ () C:\Users\pavilion\Desktop\zoek.exe
2014-05-15 18:31 - 2014-05-15 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Streamer
2014-05-15 18:31 - 2013-08-23 22:49 - 00000000 ____D () C:\Program Files (x86)\Hobbyist Software
2014-05-15 18:06 - 2009-07-14 07:08 - 00032564 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-15 18:04 - 2014-05-15 17:58 - 00000000 ____D () C:\AdwCleaner
2014-05-15 17:50 - 2014-05-15 17:50 - 00040214 _____ () C:\Users\pavilion\Desktop\JRT.txt
2014-05-15 17:41 - 2014-05-15 17:41 - 00000000 ____D () C:\Windows\ERUNT
2014-05-15 17:40 - 2014-05-15 17:40 - 01325827 _____ () C:\Users\pavilion\Desktop\adwcleaner_3.208.exe
2014-05-15 17:40 - 2014-05-15 17:39 - 01016261 _____ (Thisisu) C:\Users\pavilion\Desktop\JRT.exe
2014-05-15 17:01 - 2014-05-15 17:00 - 00000000 ____D () C:\rsit
2014-05-15 17:00 - 2014-05-15 17:00 - 00832273 _____ () C:\Users\pavilion\Downloads\RSITx64.exe
2014-05-15 17:00 - 2011-09-10 17:09 - 00000000 ____D () C:\Program Files\trend micro
2014-05-15 16:53 - 2014-05-15 16:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-15 16:50 - 2012-04-28 18:43 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2484980351-1062422368-565276184-1000Core.job
2014-05-15 00:21 - 2014-05-14 21:05 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-05-14 23:10 - 2011-08-16 18:38 - 00000000 ____D () C:\Users\pavilion\AppData\Roaming\DAEMON Tools Lite
2014-05-14 23:10 - 2011-08-04 12:35 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-14 21:27 - 2014-05-14 21:12 - 540982840 _____ () C:\Users\pavilion\Downloads\Ordinace-v-růžové-zahradě-2-díl-497-Pro-mně-jsi-hrdina.amoral.avi
2014-05-14 21:08 - 2011-08-04 12:35 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-05-14 21:07 - 2014-05-14 21:07 - 00000000 _____ () C:\autoexec.bat
2014-05-14 21:06 - 2014-05-14 21:06 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-14 20:56 - 2014-05-14 20:56 - 00003146 _____ () C:\Windows\System32\Tasks\{BAA220E9-57F1-4FE4-AC84-6E27817E2418}
2014-05-14 20:48 - 2014-05-14 20:48 - 00000000 ____D () C:\ProgramData\launcher
2014-05-14 20:48 - 2014-05-14 20:48 - 00000000 ____D () C:\ProgramData\formatpart
2014-05-14 20:48 - 2014-05-14 20:48 - 00000000 ____D () C:\ProgramData\explauncher
2014-05-14 20:46 - 2014-05-14 20:46 - 00000000 ____D () C:\Program Files (x86)\Paragon Software
2014-05-14 20:40 - 2014-05-14 20:40 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-14 20:40 - 2012-06-26 22:32 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 20:40 - 2012-06-26 22:32 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 20:40 - 2011-08-04 11:56 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 20:39 - 2011-08-04 12:57 - 00672120 _____ () C:\Windows\system32\perfh005.dat
2014-05-14 20:39 - 2011-08-04 12:57 - 00142716 _____ () C:\Windows\system32\perfc005.dat
2014-05-14 20:39 - 2010-12-30 19:28 - 00740538 _____ () C:\Windows\system32\perfh00C.dat
2014-05-14 20:39 - 2010-12-30 19:28 - 00150406 _____ () C:\Windows\system32\perfc00C.dat
2014-05-14 20:39 - 2009-07-14 07:13 - 02484016 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-11 12:40 - 2010-12-30 19:14 - 00000000 ____D () C:\ProgramData\PDFC
2014-05-09 08:14 - 2014-05-15 07:12 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 07:12 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 06:40 - 2014-05-16 03:14 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-16 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-16 03:14 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-16 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-16 03:14 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-16 03:14 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 00:01 - 2014-05-03 23:59 - 00000000 ____D () C:\Users\pavilion\AppData\Local\DynamicPricer
2014-05-03 23:35 - 2011-08-04 12:40 - 00000000 ____D () C:\Users\pavilion
2014-05-03 23:32 - 2011-08-04 12:36 - 00000000 ____D () C:\Users\pavilion\AppData\Roaming\Winamp
2014-05-03 23:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-05-03 23:31 - 2011-08-04 12:33 - 00000000 ____D () C:\Users\pavilion\AppData\Local\Google
2014-05-03 23:00 - 2014-05-03 23:00 - 00000000 __SHD () C:\Users\pavilion\AppData\Local\EmieUserList
2014-05-03 23:00 - 2014-05-03 23:00 - 00000000 __SHD () C:\Users\pavilion\AppData\Local\EmieSiteList
2014-05-03 22:54 - 2014-05-03 22:54 - 04210176 _____ () C:\Program Files (x86)\SN_x64.Booster
2014-05-03 22:54 - 2014-05-03 22:54 - 00000000 ____D () C:\ProgramData\MiniApp
2014-05-03 22:53 - 2014-05-03 22:53 - 00000000 ____D () C:\Users\pavilion\AppData\Local\Packages
2014-05-03 22:53 - 2014-05-03 22:53 - 00000000 ____D () C:\Users\pavilion\AppData\Local\Chromatic Browser
2014-05-03 22:53 - 2014-05-03 22:53 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-05-03 22:53 - 2014-05-03 22:53 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-05-03 22:53 - 2014-05-03 22:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\pavilion\AppData\Local\Comodo
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\Guest
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-05-03 22:52 - 2014-05-03 22:52 - 00000000 ____D () C:\Users\Administrator
2014-05-02 08:12 - 2013-12-21 17:13 - 00001064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-05-02 08:12 - 2013-12-21 17:13 - 00001052 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-04-30 03:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-29 10:50 - 2011-08-04 12:34 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-28 22:09 - 2011-08-04 12:34 - 00000000 ____D () C:\Users\pavilion\AppData\Roaming\Skype
2014-04-24 20:52 - 2014-04-24 20:52 - 00000000 ____D () C:\Users\pavilion\AppData\Local\Skype
2014-04-24 20:51 - 2014-04-24 20:51 - 00002731 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-24 20:51 - 2014-04-24 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-24 20:51 - 2011-08-04 12:33 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-24 20:51 - 2011-08-04 12:33 - 00000000 ____D () C:\ProgramData\Skype
2014-04-22 17:58 - 2011-10-30 08:56 - 00038912 _____ () C:\Users\pavilion\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-17 22:25 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-17 22:22 - 2011-08-16 21:57 - 00000000 ____D () C:\Users\pavilion\AppData\Local\Adobe

Some content of TEMP:
====================
C:\Users\pavilion\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\pavilion\AppData\Local\Temp\NOSEventMessages.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-15 07:12] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2484980351-1062422368-565276184-1000Core.job => C:\Users\pavilion\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2484980351-1062422368-565276184-1000UA.job => C:\Users\pavilion\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\pavilion\Desktop" je 44395 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Total CMA Pack
C:\Program Files (x86)\Total CMA Pack\Total CMA Pack.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^pavilion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Daveson · #11 Příspěvek od **Daveson** » 16 kvě 2014 08:34

Tady Addition

#12 Příspěvek od **vyosek** » 16 kvě 2014 13:05

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [Hobbyist Software VLC Streamer] => C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe [1185096 2014-05-12] (Hobbyist Software)
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [Viber] => C:\Users\pavilion\AppData\Local\Viber\Viber.exe [936456 2013-12-02] ()
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [] => [X]
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony)
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\MountPoints2: L - L:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\MountPoints2: {3507cd9b-c82a-11e0-a556-d48564a128fc} - K:\setup.exe
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\MountPoints2: {390e93c7-1b4b-11e3-80a4-d48564a128fc} - L:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\MountPoints2: {e259ce56-dba1-11e3-a0a3-d48564a128fc} - J:\Startme.exe
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\MountPoints2: {f91448a0-7478-11e3-9635-d48564a128fc} - J:\HTC_Sync_Manager_PC.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk

SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: No Name - {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C - No File
Tcpip\..\Interfaces\{E4E700BA-0678-4F3E-975B-9203E9E5566E}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FF Extension: DynamicPricer - C:\Users\pavilion\AppData\Local\DynamicPricer\Firefox\DynamicPricer.xpi [2014-05-04]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-08-04]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

DisableService: NMIndexingService

2014-05-16 09:17 - 2014-05-16 09:17 - 00112640 _____ (forum.viry.cz) C:\Users\pavilion\Downloads\Nepotvrzeno 345138.crdownload
2014-05-16 09:17 - 2014-05-16 09:17 - 00112640 _____ (forum.viry.cz) C:\Users\pavilion\Desktop\FRSTLauncher (2).exe
2014-05-16 09:16 - 2014-05-16 09:16 - 00112640 _____ (forum.viry.cz) C:\Users\pavilion\Downloads\Nepotvrzeno 810053.crdownload
2014-05-16 09:28 - 2014-05-16 09:28 - 00025508 _____ () C:\Users\pavilion\Desktop\FRST.txt
2014-05-15 20:21 - 2014-05-15 21:27 - 00000000 ____D () C:\Users\pavilion\Desktop\mbar
2014-05-15 19:17 - 2014-05-15 19:17 - 05426464 _____ () C:\Users\pavilion\Downloads\SuperAdBlocker (1).exe
2014-05-15 19:15 - 2014-05-15 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperAdBlocker.com
2014-05-15 19:15 - 2014-05-15 19:15 - 00000000 ____D () C:\Users\pavilion\AppData\Roaming\SuperAdBlocker.com
2014-05-15 19:12 - 2014-05-15 19:13 - 05426464 _____ () C:\Users\pavilion\Downloads\SuperAdBlocker.exe
2014-05-15 18:51 - 2014-05-15 18:34 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-15 18:36 - 2014-05-15 18:54 - 00027159 _____ () C:\zoek-results.log
2014-05-15 18:34 - 2014-05-15 18:49 - 00000000 ____D () C:\zoek_backup
2014-05-15 18:31 - 2014-05-15 18:31 - 01285120 _____ () C:\Users\pavilion\Desktop\zoek.exe
2014-05-15 17:50 - 2014-05-15 17:50 - 00040214 _____ () C:\Users\pavilion\Desktop\JRT.txt
014-05-15 17:40 - 2014-05-15 17:40 - 01325827 _____ () C:\Users\pavilion\Desktop\adwcleaner_3.208.exe
2014-05-15 17:39 - 2014-05-15 17:40 - 01016261 _____ (Thisisu) C:\Users\pavilion\Desktop\JRT.exe
2014-05-15 17:00 - 2014-05-15 17:01 - 00000000 ____D () C:\rsit
2014-05-15 17:00 - 2014-05-15 17:00 - 00832273 _____ () C:\Users\pavilion\Downloads\RSITx64.exe
2014-05-14 21:06 - 2014-05-14 21:06 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-14 23:10 - 2011-08-04 12:35 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-14 21:08 - 2011-08-04 12:35 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-05-04 00:01 - 2014-05-03 23:59 - 00000000 ____D () C:\Users\pavilion\AppData\Local\DynamicPricer

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2484980351-1062422368-565276184-1000Core.job => C:\Users\pavilion\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2484980351-1062422368-565276184-1000UA.job => C:\Users\pavilion\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

REG: reg delete: "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f

Hosts:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Daveson · #13 Příspěvek od **Daveson** » 16 kvě 2014 21:27

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-05-2014
Ran by pavilion at 2014-05-16 22:17:53 Run:1
Running from C:\Users\pavilion\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [Hobbyist Software VLC Streamer] => C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe [1185096 2014-05-12] (Hobbyist Software)
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [Viber] => C:\Users\pavilion\AppData\Local\Viber\Viber.exe [936456 2013-12-02] ()
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [] => [X]
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony)
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\MountPoints2: L - L:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\MountPoints2: {3507cd9b-c82a-11e0-a556-d48564a128fc} - K:\setup.exe
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\MountPoints2: {390e93c7-1b4b-11e3-80a4-d48564a128fc} - L:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\MountPoints2: {e259ce56-dba1-11e3-a0a3-d48564a128fc} - J:\Startme.exe
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\...\MountPoints2: {f91448a0-7478-11e3-9635-d48564a128fc} - J:\HTC_Sync_Manager_PC.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk

SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2101} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name - {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C - No File
Tcpip\..\Interfaces\{E4E700BA-0678-4F3E-975B-9203E9E5566E}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FF Extension: DynamicPricer - C:\Users\pavilion\AppData\Local\DynamicPricer\Firefox\DynamicPricer.xpi [2014-05-04]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-08-04]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

DisableService: NMIndexingService

2014-05-16 09:17 - 2014-05-16 09:17 - 00112640 _____ (forum.viry.cz) C:\Users\pavilion\Downloads\Nepotvrzeno 345138.crdownload
2014-05-16 09:17 - 2014-05-16 09:17 - 00112640 _____ (forum.viry.cz) C:\Users\pavilion\Desktop\FRSTLauncher (2).exe
2014-05-16 09:16 - 2014-05-16 09:16 - 00112640 _____ (forum.viry.cz) C:\Users\pavilion\Downloads\Nepotvrzeno 810053.crdownload
2014-05-16 09:28 - 2014-05-16 09:28 - 00025508 _____ () C:\Users\pavilion\Desktop\FRST.txt
2014-05-15 20:21 - 2014-05-15 21:27 - 00000000 ____D () C:\Users\pavilion\Desktop\mbar
2014-05-15 19:17 - 2014-05-15 19:17 - 05426464 _____ () C:\Users\pavilion\Downloads\SuperAdBlocker (1).exe
2014-05-15 19:15 - 2014-05-15 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperAdBlocker.com
2014-05-15 19:15 - 2014-05-15 19:15 - 00000000 ____D () C:\Users\pavilion\AppData\Roaming\SuperAdBlocker.com
2014-05-15 19:12 - 2014-05-15 19:13 - 05426464 _____ () C:\Users\pavilion\Downloads\SuperAdBlocker.exe
2014-05-15 18:51 - 2014-05-15 18:34 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-15 18:36 - 2014-05-15 18:54 - 00027159 _____ () C:\zoek-results.log
2014-05-15 18:34 - 2014-05-15 18:49 - 00000000 ____D () C:\zoek_backup
2014-05-15 18:31 - 2014-05-15 18:31 - 01285120 _____ () C:\Users\pavilion\Desktop\zoek.exe
2014-05-15 17:50 - 2014-05-15 17:50 - 00040214 _____ () C:\Users\pavilion\Desktop\JRT.txt
014-05-15 17:40 - 2014-05-15 17:40 - 01325827 _____ () C:\Users\pavilion\Desktop\adwcleaner_3.208.exe
2014-05-15 17:39 - 2014-05-15 17:40 - 01016261 _____ (Thisisu) C:\Users\pavilion\Desktop\JRT.exe
2014-05-15 17:00 - 2014-05-15 17:01 - 00000000 ____D () C:\rsit
2014-05-15 17:00 - 2014-05-15 17:00 - 00832273 _____ () C:\Users\pavilion\Downloads\RSITx64.exe
2014-05-14 21:06 - 2014-05-14 21:06 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-14 23:10 - 2011-08-04 12:35 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-14 21:08 - 2011-08-04 12:35 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-05-04 00:01 - 2014-05-03 23:59 - 00000000 ____D () C:\Users\pavilion\AppData\Local\DynamicPricer

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2484980351-1062422368-565276184-1000Core.job => C:\Users\pavilion\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2484980351-1062422368-565276184-1000UA.job => C:\Users\pavilion\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

REG: reg delete: "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f

Hosts:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => Value deleted successfully.
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Hobbyist Software VLC Streamer => Value deleted successfully.
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Viber => Value deleted successfully.
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe => Value deleted successfully.
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion => Value deleted successfully.
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => Value deleted successfully.
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableChangePassword => Value deleted successfully.
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-2484980351-1062422368-565276184-1000 => Key not found.
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3507cd9b-c82a-11e0-a556-d48564a128fc} => Key deleted successfully.
HKCR\CLSID\{3507cd9b-c82a-11e0-a556-d48564a128fc} => Key not found.
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{390e93c7-1b4b-11e3-80a4-d48564a128fc} => Key deleted successfully.
HKCR\CLSID\{390e93c7-1b4b-11e3-80a4-d48564a128fc} => Key not found.
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e259ce56-dba1-11e3-a0a3-d48564a128fc} => Key deleted successfully.
HKCR\CLSID\{e259ce56-dba1-11e3-a0a3-d48564a128fc} => Key not found.
HKU\S-1-5-21-2484980351-1062422368-565276184-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f91448a0-7478-11e3-9635-d48564a128fc} => Key deleted successfully.
HKCR\CLSID\{f91448a0-7478-11e3-9635-d48564a128fc} => Key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9C42510-9B41-42c1-9DCD-7282A2D07C61} => Key not found.
HKCR\Wow6432Node\CLSID\{C9C42510-9B41-42c1-9DCD-7282A2D07C61} => Key not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E4E700BA-0678-4F3E-975B-9203E9E5566E}\\NameServer => Value deleted successfully.
C:\Users\pavilion\AppData\Local\DynamicPricer\Firefox\DynamicPricer.xpi => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => Moved successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
NMIndexingService service was disabled
"C:\Users\pavilion\Downloads\Nepotvrzeno 345138.crdownload" => File/Directory not found.
C:\Users\pavilion\Desktop\FRSTLauncher (2).exe => Moved successfully.
"C:\Users\pavilion\Downloads\Nepotvrzeno 810053.crdownload" => File/Directory not found.
C:\Users\pavilion\Desktop\FRST.txt => Moved successfully.
C:\Users\pavilion\Desktop\mbar => Moved successfully.
C:\Users\pavilion\Downloads\SuperAdBlocker (1).exe => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperAdBlocker.com => Moved successfully.
C:\Users\pavilion\AppData\Roaming\SuperAdBlocker.com => Moved successfully.
C:\Users\pavilion\Downloads\SuperAdBlocker.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\pavilion\Desktop\zoek.exe => Moved successfully.
C:\Users\pavilion\Desktop\JRT.txt => Moved successfully.
C:\Users\pavilion\Desktop\JRT.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\pavilion\Downloads\RSITx64.exe => Moved successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy => Moved successfully.
C:\Users\pavilion\AppData\Local\DynamicPricer => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2484980351-1062422368-565276184-1000Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2484980351-1062422368-565276184-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

========= reg delete: "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========

CHYBA: Neplatně argument nebo mo§nost - delete:.
Chcete-li zobrazit n povŘdu, zadejte pýˇkaz REG /?.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

#14 Příspěvek od **vyosek** » 16 kvě 2014 21:33

Jak se chova PC??

Daveson · #15 Příspěvek od **Daveson** » 16 kvě 2014 22:39

Děkuji za optání, daří se mu dobře...

Ne ne omlouvám se za ta slova, ale ve skutečnosti opravdu vypadá, že funguje daleko lépe. Ten obtěžující Dynamic Pricer zmizel a i net se znatelně zrychlil. Jen se zeptám, všechny ty programy co jsme stahovali a spouštěli, mám smazat??? Jinak díky moc...

VIRY.CZ

Dynamic Pricer a zpomalení počítače

Dynamic Pricer a zpomalení počítače

Re: Dynamic Pricer a zpomalení počítače

Re: Dynamic Pricer a zpomalení počítače

Re: Dynamic Pricer a zpomalení počítače

Re: Dynamic Pricer a zpomalení počítače

Re: Dynamic Pricer a zpomalení počítače

Re: Dynamic Pricer a zpomalení počítače

Re: Dynamic Pricer a zpomalení počítače

Re: Dynamic Pricer a zpomalení počítače

Re: Dynamic Pricer a zpomalení počítače

Re: Dynamic Pricer a zpomalení počítače

Re: Dynamic Pricer a zpomalení počítače

Re: Dynamic Pricer a zpomalení počítače

Re: Dynamic Pricer a zpomalení počítače

Re: Dynamic Pricer a zpomalení počítače